Early authentication in cable modem initialization
First Claim
1. A method comprising:
- sending messages from and receiving messages by a cable modem termination system (CMTS) to establish a link layer connection between a cable modem and said CMTS;
sending messages from and receiving messages by said CMTS to authenticate said cable modem on a primary service flow;
sending messages from and receiving messages by said CMTS to establish IP connectivity between said cable modem and said CMTS after said cable modem has been authenticated;
sending messages from and receiving messages by said CMTS to register said cable modem with the CMTS after said IP connectivity has been established;
determining whether baseline privacy is enabled in said cable modem after said cable modem is registered with the CMTS; and
responsive to a determination that baseline privacy is not enabled in said cable modem, suspending at least one of an integrity check and encryption of data.
1 Assignment
0 Petitions
Accused Products
Abstract
A system that eliminates some of the security vulnerabilities in the prior art systems by using a new sequence of steps to perform initialization of the cable modem: Instead of performing authentication after the cable modem has been registered, the cable modem authentication step is performed immediately after the cable modem completes ranging. Thus an early authentication method and system are provided. The control of authentication is shifted from the cable modem to the CMTS. Instead of the CMTS relying on a Registration Request message (REG-REQ) to determine whether a cable modem must perform authentication (that is to determine if BPI+ is enabled) the CMTS configuration is what determines whether a cable modem must perform authentication.
35 Citations
21 Claims
-
1. A method comprising:
-
sending messages from and receiving messages by a cable modem termination system (CMTS) to establish a link layer connection between a cable modem and said CMTS; sending messages from and receiving messages by said CMTS to authenticate said cable modem on a primary service flow; sending messages from and receiving messages by said CMTS to establish IP connectivity between said cable modem and said CMTS after said cable modem has been authenticated; sending messages from and receiving messages by said CMTS to register said cable modem with the CMTS after said IP connectivity has been established; determining whether baseline privacy is enabled in said cable modem after said cable modem is registered with the CMTS; and responsive to a determination that baseline privacy is not enabled in said cable modem, suspending at least one of an integrity check and encryption of data. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A cable modem termination system (CMTS) including a processor configured to:
-
establish a link layer connection to a cable modem; authenticate said cable modem prior to registration of said cable modem; establish IP connectivity between said CMTS and said cable modem after said authentication is complete; register said cable modem after said connectivity has been established; determine whether baseline privacy is enabled in said cable modem after said cable modem is registered; responsive to a determination that baseline privacy is enabled in said cable modem, initialize baseline privacy in said cable modem; and responsive to a determination that baseline privacy is not enabled in said cable modem, suspend at least one of an integrity check and encryption of data. - View Dependent Claims (7, 8, 9, 10, 11, 12, 13)
-
-
14. A cable modem including:
-
a port to communicate over a link layer connection with a cable modem termination system (CMTS); a processor adapted to; receive messages from said CMTS via said port to conduct authentication of said cable modem on a primary service flow prior to registration of said modem; establish IP connectivity with said CMTS; register said cable modem with said CMTS after said authentication is complete; determine whether baseline privacy is enabled in said cable modem after said cable modem is registered with said CMTS; responsive to a determination that baseline privacy is enabled in said cable modem, initialize baseline privacy in said cable modem; and responsive to a determination that baseline privacy is not enabled in said cable modem, suspend at least one of an integrity check and encryption of data. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21)
-
Specification