Buffering packets destined for a mobile device while the mobile device moves from one network to another network to prevent handoff packet loss
    2.
    发明授权
    Buffering packets destined for a mobile device while the mobile device moves from one network to another network to prevent handoff packet loss 有权
    当移动设备从一个网络移动到另一个网络时,缓冲分组去往移动设备,以防止切换分组丢失

    公开(公告)号:US08065432B2

    公开(公告)日:2011-11-22

    申请号:US12573005

    申请日:2009-10-02

    IPC分类号: G06F13/00

    摘要: A method and system for preventing packet loss during handoff of a mobile host between access networks. In accordance with an aspect of the invention, a home agent on a network maintains a FIFO (First In-First Out) buffer for every mobile host that it serves. When a packet destined for a particular mobile host is received at the home agent, it is assigned an incremental sequence number, encapsulated as an IP packet, and forwarded to the mobile host with the sequence number as an identifier. The packet and sequence number are thereafter stored in the buffer for a period of time after the packet was forwarded to the mobile host. After hand-off to the arriving network is completed, the mobile host sends the sequence number of the last-received IP packet to the home agent and the new care-of IP address. Using this sequence number, the home agent then determines whether any incoming packets had been routed to the previous care-of IP address. These are retrieved from the buffer, and resent to the new care-of IP address.

    摘要翻译: 一种在接入网络之间防止移动主机切换期间的分组丢失的方法和系统。 根据本发明的一个方面,网络上的归属代理为其服务的每个移动主机维护FIFO(先进先出)缓冲器。 当在归属代理处接收到去往特定移动主机的分组时,向其分配增量序列号,封装为IP分组,并以序列号作为标识符转发给移动主机。 然后,在分组被转发到移动主机之后,分组和序列号被存储在缓冲器中一段时间​​。 在到达网络的切换完成后,移动主机将最后接收的IP分组的序列号发送到归属代理和新的转交IP地址。 使用该序列号,归属代理然后确定是否将任何传入的分组路由到之前转交的IP地址。 这些从缓冲区检索,并重新发送到新的转交IP地址。

    System and method to support networking functions for mobile hosts that access multiple networks
    3.
    发明授权
    System and method to support networking functions for mobile hosts that access multiple networks 失效
    支持访问多个网络的移动主机的网络功能的系统和方法

    公开(公告)号:US07929528B2

    公开(公告)日:2011-04-19

    申请号:US12242771

    申请日:2008-09-30

    IPC分类号: H04L12/28 H04W4/00

    摘要: An IP-based corporate network architecture and method for providing seamless secure mobile networking across office WLAN, home WLAN, public WLAN, and 2.5 G/3 G cellular networks for corporate wireless data users. The system includes Internet roaming clients (IRCs), a secure mobility gateway (SMG), optional secure IP access (SIA) gateways, and a virtual single account (VSA) server. The IRC is a special client tool installed on a mobile computer (laptop or PDA) equipped with a WLAN adaptor and a cellular modem. It is responsible for establishing and maintaining a mobile IPsec tunnel between the mobile computer and a corporate intranet. The SMG is a mobile IPsec gateway installed between the corporate intranet and the Internet. It works in conjunction with the IRC to maintain the mobile IPsec tunnel when the mobile computer is connected on the Internet via a home WLAN, a public WLAN, or a cellular network. The SIA gateway is a special IPsec gateway installed in the middle of the wired corporate intranet and an office WLAN. It works with the IRC to ensure data security and efficient use of corporate IP addresses when the mobile computer is connected to the office WLAN. The VSA server manages authentication credentials for every corporate user based on a virtual single account concept. The Internet Roaming system can provide secure, always-on office network connectivity for corporate users no matter where they are located using best available wireless networks.

