-
公开(公告)号:US07706345B2
公开(公告)日:2010-04-27
申请号:US12493610
申请日:2009-06-29
CPC分类号: H04W12/06 , G06Q20/3674 , H04L9/0836 , H04L9/0891 , H04L63/06 , H04L63/08 , H04L2209/80 , H04L2463/061 , H04W12/04 , H04W84/12 , Y10S707/99945 , Y10S707/99948
摘要: A Wireless LAN Context Control Protocol (WLCCP) is used to establish and manage a wireless network topology and securely manages the “operational context” for mobile stations in a campus network. The WLCCP registration protocol can automatically create and delete links in the network, securely distribute operational context, and reliably establish Layer 2 forwarding paths on wireless links. A single infrastructure node is established as the central control point for each subnet, and enables APs and MNs to select the parent node that provides the “least-cost path” to a backbone LAN. Context messages provide a general-purpose transport for context and management information. WLCCP “Trace” messages facilitate network diagnostic tools. Ethernet or UDP/IP encapsulation can be used for WLCCP messages. Ethernet encapsulation is employed for intra-subnet (e.g. AP-to-AP or AP-to-SCM) WLCCP messages. IP encapsulation is used for inter-subnet WLCCP messages and may also be used for intra-subnet WLCCP messages.
摘要翻译: 无线LAN上下文控制协议(WLCCP)用于建立和管理无线网络拓扑,并安全管理校园网中移动台的“运行环境”。 WLCCP注册协议可以自动创建和删除网络中的链路,安全地分发运行环境,并可靠地建立无线链路上的二层转发路径。 建立单个基础架构节点作为每个子网的中央控制点,并使AP和MN能够选择向骨干局域网提供“最低成本路径”的父节点。 上下文消息为上下文和管理信息提供通用传输。 WLCCP“跟踪”消息便于网络诊断工具。 以太网或UDP / IP封装可用于WLCCP消息。 以太网封装被用于子网内(例如AP到AP或AP到SCM)WLCCP消息。 IP封装用于子网间WLCCP消息,也可用于子网内WLCCP消息。
-
公开(公告)号:US20090262718A1
公开(公告)日:2009-10-22
申请号:US12493610
申请日:2009-06-29
IPC分类号: H04W72/04
CPC分类号: H04W12/06 , G06Q20/3674 , H04L9/0836 , H04L9/0891 , H04L63/06 , H04L63/08 , H04L2209/80 , H04L2463/061 , H04W12/04 , H04W84/12 , Y10S707/99945 , Y10S707/99948
摘要: A Wireless LAN Context Control Protocol (WLCCP) is used to establish and manage a wireless network topology and securely manages the “operational context” for mobile stations in a campus network. The WLCCP registration protocol can automatically create and delete links in the network, securely distribute operational context, and reliably establish Layer 2 forwarding paths on wireless links. A single infrastructure node is established as the central control point for each subnet, and enables APs and MNs to select the parent node that provides the “least-cost path” to a backbone LAN. Context messages provide a general-purpose transport for context and management information. WLCCP “Trace” messages facilitate network diagnostic tools. Ethernet or UDP/IP encapsulation can be used for WLCCP messages. Ethernet encapsulation is employed for intra-subnet (e.g. AP-to-AP or AP-to-SCM) WLCCP messages. IP encapsulation is used for inter-subnet WLCCP messages and may also be used for intra-subnet WLCCP messages.
