公开(公告)号：US08555056B2

公开(公告)日：2013-10-08

申请号：US13012432

申请日：2011-01-24

Applicant: Michael R. Smith ,  Padmanabha Nallur ,  Wilson Kok ,  Michael Fine

Inventor： Michael R. Smith ,  Padmanabha Nallur ,  Wilson Kok ,  Michael Fine

IPC: H04L29/06 ,  G06F9/00 ,  G06F15/16 ,  G06F17/00 ,  G06F11/00 ,  G06F12/14 ,  G06F12/16 ,  G08B23/00

CPC classification number: H04L63/20

Abstract: A method and system for including security information with a packet is disclosed. A packet is detected as it exits a first network and enters a second network. The first network is configured to support a network security technique, and the second network is not configured to support the network security technique. Network security information associated with the network security technique is included with the packet. A network device is configured to include network security information in overhead of a packet. A method for identifying a first network device in a network is also disclosed. Identification information of the first network is communicated to a second network device.

Abstract translation: 公开了一种包含安全信息与分组的方法和系统。 当数据包离开第一个网络并进入第二个网络时被检测到。 第一个网络被配置为支持网络安全技术，而第二个网络没有被配置为支持网络安全技术。 与网络安全技术相关联的网络安全信息包括在包中。 网络设备被配置为在分组的开销中包括网络安全信息。 还公开了一种用于识别网络中的第一网络设备的方法。 第一网络的识别信息被传送到第二网络设备。

公开(公告)号：US20060112426A1

公开(公告)日：2006-05-25

申请号：US10999343

申请日：2004-11-30

Applicant: Michael Smith ,  Padmanabha Nallur ,  Wilson Kok ,  Michael Fine

Inventor： Michael Smith ,  Padmanabha Nallur ,  Wilson Kok ,  Michael Fine

IPC: G06F15/16 ,  G06F17/00 ,  G06F9/00

CPC classification number: H04L63/20

Abstract: A method and system for including security information with a packet is disclosed. A packet is detected as it exits a first network and enters a second network. The first network is configured to support a network security technique, and the second network is not configured to support the network security technique. Network security information associated with the network security technique is included with the packet. A network device is configured to include network security information in overhead of a packet. A method for identifying a first network device in a network is also disclosed. Identification information of the first network is communicated to a second network device.

公开(公告)号：US20110119752A1

公开(公告)日：2011-05-19

申请号：US13012432

申请日：2011-01-24

Applicant: Michael R. Smith ,  Padmanabha Nallur ,  Wilson Kok ,  Michael Fine

Inventor： Michael R. Smith ,  Padmanabha Nallur ,  Wilson Kok ,  Michael Fine

IPC: G06F21/20

CPC classification number: H04L63/20

Abstract: A method and system for including security information with a packet is disclosed. A packet is detected as it exits a first network and enters a second network. The first network is configured to support a network security technique, and the second network is not configured to support the network security technique. Network security information associated with the network security technique is included with the packet. A network device is configured to include network security information in overhead of a packet. A method for identifying a first network device in a network is also disclosed. Identification information of the first network is communicated to a second network device.

Abstract translation: 公开了一种包含安全信息与分组的方法和系统。 当数据包离开第一个网络并进入第二个网络时被检测到。 第一个网络被配置为支持网络安全技术，而第二个网络没有被配置为支持网络安全技术。 与网络安全技术相关联的网络安全信息包括在包中。 网络设备被配置为在分组的开销中包括网络安全信息。 还公开了一种用于识别网络中的第一网络设备的方法。 第一网络的识别信息被传送到第二网络设备。

公开(公告)号：US07877601B2

公开(公告)日：2011-01-25

申请号：US10999343

申请日：2004-11-30

Applicant: Michael R. Smith ,  Padmanabha Nallur ,  Wilson Kok ,  Michael Fine

Inventor： Michael R. Smith ,  Padmanabha Nallur ,  Wilson Kok ,  Michael Fine

IPC: H04L29/06 ,  G06F9/00 ,  G06F15/16 ,  G06F17/00 ,  G06F11/00 ,  G06F12/14 ,  G06F12/16 ,  G08B23/00

CPC classification number: H04L63/20

Abstract: A method and system for including security information with a packet is disclosed. A packet is detected as it exits a first network and enters a second network. The first network is configured to support a network security technique, and the second network is not configured to support the network security technique. Network security information associated with the network security technique is included with the packet. A network device is configured to include network security information in overhead of a packet. A method for identifying a first network device in a network is also disclosed. Identification information of the first network is communicated to a second network device.

