-
公开(公告)号:US20130073852A1
公开(公告)日:2013-03-21
申请号:US13551352
申请日:2012-07-17
IPC分类号: H04L9/32
CPC分类号: H04W12/06 , H04L9/0836 , H04L9/0866 , H04L9/3273 , H04L63/061 , H04L63/0884 , H04L63/123 , H04L63/162 , H04L67/12 , H04W12/04 , H04W12/10
摘要: According to an embodiment, a communication apparatus establishes communication with an external apparatus through a higher-level device. The communication apparatus includes a main processor and a key generator. The main processor receives a data authentication request including data to be authenticated, a first key specification, and a message authentication algorithm identifier from the higher-level device. The key generator retains a key hierarchy used by an authentication protocol that is used between the higher-level device and the external apparatus, and to generate a first key by use of the key hierarchy and the first key specification. The main processor generates a message authentication code for the data to be authenticated by use of the message authentication algorithm, which is identified by the message authentication algorithm identifier, and the first key, and transmits a data authentication response including the message authentication code to the higher-level device.
摘要翻译: 根据实施例,通信装置通过较高级别的装置建立与外部装置的通信。 通信装置包括主处理器和密钥发生器。 主处理器从上级设备接收包括要认证的数据的数据认证请求,第一密钥规范和消息认证算法标识符。 密钥生成器保留由上级设备和外部设备之间使用的认证协议使用的密钥层级,并且通过使用密钥层次和第一密钥规范来生成第一密钥。 主处理器通过使用由消息认证算法标识符识别的消息认证算法和第一密钥来生成用于要认证的数据的消息认证码,并将包括消息认证码的数据认证响应发送到 更高级别的设备。
-
公开(公告)号:US20120243683A1
公开(公告)日:2012-09-27
申请号:US13332998
申请日:2011-12-21
申请人: Yoshihiro OBA , Yasuyuki Tanaka , Shinji Yamanaka
发明人: Yoshihiro OBA , Yasuyuki Tanaka , Shinji Yamanaka
IPC分类号: H04L9/00
CPC分类号: H04L9/0836
摘要: According to one embodiment, a node that is a root node of a network forming a directed acyclic graph topology, which is composed of plural nodes including the node serving as the root node and having a parent-child relationship among nodes of adjacent hierarchies, includes a generating unit, an encrypting unit, and a transmitting unit. The generating unit generates a group key, and a list indicating a first node to which a distribution of the group key is inhibited. The encrypting unit encrypts the group key so as to be capable of being decrypted by a first child node other than the first node out of the child nodes of the root node. The transmitting unit transmits a first message, including an encrypted group key, which is the group key that is encrypted with respect to the first child node, and the list.
摘要翻译: 根据一个实施例,作为形成有向非循环图拓扑的网络的根节点的节点由包括用作根节点并且在相邻层次的节点之间具有父子关系的多个节点组成,包括 生成单元,加密单元和发送单元。 生成单元生成组密钥,并且指示禁止组密钥的分布的第一节点的列表。 加密单元加密组密钥,以便能够被根节点的子节点之外的除第一节点之外的第一子节点解密。 发送单元发送包括作为相对于第一子节点加密的组密钥的加密组密钥和列表的第一消息。
-
公开(公告)号:US20080212783A1
公开(公告)日:2008-09-04
申请号:US11972457
申请日:2008-01-10
申请人: Yoshihiro OBA
发明人: Yoshihiro OBA
CPC分类号: H04L9/321 , G06F21/335 , H04L9/083 , H04L9/3213 , H04L63/0807 , H04L63/162 , H04L2209/80 , H04W36/005
摘要: A media-independent handover key management architecture is disclosed that uses Kerberos for secure key distribution among a server, an authenticator, and a mobile node. In the preferred embodiments, signaling for key distribution is based on re-keying and is decoupled from re-authentication that requires EAP (Extensible Authentication Protocol) and AAA (Authentication, Authorization and Accounting) signaling similar to initial network access authentication. In this framework, the mobile node is able to obtain master session keys required for dynamically establishing the security associations with a set of authenticators without communicating with them before handover. By separating re-key operation from re-authentication, the proposed architecture is more optimized for a proactive mode of operation. It can also be optimized for reactive mode of operation by reversing the key distribution roles between the mobile node and the target access node.
