公开(公告)号：US20090156129A1

公开(公告)日：2009-06-18

申请号：US11956459

申请日：2007-12-14

申请人： Amer A. Hassan ,  Hui Shen ,  Christian Huitema

发明人： Amer A. Hassan ,  Hui Shen ,  Christian Huitema

IPC分类号： H04B7/005 ,  H04B1/40

CPC分类号： G06F9/5044 ,  G06F9/5055 ,  G06F2209/509 ,  H04B1/0003

摘要： A computing device with a software defined radio. The software defined radio has an architecture with separate components to provide control functions and data processing functions. The control components configure the data processing components so that the software defined radio provides desired operating characteristics. To facilitate programming the software defined radio to communicate according to one or more wireless technologies, the computing device may include a library of wireless technology specifications. By accessing a technology specification in the library, the control components can determine an appropriate configuration of the data processing components for a selected wireless technology. The data processing components may be hardware or software and, if hardware and software components are available to perform a data processing function, the control components may select between the hardware and software components depending on throughput, processor loading or other criteria.

摘要翻译： 具有软件定义无线电的计算设备。 软件定义的无线电具有独立组件的架构，以提供控制功能和数据处理功能。 控制组件配置数据处理组件，使得软件定义的无线电提供所需的操作特性。 为了便于根据一种或多种无线技术对软件定义的无线电进行编程以进行通信，计算设备可以包括无线技术规范库。 通过访问库中的技术规范，控制组件可以确定所选无线技术的数据处理组件的适当配置。 数据处理组件可以是硬件或软件，并且如果硬件和软件组件可用于执行数据处理功能，则控制组件可以根据吞吐量，处理器负载或其他标准在硬件和软件组件之间进行选择。

公开(公告)号：US07500102B2

公开(公告)日：2009-03-03

申请号：US10056889

申请日：2002-01-25

申请人： Brian Swander ,  Christian Huitema

发明人： Brian Swander ,  Christian Huitema

IPC分类号： H04L9/00 ,  H04L1/00

CPC分类号： H04L63/029 ,  H04L29/1249 ,  H04L61/256 ,  H04L63/061 ,  H04L69/16 ,  H04L69/164 ,  H04L69/166

摘要： A method and apparatus for fragmenting and reassembling IKE protocol data packets that exceed a Maximum Transmission Unit is provided. A transmitting node determines whether to fragment IKE data depending on whether the receiving node has the capability to receive and reassemble fragmented data packets. The transmitting node detects whether fragmentation is appropriate and then intercepts and fragments appropriate IKE payloads for transmission over a network. The invention further includes a method and apparatus for reassembling fragmented IKE payloads. The receiving node discards certain packets according to a set of predetermined rules that are designed to prevent denial of service attacks and other similar attacks. No modification is required to the existing IKE protocol or to other lower level networking protocols.

摘要翻译： 提供了一种用于分段和重新组合超过最大传输单元的IKE协议数据分组的方法和装置。 发送节点根据接收节点是否具有接收和重组分段数据分组的能力来确定是否分片IKE数据。 发送节点检测分段是否合适，然后拦截并分片适当的IKE有效载荷，以便通过网络进行传输。 本发明还包括用于重新组装分段的IKE有效载荷的方法和装置。 接收节点根据旨在防止拒绝服务攻击和其他类似攻击的一组预定规则来丢弃某些分组。 现有的IKE协议或其他较低级别的网络协议不需要修改。

公开(公告)号：US07493363B2

公开(公告)日：2009-02-17

申请号：US09955923

申请日：2001-09-19

申请人： Christian Huitema ,  Alexandru Gavrilescu ,  Noel W. Anderson ,  Xiaohai Zhang

发明人： Christian Huitema ,  Alexandru Gavrilescu ,  Noel W. Anderson ,  Xiaohai Zhang

IPC分类号： G06F15/16

CPC分类号： H04L29/12292 ,  H04L29/06 ,  H04L61/2069 ,  H04L67/104 ,  H04L67/1044 ,  H04L67/1046 ,  H04L67/1048 ,  H04L67/306 ,  H04L69/329

摘要： A system and method of serverless peer-to-peer group management and maintenance is presented. Group formation and discovery of private, public, and enumerated groups are provided, as is a method of joining such a peer-to-peer group. Group information management provided by the present invention ensures that each node maintains a current database from the initial joining of the group through the run phase of membership. Group graph maintenance utilizes a group signature to ensure that partitions in a graph may be detected and repaired. The utility of connections within the graph are also monitored so that non-productive connections may be dropped to increase the efficiency of the group. The diameter of the graph is also monitored and adjusted to ensure rapid information transfer throughout the group. A disconnect procedure is used to maintain the graph integrity and prevent partitions resulting from the departure of a group member.

