ATE513403T1 - System und verfahren zur provisionierung und authentifizierung über ein netzwerk - Google Patents

System und verfahren zur provisionierung und authentifizierung über ein netzwerk

Info

Publication number
ATE513403T1
ATE513403T1 AT04794759T AT04794759T ATE513403T1 AT E513403 T1 ATE513403 T1 AT E513403T1 AT 04794759 T AT04794759 T AT 04794759T AT 04794759 T AT04794759 T AT 04794759T AT E513403 T1 ATE513403 T1 AT E513403T1
Authority
AT
Austria
Prior art keywords
network
party
tunnel
provisioning
secure
Prior art date
Application number
AT04794759T
Other languages
English (en)
Inventor
Winget Nancy Cam
Hao Zhou
Mark Krischer
Joseph Salowey
Jeremy Stieglitz
Saar Gillai
Padmanabha Jakkahalli
Original Assignee
Cisco Tech Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Cisco Tech Inc filed Critical Cisco Tech Inc
Application granted granted Critical
Publication of ATE513403T1 publication Critical patent/ATE513403T1/de

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1458Denial of Service
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/30Security of mobile devices; Security of mobile applications
    • H04W12/35Protecting application or service provisioning, e.g. securing SIM application provisioning

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Small-Scale Networks (AREA)
  • Storage Device Security (AREA)
AT04794759T 2003-12-01 2004-10-12 System und verfahren zur provisionierung und authentifizierung über ein netzwerk ATE513403T1 (de)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US10/724,995 US20050120213A1 (en) 2003-12-01 2003-12-01 System and method for provisioning and authenticating via a network
PCT/US2004/033489 WO2005057878A1 (en) 2003-12-01 2004-10-12 System and method for provisioning and authenticating via a network

Publications (1)

Publication Number Publication Date
ATE513403T1 true ATE513403T1 (de) 2011-07-15

Family

ID=34620194

Family Applications (1)

Application Number Title Priority Date Filing Date
AT04794759T ATE513403T1 (de) 2003-12-01 2004-10-12 System und verfahren zur provisionierung und authentifizierung über ein netzwerk

Country Status (7)

Country Link
US (2) US20050120213A1 (de)
EP (1) EP1698141B1 (de)
CN (1) CN1883176B (de)
AT (1) ATE513403T1 (de)
AU (1) AU2004297933B2 (de)
CA (1) CA2546553C (de)
WO (1) WO2005057878A1 (de)