    摘要翻译: 一种基于IP的企业网络架构和方法,用于为企业无线数据用户提供跨办公室WLAN,家庭WLAN,公共WLAN和2.5 G / 3G蜂窝网络的无缝安全移动网络。 该系统包括互联网漫游客户端(IRC),安全移动网关(SMG),可选的安全IP接入(SIA)网关和虚拟单一帐户(VSA)服务器。 IRC是安装在配有WLAN适配器和蜂窝调制解调器的移动计算机(笔记本电脑或PDA)上的特殊客户端工具。 它负责在移动计算机和公司内部网之间建立和维护移动IPsec隧道。 SMG是安装在企业内部网和互联网之间的移动IPsec网关。 它与IRC一起工作,以便在移动计算机通过家庭WLAN,公共WLAN或蜂窝网络在因特网上连接时维护移动IPsec隧道。 SIA网关是安装在有线企业内部网和办公室WLAN中间的专用IPsec网关。 它与IRC一起工作,以确保在移动计算机连接到办公室WLAN时数据安全并有效利用公司IP地址。 VSA服务器根据虚拟单一帐户概念管理每个公司用户的身份验证凭据。 互联网漫游系统可以为企业用户提供安全,永远在线的办公网络连接,无论他们所在的地方使用最佳可用无线网络。

    Layer-2 IP networking method and apparatus for mobile hosts
    4.
    发明授权
    Layer-2 IP networking method and apparatus for mobile hosts 有权
    移动主机的二层IP组网方法和设备

    公开(公告)号:US07768980B1

    公开(公告)日:2010-08-03

    申请号:US11403767

    申请日:2006-04-13

    IPC分类号: H04L12/66 H04Q7/24 G06F15/173

    摘要: A method and apparatus to enable IP networking for mobile hosts without requiring changes to be made to the TCP/IP stack in the operating system installed on the mobile hosts. The apparatus is an “intelligent device” that can be installed on or connected to a mobile host, and may comprise a software-only logical module, physical hardware, or a combination of both. To a mobile host, the intelligent device emulates a network interface such as an Ethernet card or a telephone modem. The intelligent device appears to an access network just like any regular IP host connected to the access network through a physical network interface device. The intelligent device handles all mobile networking functions for the mobile host, and may control multiple different physical network interface devices to enable a connection to the “best” access network available to the mobile user at his location.

    摘要翻译: 一种用于为移动主机启用IP网络的方法和装置,而不需要对安装在移动主机上的操作系统中的TCP / IP栈进行更改。 该装置是可以安装在移动主机上或连接到移动主机的“智能设备”,并且可以包括仅软件逻辑模块,物理硬件或两者的组合。 对于移动主机,智能设备模拟诸如以太网卡或电话调制解调器之类的网络接口。 就像通过物理网络接口设备连接到接入网的任何常规IP主机一样,智能设备就像接入网络一样出现。 智能设备处理移动主机的所有移动网络功能,并且可以控制多个不同的物理网络接口设备,以便连接到他所在位置的移动用户可用的“最佳”接入网络。

    Mobile device having network interface selection
    5.
    发明授权
    Mobile device having network interface selection 失效
    具有网络接口选择的移动设备

    公开(公告)号:US07180876B1

    公开(公告)日:2007-02-20

    申请号:US10145973

    申请日:2002-05-14

    IPC分类号: H04Q7/20

    CPC分类号: H04W48/18 H04W88/06

    摘要: An access interface module includes a first network interface module for interfacing with a first access network and a second network interface module for interfacing with a second access network of a type that is different from the first network. The access module can further include a processor coupled to the first and second network interface modules and a device interface module coupled to the processor for interfacing with a host device.