摘要翻译： 提出了无服务器对等组群管理和维护的系统和方法。 提供私有，公共和枚举组的组合和发现，以及加入这种对等组的方法。 通过本发明提供的组信息管理确保每个节点保持从组的初始加入到成员的运行阶段的当前数据库。 组图维护使用组签名来确保图中的分区可能被检测和修复。 还监视图中连接的效用，以便可以降低非生产性连接以提高组的效率。 还会对图形的直径进行监控和调整，以确保整个组内快速的信息传递。 使用断开连接程序来维护图形的完整性，并防止由于组成员的离开导致的分区。

公开(公告)号：US20080279128A1

公开(公告)日：2008-11-13

申请号：US11899276

申请日：2007-09-05

申请人： Amer A. Hassan ,  Deyun Wu ,  Hui Shen ,  Christian Huitema ,  Thomas W. Kuehnel

发明人： Amer A. Hassan ,  Deyun Wu ,  Hui Shen ,  Christian Huitema ,  Thomas W. Kuehnel

IPC分类号： H04B7/00

CPC分类号： H04W8/22 ,  H04W88/06

摘要： A system and method for providing the ability to discover the capabilities of a user's computer to determine whether it is capable of supporting more than one wireless protocol simultaneously is provided. A computing device's capabilities (including, for example, hardware and/or software capabilities) is checked to determine if it supports at least two specific wireless protocols and checking a computing device's capabilities (including, for example, hardware and/or software capabilities) is checked to determine if it supports both wireless protocols simultaneously. The techniques for determining the computing device's compatibility may include comparing lists of protocol requirements to lists of system capabilities and/or generating test signals by the system according to the protocol.

摘要翻译： 提供了一种用于提供发现用户计算机的能力以确定其是否能够同时支持多于一个无线协议的能力的系统和方法。 检查计算设备的能力（包括例如硬件和/或软件能力）以确定其是否支持至少两个特定的无线协议并且检查计算设备的能力（包括例如硬件和/或软件能力）是 检查以确定它是否同时支持两个无线协议。 用于确定计算设备的兼容性的技术可以包括将协议要求的列表与根据协议的系统的系统能力的列表和/或生成测试信号进行比较。

公开(公告)号：US20080137548A1

公开(公告)日：2008-06-12

申请号：US11635869

申请日：2006-12-08

申请人： Amer A. Hassan ,  Vishesh M. Parikh ,  Thomas W. Kuehnel ,  Deyun Wu ,  Christian Huitema ,  David Jones ,  Andrew Baron

发明人： Amer A. Hassan ,  Vishesh M. Parikh ,  Thomas W. Kuehnel ,  Deyun Wu ,  Christian Huitema ,  David Jones ,  Andrew Baron

IPC分类号： G06F11/30

CPC分类号： H04W28/18 ,  H04W80/00

摘要： Capability checking to examine a computing device's capabilities to determine if the device supports a software defined radio to communicate according to a specific wireless protocol. Applicants have appreciated that as the reliance on software defined radio increases, numerous potential options may be available to a user for performing wireless communication. Applicants have appreciated the desirability of providing the ability to discover the capabilities of a user's computer to determine whether it is capable of supporting one or more wireless protocols.

