Authorizing physical access-links for secure network connections

摘要

A method of authenticating a network link of a first device to a second device is described. The method includes communicating a challenge request including a challenge value from the first device to the second device, wherein challenge value is unique to the challenge request. The method further includes receiving a challenge response from the second device, in which the challenge response includes encrypted data pertaining to the first device, and authenticating the network link based on the first device decrypting the encrypted data included in the challenge response from the second device.

主权项

1. A method comprising:
communicating a challenge request including a challenge value from a first device to a second device over a physical link in an open systems interconnection model (OSI) layer three architecture, the challenge value being unique to the challenge request; receiving, from the second device, a challenge response including encrypted data pertaining to the first device, the encrypted data including a link identifier identifying the physical link based on a physical location of the first device with respect to the physical link, wherein at least a portion of the challenge response is encrypted using a private key associated with the second device to create the encrypted data, and wherein the challenge response includes the challenge value received from the challenge request and a hash value; decrypting the encrypted data included in the challenge response from the second device; and authenticating, using one or more hardware processors, a secure connection associated with the physical link in the (OSI) layer three architecture, by authenticating the link identifier identifying the physical link, based on an expected link identifier, wherein the authenticating includes decrypting the encrypted portion of the challenge response using a public key associated with the private key.