Abstract: A system and method for providing remote access to a device is disclosed. The method comprises receiving an automatically expiring authentication token having encrypted authentication token data including a session key from the device, transmitting the authentication token to secure facility, receiving the decrypted authentication token data from the secure facility, signing a tool package with a package verification key derived at least in part from the session key, the tool package comprising processor instructions providing remote access to the device when executed by the processor, providing the signed tool package to the device. The device verifies the signed tool package using the package verification key and executes the tool package only if the signature of the tool package is verified.

Abstract: A system and method for providing remote access to a device is disclosed. The method comprises receiving an automatically expiring authentication token having encrypted authentication token data including a session key from the device, transmitting the authentication token to secure facility, receiving the decrypted authentication token data from the secure facility, signing a tool package with a package verification key derived at least in part from the session key, the tool package comprising processor instructions providing remote access to the device when executed by the processor, providing the signed tool package to the device. The device verifies the signed tool package using the package verification key and executes the tool package only if the signature of the tool package is verified.

Abstract: A system and method for providing remote access to a device is disclosed. The method comprises receiving an automatically expiring authentication token having encrypted authentication token data including a session key from the device, transmitting the authentication token to secure facility, receiving the decrypted authentication token data from the secure facility, signing a tool package with a package verification key derived at least in part from the session key, the tool package comprising processor instructions providing remote access to the device when executed by the processor, providing the signed tool package to the device. The device verifies the signed tool package using the package verification key and executes the tool package only if the signature of the tool package is verified.

Abstract: Methods, systems, and computer readable media can be operable to facilitate the encryption of a device identifier using an identification property of a Soc. A unique identifier of a cable modem may be encrypted using a unique key or other unique property of a SoC associated with the cable modem. When an authentication process is initiated at the cable modem, the encrypted unique identifier of the cable modem may be decrypted using the unique key or other unique property of the SoC, thereby producing the unique identifier of the cable modem. The decrypted unique identifier of the cable modem may be output from the cable modem to an upstream controller during the authentication process. In embodiments, an obfuscation key may be used to encrypt and decrypt the unique identifier of the cable modem, and the obfuscation key may be generated using a unique identifier of the SoC.

Abstract: A system and method for providing remote access to a device is disclosed. The method comprises receiving an automatically expiring authentication token having encrypted authentication token data including a session key from the device, transmitting the authentication token to secure facility, receiving the decrypted authentication token data from the secure facility, signing a tool package with a package verification key derived at least in part from the session key, the tool package comprising processor instructions providing remote access to the device when executed by the processor, providing the signed tool package to the device. The device verifies the signed tool package using the package verification key and executes the tool package only if the signature of the tool package is verified.

Abstract: Methods, systems, and computer readable media can be operable to facilitate the encryption of a device identifier using an identification property of a Soc. A unique identifier of a cable modem may be encrypted using a unique key or other unique property of a SoC associated with the cable modem. When an authentication process is initiated at the cable modem, the encrypted unique identifier of the cable modem may be decrypted using the unique key or other unique property of the SoC, thereby producing the unique identifier of the cable modem. The decrypted unique identifier of the cable modem may be output from the cable modem to an upstream controller during the authentication process. In embodiments, an obfuscation key may be used to encrypt and decrypt the unique identifier of the cable modem, and the obfuscation key may be generated using a unique identifier of the SoC.

Abstract: Methods, systems, and computer readable media can be operable to facilitate the encryption of a device identifier using an identification property of a SoC. A unique identifier of a cable modem may be encrypted using a unique key or other unique property of a SoC associated with the cable modem. When an authentication process is initiated at the cable modem, the encrypted unique identifier of the cable modem may be decrypted using the unique key or other unique property of the SoC, thereby producing the unique identifier of the cable modem. The decrypted unique identifier of the cable modem may be output from the cable modem to an upstream controller during the authentication process. In embodiments, an obfuscation key may be used to encrypt and decrypt the unique identifier of the cable modem, and the obfuscation key may be generated using a unique identifier of the SoC.

Abstract: Methods, systems, and computer readable media can be operable to facilitate the encryption of a device identifier using an identification property of a SoC. A unique identifier of a cable modem may be encrypted using a unique key or other unique property of a SoC associated with the cable modem. When an authentication process is initiated at the cable modem, the encrypted unique identifier of the cable modem may be decrypted using the unique key or other unique property of the SoC, thereby producing the unique identifier of the cable modem. The decrypted unique identifier of the cable modem may be output from the cable modem to an upstream controller during the authentication process. In embodiments, an obfuscation key may be used to encrypt and decrypt the unique identifier of the cable modem, and the obfuscation key may be generated using a unique identifier of the SoC.

Abstract: Methods, systems, and computer readable media can be operable to facilitate the encryption of a device identifier using an identification property of a SoC. A unique identifier of a cable modem may be encrypted using a unique key or other unique property of a SoC associated with the cable modem. When an authentication process is initiated at the cable modem, the encrypted unique identifier of the cable modem may be decrypted using the unique key or other unique property of the SoC, thereby producing the unique identifier of the cable modem. The decrypted unique identifier of the cable modem may be output from the cable modem to an upstream controller during the authentication process. In embodiments, an obfuscation key may be used to encrypt and decrypt the unique identifier of the cable modem, and the obfuscation key may be generated using a unique identifier of the SoC.

Abstract: Methods, systems, and computer readable media may be operable to facilitate the automatic configuration of a network extender with network parameters. An access point may identify a network extender and may determine whether the identified network extender is configured for an automatic configuration of network parameters based upon device description information retrieved during the identification of the network extender. The access point may output a configuration message to the identified network extender, the configuration message including one or more parameters associated with a network provided by the access point, and the network extender may apply the one or more parameters. The access point may periodically or conditionally provide the network extender with updates to the network parameters.