摘要翻译： 检查计算设备能力以确定设备是否支持根据特定无线协议进行通信的软件定义无线电的能力检查。 申请人已经意识到，随着对软件定义的无线电的依赖性的增加，许多潜在的选项可供用户进行无线通信。 申请人已经意识到提供发现用户计算机的功能以确定其是否能够支持一个或多个无线协议的能力的可取性。

公开(公告)号：US07305705B2

公开(公告)日：2007-12-04

申请号：US10611832

申请日：2003-06-30

申请人： Art Shelest ,  Christian Huitema

发明人： Art Shelest ,  Christian Huitema

IPC分类号： G06F15/16

CPC分类号： H04L63/0272 ,  H04L9/3218 ,  H04L63/029 ,  H04L63/0442 ,  H04L63/08 ,  H04L63/083 ,  H04L63/0853 ,  H04L63/1458 ,  H04L63/166 ,  H04L2209/56 ,  H04L2209/76 ,  H04L2209/80

摘要： A firewall acts as a transparent gateway to a server within a private network by initiating an unsolicited challenge to a client to provide authentication credentials. After receiving the client's credentials, the firewall verifies the authentication credentials and establishes a secure channel for accessing the server. Data destined for the server from the client may be forwarded through the firewall using the secure channel. The firewall may sign, or otherwise indicate that data forwarded to the server is from a client that the firewall has authenticated. The firewall also may provide some level of authentication to the client. While connected to the server, the client may access other servers external to the private network without having the data associated with the other servers pass through the private network. The firewall reduces configuration information that a client otherwise must maintain to access various private network servers.

摘要翻译： 防火墙通过向客户端发起未经请求的挑战来提供认证凭据，作为私有网络中的服务器的透明网关。 在收到客户端凭据后，防火墙会验证身份验证凭据，并建立一个用于访问服务器的安全通道。 从客户端发往服务器的数据可以使用安全通道通过防火墙转发。 防火墙可以签署或以其他方式指示转发到服务器的数据来自防火墙已经认证的客户端。 防火墙还可以向客户端提供一定程度的认证。 当连接到服务器时，客户端可以访问专用网络外部的其他服务器，而不会使与其他服务器相关联的数据通过专用网络。 防火墙可以减少客户端必须维护的配置信息，以访问各种专用网络服务器。

公开(公告)号：US07299351B2

公开(公告)日：2007-11-20

申请号：US09956260

申请日：2001-09-19

申请人： Christian Huitema ,  John L. Miller ,  Alexandru Gavrilescu

发明人： Christian Huitema ,  John L. Miller ,  Alexandru Gavrilescu

IPC分类号： H04L9/00

CPC分类号： H04L63/04

摘要： A method for use in a peer-to-peer communication system to ensure valid connections are made in a secure manner includes the steps of receiving an address record for a peer node which includes an ID certificate. The ID certificate is validated and checked to verify that the ID certificate has not expired. Further, the method determines if the node from whom the address record was received is to be trusted, and the number of instances of the IP address included in the certificate is already stored in cache. When the foregoing are completed successfully, i.e. the certificate is valid, not expired, has been supplied by a trusted neighbor, and does not point to an IP address that already exists for different ID's multiple times, the method opportunistically verifies ownership of the ID certificate at the peer node's IP address. That is, the verification of ownership only occurs when the advertiser of the ID is the owner of that ID (or when the ID is to be used). If any of the above cannot be completed successfully, the address record is discarded.

摘要翻译： 在对等通信系统中用于确保有效连接的方法以安全的方式进行包括以下步骤：接收包括ID证书的对等节点的地址记录。 验证和检查ID证书以验证身份证明书尚未过期。 此外，该方法确定接收到地址记录的节点是否被信任，并且包括在证书中的IP地址的实例数量已经存储在高速缓存中。 当上述内容成功完成时，即证书是有效的，未过期的，由信任的邻居提供，并且不指向多次已经存在于不同ID的IP地址，该方法机会地验证身份证书的所有权 在对等节点的IP地址。 也就是说，所有权的验证仅在ID的广告商是该ID的所有者时（或当使用该ID时）发生。 如果上述任何一个都无法成功完成，地址记录将被丢弃。

公开(公告)号：US20070263653A1

公开(公告)日：2007-11-15

申请号：US11433804

申请日：2006-05-12

申请人： Amer Hassan ,  Thomas Kuehnel ,  Deyun Wu ,  Christian Huitema ,  D. Frost

发明人： Amer Hassan ,  Thomas Kuehnel ,  Deyun Wu ,  Christian Huitema ,  D. Frost

IPC分类号： H04J3/16

CPC分类号： H04W28/0268 ,  H03M1/12 ,  H03M9/00 ,  H04L5/0053 ,  H04L5/006 ,  H04L5/0064 ,  H04L5/1446 ,  H04L27/18 ,  H04L27/2605 ,  H04L27/2607 ,  H04L27/34 ,  H04L65/4069 ,  H04L65/80 ,  H04W28/24

摘要： A system for signaling an application when a requested data rate and Quality of Service cannot be achieved using OFDM wireless data transmission, and the application proceeds by either renegotiating QoS and data rate, or waiting until they requested rate and QoS are met.

