-
1.发明授权Securing multiple links and paths in a wireless mesh network including rapid roaming 有权在无线网状网络中保护多个链路和路径,包括快速漫游公开(公告)号:US08037305B2
公开(公告)日:2011-10-11
申请号:US11771027
申请日:2007-06-29
IPC分类号: H04L9/32
CPC分类号: H04W12/06 , H04L63/064 , H04L63/068 , H04L63/08 , H04L63/162 , H04N21/4126 , H04W12/04 , H04W76/10 , H04W84/18 , H04W88/08
摘要: A method and logic encoded in tangible media and apparatus for securing links between a mesh point and one or more identities of one or more parent mesh points of a wireless mesh network in order to secure the links. A first association is carried out to one of the identities of one of the parent mesh points. The first mesh point undergoes a mutual authentication with an authenticator and announces the possibility of multiple links and/or multiple paths. The authentication generates a first master key from which the root master key of the key hierarchy is derived so that other master keys for different identities are derivable using a hierarchy. The mesh point undergoes a 4-way handshake to derive a first transient key. Other transient keys are obtained by a fast roaming method without having to re-undergo a backend authentication, the other transient keys being for other links and/or paths and derived using the hierarchy.
摘要翻译: 在有形媒体和装置中编码的方法和逻辑,用于保护网状点与无线网状网络的一个或多个父网格点的一个或多个身份之间的链接,以便保护链接。 对一个父网点的一个身份进行第一个关联。 第一个网格点与一个验证器进行相互认证,并宣布多个链路和/或多条路径的可能性。 认证生成第一主密钥,从中导出密钥层次的根主密钥,以便使用层次结构可导出不同身份的其他主密钥。 网格点经历四次握手以得到第一个暂时密钥。 通过快速漫游方法获得其他瞬态密钥,而不必重新接受后端认证,其他暂时密钥用于其他链路和/或路径,并使用层次结构派生。
-
2.发明申请公开(公告)号:US20080112363A1
公开(公告)日:2008-05-15
申请号:US11559551
申请日:2006-11-14
IPC分类号: H04Q7/22
摘要: A mesh access point that includes an access point profile storing one ore more parameters in non-volatile memory, and a method of using the mesh access point having the access point profile to select and carry out mutual authentication on a wireless mesh network to establish itself to the mesh network using information in the access point profile, and further to provide services to wireless clients according to information in the access point profile. Access point profiles can be pre-configured/configured/updated suitably in order to adapt the mesh access point in a mesh network according to its capabilities and requirements.
摘要翻译: 一种网状接入点,其包括在非易失性存储器中存储一个或多个参数的接入点简档,以及使用具有接入点简档的网状接入点在无线网状网络上选择并执行相互认证以建立自身的方法 使用接入点简档中的信息到网状网络,并且还根据接入点简档中的信息向无线客户端提供服务。 可以适当地预配置/配置/更新接入点配置文件,以便根据网络接口的能力和要求来适应网状网络中的网状接入点。
-
3.发明申请公开(公告)号:US20120087281A1
公开(公告)日:2012-04-12
申请号:US13333772
申请日:2011-12-21
IPC分类号: H04W12/06
摘要: A mesh access point that includes an access point profile storing one ore more parameters in non-volatile memory, and a method of using the mesh access point having the access point profile to select and carry out mutual authentication on a wireless mesh network to establish itself to the mesh network using information in the access point profile, and further to provide services to wireless clients according to information in the access point profile. Access point profiles can be pre-configured/configured/updated suitably in order to adapt the mesh access point in a mesh network according to its capabilities and requirements.