Abstract translation: 公开了一种包含安全信息与分组的方法和系统。 当数据包离开第一个网络并进入第二个网络时被检测到。 第一个网络被配置为支持网络安全技术，而第二个网络没有被配置为支持网络安全技术。 与网络安全技术相关联的网络安全信息包括在包中。 网络设备被配置为在分组的开销中包括网络安全信息。 还公开了一种用于识别网络中的第一网络设备的方法。 第一网络的识别信息被传送到第二网络设备。

公开(公告)号：US20060200670A1

公开(公告)日：2006-09-07

申请号：US11069857

申请日：2005-03-01

Applicant: Irene Kuffel ,  Wilson Kok ,  Michael Fine ,  Fabio Maino ,  Jed Lau

Inventor： Irene Kuffel ,  Wilson Kok ,  Michael Fine ,  Fabio Maino ,  Jed Lau

IPC: H04L9/00

CPC classification number: H04L9/321 ,  H04L9/3247 ,  H04L9/3263 ,  H04L9/3271 ,  H04L63/08 ,  H04L2209/76

Abstract: Various systems and method are disclosed for disseminating security server contact information in a network. For example, one method (e.g., performed by a security server) involves determining that a network device is a secure network device, in response to participating in a security exchange with the network device; and then sending a server list to the network device. The server list includes the network address of at least one security server. Another method (e.g., performed by a network device) involves initiating an authentication exchange; receiving a server list, which includes the network address of a security server, as part of the authentication exchange; and communicating with the security server by sending a packet to the network address included in the server list.

Abstract translation: 公开了用于在网络中传播安全服务器联系信息的各种系统和方法。 例如，响应于参与与网络设备的安全交换，一种方法（例如由安全服务器执行）涉及确定网络设备是安全网络设备; 然后将服务器列表发送到网络设备。 服务器列表包括至少一个安全服务器的网络地址。 另一种方法（例如，由网络设备执行）涉及启动认证交换; 作为认证交换的一部分，接收包括安全服务器的网络地址的服务器列表; 并通过向包括在服务器列表中的网络地址发送分组来与安全服务器通信。

公开(公告)号：US20060036856A1

公开(公告)日：2006-02-16

申请号：US10915083

申请日：2004-08-10

Applicant: Wilson Kok

Inventor： Wilson Kok

IPC: H04L9/00

CPC classification number: H04L63/0869 ,  H04L63/0823 ,  H04W12/06

Abstract: Various methods and systems for dynamically determining the role of a network device in a link authentication protocol exchange are disclosed. In one embodiment, such a method involves monitoring several (e.g., two) link authentication protocol exchanges. These link authentication protocol exchanges can be initiated at substantially the same time. A first network device acts as an authenticator in a first one of the link authentication protocol exchanges and a supplicant in a second one of the link authentication protocol exchanges. One of the link authentication protocol exchanges is terminated prior to completion.

Abstract translation: 公开了用于在链路认证协议交换中动态地确定网络设备的角色的各种方法和系统。 在一个实施例中，这种方法涉及监视多个（例如，两个）链路认证协议交换。 这些链路认证协议交换可以在几乎相同的时间开始。 第一网络设备充当链路认证协议交换中的第一个中的认证者，以及第二个链路认证协议交换中的请求者。 链路认证协议交换之一在完成之前终止。

公开(公告)号：US08081568B2

公开(公告)日：2011-12-20

申请号：US12035502

申请日：2008-02-22

Applicant: Padmanabha Nallur ,  Wilson Kok ,  Rajesh Bhandari

Inventor： Padmanabha Nallur ,  Wilson Kok ,  Rajesh Bhandari

IPC: G01R31/08

CPC classification number: H04L63/162 ,  H04L9/321 ,  H04L9/3271 ,  H04L63/08 ,  H04L63/0892 ,  H04L2209/043 ,  H04L2209/80

Abstract: Techniques for selecting authentication roles when establishing a link between devices in a secure network are provided. By assigning role levels to devices, devices may be more likely to assume a preferred role when establishing a link. For example, during a negotiation process, each device may establish a timer value based on their role level. Each device may initiate a timer with the timer value and, the device whose timer value expires first may assume a role as authenticator.