摘要翻译： 当使用OFDM无线数据传输不能实现所请求的数据速率和服务质量时，用于对应用进行信令的系统，并且应用通过重新协商QoS和数据速率或者等待直到满足请求速率和QoS来进行。

公开(公告)号：US20070248173A1

公开(公告)日：2007-10-25

申请号：US11410969

申请日：2006-04-25

申请人： Amer Hassan ,  Christian Huitema

发明人： Amer Hassan ,  Christian Huitema

IPC分类号： H04L27/28 ,  H04K1/10

CPC分类号： H04L5/0007 ,  H04L5/0037 ,  H04L5/006 ,  H04L5/0064

摘要： A multiuser scheme allowing for a number of users, sets of user, or carriers to share one or more channels is provided. In the invention, the available channel bandwidth is subdivided into a number of equal-bandwidth subchannels according to standard OFDM practice. The transmitter is informed by an application that it needs to transmit data a particular rate. The transmitter determines the minimum number of subchannels and maximum energy (or noise) threshold for each subchannel necessary to achieve that data rate and selects a set of subchannels matching those requirements. The subchannels need not be contiguous in the spectrum or belong to the same channel. Once the transmitter has selected the required number of subchannels, it begins transmitting simultaneously on those subchannels across the entire bandwidth used by those subchannels.

摘要翻译： 提供允许多个用户，一组用户或运营商共享一个或多个信道的多用户方案。 在本发明中，可用信道带宽根据标准OFDM实践被细分为多个等带宽子信道。 发射机被应用程序通知它需要以特定速率传输数据。 发射机确定实现该数据速率所需的每个子信道的子信道的最小数目和最大能量（或噪声）阈值，并选择一组符合这些要求的子信道。 子信道不需要在频谱中是连续的或属于同一信道。 一旦发射机选择了所需数量的子信道，它将在这些子信道使用的整个带宽上在这些子信道上同时开始传输。

公开(公告)号：US20070078924A1

公开(公告)日：2007-04-05

申请号：US11239945

申请日：2005-09-30

申请人： Amer Hassan ,  Christian Huitema ,  Vishesh Parikh

发明人： Amer Hassan ,  Christian Huitema ,  Vishesh Parikh

IPC分类号： G06F12/00 ,  G06F15/16

CPC分类号： H04B1/0003 ,  G06F21/125 ,  G06F2221/2111 ,  H04B1/406 ,  H04L63/0428 ,  H04L63/10 ,  H04L2463/101

摘要： Systems and methods are provided for modularly constructing a software defined radio (“SDR”). Given an SDR kernel (i.e., a potentially platform-neutral definition of digital signal processing functionality and control operations necessary to implement the core portion of a software defined radio implementing a particular radio standard), an optional description of governmental regulations for a particular locality, and an interface harness providing the necessary components for interfacing to specific communication channels and devices (including SDR hardware components), an SDR factory component performs a process of constructing an SDR software component for implementing a particular radio standard on a particular host. The SDR software component may additionally construct components which restrict the operation of the resulting SDR software component. The SDR kernel may be protected by one or more digital rights management (“DRM”) policies which may be enforced both at the time the SDR software component is constructed and while it is operating.

摘要翻译： 提供了用于模块化构建软件定义无线电（“SDR”）的系统和方法。 给定SDR内核（即，实现特定无线电标准的软件定义无线电的核心部分所需的数字信号处理功能和控制操作的潜在平台中立定义），对特定地点的政府法规的可选描述， 以及提供用于与特定通信信道和设备（包括SDR硬件组件）接口的必要组件的接口线束，SDR工厂组件执行构建用于在特定主机上实现特定无线电标准的SDR软件组件的过程。 SDR软件组件可以另外构造限制所得到的SDR软件组件的操作的组件。 SDR内核可能受到一个或多个数字版权管理（“DRM”）策略的保护，这些策略可以在构建SDR软件组件时和在运行时都被执行。