-
61.发明申请METHOD, APPARATUS, AND SYSTEM FOR ISOLATING A TEMPORARY PARTITION ON A HOST 审中-公开方法,装置和系统,用于分离主机上的临时分区公开(公告)号:US20140337913A1
公开(公告)日:2014-11-13
申请号:US13770167
申请日:2013-02-19
申请人: Tsung-Yuan Charles Tai , Kapil Sood
发明人: Tsung-Yuan Charles Tai , Kapil Sood
CPC分类号: G06F21/57 , G06F8/61 , G06F9/45545 , G06F9/45558 , G06F9/5077 , G06F21/53 , G06F2009/45587
摘要: A method, apparatus and system enable a temporary partition on a host to be isolated. More specifically, a temporary partition may be initialized in a partitioned host, assigned its own security policy and given the necessary resources to complete a task. Thereafter, the temporary partition may be dismantled. Since the temporary partition is isolated from the remaining partitions on the host, the temporary partition may be allowed to run a “weaker” security policy than the rest of the partitions because the isolation of the temporary partition ensures that the security of the remaining partitions may remain uncompromised.
摘要翻译: 方法,装置和系统使主机上的临时分区能够被隔离。 更具体地说,可以在分配的主机中初始化临时分区,分配其自己的安全策略并给出必要的资源来完成任务。 此后,可以拆除临时隔离物。 由于临时分区与主机上的剩余分区隔离,因此临时分区可能会比其他分区运行“较弱”的安全策略,因为临时分区的隔离可确保其余分区的安全性 保持不妥协
-
62.发明授权Method, apparatus and system for distributing and enforcing authenticated network connection policy 有权用于分发和实施认证网络连接策略的方法,设备和系统公开(公告)号:US08601103B2
公开(公告)日:2013-12-03
申请号:US11455024
申请日:2006-06-15
申请人: Kapil Sood
发明人: Kapil Sood
IPC分类号: G06F15/173
CPC分类号: H04L63/0272 , H04L41/0893 , H04L63/0869 , H04W12/06 , H04W92/02
摘要: A method, apparatus and system enable distribution and enforcement of authenticated network connection policy. Specifically, in one embodiment, a wireless network may admit manageability cores (“MCs”) that include a manageability feature set, i.e., devices that do not implement the full wireless network feature set defined by IEEE standards. In one embodiment, the MCs and backend policy decision point (“PDP”) may agree upon connection policy information for the MCs, and a may utilize a mutually authenticated mechanism to deliver the agreed upon connection policy information to the MCs and Access Points (“Aps”).
摘要翻译: 一种方法,装置和系统能够分配和实施认证的网络连接策略。 具体来说,在一个实施例中,无线网络可以承认包括可管理性特征集合的可管理性核心(“MC”),即,不实现由IEEE标准定义的完整无线网络特征集的设备。 在一个实施例中,MC和后端策略决策点(“PDP”)可以协商用于MC的连接策略信息,并且可以使用相互认证的机制来将所约定的连接策略信息提供给MC和接入点(“ Aps“)。
-
63.发明申请METHOD, APPARATUS AND SYSTEM FOR PLATFORM IDENTITY BINDING IN A NETWORK NODE 有权网络节点中平台身份绑定的方法,装置和系统公开(公告)号:US20120102212A1
公开(公告)日:2012-04-26
申请号:US13339276
申请日:2011-12-28
申请人: Kapil Sood , Jesse R. Walker
发明人: Kapil Sood , Jesse R. Walker
IPC分类号: G06F15/16
CPC分类号: H04L63/10 , H04L9/3234 , H04L9/3263 , H04L29/06775 , H04L63/0823 , H04L63/102
摘要: Embodiments of apparatuses, articles, methods, and systems for binding various platform identities for a policy negotiation are generally described herein. Other embodiments may be described and claimed.
