Embodiments of the present invention relate in general to the field of granting network access to user devices. In particular, embodiments of the invention relate to methods for simplifying the process of granting network access to multiple devices of a same owner.
Usual authentication methods for granting network access to (wireless or wired) user devices are known to rely on: (i) a pre-shared key (or PSK) that is the same for all users and devices or (ii) user-specific credentials (e.g., cryptographic key, or user ID and password).
A disadvantage of using a PSK is that it cannot be revoked for individual users or devices. A user can even pass it on to other users, unbeknown to the network operator. Also, a PSK needs to be configured in each device that needs network access. Changing the PSK requires to update it in all devices. Nevertheless, a PSK is perhaps, today, the prevalent authentication method for residential networks.
On the other hand, using user-specific credentials is a common authentication method in enterprise networks. User-specific credentials require an authentication server for user management, a thing that is usually too burdensome for most private households. Each user who wants to access the network needs an account with credentials on the authentication server and the user needs to configure the credentials in each of her/his devices. Guests typically do not have accounts on the server, so that a new account must be created for each guest, who then needs to enter credentials in each of their devices.