CA2881575C - Network element authentication in communication networks - Google Patents
Network element authentication in communication networks Download PDFInfo
- Publication number
- CA2881575C CA2881575C CA2881575A CA2881575A CA2881575C CA 2881575 C CA2881575 C CA 2881575C CA 2881575 A CA2881575 A CA 2881575A CA 2881575 A CA2881575 A CA 2881575A CA 2881575 C CA2881575 C CA 2881575C
- Authority
- CA
- Canada
- Prior art keywords
- network
- new switch
- discovery packet
- new
- private key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000004891 communication Methods 0.000 title abstract description 10
- 238000000034 method Methods 0.000 claims abstract description 50
- 238000013475 authorization Methods 0.000 claims abstract description 34
- 230000003466 anti-cipated effect Effects 0.000 claims description 11
- 230000004044 response Effects 0.000 claims description 4
- 206010003402 Arthropod sting Diseases 0.000 claims 1
- 238000010586 diagram Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000006424 Flood reaction Methods 0.000 description 1
- 230000006978 adaptation Effects 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/062—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/18—Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/041—Key generation or derivation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/047—Key management, e.g. using generic bootstrapping architecture [GBA] without using a trusted network node as an anchor
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3242—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Mobile Radio Communication Systems (AREA)
- Small-Scale Networks (AREA)
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US14/178,036 US8949949B1 (en) | 2014-02-11 | 2014-02-11 | Network element authentication in communication networks |
| US14/178,036 | 2014-02-11 |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CA2881575A1 CA2881575A1 (en) | 2015-04-20 |
| CA2881575C true CA2881575C (en) | 2015-09-15 |
Family
ID=52395900
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CA2881575A Expired - Fee Related CA2881575C (en) | 2014-02-11 | 2015-02-11 | Network element authentication in communication networks |
Country Status (6)
| Country | Link |
|---|---|
| US (1) | US8949949B1 (enExample) |
| EP (1) | EP2905940B1 (enExample) |
| JP (1) | JP6453351B2 (enExample) |
| CN (1) | CN105981028B (enExample) |
| CA (1) | CA2881575C (enExample) |
| WO (1) | WO2015123135A1 (enExample) |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9900217B2 (en) * | 2014-03-26 | 2018-02-20 | Arista Networks, Inc. | Method and system for network topology enforcement |
| JP6226080B2 (ja) * | 2014-09-25 | 2017-11-08 | 日本電気株式会社 | 通信制御装置、通信制御方法、通信制御プログラム、及び、情報システム |
| KR102088523B1 (ko) * | 2017-12-28 | 2020-03-12 | 주식회사 엘핀 | 하이브리드 패스워드 인증 방법 및 시스템 |
| US11025592B2 (en) | 2019-10-04 | 2021-06-01 | Capital One Services, Llc | System, method and computer-accessible medium for two-factor authentication during virtual private network sessions |
| US12088469B2 (en) * | 2022-05-26 | 2024-09-10 | Red Hat, Inc. | Domain specific language for protected mesh communication |
| US12438728B2 (en) * | 2023-05-24 | 2025-10-07 | GM Global Technology Operations LLC | Message authentication system including a network device having security proxy support |
Family Cites Families (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7117526B1 (en) * | 1999-10-22 | 2006-10-03 | Nomadix, Inc. | Method and apparatus for establishing dynamic tunnel access sessions in a communication network |
| EP1102430A1 (en) * | 1999-10-27 | 2001-05-23 | Telefonaktiebolaget Lm Ericsson | Method and arrangement in an ad hoc communication network |
| CA2789166A1 (en) * | 2002-03-01 | 2003-09-12 | Enterasys Networks, Inc. | Location aware data network |
| US7508801B1 (en) * | 2003-03-21 | 2009-03-24 | Cisco Systems, Inc. | Light-weight access point protocol |