摘要翻译: 这里通常描述用于绑定用于策略协商的各种平台身份的装置,文章,方法和系统的实施例。 可以描述和要求保护其他实施例。
-
公开(公告)号:US08094612B2
公开(公告)日:2012-01-10
申请号:US13011821
申请日:2011-01-21
申请人: Kapil Sood
发明人: Kapil Sood
IPC分类号: H04W4/00
CPC分类号: H04L47/20 , H04L45/00 , H04L45/22 , H04L47/15 , H04L47/70 , H04L47/767 , H04L47/786 , H04L47/805 , H04L47/824 , H04W28/24 , H04W36/12
摘要: Embodiments of apparatuses, articles, methods, and systems for negotiating quality of service resources in wireless networks are generally described herein. Other embodiments may be described and claimed.
摘要翻译: 这里通常描述用于在无线网络中协商服务质量资源的装置,文章,方法和系统的实施例。 可以描述和要求保护其他实施例。
-
65.发明授权Methods and apparatus for providing integrity protection for management and control traffic of wireless communication networks 有权提供完整性保护的方法和装置,用于管理和控制无线通信网络的流量公开(公告)号:US08010780B2
公开(公告)日:2011-08-30
申请号:US12583953
申请日:2009-08-27
申请人: Kapil Sood , Jesse R. Walker , Emily H. Qi
发明人: Kapil Sood , Jesse R. Walker , Emily H. Qi
IPC分类号: H04L29/06
CPC分类号: H04L63/083 , H04L63/0442 , H04L63/123
摘要: Embodiments of the present invention provide a method comprising transmitting, by a communication node, an information element (IE), the IE including a feature field indicating whether the communication node operates in accordance with an integrity protection protocol specifically for management frames, and the IE further including an enforcement field that advertises whether the integrity protection protocol for management and control frames is mandatory, and generating, by the communication node, a pairwise transient key (PTK), the PTK including a first plurality of keys and a pairwise integrity key (PIK), wherein the first plurality of keys are configured to protect an integrity of data frames transmitted by the communication node and the PIK is configured to protect an integrity of management frames transmitted by the communication node, wherein management frames are dedicated to management traffic and wherein the first plurality of keys and the PIK are different keys. Other embodiments may be described and claimed.
摘要翻译: 本发明的实施例提供了一种方法,包括由通信节点发送信息元素(IE),该IE包括指示通信节点是否根据专用于管理帧的完整性保护协议来操作的特征字段,以及IE 进一步包括执行字段,其通知管理和控制帧的完整性保护协议是否是强制性的,并且由通信节点生成成对临时密钥(PTK),PTK包括第一多个密钥和成对完整性密钥 PIK),其中所述第一多个密钥被配置为保护由所述通信节点发送的数据帧的完整性,并且所述PIK被配置为保护由所述通信节点发送的管理帧的完整性,其中管理帧专用于管理业务, 其中所述第一多个键和所述PIK是不同的键。 可以描述和要求保护其他实施例。
-
66.发明申请METHOD AND APPARATUS FOR AUTONOMOUS PEER DISCOVERY AND ENHANCING LINK RELIABILITY FOR WIRELESS PEER DIRECT LINKS 有权自动对等发现的方法与设备,提高无线直连链路的链路可靠性公开(公告)号:US20110145421A1
公开(公告)日:2011-06-16
申请号:US12637987
申请日:2009-12-15
申请人: Zongming Yao , Kapil Sood
发明人: Zongming Yao , Kapil Sood
IPC分类号: G06F15/16
CPC分类号: H04W76/14
摘要: A system, method and device may include triggering a direct connection setup based on one or more communication parameters communicated with a mobile device via a fixed device. It may be determined whether the mobile device is a peer. The quality of service with the mobile device via the fixed device may be compared with quality of service of a mobile device via a direct link. A channel for the direct link may be selected and information may be sent to the mobile device over the direct link via the channel.
摘要翻译: 系统,方法和设备可以包括基于通过固定设备与移动设备通信的一个或多个通信参数触发直接连接建立。 可以确定移动设备是否是对等体。 通过固定设备与移动设备的服务质量可以通过直接链路与移动设备的服务质量进行比较。 可以选择用于直接链路的信道,并且可以经由信道通过直接链路将信息发送到移动设备。
-
公开(公告)号:US07961684B2
公开(公告)日:2011-06-14
申请号:US11777673
申请日:2007-07-13
申请人: Kapil Sood
发明人: Kapil Sood
CPC分类号: H04W12/06
摘要: Embodiments of apparatuses, articles, methods, and systems for fast transitioning resource negotiation in wireless networks are generally described herein. Other embodiments may be described and claimed.