Families Citing this family (55)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040218762A1 (en) * 2003-04-29 2004-11-04 Eric Le Saint Universal secure messaging for cryptographic modules
MXPA05009691A (es) * 2003-03-18 2006-04-28 Thomson Licensing Manejo de conexion de senalizacion de acoplamiento firme para acoplar una red inalambrica con una red celular.
US7735120B2 (en) * 2003-12-24 2010-06-08 Apple Inc. Server computer issued credential authentication
GB0400694D0 (en) * 2004-01-13 2004-02-18 Nokia Corp A method of connection
US7673143B1 (en) * 2004-02-24 2010-03-02 Sun Microsystems, Inc. JXTA rendezvous as certificate of authority
US8867745B2 (en) * 2004-03-18 2014-10-21 Qualcomm Incorporated Efficient transmission of cryptographic information in secure real time protocol
US7549048B2 (en) * 2004-03-19 2009-06-16 Microsoft Corporation Efficient and secure authentication of computing systems
US8146142B2 (en) * 2004-09-03 2012-03-27 Intel Corporation Device introduction and access control framework
CA2586816C (en) * 2004-11-11 2013-03-26 Certicom Corp. Secure interface for versatile key derivation function support
CN100450019C (zh) * 2005-07-08 2009-01-07 技嘉科技股份有限公司 无线局域网络的安全设定方法
EP1910970A4 (de) * 2005-07-29 2011-04-27 Identity Engines Inc Identitätsverwaltung eines segmentierten netzwerks
US20110078764A1 (en) * 2005-09-15 2011-03-31 Guillaume Bichot Tight coupling signaling connection management for coupling a wireless network with a cellular network
US8391153B2 (en) * 2006-02-17 2013-03-05 Cisco Technology, Inc. Decoupling radio resource management from an access gateway
CN101496387B (zh) 2006-03-06 2012-09-05 思科技术公司 用于移动无线网络中的接入认证的***和方法
US7958368B2 (en) * 2006-07-14 2011-06-07 Microsoft Corporation Password-authenticated groups
US7966489B2 (en) * 2006-08-01 2011-06-21 Cisco Technology, Inc. Method and apparatus for selecting an appropriate authentication method on a client
US20080070544A1 (en) * 2006-09-19 2008-03-20 Bridgewater Systems Corp. Systems and methods for informing a mobile node of the authentication requirements of a visited network
US8607058B2 (en) * 2006-09-29 2013-12-10 Intel Corporation Port access control in a shared link environment
US8976672B2 (en) 2006-10-03 2015-03-10 Cisco Technology, Inc. Efficiently decoupling reservation and data forwarding of data flows in a computer network
US8583923B2 (en) * 2006-12-08 2013-11-12 Toshiba America Research, Inc. EAP method for EAP extension (EAP-EXT)
US8763088B2 (en) 2006-12-13 2014-06-24 Rockstar Consortium Us Lp Distributed authentication, authorization and accounting
US8356176B2 (en) 2007-02-09 2013-01-15 Research In Motion Limited Method and system for authenticating peer devices using EAP
US7941831B2 (en) * 2007-02-09 2011-05-10 Microsoft Corporation Dynamic update of authentication information
US8307411B2 (en) 2007-02-09 2012-11-06 Microsoft Corporation Generic framework for EAP
EP1956791A1 (de) * 2007-02-09 2008-08-13 Research In Motion Limited Verfahren und System zur Authentifizierung von Peer-Vorrichtungen mittels EAP
US20090228963A1 (en) * 2007-11-26 2009-09-10 Nortel Networks Limited Context-based network security
US8621561B2 (en) * 2008-01-04 2013-12-31 Microsoft Corporation Selective authorization based on authentication input attributes
US8341433B2 (en) * 2008-01-04 2012-12-25 Dell Products L.P. Method and system for managing the power consumption of an information handling system
US10146926B2 (en) * 2008-07-18 2018-12-04 Microsoft Technology Licensing, Llc Differentiated authentication for compartmentalized computing resources
US8578465B2 (en) * 2009-07-21 2013-11-05 Cisco Technology, Inc. Token-based control of permitted sub-sessions for online collaborative computing sessions
CN101997683B (zh) * 2009-08-10 2012-07-04 北京多思科技发展有限公司 一种零知识证明的认证方法及认证装置
CN101997680B (zh) * 2009-08-10 2012-12-26 北京多思科技发展有限公司 一种直接支持证书管理的安全芯片
US8452877B2 (en) * 2010-04-28 2013-05-28 Lenovo (Singapore) Pte. Ltd. Establishing a remote desktop
US9098850B2 (en) 2011-05-17 2015-08-04 Ping Identity Corporation System and method for transaction security responsive to a signed authentication
EP2710540A1 (de) 2011-05-17 2014-03-26 Accells Technologies (2009) Ltd. System und verfahren zur durchführung einer sicheren transaktion
US8346672B1 (en) 2012-04-10 2013-01-01 Accells Technologies (2009), Ltd. System and method for secure transaction process via mobile device
US8990892B2 (en) 2011-07-06 2015-03-24 Cisco Technology, Inc. Adapting extensible authentication protocol for layer 3 mesh networks
CA2883318A1 (en) 2011-08-31 2013-03-07 Ping Identity Corporation System and method for secure transaction process via mobile device
US9247569B2 (en) * 2012-09-06 2016-01-26 Intel Corporation Management and optimization of wireless communications multiplexed over multiple layer-three transports with indefinite duration layer-two sessions
CZ2013373A3 (cs) * 2013-05-22 2014-12-03 Anect A.S. Způsob autentizace bezpečného datového kanálu
CZ309308B6 (cs) 2013-07-12 2022-08-17 Aducid S.R.O. Způsob zadávání tajné informace do elektronických digitálních zařízení
US9866339B1 (en) * 2013-10-24 2018-01-09 Marvell Israel (M.I.S.L) Ltd. Method and apparatus for securing clock synchronization in a network
US9258117B1 (en) * 2014-06-26 2016-02-09 Amazon Technologies, Inc. Mutual authentication with symmetric secrets and signatures
US9619670B1 (en) * 2015-01-09 2017-04-11 Github, Inc. Detecting user credentials from inputted data
US9781105B2 (en) 2015-05-04 2017-10-03 Ping Identity Corporation Fallback identity authentication techniques
US10122692B2 (en) 2015-06-16 2018-11-06 Amazon Technologies, Inc. Handshake offload
US10122689B2 (en) 2015-06-16 2018-11-06 Amazon Technologies, Inc. Load balancing with handshake offload
US10129223B1 (en) * 2016-11-23 2018-11-13 Amazon Technologies, Inc. Lightweight encrypted communication protocol
US10630682B1 (en) 2016-11-23 2020-04-21 Amazon Technologies, Inc. Lightweight authentication protocol using device tokens
CN108123917B (zh) * 2016-11-29 2021-07-23 ***通信有限公司研究院 一种物联网终端的认证凭证更新的方法及设备
CN108429700B (zh) * 2017-02-13 2021-04-20 华为技术有限公司 一种发送报文的方法及装置
CN107294712B (zh) * 2017-07-24 2020-01-31 北京中测安华科技有限公司 一种密钥协商的方法及装置
US10789364B2 (en) * 2018-05-02 2020-09-29 Nxp B.V. Method for providing an authenticated update in a distributed network
US20210314293A1 (en) * 2020-04-02 2021-10-07 Hewlett Packard Enterprise Development Lp Method and system for using tunnel extensible authentication protocol (teap) for self-sovereign identity based authentication
US11956635B2 (en) 2022-01-20 2024-04-09 Hewlett Packard Enterprise Development Lp Authenticating a client device

