Security mechanism within a local area network
First Claim
Patent Images
1. A method, comprising:
- sending, from a client device, a first request to a server, the first request comprising a request for a server public key associated with the server;
in response to sending the first request, receiving, at the client device, the server public key from the server;
using the received server public key to establish a secure communication channel for the client device with the server within a local area network, wherein establishing the secure communication channel includes encrypting, at the client device, a second request to the server for a client security certificate using the received server public key from the server;
sending, from the client device, the encrypted second request to the server for the client security certificate using the secure communication channel;
in response to sending the encrypted second request and without providing any further authentication in addition to sending the encrypted second request using the secure communication channel within the local area network established for the client device with the server, receiving, at the client device, the client security certificate from the server wherein the security certificate is a self-signed certificate; and
installing the received security certificate on the client device.
2 Assignments
0 Petitions
Accused Products
Abstract
A local area network server may issue security certificates to client devices on the network for two-way authentication across the network. The certificates may be issued through a transaction performed over the network and, in some cases, may be automated. The server may have a self signed or a trusted security certificate which may serve as a basis for issuing certificates to various clients. After a certificate is issued, future communications on the network may be authenticated by both the server and client, and the communications may be encrypted using the certificates.
27 Citations
15 Claims
-
1. A method, comprising:
-
sending, from a client device, a first request to a server, the first request comprising a request for a server public key associated with the server; in response to sending the first request, receiving, at the client device, the server public key from the server; using the received server public key to establish a secure communication channel for the client device with the server within a local area network, wherein establishing the secure communication channel includes encrypting, at the client device, a second request to the server for a client security certificate using the received server public key from the server; sending, from the client device, the encrypted second request to the server for the client security certificate using the secure communication channel; in response to sending the encrypted second request and without providing any further authentication in addition to sending the encrypted second request using the secure communication channel within the local area network established for the client device with the server, receiving, at the client device, the client security certificate from the server wherein the security certificate is a self-signed certificate; and installing the received security certificate on the client device. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method, comprising:
-
receiving, from a client device, a first request to a server, the first request comprising a request by the client device for a server public key associated with the server; in response to receiving the first request, sending the requested server public key from the server to the client device; receiving, from the client device, a second request to the server for a client security certificate, the received second request being encrypted at the client device using the server public key sent from the server to the client device; in response to receiving the encrypted second request and without providing any further authentication in addition to the client device sending the encrypted second request, encrypting the requested client security certificate and sending the encrypted client security certificate from the server to the client device to be installed on the client device; receiving a communication from the client device, the communication being encrypted using the client security certificate; and using the client security certificate for decrypting the received communication. - View Dependent Claims (7, 8, 9, 10, 11)
-
-
12. A computing server, comprising:
a processor and a memory containing instructions that when executed by the processor, cause the processor to perform a process comprising; receiving, from a client device, a first request comprising a request by the client device for a server public key associated with the computing server; in response to receiving the first request, transmitting the requested server public key to the client device; receiving, from the client device, a second request to the computing server for a client security certificate, the received second request being encrypted at the client device using the server public key transmitted from the computing server to the client device; in response to receiving the encrypted second request and without providing any further authentication in addition to the client device sending the encrypted second request, encrypting the requested client security certificate and transmitting the encrypted client security certificate to the client device to be installed on the client device; receiving a communication from the client device, the communication being encrypted using the client security certificate; and using the client security certificate for decrypting the received communication. - View Dependent Claims (13, 14, 15)
Specification