公开(公告)号：US20060059334A1

公开(公告)日：2006-03-16

申请号：US11223201

申请日：2005-09-12

申请人： Jeanne De Jaegher ,  Erwin Six ,  Michael Beck ,  Dimitri Papadimitriou

发明人： Jeanne De Jaegher ,  Erwin Six ,  Michael Beck ,  Dimitri Papadimitriou

IPC分类号： H04L9/00

CPC分类号： H04L12/2898 ,  H04L63/08 ,  H04L63/0876

摘要： A method to grant a supplicant access to a data communication network and related devices is claimed. A first supplicant is associated to a Medium Access Control address and is coupled to a first port of an authenticator of the data communication network. The method comprises: a step of transmitting an authentication request by the authenticator to an authentication server being coupled thereto; and a step of making by the authentication server an authentication decision based upon predefined rules and conditions; and a step of transmitting by the authentication server the authenticator an authentication reply that comprises a result of the authentication decision. The method further comprises a step of developing by the authentication server a first registration memory that comprises entries whereby an entry comprises an association between a Medium Access Control Address of a granted supplicant and a granted password, the granted supplicant received previously a grant to the data communication network. The predefined rules and conditions comprises a first controlling step of the first registration memory upon a presence of a previous entry that comprises a first association between the first Medium Access Control Address of the first supplicant and a first password for the supplicant. In the event when the first controlling step is positive the method further comprises generating a result that comprises an authentication for the first Medium Access Control address the first password and thereby granting the first supplicant to access the data communication network via the first port of the authenticator.

摘要翻译： 声称授权对数据通信网络和相关设备的请求者访问的方法。 第一请求者与媒体访问控制地址相关联，并且耦合到数据通信网络的认证器的第一端口。 该方法包括：将认证器发送认证请求到与之耦合的认证服务器的步骤; 以及由认证服务器基于预定义的规则和条件进行认证决定的步骤; 以及认证服务器向认证者发送包含认证决定结果的认证应答的步骤。 该方法还包括由认证服务器开发第一注册存储器的步骤，该第一注册存储器包括条目，其中条目包括被授权的请求者的媒体访问控制地址与授权密码之间的关联，所授予的请求者先前接收到对数据的许可 通讯网络 预定义的规则和条件包括在存在先前条目时第一注册存储器的第一控制步骤，其包括第一请求者的第一媒体访问控制地址和请求者的第一密码之间的第一关联。 在第一控制步骤为肯定的情况下，所述方法还包括生成包括对所述第一媒体访问控制地址的第一密码的认证的结果，从而授予所述第一请求者经由所述认证者的所述第一端口访问所述数据通信网络 。

公开(公告)号：US20050063384A1

公开(公告)日：2005-03-24

申请号：US10944944

申请日：2004-09-21

申请人： Jeanne De Jaegher ,  Razvan Manisor ,  Erwin Six

发明人： Jeanne De Jaegher ,  Razvan Manisor ,  Erwin Six

IPC分类号： H04L12/24 ,  H04L12/46 ,  H04L29/06 ,  H04L29/12 ,  H04L12/56

CPC分类号： H04L41/082 ,  H04L12/4625 ,  H04L12/4641 ,  H04L29/12018 ,  H04L41/00 ,  H04L45/742 ,  H04L61/10 ,  H04L63/02 ,  H04L63/0272 ,  H04L63/101

摘要： A method for control of communications from an edge device (ED1) of an access network (AN), via the provisioning or the non-provisioning of at least one layer 2 destination address (MAC2) of at least one other edge device (ED2) of said access network (AN) to said edge device (ED1) by a network management module (NMM) of said access network (AN), is characterised by the fact that said at least one layer 2 destination address (MAC2) is delivered to said edge device (ED1) on request of said edge device (ED1). In a preferred embodiment said edge device (ED1) checks, upon arrival of a packet including at least one layer 2 destination address, whether said at least one layer 2 destination address is stored within a communications restriction filter (CRF) of said edge device (ED1) and generates said request including said at least one layer 2 destination address in case said at least one layer 2 destination address is not stored within said communication restriction filter (CRF).

摘要翻译： 一种用于通过至少一个其他边缘设备（ED2）的至少一个第二层目的地地址（MAC2）的供应或非提供来控制来自接入网络（AN）的边缘设备（ED1）的通信的方法， 由所述接入网络（AN）的网络管理模块（NMM）向所述边缘设备（ED1）发送的所述接入网络（AN）的特征在于，所述至少一个层2目的地址（MAC2）被传送到 所述边缘设备（ED1）根据所述边缘设备（ED1）的请求。 在优选实施例中，所述边缘设备（ED1）在到达包括至少一个层2目的地地址的分组时检查所述至少一个层2目的地址是否存储在所述边缘设备的通信限制过滤器（CRF）内 ED1），并且在所述至少一个层2目的地址未被存储在所述通信限制过滤器（CRF）内的情况下，生成包括所述至少一个层2目的地地址的所述请求。

公开(公告)号：US20060120364A1

公开(公告)日：2006-06-08

申请号：US11291964

申请日：2005-12-02

申请人： Michael Beck ,  Francois Fredericx ,  Jeanne De Jaegher

发明人： Michael Beck ,  Francois Fredericx ,  Jeanne De Jaegher

IPC分类号： H04L12/56 ,  H04L12/28

CPC分类号： H04L12/4658 ,  H04L45/306

摘要： Methods for transmitting information from sources (7) via first network units (1) and networks (8) and second network units (2) to destinations (9) and using service identifiers such as service virtual local area network identifiers for routing the information through the networks (8) get a reduced complexity by making the service identifiers dependent on destination properties such as destination addresses and by making the service identifiers independent from source properties such as source addresses or customer identifiers. Network units (1,2) comprising customer parts (5) with customer access ports (10) and customer interface ports (11-13) and comprising service parts (6) with service interface ports (21-23) coupled to the customer interface ports (11-13) and service network ports (20) coupled to the service interface ports (21-23) and comprising taggers (62) are provided with detectors (52) for detecting destination properties in the information and selectors (53) for selecting the service identifiers in response to detections of the destination properties.

摘要翻译： 从源（7）经由第一网络单元（1）和网络（8）和第二网络单元（2）向目的地（9）发送信息的方法，并且使用诸如服务虚拟局域网标识符的服务标识符来路由信息通过 网络（8）通过使服务标识符取决于诸如目的地地址的目的地属性并且使服务标识符独立于诸如源地址或客户标识符的源属性而获得降低的复杂性。 网络单元（1,2）包括具有客户访问端口（10）和客户接口端口（11-13）的客户部件（5），并且包括具有耦合到客户接口的服务接口端口（21-23）的服务部件（6） 端口（11-13）和耦合到服务接口端口（21-23）并且包括标签器（62）的服务网络端口（20）设置有用于检测信息中的目的地属性的检测器（52）和用于 响应于目的地属性的检测来选择服务标识符。