摘要翻译: 公开了一种媒体独立的切换密钥管理架构,其使用Kerberos在服务器,认证器和移动节点之间进行安全密钥分发。 在优选实施例中,用于密钥分发的信令基于重新键入,并且与需要与初始网络接入认证相似的EAP(可扩展认证协议)和AAA(认证,授权和计费)信令的再认证解耦。 在该框架中,移动节点能够获得主动会话密钥,用于在切换之前与一组认证者动态建立安全关联,而不与其进行通信。 通过将重新键入操作与重新认证分离,所提出的架构针对主动操作模式进行了更优化。 还可以通过反转移动节点和目标接入节点之间的密钥分发角色来优化用于反应的操作模式。
-
公开(公告)号:US20230293052A1
公开(公告)日:2023-09-21
申请号:US18120433
申请日:2023-03-13
CPC分类号: A61B5/145 , A61B5/0059
摘要: A measuring device includes a total internal reflection prism having a total reflection plane that an object to be measured contacts, a light source to emit light to make the light having a wavelength equal to or greater than 7 micrometers (μm) and equal to or less than 12 μm incident on the total reflection plane, and a sensor to detect light intensity of the light reflected by the total reflection plane. In the measuring device, an equation
arc
sin
(
n
2
n
1
)-
公开(公告)号:US20230288323A1
公开(公告)日:2023-09-14
申请号:US18014756
申请日:2021-07-08
申请人: Ryosuke KASAHARA , Yoshio WADA , Yoshihiro OBA , Toshihide SASAKI
发明人: Ryosuke KASAHARA , Yoshio WADA , Yoshihiro OBA , Toshihide SASAKI
IPC分类号: G01N21/35
CPC分类号: G01N21/35 , G01N2201/0634
摘要: A measuring apparatus includes a light source configured to emit light in a mid-infrared region, the light including: first-wavelength light having a wave number of from 970 cm-1 or more to 1010 cm-1 or less; and second-wavelength light different from the first-wavelength light, the second-wavelength light having a wave number of from 950 cm-1 or more to 990 cm-1 or less; a photosensor configured to detect the light emitted from the light source and reflected by a measurement target; and an information processing device configured to: obtain a first absorbance of the first-wavelength light and a second absorbance of the second-wavelength light from an output of the photosensor; and determine a biomarker of the measurement target based on the first absorbance and the second absorbance.
-
公开(公告)号:US20120237033A1
公开(公告)日:2012-09-20
申请号:US13233186
申请日:2011-09-15
申请人: Yasuyuki TANAKA , Yoshihiro OBA , Shinji YAMANAKA
发明人: Yasuyuki TANAKA , Yoshihiro OBA , Shinji YAMANAKA
CPC分类号: H04W12/04 , H04L9/0836 , H04L9/0891 , H04L63/0442 , H04L63/065 , H04L63/08 , H04L2209/80 , H04L2463/062 , H04W12/06 , H04W84/20
摘要: According to one embodiment, a wireless mesh network includes a plurality of nodes of which one is a root node and two nodes hierarchically adjacent have a parent-child relationship. In a node in the wireless mesh network, an authentication processing unit executes an authentication for network access with the root node when the node joins in the wireless mesh network. A root key setting unit generates a root key as a common key between the root node and the node. A parent-child key setting unit generates a parent-child key as a common key between a parent node and the node, encrypts the parent-child key using the root key, and sends the parent-child key encrypted to the root node. A group key acquisition unit receives a group key encrypted using the parent-child key from the parent node, and decrypts the group key using the parent-child key.
