Dynamic radius
First Claim
Patent Images
1. A system comprising:
- a remote authentication dial in user service (RADIUS) server having a memory and a processor configured to execute computer executable instructions stored on the memory to;
receive an authentication request from a network access server (NAS) of a plurality of NASs, the NAS having a processor, the authentication request including a device identifier of the NAS and a user identifier;
access a user account from a plurality of user accounts based on the user identifier, the user account including at least a first user profile and a second user profile, each including a profile identifier that is a combination of the user identifier and a device identifier of one of the plurality of NASs;
access one of the at least a first user profile and a second user profile for which the device identifier matches the received device identifier, from the user account to determine an NAS authorization format, wherein access of the user profile is based on the authentication request;
identify an NAS authorization type indicator from the accessed user profile, wherein the NAS authorization type indicator includes the NAS authorization format;
identify a manner in which the authorization request should be processed into a processed authorization request based on the NAS authorization type indicator; and
provide an authorization response to the NAS, wherein the authorization response is formatted according to the NAS authorization format.
3 Assignments
0 Petitions
Accused Products
Abstract
A system includes a remote authentication dial in user service (RADIUS) server in communication with a network access server. The network access server provides an authentication request to the RADIUS server. The authentication request includes at least a user identifier and a device identifier. The RADIUS server determines an authentication format utilized by the network access server based on the received authentication request. The system may also determine an authorization level to provide with an authentication response.
-
Citations
19 Claims
-
1. A system comprising:
a remote authentication dial in user service (RADIUS) server having a memory and a processor configured to execute computer executable instructions stored on the memory to; receive an authentication request from a network access server (NAS) of a plurality of NASs, the NAS having a processor, the authentication request including a device identifier of the NAS and a user identifier; access a user account from a plurality of user accounts based on the user identifier, the user account including at least a first user profile and a second user profile, each including a profile identifier that is a combination of the user identifier and a device identifier of one of the plurality of NASs; access one of the at least a first user profile and a second user profile for which the device identifier matches the received device identifier, from the user account to determine an NAS authorization format, wherein access of the user profile is based on the authentication request; identify an NAS authorization type indicator from the accessed user profile, wherein the NAS authorization type indicator includes the NAS authorization format; identify a manner in which the authorization request should be processed into a processed authorization request based on the NAS authorization type indicator; and provide an authorization response to the NAS, wherein the authorization response is formatted according to the NAS authorization format. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
8. A method comprising
receiving, at a remote authentication dial in user service (RADIUS) server, an authorization request from a network access server (NAS), the authorization request including a user identification and an NAS identification; -
access a user account from a plurality of user accounts based on the user identifier, the user account including at least a first user profile and a second user profile, each including a profile identifier that is a combination of the user identifier and a device identifier of one of the plurality of NASs; identifying one of the at least a first user profile and a second user profile for which the device identifier matches the NAS identification received with the authorization request; determining an authentication mechanism of the NAS from the user profile, wherein the authentication mechanism includes an authorization format; identifying a proper processing module to process the authorization request from a plurality of processing modules, wherein identifying the proper processing module is based on the authentication mechanism; creating an authorization response in a format corresponding to the authorization format, wherein creating the authorization response is based on a processed authorization request received from the proper processing module; and providing the authorization response to the NAS, wherein the authorization response is formatted according to the NAS authorization format. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A remote authentication dial in user service (RADIUS) server comprising a memory and a processor configured to execute computer executable instructions stored on the memory to:
-
receive an authentication request from a network access server (NAS) associated with a user, wherein the authentication request includes a user identifier and an internet protocol (IP) address of the NAS; access a user account from a plurality of user accounts based on the user identifier, the user account including a plurality of user profiles, each including a profile identifier that is a combination of the user identifier and a device identifier of one of a plurality of NASs; access one of the plurality of user profiles for which the device identifier matches the IP address of the NAS received with the authentication request, wherein the user profile includes NAS authentication format information; identify an NAS authorization type indicator from the accessed user profile, wherein the NAS authorization type indicator includes the NAS authorization format; identify a manner in which the authorization request should be processed into a processed authorization request based on the NAS authorization type indicator; determine that the NAS is to be given access to at least one of a network device and a network based on the authentication request; format the authentication request according to the NAS authentication format information to create a formatted authentication response in proper format for the NAS; and provide the formatted authentication response to the NAS. - View Dependent Claims (15, 16, 17, 18, 19)
-
Specification