摘要翻译: 这里通常描述用于在无线网络中快速转换资源协商的装置,物品,方法和系统的实施例。 可以描述和要求保护其他实施例。
-
68.发明授权Method for secure transfer of data to a wireless device for enabling multi-network roaming 有权用于将数据安全地传送到无线设备以实现多网络漫游的方法公开(公告)号:US07826427B2
公开(公告)日:2010-11-02
申请号:US11843189
申请日:2007-08-22
申请人: Kapil Sood , Vijay Sarathi Kesavan
发明人: Kapil Sood , Vijay Sarathi Kesavan
IPC分类号: H04W4/00
摘要: Disclosed is a method for secure transfer of data for enabling roaming of the wireless device between a plurality of wireless networks. The wireless device data from an authentication server via a first channel. The authentication server sends the request for the data to an information server using a second channel. The information server generates the data bases on parameters of the wireless device and provides the data to the wireless device through the authentication server. The secure transfer of data to the wireless device enables roaming of the wireless device in a plurality of wireless networks.
摘要翻译: 公开了一种用于在多个无线网络之间进行无线设备漫游的数据的安全传输的方法。 来自认证服务器的无线设备数据经由第一信道。 认证服务器使用第二个信道向数据服务器发送数据请求。 信息服务器生成关于无线设备的参数的数据库,并通过认证服务器向无线设备提供数据。 数据到无线设备的安全传输使得无线设备能够在多个无线网络中漫游。
-
公开(公告)号:US20100255869A1
公开(公告)日:2010-10-07
申请号:US12384522
申请日:2009-04-06
申请人: Kapil Sood
发明人: Kapil Sood
IPC分类号: H04B7/00
摘要: Various embodiments of the invention pertain to a communications process through which two wireless network devices in two different networks can establish a direct communications link with each other, so that communications between the two devices do not have to go through the respective network controllers. In some embodiments, after establishment of the direct link each of the two devices may continue to switch between its direct link and its infrastructure communications with the network controller.
摘要翻译: 本发明的各种实施例涉及两个不同网络中的两个无线网络设备可以彼此建立直接通信链路的通信过程,使得两个设备之间的通信不必经过相应的网络控制器。 在一些实施例中,在建立直接链路之后,两个设备中的每一个可以继续在其直接链路与其与网络控制器的基础设施通信之间进行切换。
-
70.发明申请Techniques for authenticated posture reporting and associated enforcement of network access 有权用于认证状态报告和网络访问相关实施的技术公开(公告)号:US20100107224A1
公开(公告)日:2010-04-29
申请号:US12655024
申请日:2009-12-22
申请人: David Durham , Ravi Sahita , Karanvir Grewal , Ned Smith , Kapil Sood
发明人: David Durham , Ravi Sahita , Karanvir Grewal , Ned Smith , Kapil Sood
IPC分类号: G06F17/00
CPC分类号: H04L63/10 , G06F2221/2141 , H04L9/3234 , H04L9/3247 , H04L9/3263 , H04L63/0209 , H04L63/08 , H04L63/20
摘要: Architectures and techniques that allow a firmware agent to operate as a tamper-resistant agent on a host platform that may be used as a trusted policy enforcement point (PEP) on the host platform to enforce policies even when the host operating system is compromised. The PEP may be used to open access control and/or remediation channels on the host platform. The firmware agent may also act as a local policy decision point (PDP) on the host platform in accordance with an authorized enterprise PDP entity by providing policies if a host trust agent is non-responsive and may function as a passive agent when the host trust agent is functional.
摘要翻译: 允许固件代理在主机平台上作为防篡改代理操作的体系结构和技术,可在主机平台上用作受信任的策略执行点(PEP),即使主机操作系统受到威胁也可执行策略。 PEP可用于在主机平台上打开访问控制和/或修复通道。 固件代理还可以根据授权的企业PDP实体在主机平台上作为本地策略决策点(PDP),通过在主机信任代理不响应时提供策略,并且当主机信任时可以用作被动代理 代理功能。
-
-
-
-
-
-
-
-
-
搜索结果
130 条记录 (耗时 0.029 秒)