Abstract translation: 提供了在建立安全网络中的设备之间的链路时选择认证角色的技术。 通过将角色级别分配给设备，当建立链接时，设备可能更有可能承担首选角色。 例如，在协商过程中，每个设备可以基于其角色级别建立定时器值。 每个设备可以启动具有定时器值的定时器，并且其定时器值首先到期的设备可以担当认证器的角色。

公开(公告)号：US07886145B2

公开(公告)日：2011-02-08

申请号：US10996102

申请日：2004-11-23

Applicant: Michael R. Smith ,  Padmanabha Nallur ,  Wilson Kok ,  Michael Fine

Inventor： Michael R. Smith ,  Padmanabha Nallur ,  Wilson Kok ,  Michael Fine

IPC: H04L29/06 ,  G06F9/00 ,  G06F15/16 ,  G06F17/00 ,  G06F11/00 ,  G06F12/14 ,  G06F12/16 ,  G08B23/00

CPC classification number: H04L63/20

Abstract: A method and system for including security information with a packet is disclosed. A packet is detected as it exits a first network and enters a second network. The first network is configured to support a network security technique, and the second network is not configured to support the network security technique. Network security information associated with the network security technique is included with the packet. A network device is configured to include network security information in overhead of a packet. A method for identifying a first network device in a network is also disclosed. Identification information of the first network is communicated to a second network device.

公开(公告)号：US08037514B2

公开(公告)日：2011-10-11

申请号：US11069857

申请日：2005-03-01

Applicant: Irene H. Kuffel ,  Wilson Kok ,  Michael Fine ,  Fabio R. Maino ,  Jed Lin Lau

Inventor： Irene H. Kuffel ,  Wilson Kok ,  Michael Fine ,  Fabio R. Maino ,  Jed Lin Lau

IPC: G06F15/16 ,  H04L29/06 ,  H04L9/32

CPC classification number: H04L9/321 ,  H04L9/3247 ,  H04L9/3263 ,  H04L9/3271 ,  H04L63/08 ,  H04L2209/76

Abstract: Various systems and method are disclosed for disseminating security server contact information in a network. For example, one method (e.g., performed by a security server) involves determining that a network device is a secure network device, in response to participating in a security exchange with the network device; and then sending a server list to the network device. The server list includes the network address of at least one security server. Another method (e.g., performed by a network device) involves initiating an authentication exchange; receiving a server list, which includes the network address of a security server, as part of the authentication exchange; and communicating with the security server by sending a packet to the network address included in the server list.

Abstract translation: 公开了用于在网络中传播安全服务器联系信息的各种系统和方法。 例如，响应于参与与网络设备的安全交换，一种方法（例如由安全服务器执行）涉及确定网络设备是安全网络设备; 然后将服务器列表发送到网络设备。 服务器列表包括至少一个安全服务器的网络地址。 另一种方法（例如，由网络设备执行）涉及启动认证交换; 作为认证交换的一部分，接收包括安全服务器的网络地址的服务器列表; 并通过向包括在服务器列表中的网络地址发送分组来与安全服务器通信。

公开(公告)号：US07657744B2

公开(公告)日：2010-02-02

申请号：US10915083

申请日：2004-08-10

Applicant: Wilson Kok

Inventor： Wilson Kok

IPC: H04L9/00

CPC classification number: H04L63/0869 ,  H04L63/0823 ,  H04W12/06

Abstract: Various methods and systems for dynamically determining the role of a network device in a link authentication protocol exchange are disclosed. In one embodiment, such a method involves monitoring several (e.g., two) link authentication protocol exchanges. These link authentication protocol exchanges can be initiated at substantially the same time. A first network device acts as an authenticator in a first one of the link authentication protocol exchanges and a supplicant in a second one of the link authentication protocol exchanges. One of the link authentication protocol exchanges is terminated prior to completion.

Abstract translation: 公开了用于在链路认证协议交换中动态地确定网络设备的角色的各种方法和系统。 在一个实施例中，这种方法涉及监视多个（例如，两个）链路认证协议交换。 这些链路认证协议交换可以在几乎相同的时间开始。 第一网络设备充当链路认证协议交换中的第一个中的认证者，以及第二个链路认证协议交换中的请求者。 链路认证协议交换之一在完成之前终止。