Authenticated dynamic address assignment
First Claim
Patent Images
1. A method of providing configuration parameters to an uninitialized client in a client-server broadcast network, said method comprising:
- receiving at a proxy connected to said broadcast network a local broadcast communication initiated by said uninitialized client and intended for reception at a trusted key source, wherein said local broadcast communication includes the hardware address for said uninitialized client and wherein said proxy operates as a security intermediary between said uninitialized client and said trusted key source;
recording said hardware address for said uninitialized client at said proxy;
adding at said proxy authorization data to said received local broadcast communication when said received local broadcast communication does not include said authorization data;
forwarding said received local broadcast communication from said proxy to said trusted key source;
utilizing said trusted key source to perform a mutual authentication with said unitialized client;
generating at said trusted key source a ticket which includes said hardware address for said uninitialized client to said proxy;
forwarding said ticket, upon successful completion of the mutual authentication, from said trusted key source to said uninitialized client via said client-server broadcast network; and
employing said ticket to obtain a network address from said server via an authenticated address assignment protocol.
4 Assignments
0 Petitions
Accused Products
Abstract
A method for an uninitialized client to obtain credentials from a server which are then used to provide authenticated exchange for network configuration parameter assignment. The obtained credentials can be applied to an authentication option when a dynamic host configuration protocol (DHCP) is being used for address assignment.
60 Citations
12 Claims
-
1. A method of providing configuration parameters to an uninitialized client in a client-server broadcast network, said method comprising:
-
receiving at a proxy connected to said broadcast network a local broadcast communication initiated by said uninitialized client and intended for reception at a trusted key source, wherein said local broadcast communication includes the hardware address for said uninitialized client and wherein said proxy operates as a security intermediary between said uninitialized client and said trusted key source; recording said hardware address for said uninitialized client at said proxy; adding at said proxy authorization data to said received local broadcast communication when said received local broadcast communication does not include said authorization data; forwarding said received local broadcast communication from said proxy to said trusted key source; utilizing said trusted key source to perform a mutual authentication with said unitialized client; generating at said trusted key source a ticket which includes said hardware address for said uninitialized client to said proxy; forwarding said ticket, upon successful completion of the mutual authentication, from said trusted key source to said uninitialized client via said client-server broadcast network; and employing said ticket to obtain a network address from said server via an authenticated address assignment protocol. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
Specification