公开(公告)号：US08800010B2

公开(公告)日：2014-08-05

申请号：US13451918

申请日：2012-04-20

申请人： Jonathan W. Hui ,  Anjum Ahuja ,  Krishna Kondaka ,  Wei Hong

发明人： Jonathan W. Hui ,  Anjum Ahuja ,  Krishna Kondaka ,  Wei Hong

IPC分类号： H04L9/16

CPC分类号： H04L63/08 ,  H04L9/0866

摘要： In one embodiment, each security protocol supplicant in a computer network determines its group temporal key (GTK) state, and exchanges the GTK state with one or more neighbor supplicants in the computer network. Based on the exchange, a supplicant may determine whether any inconsistencies exist in its GTK state, and in response to any inconsistencies in the GTK state, may perform a GTK state synchronization with a security protocol authenticator by indicating to the authenticator what is needed to resolve the inconsistent GTK state at the particular supplicant. In another embodiment, the authenticator, which is configured to not store per-supplicant GTK state, may transmit beacons containing GTK identifiers (IDs) of GTKs currently enabled on the authenticator, and also responds to supplicants having inconsistent GTK states with one or more needed GTKs as indicated by the supplicants.

摘要翻译： 在一个实施例中，计算机网络中的每个安全协议请求者确定其组时间密钥（GTK）状态，并且与计算机网络中的一个或多个邻居请求者交换GTK状态。 基于交换，请求者可以确定其GTK状态中是否存在任何不一致，并且响应于GTK状态中的任何不一致，可以通过向认证者指示需要解决什么来执行与安全协议认证器的GTK状态同步 特定请求方的GTK状态不一致。 在另一个实施例中，被配置为不存储每个请求者GTK状态的认证器可以传送包含认证器当前启用的GTK的GTK标识符（ID）的信标，并且还响应具有不一致的GTK状态的请求者，其中一个或多个需要 请求者指出的GTK。

公开(公告)号：US20130283360A1

公开(公告)日：2013-10-24

申请号：US13451918

申请日：2012-04-20

申请人： Jonathan W. Hui ,  Anjum Ahuja ,  Krishna Kondaka ,  Wei Hong

发明人： Jonathan W. Hui ,  Anjum Ahuja ,  Krishna Kondaka ,  Wei Hong

IPC分类号： G06F21/20

CPC分类号： H04L63/08 ,  H04L9/0866

摘要： In one embodiment, each security protocol supplicant in a computer network determines its group temporal key (GTK) state, and exchanges the GTK state with one or more neighbor supplicants in the computer network. Based on the exchange, a supplicant may determine whether any inconsistencies exist in its GTK state, and in response to any inconsistencies in the GTK state, may perform a GTK state synchronization with a security protocol authenticator by indicating to the authenticator what is needed to resolve the inconsistent GTK state at the particular supplicant. In another embodiment, the authenticator, which is configured to not store per-supplicant GTK state, may transmit beacons containing GTK identifiers (IDs) of GTKs currently enabled on the authenticator, and also responds to supplicants having inconsistent GTK states with one or more needed GTKs as indicated by the supplicants.

摘要翻译： 在一个实施例中，计算机网络中的每个安全协议请求者确定其组时间密钥（GTK）状态，并且与计算机网络中的一个或多个邻居请求者交换GTK状态。 基于交换，请求者可以确定其GTK状态中是否存在任何不一致，并且响应于GTK状态中的任何不一致，可以通过向认证者指示需要解决什么来执行与安全协议认证器的GTK状态同步 特定请求方的GTK状态不一致。 在另一个实施例中，被配置为不存储每个请求者GTK状态的认证器可以传送包含认证器当前启用的GTK的GTK标识符（ID）的信标，并且还响应具有不一致的GTK状态的请求者，其中一个或多个需要 请求者指出的GTK。

