METHOD FOR SECURELY CONFIGURING CUSTOMER PREMISE EQUIPMENT
First Claim
1. A method for securely configuring a customer premise equipment in a network, the network including a configuration server, a dynamic host configuration protocol (DHCP) server, and the customer premise equipment, the method comprising:
- receiving a request from the customer premise equipment for leasing an Internet Protocol (IP) address to the customer premise equipment;
embedding at least a portion of a Media Access Control (MAC) address of the customer premise equipment into the IP address leased to the customer premise equipment;
leasing the IP address to the customer premise equipment; and
establishing a secure connection between the configuration server and the customer premise equipment for transfer of a configuration file and a permanent set of encryption keys, wherein the configuration file and the permanent set of encryption keys are used to securely configure the customer premise equipment.
6 Assignments
0 Petitions
Accused Products
Abstract
A method for securely configuring a customer premise equipment in a network. The network including a configuration server, a DHCP server, and the customer premise equipment. The method includes receiving a request from the customer premise equipment for leasing an Internet Protocol (IP) address to the customer premise equipment. The method further includes embedding at least a portion of a Media Access Control (MAC) address of the customer premise equipment into the IP address leased to the customer premise equipment. The method includes leasing the IP address to the customer premise equipment. Further, the method enables authentication of customer premise equipment, before providing configuration to the customer premise equipment. The method includes use of characteristic attributes of the customer premise equipment to generate cryptographic keys for secure connection. Moreover, the method includes establishing a secure connection between the configuration server and the customer premise equipment for transfer of a configuration file and a set of encryption keys. The configuration file and the set of encryption keys are used to securely configure the customer premise equipment.
44 Citations
20 Claims
-
1. A method for securely configuring a customer premise equipment in a network, the network including a configuration server, a dynamic host configuration protocol (DHCP) server, and the customer premise equipment, the method comprising:
-
receiving a request from the customer premise equipment for leasing an Internet Protocol (IP) address to the customer premise equipment; embedding at least a portion of a Media Access Control (MAC) address of the customer premise equipment into the IP address leased to the customer premise equipment; leasing the IP address to the customer premise equipment; and establishing a secure connection between the configuration server and the customer premise equipment for transfer of a configuration file and a permanent set of encryption keys, wherein the configuration file and the permanent set of encryption keys are used to securely configure the customer premise equipment. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for establishing a secure connection between a configuration server and a customer premise equipment for securely configuring the customer premise equipment in a network, the method comprising:
-
receiving a communication from the customer premise equipment containing the identity of the customer premise equipment, wherein the IP address leased to the customer premise equipment is embedded with at least a portion of a Media Access Control (MAC) address of the customer premise equipment; identifying the MAC address of the customer premise equipment from the IP address leased to the customer premise equipment; receiving a request for transferring a configuration file to the customer premise equipment; generating a pair of public and private keys for securely transferring the configuration file to the customer premise equipment, wherein the pair of public and private keys is generated based on the MAC address of the customer premise equipment; and establishing the secure connection between the configuration server and the customer premise equipment for securely transferring the configuration file to the customer premise equipment, wherein the configuration file is used to configure the customer premise equipment. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A non-transitory computer-readable medium comprising code for causing a computer to:
-
receive a request from a customer premise equipment for leasing an Internet Protocol (IP) address to the customer premise equipment; embed at least a portion of a Media Access Control (MAC) address of the customer premise equipment into the IP address leased to the customer premise equipment; lease the IP address to the customer premise equipment; and establish a secure connection between a configuration server and the customer premise equipment for transfer of a configuration file and a permanent set of encryption keys, wherein the configuration file and the permanent set of encryption keys are used to securely configure the customer premise equipment. - View Dependent Claims (17, 18, 19, 20)
-
Specification
-
- Resources
-
Current AssigneeCiena Corporation
-
Original AssigneeCiena Corporation
-
InventorsPARRY, Simon Paul, HOLTOM, James Alexander Ivens
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current1/1
-
CPC Class CodesH04L 12/2898 Subscriber equipments DSL m...H04L 2101/622 Layer-2 addresses, e.g. med...H04L 2101/668 Internet protocol [IP] addr...H04L 61/2503 Translation of Internet pro...H04L 61/35 involving non-standard use ...H04L 61/5014 using dynamic host configur...H04L 63/0428 wherein the data content is...H04L 63/061 for key exchange, e.g. in p...H04W 12/71 Hardware identity
