Systems and methods for provisioning network devices

US 8,429,403 B2
Filed: 08/12/2008
Issued: 04/23/2013
Est. Priority Date: 08/12/2008
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

generating, by a first device, a first public key and a first private key,the first device being associated with a device identifier;

transmitting, from the first device to a second device via a first private network and based on the first private key, information that includes the device identifier and the first public key,the second device differing from the first device, andthe second device generating, based on the information, a second public key and a second private key;

receiving, at the first device and from second device via the first private network, the second public key and the second private key;

transmitting, from the first device to a third device, the device identifier, the first public key and the second public key,the third device differing from the first device and the second device,the third device being associated with a second private network that differs from the first private network, andthird device identifying, based on the device identifier, a device type, of a plurality of different device types, associated with the first device and selecting, based on the identified device type, configuration information that enables the first device to operate on the second private network;

establishing, by the first device, a secure connection with the third device using the first public key and the second public key;

receiving, by the first device and via the secure connection, the configuration information from the third device; and

connecting, by the first device and based on the configuration information, to the second private network.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method performed by a network device may include generating and storing a first public key and a first private key in a first device, transmitting a serial number and the first public key from the first device to a second device, generating, by the second device, a second public key and a second private key, transmitting the second public key from the second device to the first device and transmitting the serial number, the first public key, the second public key and the second private key to a third device, establishing and authenticating a connection between the first device and the third device using the first public key and the second public key and transmitting encrypted configuration information with the two key pairs from the third device to the first device.

218 Citations

15 Claims

1. A method comprising:
- generating, by a first device, a first public key and a first private key,the first device being associated with a device identifier;
  
  transmitting, from the first device to a second device via a first private network and based on the first private key, information that includes the device identifier and the first public key,the second device differing from the first device, andthe second device generating, based on the information, a second public key and a second private key;
  
  receiving, at the first device and from second device via the first private network, the second public key and the second private key;
  
  transmitting, from the first device to a third device, the device identifier, the first public key and the second public key,the third device differing from the first device and the second device,the third device being associated with a second private network that differs from the first private network, andthird device identifying, based on the device identifier, a device type, of a plurality of different device types, associated with the first device and selecting, based on the identified device type, configuration information that enables the first device to operate on the second private network;
  
  establishing, by the first device, a secure connection with the third device using the first public key and the second public key;
  
  receiving, by the first device and via the secure connection, the configuration information from the third device; and
  
  connecting, by the first device and based on the configuration information, to the second private network.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, where the device identifier includes a serial number and where the method further comprises:
    - transmitting the serial number from the second device to the third device.
  - 3. The method of claim 2, where the serial number of the first device is used to establish the secure connection between the first device and the third device.
  - 4. The method of claim 1, where the second device comprises a first server, and where the third device comprises a second server.
  - 5. The method of claim 1, where the first device comprises at least one of:
    - a set top box,a computer,a mobile communication devices, ora router.

6. A network device, comprising:
- a memory to store a device identifier associated with the network device, a private key, and a first public key; and
  
  logic, implemented at least partially in hardware, to;
  
  transmit, via a first private network, the device identifier and the first public key to a second network device;
  
  store, in the memory, a second public key received from the second network device,the second public key differing from the first public key;
  
  establish a secure connection with a third network device using the first public key and the second public key,the third network device being associated with a second private network that differs from the first private network; and
  
  receive, from the third network device and via the secure connection, configuration information that enables the network device to operate on the second private network,the third device identifying the configuration information based on a device type, of a plurality of device types, associated with the network device.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The network device of claim 6, where the second public key is generated by the second network device based on at least one of the device identifier or the first public key.
  - 8. The network device of claim 6, where the logic is further to transmit the private key to the second network device, andwhere the third network device receives the device identifier, the second public key, the private key, and the first public key from the second network device.
  - 9. The network device of claim 6, where the logic is further to:
    - establish a connection with a fourth network device, where the fourth network device provides information to establish the secure connection to the third network device.
  - 10. The network device of claim 9, where the information, provided by the fourth device to establish the secure connection to the third network device, includes an IP address of the third network device.

11. A non-transitory computer-readable medium to store instructions, the instructions comprising:
- one or more instructions that, when executed by a processor, cause the processor to;
  
  store, in a memory, a device identifier associated with the network device, a private key, and a first public key;
  
  transmit, via a first private network, the device identifier and the first public key to a second network device;
  
  store, in the memory, a second public key received from the second network device,the second public key differing from the first public key;
  
  establish a secure connection with a third network device using the first public key and the second public key,the third network device being associated with a second private network that differs from the first private network; and
  
  receive, from the third network device and via the secure connection, configuration information that enables the network device to operate on the second private network,the third device identifying the configuration information based on a device type, of a plurality of device types, associated with the network device.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The non-transitory computer-readable medium of claim 11, where the second public key is generated by the second network device based on at least one of the device identifier or the first public key.
  - 13. The non-transitory computer-readable medium of claim 11, where the instructions further comprise:
    - one or more instructions to transmit the private key to the second network device, andwhere the third network device receives the device identifier, the second public key, the private key, and the first public key from the second network device.
  - 14. The non-transitory computer-readable medium of claim 11, where the instructions further comprise:
    - one or more instructions to establish a connection with a fourth network device,where the fourth network device provides information to establish the secure connection to the third network device.
  - 15. The non-transitory computer-readable medium of claim 14, where the information, provided by the fourth device to establish the secure connection to the third network device, includes an IP address of the third network device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Juniper Networks Incorporated
Original Assignee
Juniper Networks Incorporated
Inventors
Watsen, Kent A., Hubbard, Robert, Beauchesne, Nicolas, Murthy, Muku, Moret, Eric
Primary Examiner(s)
Shan, April

Application Number

US12/190,103
Publication Number

US 20100042834A1
Time in Patent Office

1,715 Days
Field of Search

713/168, 713/155, 380/229, 705/67, 726/2
US Class Current

713/168
CPC Class Codes

H04L 41/0806   for initial configuration o...

H04L 41/0843   based on generic templates

H04L 41/28   Restricting access to netwo...

H04L 63/0823   using certificates cryptogr...

Systems and methods for provisioning network devices

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

218 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for provisioning network devices

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

218 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links