| CPC H04L 63/0815 (2013.01) [H04L 9/3263 (2013.01); H04L 63/0823 (2013.01); H04L 63/083 (2013.01); H04L 63/0876 (2013.01)] | 18 Claims |
|
1. A method for authenticating a device for zero sign-on (ZSO) access to a service available through one or more access points, the method comprising:
(i-a) ensuring an Internet Protocol (IP) subnet address of the device matches an IP subnet address of a first access point of the one or more access points;
(i-b) determining a Media Access Control (MAC) address for the first access point as being associated with the device when a mapping of device IP addresses and MAC addresses performed upstream of the first access point maps a device IP address of the device to the MAC address of the first access point;
(ii) identifying the first access point and the device as falling within a trusted domain when the subnet address of the device matches the subnet address of the first access point in step (i-a) and the MAC address of the first access point is determined to be associated with the device in step (i-b); and
(iii) facilitating transport of a trust credential to the device when the first access point and the device fall within the trusted domain, thereby enabling the device to use the trust credential to facilitate ZSO access to the service,
wherein the mappings of the device IP addresses and the MAC addresses is generated prior to a credential request being issued from the device to the first access point, the credential request being used to request transport of the trust credential, to the device, and
wherein the credential request includes the MAC address of the first access point.
|