Abstract: A method authenticates nodes in a communication network of an automation installation. Respective authentication information is transmitted to an authentication server, which takes the authentication information as a basis for admitting or rejecting the nodes in the communication network as subscribers. In order to be able to perform an authentication of a node even in a communication network configured with redundancy, the communication network contains multiple nodes, each of which has at least two communication ports. The communication network executes a spanning tree protocol and at least two of the nodes use their mutually facing communication ports to interchange authentication requests and send the respective received authentication information to an authentication server, connected to the communication network, that uses the respective received authentication information to perform a check on the authenticity of the node and admits or rejects the node in the communication network based on the check.

Abstract: A method authenticates a device in a communication network. The method includes transmitting authentication information which indicates the device to an authentication server, which permits or rejects the device as a subscriber in the communication network on the basis of the authentication information. In order that an authentication of a device can also be carried out in a communication network configured with redundancy, the communication network contains two subnetworks. The device is connected to both subnetworks for redundant data transmission. At the start, the device sends authentication requests to access points arranged in the first subnetworks. The access points send the respective received authentication information to an authentication server, which authentication server in each case carries out a check of the authenticity of the device on the basis of the respective received authentication information and, as the result of the check, permits or rejects the device as a subscriber.

Abstract: A method authenticates a device in a communication network of an automation installation, in which authentication information indicating the device is transmitted to an authentication server that admits or rejects the device in the communication network as a subscriber. To perform an authentication of the device in a communication network configured with redundancy, the communication network has a communication ring that, besides the device, has first and second neighbor devices. At the start of the authentication the device sends authentication requests containing the authentication information to the neighbor devices. The neighbor devices duplicate the authentication information and send it via the communication ring in both transmission directions to an authentication server which uses the authentication information to perform a respective check on the authenticity of the device and admits or rejects the device in the communication network as a subscriber as the result of the check.

Abstract: A method authenticates nodes in a communication network of an automation installation. Respective authentication information is transmitted to an authentication server, which takes the authentication information as a basis for admitting or rejecting the nodes in the communication network as subscribers. In order to be able to perform an authentication of a node even in a communication network configured with redundancy, the communication network contains multiple nodes, each of which has at least two communication ports. The communication network executes a spanning tree protocol and at least two of the nodes use their mutually facing communication ports to interchange authentication requests and send the respective received authentication information to an authentication server, connected to the communication network, that uses the respective received authentication information to perform a check on the authenticity of the node and admits or rejects the node in the communication network based on the check.