| US7512969B2 (en) * | 2003-11-21 | 2009-03-31 | Time Warner Cable, A Division Of Time Warner Entertainment Company, L.P. | System and method for detecting and reporting cable network devices with duplicate media access control addresses |
| WO2005086423A1 (ja) * | 2004-03-03 | 2005-09-15 | Mitsubishi Electric Corporation | レイヤ2スイッチネットワークシステム |
| WO2006069428A1 (en) * | 2004-12-30 | 2006-07-06 | Bce Inc. | System and method for secure access |
| JP4620527B2 (ja) * | 2005-06-03 | 2011-01-26 | 株式会社日立製作所 | パケット通信装置 |
| US20080263647A1 (en) * | 2006-07-21 | 2008-10-23 | General Electric Company | System and Method For Providing Network Device Authentication |
| JP4714111B2 (ja) * | 2006-08-29 | 2011-06-29 | 株式会社日立製作所 | 管理計算機、計算機システム及びスイッチ |
| TWI340578B (en) * | 2006-12-10 | 2011-04-11 | Cameo Communications Inc | A method for anti-rogue connection in a network system |
| US8064597B2 (en) * | 2007-04-20 | 2011-11-22 | Telefonaktiebolaget Lm Ericsson (Publ) | Method and system for mobile device credentialing |
| US8504718B2 (en) * | 2010-04-28 | 2013-08-06 | Futurewei Technologies, Inc. | System and method for a context layer switch |
| US8391496B2 (en) * | 2010-06-03 | 2013-03-05 | Digi International Inc. | Smart energy network configuration using an auxiliary gateway |
| JP5397547B2 (ja) * | 2010-07-28 | 2014-01-22 | 富士通株式会社 | 鍵設定方法、ノード、およびネットワークシステム |
| WO2012068045A2 (en) * | 2010-11-15 | 2012-05-24 | Trilliant Holdings Inc. | System and method for securely communicating across multiple networks using a single radio |
| US20120324218A1 (en) * | 2011-06-17 | 2012-12-20 | Duren Michael J | Peer-to-Peer Trusted Network Using Shared Symmetric Keys |
| US8848700B2 (en) * | 2011-09-30 | 2014-09-30 | Electronics And Telecommunications Research Institute | Method for device-to-device communication based on cellular telecommunication system |
-
2014
- 2014-02-11 US US14/178,036 patent/US8949949B1/en active Active
-
2015
- 2015-02-05 EP EP15154009.3A patent/EP2905940B1/en not_active Not-in-force
- 2015-02-09 CN CN201580007652.0A patent/CN105981028B/zh not_active Expired - Fee Related
- 2015-02-09 JP JP2016548364A patent/JP6453351B2/ja active Active
- 2015-02-09 WO PCT/US2015/015002 patent/WO2015123135A1/en not_active Ceased
- 2015-02-11 CA CA2881575A patent/CA2881575C/en not_active Expired - Fee Related
Also Published As
| Publication number | Publication date |
|---|---|
| JP6453351B2 (ja) | 2019-01-16 |
| HK1213106A1 (en) | 2016-06-24 |
| CN105981028A (zh) | 2016-09-28 |
| CN105981028B (zh) | 2019-04-09 |
| US8949949B1 (en) | 2015-02-03 |
| WO2015123135A1 (en) | 2015-08-20 |
| JP2017506454A (ja) | 2017-03-02 |
| EP2905940B1 (en) | 2016-09-14 |
| CA2881575A1 (en) | 2015-04-20 |
| EP2905940A1 (en) | 2015-08-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107005569B (zh) | 端对端服务层认证 | |
| EP2154825B1 (en) | Systems and methods for provisioning network devices | |
| CN112019647B (zh) | 一种获得设备标识的方法及装置 | |
| CA2881575C (en) | Network element authentication in communication networks | |
| CN104704789B (zh) | 网络认证 | |
| EP2506491B1 (en) | Encryption information transmission terminal | |
| EP3700124B1 (en) | Security authentication method, configuration method, and related device | |
| JP2019088026A (ja) | 公開キー機構を用いたサービス層におけるエンドツーエンド認証 | |
| CN112997447B (zh) | 用于无线设备的基于时间戳的接入处理 | |
| CN110198538B (zh) | 一种获得设备标识的方法及装置 | |
| CN109565441B (zh) | 一种用于通过使用第二通信设备来配置第一通信设备的方法 | |
| CN106304400A (zh) | 无线网络的ip地址分配方法和系统 | |
| JP7458470B2 (ja) | 通信制御装置 | |
| KR100972743B1 (ko) | 마니모의 이동 애드 혹 네트워크에 속한 이동 라우터 간에인증 토큰을 이용한 상호 인증 방법 | |
| CN104486082A (zh) | 认证方法和路由器 | |
| HK1213106B (en) | Network element authentication in communication networks | |
| JP6653484B2 (ja) | 認証装置、認証システム及び認証方法 | |
| HK1233106A (en) | Method and system for ip address allocation in wireless network | |
| HK1233106A1 (en) | Method and system for ip address allocation in wireless network | |
| WO2006080079A1 (ja) | 無線ネットワークシステムおよびそのユーザ認証方法 |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| MKLA | Lapsed |
Effective date: 20210831 |
|
| MKLA | Lapsed |
Effective date: 20200211 |