Family Cites Families (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
ATE297645T1 (de) * 1999-10-22 2005-06-15 Ericsson Telefon Ab L M Mobiltelefon mit eingebauter sicherheitsfirmware
US20040049585A1 (en) * 2000-04-14 2004-03-11 Microsoft Corporation SERVER SIDE CONFIGURATION OF CLIENT IPSec LIFETIME SECURITY PARAMETERS
US6978298B1 (en) * 2000-05-25 2005-12-20 International Business Machines Corporation Method and apparatus for managing session information in a data processing system
US20020157024A1 (en) * 2001-04-06 2002-10-24 Aki Yokote Intelligent security association management server for mobile IP networks
KR100763131B1 (ko) * 2001-12-22 2007-10-04 주식회사 케이티 공중 무선랜 서비스를 위한 망접속 및 서비스 등록 방법
US7529933B2 (en) * 2002-05-30 2009-05-05 Microsoft Corporation TLS tunneling
US7221757B2 (en) * 2002-08-15 2007-05-22 Opentv, Inc. Method and system for accelerated data encryption
US7779152B2 (en) * 2003-01-24 2010-08-17 Nokia Corporation Establishing communication tunnels
US20040268126A1 (en) * 2003-06-24 2004-12-30 Dogan Mithat C. Shared secret generation for symmetric key cryptography
US7788480B2 (en) * 2003-11-05 2010-08-31 Cisco Technology, Inc. Protected dynamic provisioning of credentials
US20050098581A1 (en) * 2003-11-06 2005-05-12 Long John N. Foam generation assembly

Also Published As

Publication number Publication date
US20140237247A1 (en) 2014-08-21
CA2546553A1 (en) 2005-06-23
WO2005057878A1 (en) 2005-06-23
EP1698141A1 (de) 2006-09-06
EP1698141B1 (de) 2011-06-15
US20050120213A1 (en) 2005-06-02
AU2004297933A1 (en) 2005-06-23
CA2546553C (en) 2011-12-06
CN1883176A (zh) 2006-12-20
CN1883176B (zh) 2010-12-22
AU2004297933B2 (en) 2010-01-07

Similar Documents

Publication Publication Date Title
ATE513403T1 (de) System und verfahren zur provisionierung und authentifizierung über ein netzwerk
ES2706540T3 (es) Sistema de credenciales de equipos de usuario
ES2769528T3 (es) Autentificación de usuarios
DK1348280T3 (en) Approval data communications
WO2008048179A3 (en) Cryptographic key management in communication networks
WO2005006629A3 (en) Terminal authentication in a wireless network
WO2004051964A3 (en) Tunneled authentication protocol for preventing man-in-the-middle attacks
WO2005065132A3 (en) System, method, and devices for authentication in a wireless local area network (wlan)
AU2003239059A1 (en) An arrangement and a method relating to ip network access
CA2517474A1 (en) Fast re-authentication with dynamic credentials
ATE417470T1 (de) Bootstrapping-authentifikation unter verwendung distinguierter zufallsabfragen
WO2002033884A3 (en) Method and apparatus for providing a key distribution center
US20080037486A1 (en) Methods And Apparatus Managing Access To Virtual Private Network For Portable Devices Without Vpn Client
WO2008078101A3 (en) Method and device for mutual authentication
JP2006345205A (ja) 無線lan接続管理方法、無線lan接続管理システム及び設定用無線中継装置
US11711693B2 (en) Non-3GPP device access to core network
EP3844929B1 (de) Nicht-3gpp-vorrichtungszugriff auf das kernnetzwerk
NO20080870L (no) Autentisering og autorisering av en ekstern klient
ATE536059T1 (de) Verfahren zur sicherung von austauschprozessen zwischen einem sendeknoten und empfangsknoten
CA2655073A1 (en) Methods and apparatus for use in obtaining a digital certificate for a mobile communication device
KR20100133469A (ko) 인증 및 키 동의 메커니즘에 기초하여 커베로스 가능한 애플리케이션으로의 인증된 사용자 액세스를 위한 방법 및 장치
CA2655078A1 (en) Methods and apparatus for use in enabling a mobile communication device with a digital certificate
JP5388088B2 (ja) 通信端末装置、管理装置、通信方法、管理方法及びコンピュータプログラム。
JP2007189422A (ja) 無線lanにおける相互認証方法、および、相互認証を行うアクセスポイントとステーション
Kumar et al. Analysis and literature review of IEEE 802.1 x (Authentication) protocols

Legal Events

Date Code Title Description
RER Ceased as to paragraph 5 lit. 3 law introducing patent treaties