    摘要翻译: 访问接口模块包括用于与第一接入网络接口的第一网络接口模块和用于与不同于第一网络的类型的第二接入网络进行接口的第二网络接口模块。 访问模块还可以包括耦合到第一和第二网络接口模块的处理器和耦合到处理器的与主机设备接口的设备接口模块。

    Network access device having internetworking driver with active control
    6.
    发明授权
    Network access device having internetworking driver with active control 有权
    网络访问设备具有主动控制的网络驱动

    公开(公告)号:US07028104B1

    公开(公告)日:2006-04-11

    申请号:US10138099

    申请日:2002-05-02

    IPC分类号: G06F15/16 G06F15/177

    摘要: A network interface driver embodied in a processor readable medium comprising executable program instructions that, when executed by a processor, independently process internetworking protocols for a host computer (or other network access device) with another computer on a remote network. The driver appears to the operating system as a regular network interface driver, but it can support enhanced kernel-level internetworking protocols by using a state machine to generate, drop, and change incoming and outgoing IP packets in a manner transparent to the operating system.

    摘要翻译: 一种包含在处理器可读介质中的网络接口驱动器,包括可执行程序指令,所述可执行程序指令在由处理器执行时,独立地处理与远程网络上的另一计算机的主计算机(或其他网络访问设备)的互联协议。 驱动程序作为常规网络接口驱动程序出现在操作系统中,但它可以通过使用状态机以对操作系统透明的方式生成,删除和更改传入和传出IP数据包来支持增强的内核级互联协议协议。

    Fast authentication and access control system for mobile networking
    7.
    发明授权
    Fast authentication and access control system for mobile networking 有权
    用于移动网络的快速认证和访问控制系统

    公开(公告)号:US06856800B1

    公开(公告)日:2005-02-15

    申请号:US10145301

    申请日:2002-05-14

    摘要: A fast authentication and access control method of authenticating a network access device to a communications network having an access point communicating with a remote authentication (home AAA) server for the network access device. The method includes the step of receiving an access request having an authentication credential from the network access device at the access point. The authentication credential includes a security certificate having a public key for the network access device and an expiration time. The security certificate is signed with a private key for the remote authentication server. The access point locally validates the authentication credential by accessing the public key of the remote authentication server from a local database, and checking the signature and expiration time of the security certificate. If the authentication credential is validated at the access point, the access point grants the network access device conditional access to the network by sending an access granted message to the network access device. The access granted message includes a session key encrypted with a public key for the network access device. The session key is stored in a database associated with the access point. The access point contacts the remote authentication server to check a revocation status of the security certificate for the network access device. If the access point receives a message from the remote authentication server that the authentication credential for the network access device has been revoked, it suspends network access for the network access device.

    摘要翻译: 一种用于向具有与用于网络接入设备的远程认证(家庭AAA)服务器通信的接入点的通信网络)认证网络接入设备的快速认证和接入控制方法。 该方法包括在接入点从网络接入设备接收具有认证凭证的接入请求的步骤。 认证凭证包括具有用于网络访问设备的公钥的安全证书和到期时间。 安全证书使用远程认证服务器的私钥进行签名。 访问点通过从本地数据库访问远程认证服务器的公钥,并检查安全证书的签名和到期时间来本地验证认证凭证。 如果验证凭证在接入点被验证,则接入点通过向网络接入设备发送访问许可消息来授权网络访问设备对网络的条件访问。 访问许可消息包括用网络访问设备的公开密钥加密的会话密钥。 会话密钥存储在与接入点相关联的数据库中。 接入点与远程认证服务器联系,检查网络接入设备的安全证书的撤销状态。 如果接入点从远程认证服务器接收到网络接入设备的认证凭证已经被撤销的消息,则它挂起网络接入设备的网络接入。

    Method and apparatus for providing communication over a white space channel without causing interference
    8.
    发明授权
    Method and apparatus for providing communication over a white space channel without causing interference 有权
    用于在白空间信道上提供通信而不引起干扰的方法和装置

    公开(公告)号:US08625553B2

    公开(公告)日:2014-01-07

    申请号:US12620120

    申请日:2009-11-17

    申请人: Paul Shala Henry

    发明人: Paul Shala Henry

    IPC分类号: H04Q7/24

    摘要: A method and an apparatus for providing communication over a white space channel without causing interference are disclosed. The method generates a first request to identify at least one available white space channel, and applies a spreading sequence to the first request to generate a second request. The method applies a modulation to the second request to generate a third request in the time domain, and transmits the third request via a wireless communication to at least one other user. Alternatively, the method receives a request wirelessly, wherein the request comprises a request for availability of at least one white space channel, and applies a demodulation on the request to generate a demodulated request. The method applies a spreading sequence on the demodulated request to generate a de-spread request, and processes the de-spread request by determining availability of at least one white space channel.