摘要翻译: 无线LAN上下文控制协议(WLCCP)用于建立和管理无线网络拓扑,并安全管理校园网中移动台的“运行环境”。 WLCCP注册协议可以自动创建和删除网络中的链路,安全地分发运行环境,并可靠地建立无线链路上的二层转发路径。 建立单个基础架构节点作为每个子网的中央控制点,并使AP和MN能够选择向骨干局域网提供“最低成本路径”的父节点。 上下文消息为上下文和管理信息提供通用传输。 WLCCP“跟踪”消息便于网络诊断工具。 以太网或UDP / IP封装可用于WLCCP消息。 以太网封装被用于子网内(例如AP到AP或AP到SCM)WLCCP消息。 IP封装用于子网间WLCCP消息,也可用于子网内WLCCP消息。
-
公开(公告)号:US07561549B2
公开(公告)日:2009-07-14
申请号:US11121633
申请日:2005-05-04
IPC分类号: H04Q7/00 , H04Q7/24 , G06F7/00 , G06F15/177
CPC分类号: H04W12/06 , G06Q20/3674 , H04L9/0836 , H04L9/0891 , H04L63/06 , H04L63/08 , H04L2209/80 , H04L2463/061 , H04W12/04 , H04W84/12 , Y10S707/99945 , Y10S707/99948
摘要: A Wireless LAN Context Control Protocol (WLCCP) is used to establish and manage a wireless network topology and securely manages the “operational context” for mobile stations in a campus network. The WLCCP registration protocol can automatically create and delete links in the network, securely distribute operational context, and reliably establish Layer 2 forwarding paths on wireless links. A single infrastructure node is established as the central control point for each subnet, and enables APs and MNs to select the parent node that provides the “least-cost path” to a backbone LAN. Context messages provide a general-purpose transport for context and management information. WLCCP “Trace” messages facilitate network diagnostic tools. Ethernet or UDP/IP encapsulation can be used for WLCCP messages. Ethernet encapsulation is employed for intra-subnet (e.g. AP-to-AP or AP-to-SCM) WLCCP messages. IP encapsulation is used for inter-subnet WLCCP messages and may also be used for intra-subnet WLCCP messages.
摘要翻译: 无线LAN上下文控制协议(WLCCP)用于建立和管理无线网络拓扑,并安全管理校园网中移动台的“运行环境”。 WLCCP注册协议可以自动创建和删除网络中的链路,安全地分发运行环境,并可靠地建立无线链路上的二层转发路径。 建立单个基础架构节点作为每个子网的中央控制点,并使AP和MN能够选择向骨干局域网提供“最低成本路径”的父节点。 上下文消息为上下文和管理信息提供通用传输。 WLCCP“跟踪”消息便于网络诊断工具。 以太网或UDP / IP封装可用于WLCCP消息。 以太网封装被用于子网内(例如AP到AP或AP到SCM)WLCCP消息。 IP封装用于子网间WLCCP消息,也可用于子网内WLCCP消息。
-
公开(公告)号:US07844057B2
公开(公告)日:2010-11-30
申请号:US11772584
申请日:2007-07-02
IPC分类号: H04K1/00
CPC分类号: H04W12/06 , G06Q20/3674 , H04L9/0836 , H04L9/0891 , H04L63/06 , H04L63/08 , H04L2209/80 , H04L2463/061 , H04W12/04 , H04W84/12 , Y10S707/99945 , Y10S707/99948
摘要: A method and system for handling roaming mobile nodes in a wireless network. The system uses a Subnet Context Manager to store current Network session keys, security policy and duration of the session (e.g. session timeout) for mobile nodes, which is established when the mobile node is initially authenticated. Pairwise transit keys are derived from the network session key. The Subnet Context Manager handles subsequent reassociation requests. When a mobile node roams to a new access point, the access point obtains the network session key from the Subnet Context Manager and validates the mobile node by computing a new pairwise transient key from the network session key.