摘要翻译: 一种网状接入点,其包括在非易失性存储器中存储一个或多个参数的接入点简档,以及使用具有接入点简档的网状接入点在无线网状网络上选择并执行相互认证以建立自身的方法 使用接入点简档中的信息到网状网络,并且还根据接入点简档中的信息向无线客户端提供服务。 可以适当地预配置/配置/更新接入点配置文件,以便根据网络接口的能力和要求来适应网状网络中的网状接入点。
-
4.发明授权System and method for securing mesh access points in a wireless mesh network, including rapid roaming 有权用于在无线网状网络中保护网络接入点的系统和方法,包括快速漫游公开(公告)号:US08023478B2
公开(公告)日:2011-09-20
申请号:US11456045
申请日:2006-07-06
CPC分类号: H04W12/06 , H04L63/064 , H04L63/068 , H04L63/08 , H04L63/162 , H04N21/4126 , H04W12/04 , H04W76/10 , H04W84/18 , H04W88/08
摘要: An authentication method in a mesh AP including using standard IEEE 802.11i mechanisms between the mesh AP and an authenticator for authenticating the mesh AP to become a child mesh AP with a secure layer-2 link to a first parent mesh AP that has a secure tunnel to a Controller, including, after a layer-2 link between the child mesh AP and the first parent mesh AP is secured, undergoing a join exchange for form a secure tunnel between the child mesh AP and the Controller. Further, a fast roaming method for re-establishing a secure layer-2 link with a new parent mesh AP including, while the mesh AP is a child mesh AP to the first parent mesh AP and has a secure layer-2 link to the first parent mesh AP, caching key information and wireless mesh network identity information, and using the cached information to establish a secure layer-2 link with a new parent mesh AP without having to undergo a 4-way authentication. Further, while the mesh AP is a child mesh AP to the first parent mesh AP, has a secure layer-2 link to the first parent mesh AP, and has a secure tunnel to the Controller, caching session information on the secure tunnel, and using the cached information to re establish the secure tunnel with the Controller, the secure tunnel now via the new mesh AP.
摘要翻译: 网格AP中的认证方法,包括使用网格AP和认证器之间的标准IEEE 802.11i机制,用于认证网格AP以成为具有到具有安全隧道的第一父网状网AP的安全层-2链路的子网AP 包括在子网格AP和第一父网状网AP之间的第二层链路被保护之后,经历连接交换以在子网格AP和控制器之间形成安全隧道。 此外,一种快速漫游方法,用于与新的父网状网AP重新建立安全层-2链路,其中网格AP是对第一父网状网AP的子网格AP,并且具有到第一网络AP的安全层2链路 父网格AP,高速缓存关键信息和无线网状网络身份信息,并使用缓存信息与新的父网格AP建立安全的第二层链路,而不必进行4路认证。 此外,当网格AP是到第一父网状网AP的子网格AP时,具有到第一父网状AP的安全层-2链路,并且具有到控制器的安全隧道,在安全隧道上缓存会话信息,以及 使用缓存的信息重新建立与Controller的安全通道,即现在通过新的网格AP的安全隧道。
-
5.发明授权System and method for securing mesh access points in a wireless mesh network, including rapid roaming 有权用于在无线网状网络中保护网络接入点的系统和方法,包括快速漫游公开(公告)号:US08270382B2
公开(公告)日:2012-09-18
申请号:US13176542
申请日:2011-07-05
IPC分类号: H04W40/00
CPC分类号: H04W12/06 , H04L63/064 , H04L63/068 , H04L63/08 , H04L63/162 , H04N21/4126 , H04W12/04 , H04W76/10 , H04W84/18 , H04W88/08
摘要: Authentication in a mesh network controlled by a central controller, including using standard IEEE 802.11i mechanisms between a potential child mesh access point (AP) as supplicant and the controller as authenticator. Each mesh AP in the mesh network has a secure tunnel to a controller using a protocol for controlling the mesh AP, including AP capabilities, and a fast roaming method for re-establishing a secure layer-2 link with a new parent mesh AP including, while the mesh AP is a child mesh AP to the first parent mesh AP and has a secure layer-2 link to the first parent mesh AP, caching key information and wireless mesh network identity information in the controller.