公开(公告)号：US09077772B2

公开(公告)日：2015-07-07

申请号：US13451897

申请日：2012-04-20

申请人： Jonathan W. Hui ,  Anjum Ahuja ,  Krishna Kondaka ,  Wei Hong

发明人： Jonathan W. Hui ,  Anjum Ahuja ,  Krishna Kondaka ,  Wei Hong

IPC分类号： G06F7/04 ,  H04L29/14 ,  H04L29/08 ,  H04L29/06 ,  G06F15/16

CPC分类号： H04L69/40 ,  H04L63/0846 ,  H04L67/12

摘要： In one embodiment, an authenticator in a communication network maintains a persistent authenticator epoch value that increments each time the authenticator restarts. The authenticator also maintains a persistent per-supplicant value for each supplicant of the authenticator, each per-supplicant value set to a current value of the authenticator epoch value each time the corresponding supplicant establishes a new security association with the authenticator. To communicate messages from the authenticator to a particular supplicant, each message uses a per-supplicant replay counter having a security association epoch counter and a message counter specific to the particular supplicant. In particular, the security association epoch counter for each message is set as a difference between the authenticator epoch value and the per-supplicant value for the particular supplicant when the message is communicated, while the message counter is incremented for each message communicated.

摘要翻译： 在一个实施例中，通信网络中的认证器维护持续认证器时期值，其在每次验证器重新启动时递增。 认证者还为认证者的每个请求者维护持续的每个请求者的值，每次请求方的值都被设置为每次请求方与认证者建立新的安全关联时的认证者时期值的当前值。 为了将来自认证者的消息传递给特定的请求者，每个消息使用具有安全关联时计数器和特定请求者特定的消息计数器的每个请求者重播计数器。 特别地，当消息被传送时，每个消息的安全关联时代计数器被设置为特定请求者的认证者时期值和每个请求者的值之间的差异，同时消息计数器对于传达的每个消息而增加。

公开(公告)号：US20130283347A1

公开(公告)日：2013-10-24

申请号：US13451897

申请日：2012-04-20

申请人： Jonathan W. Hui ,  Anjum Ahuja ,  Krishna Kondaka ,  Wei Hong

发明人： Jonathan W. Hui ,  Anjum Ahuja ,  Krishna Kondaka ,  Wei Hong

IPC分类号： H04L29/06

CPC分类号： H04L69/40 ,  H04L63/0846 ,  H04L67/12

摘要： In one embodiment, an authenticator in a communication network maintains a persistent authenticator epoch value that increments each time the authenticator restarts. The authenticator also maintains a persistent per-supplicant value for each supplicant of the authenticator, each per-supplicant value set to a current value of the authenticator epoch value each time the corresponding supplicant establishes a new security association with the authenticator. To communicate messages from the authenticator to a particular supplicant, each message uses a per-supplicant replay counter having a security association epoch counter and a message counter specific to the particular supplicant. In particular, the security association epoch counter for each message is set as a difference between the authenticator epoch value and the per-supplicant value for the particular supplicant when the message is communicated, while the message counter is incremented for each message communicated.

摘要翻译： 在一个实施例中，通信网络中的认证器维护持续认证器时期值，其在每次验证器重新启动时递增。 认证者还为认证者的每个请求者维护持续的每个请求者的值，每次请求方的值都被设置为每次请求方与认证者建立新的安全关联时的认证者时期值的当前值。 为了将来自认证者的消息传递给特定的请求者，每个消息使用具有安全关联时计数器和特定请求者特定的消息计数器的每个请求者重播计数器。 特别地，当消息被传送时，每个消息的安全关联时代计数器被设置为特定请求者的认证者时期值和每个请求者的值之间的差异，同时消息计数器对于传达的每个消息而增加。

公开(公告)号：US09300569B2

公开(公告)日：2016-03-29

申请号：US13563077

申请日：2012-07-31

申请人： Jonathan W. Hui ,  Jean-Philippe Vasseur ,  Wei Hong

发明人： Jonathan W. Hui ,  Jean-Philippe Vasseur ,  Wei Hong

IPC分类号： H04L12/54 ,  H04L12/721 ,  H04L12/751 ,  G06F17/30 ,  H04L12/743

CPC分类号： H04L45/14 ,  G06F17/30162 ,  H04L45/02 ,  H04L45/12 ,  H04L45/7453 ,  H04L47/70

摘要： In one embodiment, a Transit Information Bloom Filter (TIBF) signal component is generated for use with a routing protocol control message, the TIBF signal component identifying at least one parent node for a corresponding routing topology. The TIBF signal component is encoded in a generated Bloom filter. The parameters of the generated Bloom filter are based at least on one parent node to be encoded and a desired false positive rate for the Bloom filter. The address for each parent node is also encoded in the Bloom filter.

