Secure network deployment
First Claim
Patent Images
1. A method, comprising:
- identifying a plurality of customized profiles for a network device model, wherein a first one of the profiles is customized for a first user and contains at least one different parameter for selected services than a second one of the profiles for a second user;
creating, using a call controller, a table associating each one of the customized profiles with a unique Personal Identification Number (PIN);
providing a web page form for registration of a network device;
receiving, at the call controller via the web page form, a message originating from the network device to be configured, wherein the call controller is a first party, and the network device is a second party;
the message further comprises;
a submitted PIN, and a manufacturer installed certificate, which includes a media access control (MAC) address, issued by a trusted third party;
wherein the message is signed using a public key included in the manufacturer installed certificate and contains the manufactured installed certificate within the message, wherein the manufactured installed certificate including the MAC address is appended into the web page form;
comparing, using the call controller, the submitted PIN included in the received message to the table;
identifying, using the call controller, a particular one of the customized profiles in the table according to the comparison;
extracting, using the call controller, the address from the manufacturer installed certificate of the network device included in the received message;
formatting, using the call controller, an entry in the table for the particular customized profile including the selected services with a value of the extracted MAC address; and
causing, using the call controller, the particular customized profile to be downloaded to the network device.
1 Assignment
0 Petitions
Accused Products
Abstract
In one embodiment, a Manufacturer Installed Certificate (MIC) and a personal identification number are sent to a call controller to request a configuration profile. When the configuration file is received, the IP phone is provisioned according to the configuration profile.
-
Citations
12 Claims
-
1. A method, comprising:
-
identifying a plurality of customized profiles for a network device model, wherein a first one of the profiles is customized for a first user and contains at least one different parameter for selected services than a second one of the profiles for a second user; creating, using a call controller, a table associating each one of the customized profiles with a unique Personal Identification Number (PIN); providing a web page form for registration of a network device; receiving, at the call controller via the web page form, a message originating from the network device to be configured, wherein the call controller is a first party, and the network device is a second party; the message further comprises;
a submitted PIN, and a manufacturer installed certificate, which includes a media access control (MAC) address, issued by a trusted third party;wherein the message is signed using a public key included in the manufacturer installed certificate and contains the manufactured installed certificate within the message, wherein the manufactured installed certificate including the MAC address is appended into the web page form; comparing, using the call controller, the submitted PIN included in the received message to the table; identifying, using the call controller, a particular one of the customized profiles in the table according to the comparison; extracting, using the call controller, the address from the manufacturer installed certificate of the network device included in the received message; formatting, using the call controller, an entry in the table for the particular customized profile including the selected services with a value of the extracted MAC address; and causing, using the call controller, the particular customized profile to be downloaded to the network device. - View Dependent Claims (2, 3, 4)
-
-
5. An apparatus, comprising:
-
a memory including instructions configured to; generate a table associating each one of a plurality of customized profiles for a same network device model with a unique personal identifier, wherein a first one of the profiles is customized for a first user and contains at least one different parameter for a phone service than a second one of the profiles for a second user; provide a web page form for configuration of the network device; receive a message originating from the network device to be configured, the message comprising;
a submitted personal identifier, and a manufacturer installed certificate which includes a media access control (MAC) address;wherein the manufacturer installed certificate including the MAC address is appended to the web page form; wherein the message is signed using a public key included in the manufacturer installed certificate, and contains the manufactured installed certificate within the message; compare the submitted personal identifier included in the received message to the table; identify a particular one of the customized profiles in the table according to the comparison; extract the MAC address from the manufacturer installed certificate included in the received message; store a value of the extracted MAC address in a table entry for the particular customized profile and associated with the phone service; and cause the particular customized profile to be downloaded to the network device. - View Dependent Claims (6, 7, 8, 9, 10, 11)
-
-
12. A method, comprising:
-
identifying a plurality of customized profiles for a network device model, wherein a first one of the profiles is customized for a first user and contains at least one different parameter than a second one of the profiles for a second user; creating, using a call controller, a table associating each one of the customized profiles with a unique Personal Identification Number (PIN); providing a web page to configure the network device model; receiving, at the call controller, the call controller being a first party, a message originating from a network device to be configured, and the network device being a second party; the message further comprises;
a submitted PIN, and a manufacturer installed certificate, which includes a media access control (MAC) address, issued by a trusted third party;wherein the manufacturer installed certification including the MAC address is appended to the web page; comparing, using the call controller, the submitted PIN included in the received message to the table; identifying, using the call controller, a particular one of the customized profiles in the table according to the comparison; extracting, using the call controller, the MAC address from the manufacturer installed certificate of the network device included in the received message; formatting, using the call controller, an entry in the table for the particular customized profile with a value of the extracted MAC address; and causing, using the call controller, the particular customized profile to be downloaded to the network device.
-
Specification