摘要翻译: 由中央控制器控制的网状网络中的认证,包括在作为请求方的潜在子网接入点(AP)和作为认证者的控制器之间使用标准IEEE 802.11i机制。 网状网络中的每个网格AP具有使用用于控制网络AP的协议(包括AP能力)的控制器的安全隧道,以及用于与新的父网状网AP重新建立安全层-2链路的快速漫游方法, 而网格AP是到第一父网状网AP的子网格AP,并且具有到第一父网状网AP的安全层-2链路,在控制器中高速缓存密钥信息和无线网状网络身份信息。
-
公开(公告)号:US08102814B2
公开(公告)日:2012-01-24
申请号:US11559551
申请日:2006-11-14
IPC分类号: H04W4/00
摘要: A mesh access point that includes an access point profile storing one ore more parameters in non-volatile memory, and a method of using the mesh access point having the access point profile to select and carry out mutual authentication on a wireless mesh network to establish itself to the mesh network using information in the access point profile, and further to provide services to wireless clients according to information in the access point profile. Access point profiles can be pre-configured/configured/updated suitably in order to adapt the mesh access point in a mesh network according to its capabilities and requirements.
-
7.发明申请SYSTEM AND METHOD FOR SECURING MESH ACCESS POINTS IN A WIRELESS MESH NETWORK, INCLUDING RAPID ROAMING 有权在无线网状网络中安全网络接入点的系统和方法,包括快速漫游公开(公告)号:US20110264915A1
公开(公告)日:2011-10-27
申请号:US13176542
申请日:2011-07-05
IPC分类号: H04L9/32
CPC分类号: H04W12/06 , H04L63/064 , H04L63/068 , H04L63/08 , H04L63/162 , H04N21/4126 , H04W12/04 , H04W76/10 , H04W84/18 , H04W88/08
摘要: Authentication in a mesh network controlled by a central controller, including using standard IEEE 802.11i mechanisms between a potential child mesh access point (AP) as supplicant and the controller as authenticator. Each mesh AP in the mesh network has a secure tunnel to a controller using a protocol for controlling the mesh AP, including AP capabilities, and a fast roaming method for re-establishing a secure layer-2 link with a new parent mesh AP including, while the mesh AP is a child mesh AP to the first parent mesh AP and has a secure layer-2 link to the first parent mesh AP, caching key information and wireless mesh network identity information in the controller.
摘要翻译: 由中央控制器控制的网状网络中的认证,包括在作为请求方的潜在子网接入点(AP)和作为认证者的控制器之间使用标准IEEE 802.11i机制。 网状网络中的每个网格AP具有使用用于控制网络AP的协议(包括AP能力)的控制器的安全隧道,以及用于与新的父网状网AP重新建立安全层-2链路的快速漫游方法, 而网格AP是到第一父网状网AP的子网格AP,并且具有到第一父网状网AP的安全层-2链路,在控制器中高速缓存密钥信息和无线网状网络身份信息。
-
公开(公告)号:US20110113252A1
公开(公告)日:2011-05-12
申请号:US12613784
申请日:2009-11-06
IPC分类号: H04L9/32
CPC分类号: H04L63/0823 , H04L63/126 , H04W12/12 , H04W48/08 , H04W48/18
摘要: In an example embodiment described herein is an apparatus comprising a transceiver configured to send and receive data, and logic coupled to the transceiver. The logic is configured to determine from a beacon received by the wireless transceiver whether an associated wireless device sending the beacon supports a protocol for advertising available services from the associated wireless device. The logic is configured to send a request for available services from the associated wireless device via the wireless transceiver responsive to determining the associated wireless device supports the protocol. The logic is configured to receive a response to the request via the wireless transceiver, the response comprising a signature. The logic is configured to validate the response by confirming the signature comprises network data cryptographically bound with service data.
