METHOD FOR AUTHENTICATING A NETWORKED ENDPOINT USING A PHYSICAL (POWER) CHALLENGE

US 20170331803A1
Filed: 05/10/2016
Published: 11/16/2017
Est. Priority Date: 05/10/2016
Status: Active Grant

First Claim

Patent Images

1. A method comprisingdetermining whether to initiate a power challenge for an endpoint device;

in response to a determination to initiate a power challenge, determining whether the endpoint device is connected to a known power interface;

in response to a determination that the endpoint device is not connected to a known power interface,sending a power challenge to the endpoint device, andsending an observation request to one or more of a plurality of sensor devices;

receiving proof of work information from one or more of the plurality of sensor devices, whereinthe proof of work information is associated with the power challenge; and

determining whether the endpoint device adequately performed the power challenge by processing the proof of work information.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Various systems and methods for using power challenges to authenticate network devices are disclosed herein. For example, one method involves initiating a power challenge to authenticate an endpoint device, which involves, at least in part, requesting the endpoint device to perform a specific power signature; receiving data indicating whether the endpoint device performed the requested power signature within a given time interval, wherein the data can be received from, e.g., a power interface or other device capable of observing the endpoint device; processing the received data to determine if the endpoint device correctly performed the requested power signature; and if the endpoint correctly performed the power signature, authenticating the endpoint.

13 Citations

21 Claims

1. A method comprisingdetermining whether to initiate a power challenge for an endpoint device;
- in response to a determination to initiate a power challenge, determining whether the endpoint device is connected to a known power interface;
  
  in response to a determination that the endpoint device is not connected to a known power interface,sending a power challenge to the endpoint device, andsending an observation request to one or more of a plurality of sensor devices;
  
  receiving proof of work information from one or more of the plurality of sensor devices, whereinthe proof of work information is associated with the power challenge; and
  
  determining whether the endpoint device adequately performed the power challenge by processing the proof of work information.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the processing further comprisesdetermining whether a trusted sensor device adequately observed a power signature associated with the power challenge.
  - 3. The method of claim 2, wherein the processing further comprisesauthenticating the endpoint device in response to a determination that a trusted sensor device adequately observed the power signature.
  - 4. The method of claim 1, wherein the processing further comprisesdetermining whether a quorum of the plurality of sensor devices observed a power signature associated with the power challenge.
  - 5. The method of claim 1, wherein the processing further comprisesgenerating a weighted average, whereinthe weighted averaged is based on the proof of work information received from the one or more of the plurality of sensor devices.
  - 6. The method of claim 1, further comprisingauthenticating the endpoint device in response to a determination that the endpoint device adequately performed the power challenge.
  - 7. The method of claim 1, further comprisinginitiating an error protocol in response to a determination that the endpoint device did not adequately perform the power challenge.
  - 8. The method of claim 1, further comprisingdetermining whether to initiate a power challenge for an endpoint device;
    - andthe determining whether the endpoint device is connected to a known power interface is performed in response to a determination to initiate the power challenge.

9. A system comprising:
- a challenge initiating module, wherein the challenge initiating module is configured to determine whether to initiate a power challenge for an endpoint device,in response to a determination to initiate a power challenge, determine whether the endpoint device is connected to a known power interface, andin response to a determination that the endpoint device is not connected to a known power interface,send a power challenge to the endpoint device;
  
  a server interface module, wherein the server interface module is configured tosend an observation request to one or more of a plurality of sensor devices, whereinthe observation request is sent in response to the determination that the endpoint device is not connected to a known power interface, andreceive proof of work information from one or more of the plurality of sensor devices, whereinthe proof of work information is associated with the power challenge; and
  
  a challenge processing module, wherein the challenge processing module is configured todetermine whether the endpoint device adequately performed the power challenge by processing the proof of work information.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. The system of claim 9, wherein the challenge processing module is further configured todetermine whether a trusted sensor device adequately observed a power signature associated with the power challenge.
  - 11. The system of claim 10, wherein the challenge processing module is further configured toauthenticate the endpoint device in response to a determination that a trusted sensor device adequately observed the power signature.
  - 12. The system of claim 9, wherein the challenge processing module is further configured todetermine whether a quorum of the plurality of sensor devices observed a power signature associated with the power challenge.
  - 13. The system of claim 9, wherein the challenge processing module is further configured togenerate a weighted average, whereinthe weighted averaged is based on the proof of work information received from the one or more of the plurality of sensor devices.
  - 14. The system of claim 9, wherein the challenge processing module is further configured toauthenticate the endpoint device in response to a determination that the endpoint device adequately performed the power challenge.
  - 15. The system of claim 9, wherein the challenge processing module is further configured toinitiate an error protocol in response to a determination that the endpoint device did not adequately perform the power challenge.

16. An apparatus comprising:
- a challenge initiating module, wherein the challenge initiating module is configured to determine whether to initiate a power challenge for an endpoint device,in response to a determination to initiate a power challenge, determine whether the endpoint device is connected to a known power interface, andin response to a determination that the endpoint device is not connected to a known power interface,send a power challenge to the endpoint device;
  
  a server interface module, wherein the server interface module is configured tosend an observation request to one or more of a plurality of sensor devices, whereinthe observation request is sent in response to the determination that the endpoint device is not connected to a known power interface, andreceive proof of work information from one or more of the plurality of sensor devices, whereinthe proof of work information is associated with the power challenge; and
  
  a challenge processing module, wherein the challenge processing module is configured todetermine whether the endpoint device adequately performed the power challenge by processing the proof of work information.
- View Dependent Claims (17, 18, 19, 20, 21)
- - 17. The apparatus of claim 16, wherein the challenge processing module is further configured todetermine whether a trusted sensor device adequately observed a power signature associated with the power challenge.
  - 18. The apparatus of claim 17, wherein the challenge processing module is further configured toauthenticate the endpoint device in response to a determination that a trusted sensor device adequately observed the power signature.
  - 19. The apparatus of claim 16, wherein the challenge processing module is further configured todetermine whether a quorum of the plurality of sensor devices observed a power signature associated with the power challenge.
  - 20. The apparatus of claim 16, wherein the challenge processing module is further configured togenerate a weighted average, whereinthe weighted averaged is based on the proof of work information received from the one or more of the plurality of sensor devices.
  - 21. The apparatus of claim 16, wherein the challenge processing module is further configured toauthenticate the endpoint device in response to a determination that the endpoint device adequately performed the power challenge.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Parello, John, Ramanujam, Padmanabhan, Pollakattu, Sarat

Granted Patent

US 10,235,516 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/44   Program or device authentic...

H04L 25/02   Details ; arrangements for ...

H04L 63/0876   based on the identity of th...

H04L 9/3221   interactive zero-knowledge ...

METHOD FOR AUTHENTICATING A NETWORKED ENDPOINT USING A PHYSICAL (POWER) CHALLENGE

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

13 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD FOR AUTHENTICATING A NETWORKED ENDPOINT USING A PHYSICAL (POWER) CHALLENGE

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

13 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links