최소 단어 이상 선택하여야 합니다.
최대 10 단어까지만 선택 가능합니다.
다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
NTIS 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
DataON 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Edison 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Kafe 바로가기국가/구분 | United States(US) Patent 등록 |
---|---|
국제특허분류(IPC7판) |
|
출원번호 | US-0447656 (2012-04-16) |
등록번호 | US-8635444 (2014-01-21) |
발명자 / 주소 |
|
출원인 / 주소 |
|
인용정보 | 피인용 횟수 : 0 인용 특허 : 318 |
A technique for improving authentication speed when a client roams from a first authentication domain to a second authentication domain involves coupling authenticators associated with the first and second authentication domains to an authentication server. A system according to the technique may in
A technique for improving authentication speed when a client roams from a first authentication domain to a second authentication domain involves coupling authenticators associated with the first and second authentication domains to an authentication server. A system according to the technique may include, for example, a first authenticator using an encryption key to ensure secure network communication, a second authenticator using the same encryption key to ensure secure network communication, and a server coupled to the first authenticator and the second authenticator wherein the server distributes, to the first authenticator and the second authenticator, information to extract the encryption key from messages that a client sends to the first authenticator and the second authenticator.
1. An apparatus comprising: a first authenticator configured to be coupled to a server, the first authenticator configured to be coupled to a second authenticator that is configured to (1) receive a first message including an encryption key from a client, and (2) send a signal configured to establis
1. An apparatus comprising: a first authenticator configured to be coupled to a server, the first authenticator configured to be coupled to a second authenticator that is configured to (1) receive a first message including an encryption key from a client, and (2) send a signal configured to establish communication between the client and a network based on the encryption key and extraction information, the first authenticator configured to receive, from the client, a second message including the encryption key,the first authenticator configured to send a third message to the server in response to the second message,the first authenticator configured to receive the extraction information from the server in response to the third message,the first authenticator configured to send a signal configured to establish communication between the client and the network based on the encryption key and the extraction information. 2. The apparatus of claim 1, wherein the first authenticator is implemented in a switch or an access point within the network. 3. The apparatus of claim 1, wherein: the encryption key is encrypted by a client-generated key in the second message,the client-generated key is encrypted, in the second message, by a key associated with the client and the server. 4. The apparatus of claim 1, wherein: the encryption key is encrypted by a client-generated key in the second message,the third message includes the client-generated key encrypted by a key associated with the client and the server. 5. The apparatus of claim 1, wherein: the encryption key is encrypted by a client-generated key in the second message,the extraction information includes the client-generated key encrypted by a key associated with the first authenticator and the server. 6. The apparatus of claim 1, wherein: the encryption key is encrypted by a client-generated key in the second message,the first authenticator is configured to decrypt and extract the client-generated key from the extraction information using a key associated with the first authenticator and the server. 7. The apparatus of claim 1, wherein the first authenticator is configured to extract the encryption key from the second message based on the extraction information. 8. The apparatus of claim 1, wherein: the third message includes an identifier of the first authenticator,the first authenticator is configured to receive the extraction information from the server in response to the identifier of the first authenticator being verified at the server. 9. The apparatus of claim 1, wherein the first authenticator and the second authenticator are included in different authentication domains. 10. An apparatus comprising: a server operatively coupled to a first authenticator and a second authenticator, the server configured to receive a first message including a first key associated with a client from the first authenticator,the server configured to send a second message including the first key to the first authenticator in response to the first message such that secure communication is established between the client and the first authenticator using an encryption key,the server configured to receive a third message including a second key associated with the client from the second authenticator,the server configured to send a fourth message including the second key to the second authenticator in response to the third message such that secure communication is established between the client and the second authenticator using the encryption key. 11. The apparatus of claim 10, wherein: the server is configured to extract the first key from the first message using a third key associated with the client and the server,the server is configured to extract the second key from the third message using the third key. 12. The apparatus of claim 10, wherein: the server is configured to encrypt the first key in the second message using a fourth key associated with the first authenticator and the server,the server is configured to encrypt the second key in the fourth message using a fifth key associated with the second authenticator and the server. 13. The apparatus of claim 10, wherein: the first message includes an identifier of the first authenticator,the server is configured to verify the identifier of the first authenticator, the server configured to send the second message to the first authenticator in response to the identifier of the first authenticator being verified. 14. The apparatus of claim 10, wherein the first authenticator and the second authenticator are included in different authentication domains. 15. A method, comprising: receive, from an authenticator at a server, a first message including cryptographic data including a first key and an identifier of the authenticator in response to the authenticator receiving from a client a second message including cryptographic data having the first key and a second key;extract the first key and the identifier of the authenticator from the first message at the server;if the identifier of the authenticator is verified at the server, encrypt the first key, in a third message at the server, by a key associated with the authenticator and the server; andsend the third message from the server to the authenticator such that the authenticator extracts the first key from the third message, extracts the second key from the second message using the first key, and sends a signal configured to establish secure communication between the client and a network associated with the authenticator using the second key. 16. The method of claim 15, wherein the second key is encrypted by the first key in the second message. 17. The method of claim 15, wherein the first key is encrypted, in the first message and the second message, by a key associated with the client and the server. 18. The method of claim 15, wherein: the authenticator is a first authenticator associated with the network,at a time before the second message is received at the first authenticator, the client is authenticated at a second authenticator associated with the network and secure communication is established between the client and the network using the second key. 19. The method of claim 15, wherein the authenticator is implemented in a network switch or an access point. 20. The method of claim 15, wherein the first key is randomly generated at the client.
Copyright KISTI. All Rights Reserved.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.