Switching apparatus, authentication server, authentication system, authentication method, and computer program product

US 8,959,581 B2
Filed: 08/26/2009
Issued: 02/17/2015
Est. Priority Date: 11/17/2008
Status: Expired due to Fees

First Claim

Patent Images

1. A switching apparatus comprising:

a memory having computer executable components stored therein; and

a processor communicatively coupled to the memory, the processor configured to facilitate execution of the computer executable components, the computer executable components, comprising;

an authentication client unit that requests user authentication to a user authentication server that performs user authentication of the switching apparatus, and, in response to the user authentication being successfully performed, receives from the user authentication server, success information indicating success of the user authentication, wherein the success information comprises setting information used when terminal authentication of a terminal to be connected to the switching apparatus is relayed to a terminal authentication server that performs terminal authentication, and shared secret information, the shared secret information being generated in the user authentication server each time the requested user authentication is successfully performed and being information for secure communication between the terminal and the terminal authentication server;

an authentication setting unit that sets the setting information and the shared secret information to an authentication relay unit in response to receipt of the success information by the authentication client unit, wherein the authentication relay unit relays a terminal authentication; and

a control unit that allows the authentication relay unit to relay the terminal authentication when the setting information and the shared secret information is set to the authentication relay unit.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A switching apparatus includes an authentication client unit that requests user authentication to a user authentication server that performs user authentication of the switching apparatus, and, when the requested user authentication is successfully performed, receives from the user authentication server, information of success of the user authentication and setting information used when terminal authentication of a terminal to be connected to the switching apparatus is relayed to a terminal authentication server that performs terminal authentication; an authentication setting unit that sets the setting information to an authentication relay unit that relays terminal authentication; and a control unit that allows the authentication relay unit to relay the terminal authentication when the setting information is set to the authentication relay unit.

17 Citations

View as Search Results

15 Claims

1. A switching apparatus comprising:
- a memory having computer executable components stored therein; and
  
  a processor communicatively coupled to the memory, the processor configured to facilitate execution of the computer executable components, the computer executable components, comprising;
  
  an authentication client unit that requests user authentication to a user authentication server that performs user authentication of the switching apparatus, and, in response to the user authentication being successfully performed, receives from the user authentication server, success information indicating success of the user authentication, wherein the success information comprises setting information used when terminal authentication of a terminal to be connected to the switching apparatus is relayed to a terminal authentication server that performs terminal authentication, and shared secret information, the shared secret information being generated in the user authentication server each time the requested user authentication is successfully performed and being information for secure communication between the terminal and the terminal authentication server;
  
  an authentication setting unit that sets the setting information and the shared secret information to an authentication relay unit in response to receipt of the success information by the authentication client unit, wherein the authentication relay unit relays a terminal authentication; and
  
  a control unit that allows the authentication relay unit to relay the terminal authentication when the setting information and the shared secret information is set to the authentication relay unit.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The switching apparatus according to claim 1, further comprising the authentication relay unit that relays the terminal authentication of the terminal in response to the control unit allowing relay of the terminal authentication.
  - 3. The switching apparatus according to claim 1, wherein the control unit further allows a switching unit that relays a communication of a terminal to be connected to the switching apparatus to relay a communication to a terminal that has succeeded in the terminal authentication.
  - 4. The switching apparatus according to claim 3, wherein the control unit terminates the terminal authentication and causes the switching unit to terminate relay of the communication to the terminal, in response to termination of the user authentication being instructed during the communication of the terminal resulting from success of the user authentication and success of the terminal authentication.
  - 5. The switching apparatus according to claim 1, further comprising an image generating unit that generates an image notifying of termination of the user authentication and termination of relay of a communication of the terminal, in response to termination of the user authentication being instructed during the communication of the terminal resulting from success of the user authentication and success of the terminal authentication.
  - 6. The switching apparatus according to claim 1, further comprising an image generating unit that generates an image urging to perform the user authentication, in response to the user authentication being unsuccessful and the terminal authentication being requested.
  - 7. The switching apparatus according to claim 1, wherein the user authentication is performed based on user identification information of the switching apparatus.
  - 8. The switching apparatus according to claim 1, further comprising:
    - a telephone communicating unit that establishes telephone communications based on the user authentication;
      
      an input interface unit for the telephone communications by the telephone communication unit; and
      
      an output interface unit for the telephone communications by the telephone communicating unit.
  - 9. The switching apparatus according to claim 1, wherein the user authentication is one of a Session Initiation Protocol (SIP) or a Protocol for carrying authentication for network Access (PANA).
  - 10. The switching apparatus according to claim 1, wherein the terminal authentication is one of an IEEE (Institute of Electrical and Electronic Engineers) 802.1X or a Protocol for carrying Authentication for Network Access (PANA).
  - 11. The switching apparatus according to claim 1, further comprising a deleting unit that deletes the shared secret information in response to completion of communication of the shared secret information the user authentication.