摘要翻译: 在这里描述的一个示例实施例中,包括被配置为发送和接收数据的收发机和耦合到收发器的逻辑的装置。 逻辑被配置为从由无线收发机接收的信标确定发送信标的相关联的无线设备是否支持用于从相关联的无线设备广告可用服务的协议。 逻辑被配置为响应于确定相关联的无线设备支持协议,经由无线收发器从相关联的无线设备发送可用服务的请求。 逻辑被配置为经由无线收发器接收对请求的响应,响应包括签名。 逻辑被配置为通过确认签名包括加密地与服务数据绑定的网络数据来验证响应。
-
9.发明授权Method for optimized layer 2 roaming and policy enforcement in a wireless environment 有权在无线环境中优化第2层漫游和策略实施的方法公开(公告)号:US07602746B2
公开(公告)日:2009-10-13
申请号:US11315861
申请日:2005-12-21
IPC分类号: G06F15/00
CPC分类号: H04W28/26 , H04W72/0406 , H04W84/12
摘要: Methods, apparatuses, and systems directed to facilitating the application of pre-allocation policies in a wireless network environment. According to one implementation of the present invention, a central controller, or other control point in a wireless network infrastructure, applies one or more policies that limit the number of resource pre-allocations a given wireless client may establish with one or more wireless access points. In one implementation, the central controller provides a pre-allocation list to a wireless client that is requesting pre-allocation. By limiting a wireless client's ability to pre-allocate resources, the central controller optimally manages the resources of the wireless network. In alternative embodiments, the central controller can terminate pre-allocations between a wireless client and one or more wireless access points to enforce pre-allocation policy on the wireless network infrastructure.
摘要翻译: 旨在促进在无线网络环境中应用预分配策略的方法,设备和系统。 根据本发明的一个实施方案,无线网络基础设施中的中央控制器或其他控制点应用一个或多个限制给定无线客户端可以与一个或多个无线接入点建立的资源预分配数量的策略 。 在一个实现中,中央控制器向请求预分配的无线客户端提供预分配列表。 通过限制无线客户端预先分配资源的能力,中央控制器优化地管理无线网络的资源。 在替代实施例中,中央控制器可以终止无线客户端与一个或多个无线接入点之间的预分配,以在无线网络基础设施上实施预分配策略。
-
10.发明申请SECURING MULTIPLE LINKS AND PATHS IN A WIRELESS MESH NETWORK INCLUDING RAPID ROAMING 有权在无线网状网络中安装多条链路和路由,包括快速漫游公开(公告)号:US20070250713A1
公开(公告)日:2007-10-25
申请号:US11771027
申请日:2007-06-29
IPC分类号: H04L9/00
CPC分类号: H04W12/06 , H04L63/064 , H04L63/068 , H04L63/08 , H04L63/162 , H04N21/4126 , H04W12/04 , H04W76/10 , H04W84/18 , H04W88/08
摘要: A method and logic encoded in tangible media and apparatus for securing links between a mesh point and one or more identities of one or more parent mesh points of a wireless mesh network in order to secure the links. A first association is carried out to one of the identities of one of the parent mesh points. The first mesh point undergoes a mutual authentication with an authenticator and announces the possibility of multiple links and/or multiple paths. The authentication generates a first master key from which the root master key of the key hierarchy is derived so that other master keys for different identities are derivable using a hierarchy. The mesh point undergoes a 4-way handshake to derive a first transient key. Other transient keys are obtained by a fast roaming method without having to re-undergo a backend authentication, the other transient keys being for other links and/or paths and derived using the hierarchy.
摘要翻译: 在有形媒体和装置中编码的方法和逻辑,用于保护网状点与无线网状网络的一个或多个父网格点的一个或多个身份之间的链接,以便保护链接。 对一个父网点的一个身份进行第一个关联。 第一个网格点与一个验证器进行相互认证,并宣布多个链路和/或多条路径的可能性。 认证生成第一主密钥,从中导出密钥层次的根主密钥,以便使用层次结构可导出不同身份的其他主密钥。 网格点经历四次握手以得到第一个暂时密钥。 通过快速漫游方法获得其他瞬态密钥,而不必重新接受后端认证,其他暂时密钥用于其他链路和/或路径,并使用层次结构派生。
-
-
-
-
-
-
-
-
-
搜索结果
42 条记录 (耗时 0.025 秒)