摘要翻译： 在一个实施例中，生成与路由协议控制消息一起使用的传输信息布隆过滤器（TIBF）信号分量，所述TIBF信号组件标识用于相应路由拓扑的至少一个父节点。 TIBF信号分量在生成的Bloom过滤器中进行编码。 生成的Bloom过滤器的参数至少基于要编码的一个父节点和Bloom过滤器的所需假阳性率。 每个父节点的地址也在Bloom过滤器中进行编码。

公开(公告)号：US09281865B2

公开(公告)日：2016-03-08

申请号：US13272841

申请日：2011-10-13

申请人： Jonathan W. Hui ,  Lik Chuen Alec Woo ,  Wei Hong

发明人： Jonathan W. Hui ,  Lik Chuen Alec Woo ,  Wei Hong

IPC分类号： H04B1/713

CPC分类号： H04B1/713

摘要： In one embodiment, a device in a frequency hopping communication network transmits responsive beacon messages based on adaptive types of responsive beacon message transmission based on a number of received beacon requests within a given time period: the number below a threshold results in synchronized unicast messages; the number above the threshold results in unsynchronized broadcast messages. In another embodiment, the device suppresses unsolicited beacon message transmission based on a density-aware redundancy count of other unsolicited beacon message transmissions from neighboring devices. In another embodiment, the device may transmit unsolicited beacon messages according to an adaptive interval based on stability of the network. In another embodiment, the device may suppress transmission of a beacon request to join the communication network based on a density-aware redundancy count of other beacon requests from neighboring devices, and transmits beacon requests at an adaptive interval that increases in response to each unanswered beacon request.

摘要翻译： 在一个实施例中，跳频​​通信网络中的设备基于在给定时间段内的接收到的信标请求的数量，基于自适应类型的响应信标消息传输来发送响应信标消息：低于阈值的数量导致同步的单播消息; 超过阈值的数字导致不同步的广播消息。 在另一实施例中，设备基于来自相邻设备的其他未经请求的信标消息传输的密度感知冗余计数来抑制主动信标消息传输。 在另一个实施例中，设备可以基于网络的稳定性，根据自适应间隔发送未经请求的信标消息。 在另一个实施例中，设备可以基于来自相邻设备的其他信标请求的密度感知冗余计数来抑制加入通信网络的信标请求的传输，并以响应于每个未​​应答信标而增加的自适应间隔发送信标请求 请求。

公开(公告)号：US09001676B2

公开(公告)日：2015-04-07

申请号：US13192802

申请日：2011-07-28

申请人： Jonathan W. Hui ,  Wei Hong ,  Lik Chuen Alec Woo

发明人： Jonathan W. Hui ,  Wei Hong ,  Lik Chuen Alec Woo

IPC分类号： G01R31/08 ,  H04B1/713

CPC分类号： H04B1/713

摘要： In one embodiment, a device in a frequency hopping communication network operate in a first mode according to a common broadcast schedule for the network that simultaneously overlays a first configured portion of all independently determined unicast listening schedules in the network. In response to determining a power outage condition, the device switches to operation in a power outage mode where the common broadcast schedule for the network in the power outage mode simultaneously overlays a second configured portion of all independently determined unicast listening schedules in the network, the second configured portion greater than the first configured portion. In one embodiment, the device broadcasts one or more power outage notifications (PONs) in response to determining the power outage condition as a reduction of a main power supply at the device. In another embodiment, the device receives a PON while powered as the power outage condition.

