Cryptographic peer discovery, authentication, and authorization for on-path signaling
US7350227B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Apr 26, 2005 |
| Grant date | Mar 25, 2008 |
| Priority date | — |
| Expiry date | Jan 25, 2026 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/101
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A method is disclosed for cryptographic peer discovery, authentication, and authorization. According to one embodiment, a data packet, which is addressed to a destination device other than an intermediary network device, is intercepted at the intermediary network device. The data packet contains a request and a group identifier. A shared secret cryptographic key, which is mapped to the group identifier, is selected. A challenge is sent toward an upstream device from whence the data packet came. A response is received. A verification value is generated based on the cryptographic key and the challenge. It is determined whether the response matches the verification value. If the response matches the verification value, then it is determined whether the request is allowed by an authorization set that is mapped to the group identifier. If the request is allowed, then a policy of the intermediary network device is configured based on the request.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.