    摘要翻译: 公开了一种用于在白空间信道上提供通信而不引起干扰的方法和装置。 该方法产生用于识别至少一个可用空白信道的第一请求,并且向第一请求应用扩展序列以生成第二请求。 该方法对第二请求应用调制以在时域中生成第三请求,并且经由无线通信将第三请求发送到至少一个其他用户。 或者,所述方法无线地接收请求,其中所述请求包括对至少一个空白信道的可用性的请求,并对所述请求应用解调以生成解调请求。 该方法对解调的请求应用扩展序列以产生解扩请求,并且通过确定至少一个空白信道的可用性来处理去扩展请求。

    Secure IP access protocol framework and supporting network architecture
    9.
    发明授权
    Secure IP access protocol framework and supporting network architecture 有权
    安全的IP接入协议框架和支持网络架构

    公开(公告)号:US08046577B2

    公开(公告)日:2011-10-25

    申请号:US10317694

    申请日:2002-12-12

    IPC分类号: H04L29/06

    摘要: A protocol framework for a Secure IP Access (SIA) method, and supporting components deployed on IP hosts and IP networks. Using this method, an IP host can establish a secure data channel within an IP network over an insecure shared link while requesting IP address and networking configuration parameters from the IP network. A system administrator can implement strong access control against various attacks that an edge IP network may have to face, such as a denial-of-service attack that exhausts assignable IP addresses. This is a lightweight, scalable, and backward-compatible solution that can improve security performance for public and corporate LANs having open access such as wireless access points and Ethernet jacks.

    摘要翻译: 用于安全IP接入(SIA)方法的协议框架,以及部署在IP主机和IP网络上的支持组件。 使用这种方法,IP主机可以通过不安全的共享链路在IP网络内建立安全数据通道,同时从IP网络请求IP地址和网络配置参数。 系统管理员可以对边缘IP网络可能必须面对的各种攻击实施强大的访问控制,例如耗尽可分配IP地址的拒绝服务攻击。 这是一个轻量级的,可扩展的和向后兼容的解决方案,可以提高具有开放访问权限的公共和公司LAN(如无线接入点和以太网插孔)的安全性能。

    Method and System for Providing Broadband Access to a Data Network Via Gas Pipes
    10.
    发明申请
    Method and System for Providing Broadband Access to a Data Network Via Gas Pipes 有权
    通过气体管道为数据网络提供宽带接入的方法和系统

    公开(公告)号:US20110188590A1

    公开(公告)日:2011-08-04

    申请号:US13020975

    申请日:2011-02-04

    申请人: Paul Shala Henry

    发明人: Paul Shala Henry

    IPC分类号: H04L27/28

    CPC分类号: H04L27/2601

    摘要: A method and system for providing broadband access to a data network via gas pipes is disclosed. Embodiments of the present invention utilize Orthogonal Frequency-Division Multiplexing (OFDM) or Frequency-Division Multiplexing (FDM) as a modulation technique in order to protect against the effects of dispersion in the gas pipes. An OFDM transceiver modulates a digital data stream into an OFDM signal, RF up-converts the OFDM signal, and transmits the RF up-converted OFDM modulated signal through a gas pipe.

    摘要翻译: 公开了一种通过气体管道向数据网络提供宽带接入的方法和系统。 本发明的实施例利用正交频分复用(OFDM)或频分复用(FDM)作为调制技术,以防止气体管道中的分散影响。 OFDM收发器将数字数据流调制成OFDM信号,RF上变频OFDM信号,并通过气体管道发送RF上变频的OFDM调制信号。