公开(公告)号：US08582773B2

公开(公告)日：2013-11-12

申请号：US10559889

申请日：2004-07-27

申请人： Junbiao Zhang ,  Saurabh Mathur

发明人： Junbiao Zhang ,  Saurabh Mathur

IPC分类号： H04L29/06

CPC分类号： H04L63/062 ,  H04L9/0891 ,  H04L9/12 ,  H04L63/068 ,  H04L2209/80 ,  H04W12/04 ,  H04W84/12 ,  H04W88/08

摘要： A key synchronization mechanism for wireless LANs is provided where the access point (AP) does not start using a new encryption key until the first data frame correctly encrypted with the new key is received from the station (STA). The new key is used from this point on, until the expiration of a key refresh interval.

摘要翻译： 提供了一种用于无线LAN的密钥同步机制，其中在从站（STA）接收到使用新密钥正确加密的第一数据帧之前，接入点（AP）不开始使用新的加密密钥。 从这一点开始使用新密钥，直到密钥刷新间隔到期。

公开(公告)号：US20090282238A1

公开(公告)日：2009-11-12

申请号：US11919279

申请日：2005-05-16

申请人： Guillaume Bichot ,  Junbiao Zhang ,  Saurabh Mathur

发明人： Guillaume Bichot ,  Junbiao Zhang ,  Saurabh Mathur

IPC分类号： G06F21/00 ,  H04L9/08

CPC分类号： H04L63/0807 ,  H04W12/02 ,  H04W12/06 ,  H04W36/0038 ,  H04W84/12

摘要： A system and method including computing keying information by a server for authentication of devices accessing a wireless local area network and forwarding the keying information by the server to access points included in a security domain of the wireless local area network, wherein one of the access points is associated with a mobile device are described.

摘要翻译： 一种系统和方法，包括由服务器计算密钥信息以验证访问无线局域网的设备，并且由服务器将密钥信息转发到无线局域网的安全域中的接入点，其中接入点之一 与移动设备相关联。

公开(公告)号：US20060173981A1

公开(公告)日：2006-08-03

申请号：US10549466

申请日：2004-03-11

申请人： Junbiao Zhang ,  Saurabh Mathur ,  Sachin Mody

发明人： Junbiao Zhang ,  Saurabh Mathur ,  Sachin Mody

IPC分类号： G06F15/173

CPC分类号： H04L41/0866 ,  H04L41/0253 ,  H04L41/0806 ,  H04L41/0816 ,  H04L63/168 ,  H04L67/02 ,  H04W12/0023 ,  H04W12/08 ,  H04W84/12

摘要： The invention provides a method for a web browser based remote administration system to maintain its security by utilizing an ActiveX control or a plug-in, without relying on HTTPS protection to transact management information. The invention does not burden the embedded system and thus is ideally suited for the remote administration of embedded systems. The invention provides a method to calculate a security code base upon identical algorithms in the administrative system having the browser and the embedded system. When the browser-based administrator submits the management information, an operator packages the control information as a string and invokes the security function in the plug-in with the string as a parameter. After the security function returns the result, the operator sends the form data together with a coded digest to the remote system. The digest may be embedded in the form data, for example, as a hidden field.

摘要翻译： 本发明提供了一种用于基于web浏览器的远程管理系统通过利用ActiveX控件或插件来维护其安全性的方法，而不依赖于HTTPS保护来处理管理信息。 本发明不会对嵌入式系统造成负担，因此非常适合于嵌入式系统的远程管理。 本发明提供了一种在具有浏览器和嵌入式系统的管理系统中基于相同算法来计算安全代码的方法。 当基于浏览器的管理员提交管理信息时，操作员将控制信息作为字符串打包，并以字符串作为参数调用插件中的安全功能。 安全功能返回结果后，操作员将表单数据与编码摘要一起发送到远程系统。 摘要可以嵌入在表单数据中，例如，作为隐藏字段。

公开(公告)号：US08285992B2

公开(公告)日：2012-10-09

申请号：US11918512

申请日：2005-04-22

申请人： Saurabh Mathur ,  Junbiao Zhang

发明人： Saurabh Mathur ,  Junbiao Zhang

IPC分类号： H04L29/06

CPC分类号： H04L67/2814 ,  H04L63/0236 ,  H04L63/0428 ,  H04L63/061 ,  H04L63/062 ,  H04L63/168 ,  H04L67/02 ,  H04W12/04 ,  H04W12/08 ,  H04W84/12

摘要： A method and system for providing secure, anonymous access to a wireless local area network, including configuring an access point to drop packets except packets exhibiting an URL access protocol like HTTP and HTTPS, intercepting a URL access request by an access point from a mobile device via a web browser, re-directing the URL access request to a web server by the access point generating a security key by one of the access points and the web server, communicating the generated security key to the said web server securely by the access point or vice versa and setting the security key by the access point is described. A mobile device including means for forwarding a request for secure access to a wireless local area network via a URL access request, means for receiving a mobile code or a signal for displaying a security key and means for setting the security key is also described.