摘要翻译: 根据一个实施例,无线网状网络包括多个节点,其中一个是根节点,并且两个分层相邻的节点具有父子关系。 在无线网状网络中的节点中,当节点加入无线网状网络时,认证处理单元执行与根节点的网络接入认证。 根密钥设置单元生成根密钥作为根节点和节点之间的公共密钥。 父子密钥设置单元生成父子密钥作为父节点和节点之间的公共密钥,使用根密钥加密父子密钥,并将加密的父子密钥发送到根节点。 组密钥获取单元从父节点接收使用父子密钥加密的组密钥,并且使用父子密钥对组密钥进行解密。
-
17.发明申请EFFICIENT AND LOSS TOLERANT METHOD AND MECHANISM FOR MEASURING AVAILABLE BANDWIDTH 有权用于测量可用带宽的有效和可靠的方法和机制公开(公告)号:US20100208613A1
公开(公告)日:2010-08-19
申请号:US12371286
申请日:2009-02-13
IPC分类号: H04L12/26
CPC分类号: H04L43/50 , H04L41/0896 , H04L43/0882 , H04L43/0888
摘要: A single burst method is used to determine the available bandwidth in a network environment. A sending node transmits test packets to a receiving node. The size of the test packets is dynamically determining based on network parameters within the network environment. The sending node then receives test receipt packets that have the same sequence numbers as the corresponding test packets. Packet clusters are formed from the test receipt packets. The available bandwidth is determined based on the packet clusters along with values set by the single burst method or inputted by a user.
摘要翻译: 单一突发方法用于确定网络环境中的可用带宽。 发送节点向接收节点发送测试分组。 测试包的大小是根据网络环境中的网络参数动态确定的。 然后,发送节点接收与相应测试分组具有相同序列号的测试接收分组。 分组簇由测试收据分组形成。 可用带宽是基于分组簇以及由单个突发方法设置的值或由用户输入的值来确定的。
-
公开(公告)号:US20100115083A1
公开(公告)日:2010-05-06
申请号:US12262911
申请日:2008-10-31
IPC分类号: G06F15/173
摘要: A terminal device includes multiple interfaces having links to various networks. When a trigger event occurs, the terminal device selects a target link to a network to transition from its current link. A candidate link selection function determines candidate links that are filtered to remove links not meeting connectivity criteria. A target link selection function is then executed to select a target link from the filtered candidate links. Thus, the target link selection function is not run for every possible link, but only those meeting the criteria.
摘要翻译: 终端设备包括具有到各种网络的链接的多个接口。 当发生触发事件时,终端设备选择到网络的目标链路以从其当前链路转换。 候选链路选择功能确定被过滤的候选链路以去除不满足连接标准的链路。 然后执行目标链路选择功能,以从过滤的候选链路中选择目标链路。 因此,目标链路选择功能不是针对每个可能的链路运行,而是仅满足标准的那些。
-
公开(公告)号:US20060041742A1
公开(公告)日:2006-02-23
申请号:US11161733
申请日:2005-08-15
申请人: Yoshihiro OBA
发明人: Yoshihiro OBA
IPC分类号: H04L9/00 , H04L9/32 , G06K9/00 , G06F17/30 , G06F15/16 , G06F7/04 , G06F7/58 , G06K19/00 , H04K1/00
CPC分类号: H04L63/08 , H04L63/0272 , H04L63/162 , H04L63/164 , H04W8/26 , H04W12/02 , H04W12/06 , H04W76/10 , H04W80/04
摘要: A system and method is disclosed for dynamically and securely establishing a tunnel for a mobile device. In the preferred embodiments, the system and method operate to dynamically assign one or more tunnel endpoint addresses to a client which is not on the same IP-link as an authentication agent depending on an authentication result based on using an authentication protocol source port number in order to address communications.
摘要翻译: 公开了用于动态和安全地建立移动设备的隧道的系统和方法。 在优选实施例中,系统和方法操作以根据使用认证协议源端口号的认证结果动态地将一个或多个隧道端点地址分配给与认证代理不在同一IP链路上的客户端 命令来处理通讯。
-
-
-
-
-
-
-
-
搜索结果
19 条记录 (耗时 0.026 秒)
