摘要:
A communication network includes an overload control algorithm that adapts to changing circumstances. In a disclosed example, an acceptance fraction for each of a plurality of message types depends upon the arrival rates of the message types. As at least one of the arrival rates changes, the acceptance fraction is responsively changed to provide an overload control algorithm that adapts to changes in message traffic.
摘要:
Methods are provided for securely transmitting a packet between endpoints of a network. In one aspect, there is provided a method for establishing an end-to-end key using extant hop-by-hop security associations. In a second aspect, there is provided a method in which a packet-specific encryption key PEK is used to encrypt a packet p. A signature of the key PEK is independently computed at each of two nodes, using an integrity key shared by the two nodes. The signature is sent from one of the two nodes to the other in association with the packet p. The receiving node uses the signature to verify that the packet p was originated by an entity having possession of the PEK.
摘要:
Embodiments address various methods and apparatuses that attempt to minimize the time that the security communication between group members may be at risk due to a user joining or leaving. For example, embodiments include methods of minimizing the time for which a joining member receives a secure commonly shared key and other embodiments include methods of minimizing the time that a user leaving the group has access to data shared within the group through updating the secure commonly shared key.
摘要:
A method of transmitting or retransmitting a packet in a communication system. The method includes determining a modulation and coding scheme (MCS) to reduce the packet error rate (PER) for transmission, where the MCS is an aggregate of M redundant packet transmissions as a function of at least one of determined past channel conditions and/or allocated resources, determinable current channel conditions and/or allocated resources, future statistical channel conditions and/or allocated resources, and/or a cost function; and transmitting the packets in the communication system according to the MCS.
摘要:
In a wireless network or other communication system, admission of users to the system is based on predicted scheduling gain. A scheduler is configured to manage access to network resources for users already admitted to the system. An admission control module is coupled to the scheduler, and determines a predicted scheduling gain of the scheduler under an operating scenario involving admission of at least one additional user to the system. The predicted scheduling gain is processed to generate at least one performance metric which is used to make an admission control decision regarding admission of the at least one additional user to the system.
摘要:
There can be problems with the security of social networking communications. For example, there may be occasions when a number of friends wish to communicate securely through a social network infrastructure, such that non-trusted 3rd-party entities, such as a Social Network Operator or host that provides the application infrastructure, does not overhear the communication. In response to the above problems, embodiments presented propose a set of innovative, lightweight solutions, considering that in certain scenarios the Social Network Operator may not be a trusted entity. Embodiments of the present invention are directed to methods and apparatuses for secure information sharing in social networks using random keys.
摘要:
The capacity of a reverse link is improved by realizing a scheme to effect sharp changes in pilot channel transmit power (PCTP) and data channel to pilot power ratio (DCPR), coordinated with the start of the data channel transmission. The change in pilot power and data channel to pilot power ratio is also applicable to mobiles that use multiple pilots and/or multiple antennas at the transmitter and/or receiver.
摘要:
A key distribution scheme is provided, which is useful for establishing, distributing, and maintaining security associations in a Mobile IP network. An authentication server performs an initial validation of a new session and generates a root key which it delivers to the initial access gateway and to the home agent. The initial access gateway and the home agent each independently compute a derivative key available only to themselves. The initial access gateway, acting as proxy for the mobile station, uses the derivative key to sign the Mobile IP registration or binding update transactions, and sends the signed registration or binding update to the home agent for validation. Once the session is established between the mobile station and the home agent, the access gateways act as proxies on behalf of the mobile station to maintain the session mobility. In handoff, the new access gateway acquires the root key as part of the transferred session context. The new access gateway, acting as proxy for the mobile station, computes a new derivative key from the root key and uses it to sign a binding update.
摘要:
A key distribution scheme is provided, which is useful for establishing, distributing, and maintaining security associations in a Mobile IP network. An authentication server performs an initial validation of a new session and generates a root key which it delivers to the initial access gateway and to the home agent. The initial access gateway and the home agent each independently compute a derivative key available only to themselves. The initial access gateway, acting as proxy for the mobile station, uses the derivative key to sign the Mobile IP registration or binding update transactions, and sends the signed registration or binding update to the home agent for validation. Once the session is established between the mobile station and the home agent, the access gateways act as proxies on behalf of the mobile station to maintain the session mobility. In handoff, the new access gateway acquires the root key as part of the transferred session context. The new access gateway, acting as proxy for the mobile station, computes a new derivative key from the root key and uses it to sign a binding update.
摘要:
Methods are provided for securely transmitting a packet between endpoints of a network. In one aspect, there is provided a method for establishing an end-to-end key using extant hop-by-hop security associations. In a second aspect, there is provided a method in which a packet-specific encryption key PEK is used to encrypt a packet p. A signature of the key PEK is independently computed at each of two nodes, using an integrity key shared by the two nodes. The signature is sent from one of the two nodes to the other in association with the packet p. The receiving node uses the signature to verify that the packet p was originated by an entity having possession of the PEK.