摘要翻译： 一种用于向无线局域网提供安全的匿名访问的方法和系统，包括配置接入点以丢弃除了呈现诸如HTTP和HTTPS的URL访问协议的分组之外的分组，从移动设备拦截接入点的URL访问请求 通过网络浏览器，所述接入点将所述URL访问请求重新指向Web服务器，所述访问点由所述接入点和所述web服务器之一生成安全密钥，所述接入点将所生成的安全密钥安全地传递到所述web服务器 或反之亦然，并且描述了由接入点设置安全密钥。 还描述了一种移动设备，其包括用于经由URL访问请求转发对无线局域网的安全访问的请求的装置，还包括接收用于显示安全密钥的移动代码或信号的装置和用于设置安全密钥的装置的装置。

公开(公告)号：US20090070859A1

公开(公告)日：2009-03-12

申请号：US11918512

申请日：2005-04-22

申请人： Saurabh Mathur ,  Junbiao Zhang

发明人： Saurabh Mathur ,  Junbiao Zhang

IPC分类号： G06F21/20 ,  H04L9/32

CPC分类号： H04L67/2814 ,  H04L63/0236 ,  H04L63/0428 ,  H04L63/061 ,  H04L63/062 ,  H04L63/168 ,  H04L67/02 ,  H04W12/04 ,  H04W12/08 ,  H04W84/12

摘要： A method and system for providing secure, anonymous access to a wireless local area network, including configuring an access point to drop packets except packets exhibiting an URL access protocol like HTTP and HTTPS, intercepting a URL access request by an access point from a mobile device via a web browser, re-directing the URL access request to a web server by the access point generating a security key by one of the access points and the web server, communicating the generated security key to the said web server securely by the access point or vice versa and setting the security key by the access point is described. A mobile device including means for forwarding a request for secure access to a wireless local area network via a URL access request, means for receiving a mobile code or a signal for displaying a security key and means for setting the security key is also described.

摘要翻译： 一种用于向无线局域网提供安全的匿名访问的方法和系统，包括配置接入点以丢弃除了呈现诸如HTTP和HTTPS的URL访问协议的分组之外的分组，从移动设备拦截接入点的URL访问请求 通过网络浏览器，所述接入点将所述URL访问请求重新指向Web服务器，所述访问点由所述接入点和所述web服务器之一生成安全密钥，所述接入点将所生成的安全密钥安全地传递到所述web服务器 或反之亦然，并且描述了由接入点设置安全密钥。 还描述了一种移动设备，其包括用于经由URL访问请求转发对无线局域网的安全访问的请求的装置，还包括接收用于显示安全密钥的移动代码或信号的装置和用于设置安全密钥的装置的装置。

公开(公告)号：US20080055100A1

公开(公告)日：2008-03-06

申请号：US11661780

申请日：2004-09-03

申请人： Saurabh Mathur ,  Junbiao Zhang

发明人： Saurabh Mathur ,  Junbiao Zhang

IPC分类号： G08B21/00 ,  H04L29/06

CPC分类号： H04L41/06 ,  H04L41/026 ,  H04L41/0846 ,  H04L41/0869 ,  H04L63/02 ,  H04L63/04 ,  H04L63/1433

摘要： There is provided a method for automatically detecting and indicating a mis-configuration condition in an electronic device having one or more factory-default settings. At least one mis-configuration rule that relates to at least one mis-configuration condition of the electronic device, is checked against at least one corresponding current configuration setting to determine whether the electronic device is mis-configured. A mis-configuration alert is provided with respect to the electronic device, when the electronic device is determined to be mis-configured in said checking step.

摘要翻译： 提供一种用于在具有一个或多个工厂默认设置的电子设备中自动检测和指示错误配置条件的方法。 根据至少一个对应的当前配置设置来检查至少一个与电子设备的至少一个错误配置条件相关的错误配置规则，以确定电子设备是否被配置错误。 当在所述检查步骤中确定电子设备被错误配置时，相对于电子设备提供错误配置警报。

公开(公告)号：US20070189537A1

公开(公告)日：2007-08-16

申请号：US11371662

申请日：2006-03-09

申请人： Junbiao Zhang ,  Saurabh Mathur ,  Sachin Mody

发明人： Junbiao Zhang ,  Saurabh Mathur ,  Sachin Mody

IPC分类号： H04K1/00

CPC分类号： H04L9/0891 ,  H04L9/083 ,  H04L9/0869 ,  H04L63/0428 ,  H04L63/068 ,  H04L2209/80 ,  H04W12/04031 ,  H04W84/12

摘要： The invention provides a method for improving the security of a mobile terminal in a WLAN environment by installing two shared secrets instead of one shared secret, the initial session key, on both the wireless user machine and the WLAN access point during the user authentication phase. One of the shared secrets is used as the initial session key and the other is used as a secure seed. Since the initial authentication is secure, these two keys are not known to a would be hacker. Although the initial session key may eventually be cracked by the would be hacker, the secure seed remains secure as it is not used in any insecure communication.

