SYSTEM AND METHOD FOR ENABLING UNCONFIGURED DEVICES TO JOIN AN AUTONOMIC NETWORK IN A SECURE MANNER
First Claim
1. A method, comprising:
- creating an initial information package for a device attempting to join a network domain of a network environment;
communicating the initial information package to a signing authority;
sending an authorization token generated by the signing authority to the device, wherein the device validates the authorization token based on a credential in the device;
receiving an audit history report of the device, wherein the audit history report comprises information regarding previous attempts by the device to join the network environment;
applying a policy to the device based on the audit history report;
generating a completed information package, wherein the completed information package includes an authorization token;
applying a second signature to the completed information package;
sending the authorization token and the completed information package to the device, the device validating the second signature on the completed information package.
0 Assignments
0 Petitions
Accused Products
Abstract
A method in an example embodiment includes creating an initial information package for a device attempting to join a network domain of a network environment; communicating the initial information package to a signing authority; sending an authorization token generated by the signing authority to the device, wherein the device validates the authorization token based on a credential in the device; and receiving an audit history report of the device, wherein the audit history report comprises information regarding previous attempts by the device to join the network environment. The method may also include applying a policy to the device based on the audit history report; generating a completed information package, wherein the completed information package includes an authorization token; applying a second signature to the completed information package; and sending the authorization token and the completed information package to the device, the device validating the second signature on the completed information package.
21 Citations
20 Claims
-
1. A method, comprising:
-
creating an initial information package for a device attempting to join a network domain of a network environment; communicating the initial information package to a signing authority; sending an authorization token generated by the signing authority to the device, wherein the device validates the authorization token based on a credential in the device; receiving an audit history report of the device, wherein the audit history report comprises information regarding previous attempts by the device to join the network environment; applying a policy to the device based on the audit history report; generating a completed information package, wherein the completed information package includes an authorization token; applying a second signature to the completed information package; sending the authorization token and the completed information package to the device, the device validating the second signature on the completed information package. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. Logic encoded in one or more non-transitory computer-readable media that includes code for execution and when executed by a processor is operable to perform operations comprising:
-
creating an initial information package for a device attempting to join a network domain of a network environment; communicating the initial information package to a signing authority; sending an authorization token generated by the signing authority to the device, wherein the device validates the authorization token based on a credential in the device; receiving an audit history report of the device, wherein the audit history report comprises information regarding previous attempts by the device to join the network environment; applying a policy to the device based on the audit history report; generating a completed information package, wherein the completed information package includes an authorization token; applying a second signature to the completed information package; sending the authorization token and the completed information package to the device, the device validating the second signature on the completed information package.
-
-
16. An apparatus, comprising:
-
a memory element configured to store data; a processor operable to execute instructions associated with the data; and an information package module configured to interface with the memory element and the processor, wherein the apparatus is configured to; create an initial information package for a device attempting to join a network domain of a network environment; communicate the initial information package to a signing authority; send an authorization token generated by the signing authority to the device, wherein the device validates the authorization token based on a credential in the device; receive an audit history report of the device, wherein the audit history report comprises information regarding previous attempts by the device to join the network environment; apply a policy to the device based on the audit history report; generate a completed information package, wherein the completed information package includes an authorization token; apply a second signature to the completed information package; send the authorization token and the completed information package to the device, the device validating the second signature on the completed information package. - View Dependent Claims (17, 18, 19, 20)
-
Specification