Abstract: Methods, systems, and computer readable media can be operable to facilitate the provisioning of a device using an embedded cable modem media access control (MAC) address. An optical network unit (ONU) may include an embedded cable modem, wherein the embedded cable modem has a dedicated MAC address. Provisioning servers may provide identical configuration files to a virtual cable modem at an optical line termination (OLT) and the embedded cable modem at the ONU. The embedded cable modem MAC address, along with an associated Internet protocol (IP) stack, enables traditional DOCSIS cable modem provisioning and management over a passive optical network.

Abstract: Methods, systems, and computer readable media may be operable to facilitate the management of connections between one or more client devices and an access point over one or more service sets. An access point may maintain a list of client devices that have successfully associated with a private service set broadcast from the access point, and when a client device from the list attempts to connect to a public service set broadcast from the access point, the access point may deny the client device's attempt to connect to the public service set. Attempts by the client device to join the public service set may be denied for a predetermined number of attempts or a predetermined period of time. Denying an attempt to connect to a public service set may provide a client device with more opportunities to connect to a private service set broadcast from a corresponding access point.

Abstract: Methods, systems, and computer readable media can be operable to facilitate the encryption of a device identifier using an identification property of a SoC. A unique identifier of a cable modem may be encrypted using a unique key or other unique property of a SoC associated with the cable modem. When an authentication process is initiated at the cable modem, the encrypted unique identifier of the cable modem may be decrypted using the unique key or other unique property of the SoC, thereby producing the unique identifier of the cable modem. The decrypted unique identifier of the cable modem may be output from the cable modem to an upstream controller during the authentication process. In embodiments, an obfuscation key may be used to encrypt and decrypt the unique identifier of the cable modem, and the obfuscation key may be generated using a unique identifier of the SoC.

Abstract: Methods, systems, and computer readable media may be operable to facilitate the management of connections between one or more client devices and an access point over one or more service sets. An access point may maintain a list of client devices that have successfully associated with a private service set broadcast from the access point, and when a client device from the list attempts to connect to a public service set broadcast from the access point, the access point may deny the client device's attempt to connect to the public service set. Attempts by the client device to join the public service set may be denied for a predetermined number of attempts or a predetermined period of time. Denying an attempt to connect to a public service set may provide a client device with more opportunities to connect to a private service set broadcast from a corresponding access point.

Abstract: Methods, systems, and computer readable media may be operable to facilitate the management of connections between one or more client devices and an access point over one or more service sets. An access point may maintain a list of client devices that have successfully associated with a private service set broadcast from the access point, and when a client device from the list attempts to connect to a public service set broadcast from the access point, the access point may deny the client device's attempt to connect to the public service set. Attempts by the client device to join the public service set may be denied for a predetermined number of attempts or a predetermined period of time. Denying an attempt to connect to a public service set may provide a client device with more opportunities to connect to a private service set broadcast from a corresponding access point.

Abstract: A communication protocol specification is divided into subsets of parameters based on patterns established by equipment vendors. A combination of subsets is selected based on parameters and features supported by particular network devices installed in a network. A user interface facilitates convenient creation or modification of a configuration file, which instructs a network device how to format a communication message and what information is to be contained therein. After the configuration file is loaded into a device, it controls software switches in the device such that features and parameters corresponding to the parameters selected with the user interface and controlled by the switches are either enabled or disable based on the parameters selected. Supported parameter combinations for popular equipment may be prestored so that selection with the interface of a particular piece of equipment automatically edits the configuration file according to the features and parameters supported by said equipment.

Abstract: Methods, systems, and computer readable media can be operable to facilitate the management of access point transmissions based upon priority of traffic. An access point may periodically cycle between aggressive phases, during which the access point contends for downstream transmission opportunities aggressively, and background phases, during which the access point contends for downstream transmission opportunities passively. The access point may alternate between aggressive and background phases based upon a priority level of received packets, services, and/or clients. The access point may also alternate between aggressive and background phases based upon the congestion level and/or health of an associated network.

Abstract: Methods, systems, and computer readable media can be operable to facilitate the provisioning of a device using an embedded cable modem media access control (MAC) address. An optical network unit (ONU) may include an embedded cable modem, wherein the embedded cable modem has a dedicated MAC address. Provisioning servers may provide identical configuration files to a virtual cable modem at an optical line termination (OLT) and the embedded cable modem at the ONU. The embedded cable modem MAC address, along with an associated Internet protocol (IP) stack, enables traditional DOCSIS cable modem provisioning and management over a passive optical network.

Abstract: Methods, systems, and computer readable media may be operable to facilitate the automatic configuration of a network extender with network parameters. An access point may identify a network extender and may determine whether the identified network extender is configured for an automatic configuration of network parameters based upon device description information retrieved during the identification of the network extender. The access point may output a configuration message to the identified network extender, the configuration message including one or more parameters associated with a network provided by the access point, and the network extender may apply the one or more parameters. The access point may periodically or conditionally provide the network extender with updates to the network parameters.

Abstract: Methods, systems, and computer readable media may be operable to facilitate the management of connections between one or more client devices and an access point over one or more service sets. An access point may maintain a list of client devices that have successfully associated with a private service set broadcast from the access point, and when a client device from the list attempts to connect to a public service set broadcast from the access point, the access point may deny the client device's attempt to connect to the public service set. Attempts by the client device to join the public service set may be denied for a predetermined number of attempts or a predetermined period of time. Denying an attempt to connect to a public service set may provide a client device with more opportunities to connect to a private service set broadcast from a corresponding access point.