System and method for flexible authentication in a data communications network
First Claim
Patent Images
1. A system comprising:
- one or more client devices; and
a network access device comprising;
a memory configured to store;
an indication of a selected one of a plurality of different authentication procedures a system administrator of the network access device has selected to perform authentication, the authentication based at least in part on credential information identifying the one or more client devices and credential information identifying users of one or more client devices the plurality of different client authentication procedures comprising a combined physical address and web authentication procedure, comprising transmitting user credential information from a client device toward the network access device according to a secure protocol, and then transmitting the user credential information from the network access device toward an authentication server; and
control logic configured to, when executed;
detect that the new client device has attached to a port of the network access device;
upon detecting the new client device, perform authentication according to the selected one of a plurality of different authentication procedures each supported by the access device; and
determine whether to grant the new client device access to a data communications network based upon a result of the authentication.
7 Assignments
0 Petitions
Accused Products
Abstract
A system and method for providing for a number of different authentication methods. The system and method can be used in conjunction with a data communications network, where client devices gain access to the data communications network through a network access device. The different authentication methods can allow for authentication based on a physical address for the client device, and can allow for authentication based on a web authentication procedure, and can provide for an authentication method which utilizes a combination of authentication methods which includes authentication based on both the physical address of the client device and based on user credential information.
-
Citations
35 Claims
-
1. A system comprising:
-
one or more client devices; and a network access device comprising; a memory configured to store; an indication of a selected one of a plurality of different authentication procedures a system administrator of the network access device has selected to perform authentication, the authentication based at least in part on credential information identifying the one or more client devices and credential information identifying users of one or more client devices the plurality of different client authentication procedures comprising a combined physical address and web authentication procedure, comprising transmitting user credential information from a client device toward the network access device according to a secure protocol, and then transmitting the user credential information from the network access device toward an authentication server; and control logic configured to, when executed; detect that the new client device has attached to a port of the network access device; upon detecting the new client device, perform authentication according to the selected one of a plurality of different authentication procedures each supported by the access device; and determine whether to grant the new client device access to a data communications network based upon a result of the authentication. - View Dependent Claims (2, 3, 4, 5, 6, 7, 14, 30)
-
-
8. A method comprising:
receiving, at a port of a network access device, a request from one of one or more client devices to access a data communications network; storing an indication of a selected one of a plurality of different authentication procedures a system administrator of the network access device has selected to perform authentication, the authentication based at least in part on credential information identifying the one or more client devices and credential information identifying users of the one or more client devices, the plurality of different client authentication procedures comprising a combined physical address and web authentication procedure, comprising transmitting user credential information from a client device toward the network access device according to a secure protocol, and then transmitting the user credential information from the network access device toward an authentication server; detecting that the new client device has attached to a port of the network access device; upon detecting the new client device, performing authentication according to the selected one of a plurality of different authentication procedures each supported by the access device; and determining whether to grant or deny the request in accordance with the selected one of a plurality of authentication procedures. - View Dependent Claims (9, 10, 11, 12, 13, 16, 20, 31)
-
15. A network access device comprising:
-
a memory configured to store; an indication of a selected one of a plurality of different authentication procedures a system administrator of the network access device has selected to perform authentication, the authentication based at least in part on credential information identifying one or more client devices and credential information identifying users of the one or more client devices, the plurality of different client authentication procedures comprising a combined physical address and web authentication procedure, comprising transmitting user credential information from a client device toward the network access device according to a secure protocol, and then transmitting the user credential information from the network access device toward an authentication server; and control logic stored in the memory and configured to; detect that a new client device has attached to a port of the network access device; upon detecting the new client device, perform authentication according to the selected one of the plurality of different authentication procedures each supported by the access device; and determine whether to grant the new client device access to a data communications network based upon a result of the authentication. - View Dependent Claims (17, 18, 19, 21, 32)
-
-
22. A method comprising:
-
by a network access device, detecting that a new client device has attached to a port of the network access device; storing an indication of a selected one of a plurality of different authentication procedures by a system administrator of the network access device to perform authentication, the authentication based at least in part on credential information identifying one or more client devices attached to ports of the network access device and credential information identifying users of the one or more client devices the plurality of different client authentication procedures comprising a combined physical address and web authentication procedure, comprising transmitting user credential information from a client device toward the network access device according to a secure protocol, and then transmitting the user credential information from the network access device toward an authentication server; upon detecting the new client device, performing authentication according to the selected one of a plurality of different authentication procedures; and determining whether to grant the new client device access to a data communications network based upon a result of the authentication. - View Dependent Claims (23, 24, 25, 26, 27, 28, 33)
-
-
29. A program storage device readable by a machine, embodying a program of instructions executable by the machine to perform a method, the method comprising:
-
by a network access device, detecting that a new client device has attached to a port of the network access device, the network access device comprising; a memory configured to store; an indication of a selected one of a plurality of different authentication procedures a system administrator of the network access device has selected to perform authentication, the authentication based at least in part on credential information identifying one or more client devices attached to ports of the network access device and credential information identifying users of the one or more client devices the plurality of different client authentication procedures comprising a combined physical address and web authentication procedure, comprising transmitting user credential information from a client device to the network access device according to a secure protocol, and then transmitting the user credential information from the network access device toward an authentication server; upon detecting the new client device, performing authentication according to the selected one of a plurality of different authentication procedures; and determining whether to grant the new client device access to a data communications network based upon a result of the authentication.
-
-
34. A method comprising:
-
receiving, at a port of an apparatus, a request from one of one or more client devices to access a data communications network; routing one or more data units from the one or more input ports toward the one or more output ports; storing an indication of a selected one of a plurality of different authentication procedures a system administrator of the apparatus has selected to perform authentication, the authentication based at least in part on credential information identifying the one or more client devices and credential information identifying users of the one or more client devices, the plurality of different client authentication procedures comprising a combined physical address and web authentication procedure, comprising transmitting user credential information from a client device to the network access device according to a secure protocol, and then transmitting the user credential information from the network access device to an authentication server; detecting that a new client device has attached to a port of the apparatus; upon detecting the new client device, performing authentication according to the selected one of a plurality of different authentication procedures each supported by the apparatus; and determining whether to grant or deny the request in accordance with the selected one of a plurality of authentication procedures.
-
-
35. An apparatus comprising:
-
a plurality of ports comprising one or more input ports and one or more output ports, the plurality of ports configured to communicatively interconnect the one or more client devices to each other and to a data communications network; switching fabric configured to route one or more data units from the one or more input ports to the one or more output ports; a memory configured to store an indication of a selected one of a plurality of different authentication procedures a system administrator of the apparatus has selected to perform authentication, the authentication based at least in part on credential information identifying one or more client devices and credential information identifying users of the one or more client devices, the plurality of different client authentication procedures comprising a combined physical address and web authentication procedure, comprising transmitting user credential information from a client device toward the network access device according to a secure protocol, and then transmitting the user credential information from the network access device toward an authentication server; and control logic stored in the memory and configured to; detect that a new client device has attached to a port of the apparatus; upon detecting the new client device, perform authentication according to the selected one of the plurality of different authentication procedures each supported by the apparatus; and determine whether to grant the new client device access to the data communications network based upon a result of the authentication.
-
Specification