User authentication system
First Claim
Patent Images
1. A method for building a first ad hoc network including a plurality of access devices, comprising:
- receiving, at an access server configured to establish secure communications between the access server and access devices, first data from a first access device, wherein the first data includes a first credential;
verifying that the first credential is enrolled with the access server;
sending a cryptographic key corresponding to the first credential to the first access device;
receiving, at the access server, a second data from a second access device, wherein the second data includes the first credential;
verifying that the first credential is enrolled with the access server; and
sending, from the access server, the cryptographic key associated with the first credential to the second access device, wherein the first access device and the second access device join the first ad hoc network using the cryptographic key, and wherein the first ad hoc network is cryptographically separate from a second ad hoc network including access devices authenticated to the access server using a second credential.
5 Assignments
0 Petitions
Accused Products
Abstract
Techniques are provided for users to authenticate themselves to components in a system. The users may securely and efficiently enter credentials into the components. These credentials may be provided to a server in the system with strong authentication that the credentials originate from secure components. The server may then automatically build a network by securely distributing keys to each secure component to which a user presented credentials.
78 Citations
22 Claims
-
1. A method for building a first ad hoc network including a plurality of access devices, comprising:
-
receiving, at an access server configured to establish secure communications between the access server and access devices, first data from a first access device, wherein the first data includes a first credential; verifying that the first credential is enrolled with the access server; sending a cryptographic key corresponding to the first credential to the first access device; receiving, at the access server, a second data from a second access device, wherein the second data includes the first credential; verifying that the first credential is enrolled with the access server; and sending, from the access server, the cryptographic key associated with the first credential to the second access device, wherein the first access device and the second access device join the first ad hoc network using the cryptographic key, and wherein the first ad hoc network is cryptographically separate from a second ad hoc network including access devices authenticated to the access server using a second credential. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A method for building a first ad hoc network, including a first set of access devices, in a plurality of ad hoc networks comprising:
-
receiving, at an access server configured to establish secure communications between the access server and access devices, data sent from the first set of access devices, wherein the data sent from each access device in the first set of access devices includes a first credential; verifying that the first credential is enrolled with the access server; and sending, to each access device in the first set of access devices, a unique cryptographic key corresponding to the first credential sent by each access device, wherein the cryptographic key enables each access device in the first set of access devices to join, using the cryptographic key, the first ad hoc network including access devices corresponding to the first credential, and wherein the first ad hoc network is cryptographically separate from a second ad hoc network including access devices authenticated to the access server using a second credential sent to the access server from a second set of access devices. - View Dependent Claims (17, 18, 19, 20)
-
-
21. A method for building a plurality of ad hoc networks comprising:
-
receiving, at an access server configured to establish secure communications between the access server and access devices, first data, including a first credential, sent from a first plurality of access devices; verifying the first credential is enrolled with the access server; sending from the access server, to each access device in the first plurality of access devices, a first cryptographic key corresponding to the first credential, wherein the first cryptographic key enables each access device in the first plurality of access devices to join, using the first cryptographic key, a first ad hoc network including access devices corresponding to the first credential; receiving second data, including a second credential, sent from a second plurality of access devices; verifying the second credential is enrolled with the access server; and sending from the access server, to each access device in the second plurality of access devices, a second cryptographic key corresponding to the second credential, wherein the second cryptographic key enables each access device in the second plurality of access devices to join, using the second cryptographic key, a second ad hoc network that is cryptographically separate from the first ad hoc network. - View Dependent Claims (22)
-
Specification