12. An authentication system comprising:
- a switching apparatus; and
  
  a user authentication server that performs user authentication of the switching apparatus and is connected the switching apparatus, whereinthe switching apparatus includesa memory having computer executable components stored therein; and
  
  a processor communicatively coupled to the memory, the processor configured to facilitate execution of the computer executable components, the computer executable components, comprising;
  
  an authentication client unit that requests the user authentication server to perform user authentication, and, in response to the user authentication being successfully performed, receives from the user authentication server, success information of success of the user authentication, wherein the success information includes setting information used when terminal authentication of a terminal to be connected to the switching apparatus is relayed to a terminal authentication server that performs the terminal authentication, and shared secret information, the shared secret information being generated in the user authentication server each time the requested user authentication is successfully performed and being information for secure communication between the terminal and the terminal authentication server,an authentication setting unit that sets the setting information and the shared secret information to an authentication relay unit in response to receipt of the success information by the authentication client unit, wherein the authentication relay unit relays the terminal authentication,a control unit that allows the authentication relay unit to relay the terminal authentication when the setting information is set to the authentication relay unit, anda processor for executing at least the authentication client unit, andthe user authentication server includesan authenticating unit that receives a request for user authentication, and, in response to the request for user authentication being successfully performed, transmits to the switching apparatus the information of the success of the user authentication, the setting information, and the shared secret information, anda control unit that requests the terminal authentication server to set the terminal authentication based on the shared secret information.

13. An authentication method performed in a switching apparatus, comprising:
- requesting user authentication to a user authentication server that performs user authentication of the switching apparatus;
  
  receiving, in response to the user authentication being successfully performed, from the user authentication server, success information of success of the user authentication, wherein the success information comprises setting information used when terminal authentication of a terminal to be connected to the switching apparatus is relayed to a terminal authentication server that performs terminal authentication, and shared secret information, the shared secret information being generated in the user authentication server each time the requested user authentication is successfully performed and being information for secure communication between the terminal and the terminal authentication server;
  
  setting the setting information and the shared secret information to an authentication relay unit in response to the receiving the success information, wherein the authentication relay unit relays a terminal authentication; and
  
  allowing the authentication relay unit to relay the terminal authentication when the setting information is set to the authentication relay unit.

14. An authentication method performed in an authentication system including a switching apparatus and a user authentication server that performs user authentication of the switching apparatus and is connected the switching apparatus, the method comprising:
- requesting, by the switching apparatus, user authentication to a user authentication server that performs user authentication of the switching apparatus;
  
  receiving by the switching apparatus, in response to the user authentication being successfully performed, from the user authentication server, success information of success of the user authentication, the success information including setting information used when terminal authentication of a terminal to be connected to the switching apparatus is relayed to a terminal authentication server that performs terminal authentication, and shared secret information, the shared secret information being generated in the user authentication server each time the requested user authentication is successfully performed and being information for secure communication between the terminal and the terminal authentication server;
  
  setting by the switching apparatus, the setting information and the shared secret information to an authentication relay unit in response to the receiving the success information by the switching apparatus, wherein the authentication relay unit relays terminal authentication; and
  
  allowing the authentication relay unit to relay the terminal authentication by the switching apparatus when relay of the terminal authentication is set to the authentication relay unit;
  
  receiving, a request for user authentication by the user authentication server;
  
  transmitting, by the user authentication server, in response to the user authentication being successfully performed, the information of the success of the user authentication, setting information used when terminal authentication of a terminal to be connected to the switching apparatus is relayed to a terminal authentication server that performs terminal authentication, and the shared secret information to the switching apparatus, the shared secret information being generated each time the requested user authentication is successfully performed; and
  
  requesting by the user authentication server to the terminal authentication server to set the terminal authentication based on the shared secret information.

15. A computer program product having a non-transitory computer readable medium including programmed instructions for performing an authentication method executed in a switching apparatus, wherein the instructions, in response to execution, cause a computer to perform operation including:
- requesting user authentication to a user authentication server that performs user authentication of the switching apparatus;
  
  receiving, in response to the requested user authentication being successfully performed, from the user authentication server, success information of success of the user authentication, wherein the success information comprises setting information used when terminal authentication of a terminal to be connected to the switching apparatus is relayed to a terminal authentication server that performs terminal authentication, and shared secret information, the shared secret information being generated in the user authentication server each time the requested user authentication is successfully performed and being information for secure communication between the terminal and the terminal authentication server;
  
  setting the setting information and the shared secret information to an authentication relay unit in response to the receiving the success information, wherein the authentication relay unit relays a terminal authentication; and
  
  allowing the authentication relay unit to relay the terminal authentication when the setting information is set to the authentication relay unit.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Kabushiki Kaisha Toshiba (Toshiba Corporation)
Original Assignee
Kabushiki Kaisha Toshiba (Toshiba Corporation)
Inventors
Tanizawa, Yoshimichi
Primary Examiner(s)
EDWARDS, LINGLAN E

Application Number

US12/547,878
Publication Number

US 20100125892A1
Time in Patent Office

2,001 Days
Field of Search

726 2- 4, 713/150, 380/255, 455/411
US Class Current

726/2
CPC Class Codes

H04L 63/08 for authentication of entit...

Switching apparatus, authentication server, authentication system, authentication method, and computer program product

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

17 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Switching apparatus, authentication server, authentication system, authentication method, and computer program product

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

17 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links