Methods, systems, and computer readable media for remote authentication dial in user service (RADIUS) message loop detection and mitigation

US 9,923,984 B2
Filed: 10/30/2015
Issued: 03/20/2018
Est. Priority Date: 10/30/2015
Status: Active Grant

First Claim

Patent Images

1. A method for remote authentication dial in user service (RADIUS) message loop detection and mitigation, the method, comprising:

receiving, by a RADIUS proxy node comprising a computing platform including at least one processor, a RADIUS signaling message transmitted by a RADIUS client over a network;

inserting a host identifier of the RADIUS proxy node into the RADIUS signaling message;

forwarding, by the RADIUS proxy node, the RADIUS signaling message to a RADIUS peer over the network;

receiving, by the RADIUS proxy node, the RADIUS signaling message transmitted by another node over the network;

determining, by the RADIUS proxy node, that the RADIUS signaling message transmitted by another node includes an attribute having the host identifier inserted by the RADIUS proxy node; and

in response to determining that the RADIUS signaling message transmitted by another node includes the attribute having the host identifier inserted by the RADIUS proxy node, performing, by the RADIUS proxy node, a RADIUS loop mitigation action for the RADIUS signaling message transmitted by another node.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods, systems, and computer readable media for remote authentication dial in user service (RADIUS) message loop detection and mitigation are disclosed. One method includes receiving, at a RADIUS proxy node, a RADIUS signaling message. The method further includes determining whether the RADIUS signaling message includes an attribute with a host identifier corresponding to the RADIUS proxy node. In response to determining that the RADIUS signaling message includes the attribute that includes the host identifier corresponding to the RADIUS proxy node, performing a RADIUS loop mitigation action for the RADIUS signaling message.

157 Citations

12 Claims

1. A method for remote authentication dial in user service (RADIUS) message loop detection and mitigation, the method, comprising:
- receiving, by a RADIUS proxy node comprising a computing platform including at least one processor, a RADIUS signaling message transmitted by a RADIUS client over a network;
  
  inserting a host identifier of the RADIUS proxy node into the RADIUS signaling message;
  
  forwarding, by the RADIUS proxy node, the RADIUS signaling message to a RADIUS peer over the network;
  
  receiving, by the RADIUS proxy node, the RADIUS signaling message transmitted by another node over the network;
  
  determining, by the RADIUS proxy node, that the RADIUS signaling message transmitted by another node includes an attribute having the host identifier inserted by the RADIUS proxy node; and
  
  in response to determining that the RADIUS signaling message transmitted by another node includes the attribute having the host identifier inserted by the RADIUS proxy node, performing, by the RADIUS proxy node, a RADIUS loop mitigation action for the RADIUS signaling message transmitted by another node.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1 wherein the RADIUS proxy node is a component of a Diameter signaling router (DSR) that performs Diameter routing and provides RADIUS proxy services.
  - 3. The method of claim 2 comprising receiving a Diameter message, identifying a corresponding outbound message as a RADIUS message, and performing loop detection for the Diameter message and the outbound message.
  - 4. The method of claim 1 wherein the RADIUS proxy node comprises a standalone RADIUS proxy that provides RADIUS proxy services.
  - 5. The method of claim 1 wherein the attribute comprises a proxy state attribute of the RADIUS signaling message.
  - 6. The method of claim 1 wherein the attribute comprises a Diameter route record attribute value pair of a Diameter envelope that carries the RADIUS signaling message.

7. A system for remote authentication dial in user service (RADIUS) message loop detection and mitigation, the system, comprising:
- a RADIUS proxy node comprising a computing platform having at least one processor, the RADIUS proxy node including;
  
  a RADIUS connection layer for receiving a RADIUS signaling message transmitted by a RADIUS client over a network; and
  
  a RADIUS loop mitigator for inserting a host identifier of the RADIUS proxy node into the RADIUS signaling message, forwarding, the RADIUS signaling message to a RADIUS peer over the network, receiving the RADIUS signaling message transmitted by another node over the network, determining that the RADIUS signaling message transmitted by another node includes an attribute having the host identifier corresponding to inserted by the RADIUS proxy node, and, in response to determining that the RADIUS signaling message transmitted by another node includes the attribute having the host identifier inserted by the RADIUS proxy node, performing a RADIUS loop mitigation action for the RADIUS signaling message transmitted by another node.
- View Dependent Claims (8, 9, 10, 11)
- - 8. The system of claim 7 comprising a Diameter signaling router (DSR), wherein the RADIUS proxy node is a component of the DSR.
  - 9. The system of claim 8 wherein the DSR receives a Diameter message, identifies a corresponding outbound message as a RADIUS message, and performs loop detection for the Diameter message and the outbound message.
  - 10. The system of claim 7 wherein the RADIUS proxy node comprises a standalone node that provides RADIUS proxy services.
  - 11. The system of claim 7 wherein the attribute comprises a proxy state attribute of the RADIUS signaling message or a Diameter route record attribute value pair of a Diameter envelope that carries the RADIUS signaling message.

12. A non-transitory computer readable medium having stored thereon executable instructions that when executed by a processor of a computer control the computer to perform steps comprising:
- receiving, by a remote dial in user service (RADIUS) proxy node comprising a computing platform including at least one processor, a RADIUS signaling message transmitted by a RADIUS client over a network;
  
  inserting a host identifier of the RADIUS proxy node into the RADIUS signaling message;
  
  forwarding, by the RADIUS proxy node, the RADIUS signaling message to a RADIUS peer over the network;
  
  receiving, by the RADIUS proxy node, the RADIUS signaling message transmitted from another node over the network;
  
  determining, by the RADIUS proxy node, that the RADIUS signaling message transmitted by another node includes an attribute having the host identifier inserted by the RADIUS proxy node; and
  
  in response to determining that the RADIUS signaling message transmitted by another node includes the attribute having the host identifier inserted by the RADIUS proxy node, performing, by the RADIUS proxy node, a RADIUS loop mitigation action for the RADIUS signaling message transmitted by another node.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Oracle International Corporation (Oracle Corporation)
Inventors
McCann, Thomas Matthew, Karmarkar, Kedar Kashinath
Primary Examiner(s)
WHIPPLE, BRIAN P

Application Number

US14/928,660
Publication Number

US 20170126522A1
Time in Patent Office

872 Days
Field of Search

None
US Class Current
CPC Class Codes

H04L 67/56 Provisioning of proxy servi...

H04L 67/563 Data redirection of data ne...

Methods, systems, and computer readable media for remote authentication dial in user service (RADIUS) message loop detection and mitigation

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

157 Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Methods, systems, and computer readable media for remote authentication dial in user service (RADIUS) message loop detection and mitigation

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

157 Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links