| 发明名称 | Application layer authentication in packet networks | ||
| 摘要 | In a communication network, assume a first computing device is an end user device, a second computing device is a gateway server, and a third computing device is an application server. A method comprises the following steps. The second computing device authenticates one or more packets received from the first computing device. The second computing device marks the one or more packets with a first-layer identity before routing the one or more packets toward the third computing device such that the third computing device is able to authenticate the one or more packets from the first computing device by confirming an association between the first-layer identity and a second-layer identity. For example, the first-layer identity may comprise a link layer identity assigned to the first computing device and the second-layer identity may comprise an application layer identity assigned to the first computing device. | ||
| 申请公布号 | US8973125(B2) | 申请公布日期 | 2015.03.03 |
| 申请号 | US201012790143 | 申请日期 | 2010.05.28 |
| 申请人 | Alcatel Lucent | 发明人 | Faynberg Igor;Lu Hui-Lan |
| 分类号 | G06F15/16;H04L29/06;H04W12/06;H04W88/16 | 主分类号 | G06F15/16 |
| 代理机构 | Ryan, Mason & Lewis, LLP | 代理人 | Ryan, Mason & Lewis, LLP |
| 主权项 | 1. A method, comprising: in a communication network wherein a first computing device is an end user device, a second computing device is a gateway server, and a third computing device is an application server; the second computing device authenticating one or more packets received from the first computing device; and the second computing device marking the one or more packets with a first-layer identity before routing the one or more packets toward the third computing device such that the third computing device is able to authenticate the one or more packets from the first computing device by confirming an association between the first-layer identity and a second-layer identity; wherein the first-layer identity comprises an identity associated with a first layer and the second-layer identity comprises an identity associated with a second layer, the first layer being different from the second layer; wherein the first-layer identity comprises a link layer identity assigned to the first computing device; wherein the second-layer identity comprises an application layer identity assigned to the first computing device; and wherein the second computing device further marks the one or more packets with a gateway identity of the second computing device such that the one or more packets are marked with a label that comprises the first-layer identity of the end user device and said gateway identity. | ||
| 地址 | Boulogne-Billancourt FR | ||