摘要翻译： 在一个实施例中，跳频​​通信网络中的设备根据网络的公共广播调度以第一模式操作，该网络同时覆盖网络中所有独立确定的单播监听时间表的第一配置部分。 响应于确定停电状况，设备切换到停电模式中的操作，其中停电模式下的网络的公共广播调度同时覆盖网络中所有独立确定的单播监听时间表的第二配置部分， 第二构造部分大于第一构造部分。 在一个实施例中，响应于将停电状况确定为设备上的主电源的减少，设备广播一个或多个断电通知（PON）。 在另一个实施例中，设备在停电状态下被接通时接收PON。

公开(公告)号：US08934366B2

公开(公告)日：2015-01-13

申请号：US13550146

申请日：2012-07-16

申请人： Jonathan W. Hui ,  Wei Hong ,  Jeongyeup Paek ,  Philip Buonadonna

发明人： Jonathan W. Hui ,  Wei Hong ,  Jeongyeup Paek ,  Philip Buonadonna

IPC分类号： H04L12/24

CPC分类号： H04L47/12 ,  H04L41/0896 ,  H04L41/12 ,  H04L45/02 ,  H04L45/04 ,  H04L47/11

摘要： In one embodiment, a device connected to a network receives at a network interface a first network size indicator for a first network and a second network size indicator for a second network. A difference between the first network size indicator and the second network size indicator is determined and a switching probability is calculated if the difference between the network size indicators is greater than a predetermined network size difference threshold. The device may then migrate from the first network to the second network based on the switching probability.

摘要翻译： 在一个实施例中，连接到网络的设备在网络接口处接收第一网络的第一网络大小指示符和用于第二网络的第二网络大小指示符。 确定第一网络大小指示符和第二网络大小指示符之间的差异，并且如果网络尺寸指示符之间的差大于预定的网络大小差异阈值，则计算切换概率。 然后，设备可以基于切换概率从第一网络迁移到第二网络。

公开(公告)号：US08819191B2

公开(公告)日：2014-08-26

申请号：US13180952

申请日：2011-07-12

申请人： Jonathan W. Hui ,  Lik Chuen Alec Woo ,  Wei Hong

发明人： Jonathan W. Hui ,  Lik Chuen Alec Woo ,  Wei Hong

IPC分类号： G06F15/177

CPC分类号： H04L41/0803 ,  H04L45/14 ,  H04L61/2015 ,  H04L61/6059

摘要： In one embodiment, each of a plurality of devices in a computer network is configured to i) transmit a unicasted dynamic host configuration protocol (DHCP) solicit message to a neighbor device having a route to a border router as an assumed DHCP relay without regard to location of a DHCP server, and ii) operate as a DHCP relay to receive unicasted DHCP solicit messages and relay the solicit message to the border router of the network without regard to location of the DHCP server, and to relay a DHCP reply to a corresponding requestor device.

摘要翻译： 在一个实施例中，计算机网络中的多个设备中的每一个被配置为i）向具有到边界路由器的路由器的邻居设备传输单播动态主机配置协议（DHCP）请求消息作为假定的DHCP中继，而不考虑 DHCP服务器的位置，以及ii）作为DHCP中继来接收单播的DHCP请求消息，并将请求消息中继到网络的边界路由器，而不考虑DHCP服务器的位置，并将DHCP应答中继到相应的 请求者设备

公开(公告)号：US20130013806A1

公开(公告)日：2013-01-10

申请号：US13177132

申请日：2011-07-06

申请人： Lik Chuen Alec Woo ,  Jonathan W. Hui ,  Wei Hong

发明人： Lik Chuen Alec Woo ,  Jonathan W. Hui ,  Wei Hong

IPC分类号： G06F15/173

CPC分类号： H04W72/0446 ,  H04B1/7156 ,  H04H20/59 ,  H04L5/06 ,  H04L12/189 ,  H04W72/005 ,  H04W74/0808

摘要： In one embodiment, a rendezvous request message is generated (e.g., by a sender) that specifies a channel C and a rendezvous time T for which a distributed message is to be transmitted in a frequency-hopping computer network. The rendezvous request message is then transmitted on one or more channels used in the computer network based on reaching a plurality of intended recipients of the distributed message with the rendezvous request message prior to rendezvous time T. Accordingly, the distributed message is then transmitted on channel C at rendezvous time T. In another embodiment, a device receives a rendezvous request message, and in response to determining to honor the rendezvous request message, listens for the distributed message on channel C at rendezvous time T.