摘要翻译: 一种在无线网络中处理漫游移动节点的方法和系统。 该系统使用子网上下文管理器来存储移动节点当前初始认证时建立的当前网络会话密钥,安全策略和会话的持续时间(例如会话超时)。 成对传输密钥是从网络会话密钥导出的。 子网上下文管理器处理后续重新关联请求。 当移动节点漫游到新的接入点时,接入点从子网络上下文管理器获得网络会话密钥,并通过从网络会话密钥计算新的成对瞬态密钥来验证移动节点。
-
5.发明授权802.11 using a compressed reassociation exchange to facilitate fast handoff 有权802.11使用压缩的重新关联交换来促进快速切换公开(公告)号:US07350077B2
公开(公告)日:2008-03-25
申请号:US10417653
申请日:2003-04-17
IPC分类号: H04L9/00
CPC分类号: H04W12/06 , G06Q20/3674 , H04L9/0836 , H04L9/0891 , H04L63/06 , H04L63/08 , H04L2209/80 , H04L2463/061 , H04W12/04 , H04W84/12 , Y10S707/99945 , Y10S707/99948
摘要: A method and system for handling roaming mobile nodes in a wireless network. The system uses a Subnet Context Manager to store current Network session keys, security policy and duration of the session (e.g. session timeout) for mobile nodes, which is established when the mobile node is initially authenticated. Pairwise transit keys are derived from the network session key. The Subnet Context Manager handles subsequent reassociation requests. When a mobile node roams to a new access point, the access point obtains the network session key from the Subnet Context Manager and validates the mobile node by computing a new pairwise transient key from the network session key.
摘要翻译: 一种在无线网络中处理漫游移动节点的方法和系统。 该系统使用子网上下文管理器来存储移动节点当前初始认证时建立的当前网络会话密钥,安全策略和会话的持续时间(例如会话超时)。 成对传输密钥是从网络会话密钥导出的。 子网上下文管理器处理后续重新关联请求。 当移动节点漫游到新的接入点时,接入点从子网络上下文管理器获得网络会话密钥,并通过从网络会话密钥计算新的成对瞬态密钥来验证移动节点。
-
公开(公告)号:US20060094440A1
公开(公告)日:2006-05-04
申请号:US10978615
申请日:2004-11-01
申请人: Robert Meier , Stuart Norman , Douglas Smith , Nancy Cam Winget
发明人: Robert Meier , Stuart Norman , Douglas Smith , Nancy Cam Winget
IPC分类号: H04Q7/20
CPC分类号: H04L47/13 , H04L12/189 , H04L47/14 , H04L47/15 , H04L47/70 , H04L47/782 , H04L47/801 , H04L47/806 , H04L47/824 , H04W28/02 , H04W72/005 , H04W84/12
摘要: A method for multicast load balancing in a wireless network having a plurality of access points. The method includes setting a maximum Internet protocol multicast bandwidth for the access points, receiving an admissions control request from a client at one of the access points, and determining whether the admissions control request from the client is for an admitted or unadmitted multicast stream at the access point. The access point is responsive to the admissions control request for the admitted multicast stream by servicing the admitted multicast stream and to the admissions control request for the unadmitted multicast stream by servicing the unadmitted multicast stream where the bandwidth required for the unadmitted multicast stream, plus that portion of the access point bandwidth currently used for all existing downlink multicast streams, does not exceed the maximum internet protocol multicast bandwidth for the access point.
-
公开(公告)号:US20060114863A1
公开(公告)日:2006-06-01
申请号:US11000629
申请日:2004-12-01
申请人: Ajit Sanzgiri , Robert Meier , Bhawani Sapkota , Nancy Cam Winget
发明人: Ajit Sanzgiri , Robert Meier , Bhawani Sapkota , Nancy Cam Winget
IPC分类号: H04Q7/24
CPC分类号: H04W12/12 , H04L63/1466
摘要: A method for protecting a wireless network against spoofed MAC address attacks. A database is used for storing MAC address and user identity bindings. When a new request to access the network is received, the MAC address and user identity of the request is compared to the stored MAC address and user identity bindings. If a new request has an existing MAC address, but not the corresponding user identity, then the request will be denied. The bindings database contains the MAC Address, User identity bindings for wireless nodes and/or, for wired nodes. The MAC address, User identity bindings contained in the bindings database may be automatically learned or statically configured.