摘要翻译： 本发明提供一种通过在用户认证阶段期间在无线用户机器和WLAN接入点上安装两个共享秘密而不是一个共享秘密（初始会话密钥）来提高WLAN环境中的移动终端的安全性的方法。 共享秘密之一被用作初始会话密钥，另一个用作安全种子。 由于初始身份验证是安全的，所以这两个密钥对于黑客来说是不知道的。 虽然初始会话密钥可能最终被黑客破解，但安全种子仍然是安全的，因为它不会用于任何不安全的通信。

公开(公告)号：US20060193297A1

公开(公告)日：2006-08-31

申请号：US10550964

申请日：2004-01-29

申请人： Junbiao Zhang ,  Saurabh Mathur ,  Kumar Ramaswamy

发明人： Junbiao Zhang ,  Saurabh Mathur ,  Kumar Ramaswamy

IPC分类号： H04Q7/24

CPC分类号： H04W12/04 ,  H04L63/06 ,  H04L63/062 ,  H04L63/08 ,  H04W12/06 ,  H04W28/18 ,  H04W36/0038 ,  H04W48/08 ,  H04W80/04 ,  H04W88/08 ,  H04W88/16

摘要： A system, method, and computer readable medium for enabling roaming of wireless client stations among wireless access points are disclosed. A gateway programmed to receive session data requests is provided in a network, which comprises access points which are programmed to send session data requests to the gateway. The gateway sends session information setting commands to the requesting access point, or sends a session data failure response to the access point.

摘要翻译： 公开了一种用于使无线接入点之间的无线客户端站漫游的系统，方法和计算机可读介质。 编程为接收会话数据请求的网关在网络中提供，网络包括被编程为向网关发送会话数据请求的接入点。 网关向请求接入点发送会话信息设置命令，或者向接入点发送会话数据故障响应。

公开(公告)号：US20060173844A1

公开(公告)日：2006-08-03

申请号：US10549407

申请日：2004-03-12

申请人： Junbiao Zhang ,  Saurabh Mathur ,  Sachin Satish Mody

发明人： Junbiao Zhang ,  Saurabh Mathur ,  Sachin Satish Mody

IPC分类号： G06F17/30

CPC分类号： H04W12/06 ,  H04L63/08 ,  H04L63/083 ,  H04L63/102 ,  H04L67/34 ,  H04W8/245 ,  H04W80/04 ,  H04W84/12

摘要： The invention herein provides an apparatus and a method for automatically configuring an IEEE 802.1x client terminal to provide limited access in a WLAN environment, specifically utilizing the access point to filter traffic associated with the limited access so as to redirect the client terminal's HTTP request to a designated local web server. The web server responds to the client terminal by requesting information required to establish an authorized communication. Thereafter the client terminal provides information required to establish an authorized communication. In the course of the communication the web server sends information such as transmission rates, new user account creation information, authentication method selection, and access user terms and conditions of acceptance, all typically required to establish an authorized access. The client responds with information, required to establish an authorized communication.

公开(公告)号：US08588191B2

公开(公告)日：2013-11-19

申请号：US11664804

申请日：2004-10-20

申请人： Saurabh Mathur ,  Junbiao Zhang

发明人： Saurabh Mathur ,  Junbiao Zhang

IPC分类号： H04W4/00

CPC分类号： H04W48/20 ,  H04W8/18

摘要： A wireless LAN provides access to a mobile terminal (MT) utilizing beacon frames to broadcast access point (AP) service specific information. The MT listens to the beacon frames and compares the broadcast service(s) and service parameters to a predetermined service profile stored in the MT. When the services offered by an AP matches the services designated in the stored service profile, the MT associates with that particular AP.

摘要翻译： 无线LAN使用信标帧来提供对移动终端（MT）的访问以广播接入点（AP）服务特定信息。 MT监听信标帧，并将广播服务和服务参数与存储在MT中的预定服务简档进行比较。 当AP提供的服务与存储的服务配置文件中指定的服务匹配时，MT与该特定AP相关联。