Authentication of computing devices using augmented credentials to enable actions-per-group

US 9,253,175 B1
Filed: 04/30/2013
Issued: 02/02/2016
Est. Priority Date: 04/12/2007
Status: Active Grant

First Claim

Patent Images

1. An authentication system comprising:

an authenticator;

an authentication server; and

an association table associated with the authentication server, the authenticator, and one or more computing devices capable of a network connection with the authenticator, the association table;

mapping ports of the authenticator and one or more credentials identifying the one or more computing devices, andconfigured to be used by the authentication server to authenticate the one or more computing devices, the authentication being based on the one or more credentials mapped in the association table to the ports that connect the one or more computing devices to the authenticator, the authentication being effective to permit an enabling action or a disabling action of at least one of the one or more computing devices.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one or more embodiments, attributes other than a supplicant'"'"'s MAC address can be used for the user name in the authentication process in a network computing environment. In at least some embodiments, doing so utilizes an association structure, such as a table, that is already resident at the authentication server. By using attributes other than a supplicant'"'"'s MAC address, various matching scenarios can be provided by the authentication server in which authentication or authorization takes place responsive to satisfying conditions defined in the authentication server'"'"'s association or database. Furthermore, a variety of non-authentication scenarios can be supported using the authentication server'"'"'s association.

Citations

20 Claims

1. An authentication system comprising:
- an authenticator;
  
  an authentication server; and
  
  an association table associated with the authentication server, the authenticator, and one or more computing devices capable of a network connection with the authenticator, the association table;
  
  mapping ports of the authenticator and one or more credentials identifying the one or more computing devices, andconfigured to be used by the authentication server to authenticate the one or more computing devices, the authentication being based on the one or more credentials mapped in the association table to the ports that connect the one or more computing devices to the authenticator, the authentication being effective to permit an enabling action or a disabling action of at least one of the one or more computing devices.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The system of claim 1, wherein the one or more credentials includes a MAC address associated with one of the computing devices.
  - 3. The system of claim 1, wherein the one or more credentials includes a password associated with one of the computing devices.
  - 4. The system of claim 1, wherein the one or more credentials includes a user name associated with one of the computing devices.
  - 5. The system of claim 1, wherein the computing devices are capable of the network connection with the authenticator through the ports using a wireless local area network.
  - 6. The system of claim 1, wherein the computing devices are capable of the network connection with the authenticator through the ports using a wired Ethernet network.
  - 7. The system of claim 1, wherein the computing devices are capable of network connection with the authenticator through the ports using a WiFi network.
  - 8. The system of claim 1, wherein the association table is further configured to be used by the authentication server to enable or disable a particular resource or define particular times of day that network resources can be accessed.
  - 9. The system of claim 1, wherein the association table is further configured to be used by the authentication server for calling events.
  - 10. The system of claim 1, wherein the one or more credentials includes a VLAN-ID, the VLAN-ID enabling the authenticating to apply to an additional computing device of the one or more computing devices, the one of the one or more computing devices and the additional computing device assigned to the VLAN-ID.
  - 11. The system of claim 10, wherein the VLAN-ID further includes a wild card, the wild card enabling the authenticating to permit common actions to both the one of the one or more computing devices and the additional computing device assigned to the VLAN-ID.

12. An authentication server comprising:
- one or more network connections to one or more computing devices;
  
  an association table comprising one or more associations;
  
  one or more processors; and
  
  memory, coupled to the one or more processors, comprising instructions executable by the processors to;
  
  receive a port identifier, from an authenticator, the port identifier being associated with one of a plurality of ports on the authenticator and associated with one of one or more computing devices connected to the authenticator;
  
  identify the one of the computing devices using one or more credentials presented by the one of the computing devices, the one or more credentials including a location;
  
  authenticate, using the one or more associations, the one of the computing devices based on the one or more credentials and the port identifier; and
  
  permit an enabling action or a disabling action of the one of the computing devices.
- View Dependent Claims (13, 14, 15, 16, 17)
- - 13. The authentication server of claim 12, wherein the credentials includes a MAC address associated with the one of the computing devices.
  - 14. The authentication server of claim 12, wherein the location specifies a building, and wherein the authenticating based on the credentials and the port identifier determines that the one of the computing devices is in the building.
  - 15. The authentication server of claim 12, wherein the one of the computing devices and the one of the plurality of ports are connected through an Ethernet network.
  - 16. The authentication server of claim 12, wherein the one of the computing devices and the one of the plurality of ports are connected through a wireless local area network.
  - 17. The authentication server of claim 12, wherein the authentication is based on a mapping between the credentials and the port identifier and further comprising using the mapping to permit the enabling action or the disabling action of a particular resource, calling events, or to defining particular times of day that network resources can be accessed.

18. A computing device comprising:
- a network connection;
  
  a credential, the credential including a VLAN-ID;
  
  a processor; and
  
  memory, coupled to the processor, comprising instructions executable by the processor to;
  
  connect to a port on an authenticator associated with the device;
  
  send the credential to the authenticator; and
  
  responsive to the credential satisfying a condition defined in an authentication server'"'"'s association table, receive authentication for the computing device from the authentication server.
- View Dependent Claims (19, 20)
- - 19. The computing device of claim 18, wherein the VLAN-ID further includes a wild card, the wild card enabling the authentication server to permit common actions to both the computing device and one of one or more additional computing devices that is assigned to the VLAN-ID.
  - 20. The computing device of claim 18, wherein the device is capable of connection with the authenticator through the port using a wired or wireless Ethernet network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Marvell Asia Pte Limited (Marvell Technology Group Limited)
Original Assignee
Marvell International Limited (Marvell Technology Group Limited)
Inventors
Orr, Michael
Primary Examiner(s)
Lim, Krisna

Application Number

US13/874,201
Time in Patent Office

1,008 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 15/16   Combinations of two or more...

H04L 2209/043   of tables, e.g. lookup, sub...

H04L 63/08   for authentication of entit...

H04L 63/0823   using certificates cryptogr...

H04L 63/0876   based on the identity of th...

H04L 63/0892   by using authentication-aut...

H04L 9/40   Network security protocols

H04W 12/06   Authentication

H04W 84/12   WLAN [Wireless Local Area N...

Authentication of computing devices using augmented credentials to enable actions-per-group

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Authentication of computing devices using augmented credentials to enable actions-per-group

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links