摘要翻译: 一种用于保护无线网络免遭欺骗的MAC地址攻击的方法。 数据库用于存储MAC地址和用户身份绑定。 当接收到访问网络的新请求时,请求的MAC地址和用户身份与存储的MAC地址和用户身份绑定进行比较。 如果新的请求具有现有的MAC地址,而不是相应的用户身份,则该请求将被拒绝。 绑定数据库包含MAC地址,无线节点和/或有线节点的用户身份绑定。 包含在绑定数据库中的MAC地址,用户身份绑定可以自动学习或静态配置。
-
公开(公告)号:US20060114839A1
公开(公告)日:2006-06-01
申请号:US11000608
申请日:2004-12-01
申请人: Robert Meier , Nancy Cam Winget , Robert Bell
发明人: Robert Meier , Nancy Cam Winget , Robert Bell
IPC分类号: H04L12/28
CPC分类号: H04L41/12 , H04L41/0843 , H04L41/0886 , H04L41/28 , H04L63/062 , H04L63/0823 , H04W12/04 , H04W12/06 , H04W28/18 , H04W88/08
摘要: The present invention is contemplates an automatic, secure AP configuration protocol. Public/private keys and public key (PK) methods are used to automatically establish a mutual trust relationship and a secure channel between an AP and at least one configuration server. An AP automatically forwards a location identifier to the configuration server, and the configuration server delivers common, AP specific, and location specific configuration parameters to the AP.
-
公开(公告)号:US20060013398A1
公开(公告)日:2006-01-19
申请号:US10891924
申请日:2004-07-15
申请人: David Halasz , Nancy Cam Winget , Robert Meier
发明人: David Halasz , Nancy Cam Winget , Robert Meier
IPC分类号: H04K1/00
CPC分类号: H04L63/1466 , H04L63/067 , H04L2463/061 , H04W12/04 , H04W12/06 , H04W36/0038 , H04W80/04 , H04W84/12
摘要: A wireless station prepares to roam by pre-authenticating itself with a neighboring access point. The wireless station sends a rekey request, which can include an incremented rekey number. The wireless station receives a rekey response. The rekey response can include the incremented rekey number. Because the wireless station is pre-authenticated, after it roams it only needs to perform a two-way handshake with a new access point to establish secure communications with the new access point. The two-way handshake starts by the wireless station sending a reassociation request to the neighboring access point, the reassociation request comprising the incremented rekey number established during pre-authentication. The wireless station receives a reassociation response from the neighboring access point. To protect against replay attacks, the neighboring access point can verify the rekey number sent in the reassociation request matches the rekey number sent in the rekey response.
摘要翻译: 无线站通过对邻近接入点进行预认证来准备漫游。 无线站发送重新密钥请求,其可以包括递增的密钥号码。 无线站收到重新密钥响应。 密钥响应可以包括增加的密钥号码。 由于无线站预认证,漫游后,只需要与新的接入点进行双向握手,以建立与新接入点的安全通信。 双向握手由无线站向相邻接入点发送重新关联请求开始,重新关联请求包括在预认证期间建立的增加的密钥号码。 无线站接收来自相邻接入点的重新连接响应。 为了防止重播攻击,相邻接入点可以验证重新关联请求中发送的重新密钥号码是否与重新密钥响应中发送的密钥号码匹配。
-
公开(公告)号:US07817042B2
公开(公告)日:2010-10-19
申请号:US11678286
申请日:2007-02-23
申请人: Nancy Cam Winget , Allan Thomson
发明人: Nancy Cam Winget , Allan Thomson
IPC分类号: G08B13/14
摘要: In an example embodiment, an apparatus such as an RFID tag, is configured to operate in a first mode that allows the tag to associate with the network and receive configuration data and to operate in a second mode wherein the apparatus is not associated with the network. The apparatus sends announcement packets while in the second mode in accordance with the configuration data received while in the first mode of operation.
摘要翻译: 在示例实施例中,诸如RFID标签的装置被配置为以允许标签与网络相关联并接收配置数据并以第二模式操作的第一模式操作,其中该装置不与网络相关联 。 该装置根据在第一操作模式下接收的配置数据,在第二模式下发送通知包。
-
-
-
-
-
-
-
-
-
搜索结果
42 条记录 (耗时 0.028 秒)
