专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

WO2006049821A2 A METHOD FOR MULTICAST LOAD BALANCING IN WIRELESS LANS 审中-公开
标题翻译：一种无线局域网中组播负载平衡的方法
公开(公告)号：WO2006049821A2
公开(公告)日：2006-05-11
申请号：PCT/US2005/036599
申请日：2005-10-11
申请人： CISCO TECHNOLOGY, INC.
发明人： MEIER, Robert, C. , NORMAN, Stuart , SMITH, Douglas, A. , CAM WINGET, Nancy
IPC分类号： H04Q7/20
CPC分类号： H04L47/13 , H04L12/189 , H04L47/14 , H04L47/15 , H04L47/70 , H04L47/782 , H04L47/801 , H04L47/806 , H04L47/824 , H04W28/02 , H04W72/005 , H04W84/12
摘要： A method for multicast load balancing in a wireless network having a plurality of access points. The method includes setting a maximum Internet protocol multicast bandwidth for the access points, receiving an admissions control request from a client at one of the access points, and determining whether the admissions control request from the client is for an admitted or unadmitted multicast stream at the access point. The access point is responsive to the admissions control request for the admitted multicast stream by servicing the admitted multicast stream and to the admissions control request for the unadmitted multicast stream by servicing the unadmitted multicast stream where the bandwidth required for the unadmitted multicast stream, plus that portion of the access point bandwidth currently used for all existing downlink multicast streams, does not exceed the maximum internet protocol multicast bandwidth for the access point.
摘要翻译：一种用于具有多个接入点的无线网络中的多播负载平衡的方法。该方法包括为接入点设置最大互联网协议多点传送带宽，在一个接入点处接收来自客户端的接纳控制请求，并且确定来自客户端的接纳控制请求是针对在该接入点处的接纳的还是未接纳的多点传送流切入点。接入点通过服务所允许的多播流以及针对未接收的多播流的接纳控制请求，通过服务未接收的多播流来响应针对所接纳的多播流的接纳控制请求，其中未接收的多播流所需的带宽加上当前用于所有现有下行链路多播流的接入点带宽的一部分不超过接入点的最大互联网协议多播带宽。

2. 发明申请

WO2004107780A2 FACILITATING 802.11 ROAMING BY PRE-ESTABLISHING SESSION KEYS 审中-公开
标题翻译：通过预先建立的会议活动来实现802.11漫游
公开(公告)号：WO2004107780A2
公开(公告)日：2004-12-09
申请号：PCT/US2004/016700
申请日：2004-05-27
申请人： CISCO TECHNOLOGY, INC.
发明人： CAM WINGET, Nancy
IPC分类号： H04Q7/00
CPC分类号： H04W12/06 , H04L63/061 , H04L63/123 , H04L63/162 , H04L2209/80 , H04W12/04 , H04W36/0016 , H04W36/0088 , H04W84/12
摘要： A method and system for pre-authenticating a pre-establishing key management on a roaming device prior to reassociation to facilitate fast hand-off in a wireless network is described. For enhanced mobility, both authentication and key establishment is performed prior to reassociation of the roaming device between access points. When the roaming device enters in contact with one of the access points, a local authentication is performed between the access point and the roaming device prior to reassociation with the access point to allow for fast hand-offs of the device between access points within the network.
摘要翻译：描述了一种用于在重新关联之前在漫游设备上预先认证预先建立的密钥管理以促进无线网络中的快速切换的方法和系统。为了增强移动性，在访问点之间的漫游设备的重新关联之前执行认证和密钥建立。当漫游设备与接入点之一进行接触时，在与接入点重新关联之前在接入点和漫游设备之间执行本地认证，以允许在网络内的接入点之间快速切换设备。

3. 发明申请

WO2010065008A1 METHOD AND SYSTEM FOR PRE-AUTHENTICATION 审中-公开
标题翻译：用于预认证的方法和系统
公开(公告)号：WO2010065008A1
公开(公告)日：2010-06-10
申请号：PCT/US2005/025014
申请日：2005-07-14
申请人： CISCO TECHNOLOGY, INC.
发明人： HALASZ, David, E. , CAM WINGET, Nancy , MEIER, Robert, C.
IPC分类号： H04K1/00
CPC分类号： H04L63/1466 , H04L63/067 , H04L2463/061 , H04W12/04 , H04W12/06 , H04W36/0038 , H04W80/04 , H04W84/12
摘要： A wireless station prepares to roam by pre-authenticating itself with a neighboring access point. The wireless station sends a rekey request, which can include an incremented rekey number. The wireless station receives a rekey response. The rekey response can include the incremented rekey number. Because the wireless station is pre-authenticated, after it roams it only needs to perform a two-way handshake with a new access point to establish secure communications with the new access point. The two-way handshake starts by the wireless station sending a reassociation request to the neighboring access point, the reassociation request comprising the incremented rekey number established during pre-authentication. The wireless station receives a reassociation response from the neighboring access point. To protect against replay attacks, the neighboring access point can verify the rekey number sent in the reassociation request matches the rekey number sent in the rekey response.
摘要翻译：无线站通过对邻近接入点进行预认证来准备漫游。无线站发送重新密钥请求，其可以包括递增的密钥号码。无线站收到重新密钥响应。密钥响应可以包括增加的密钥号码。由于无线站预认证，漫游后，只需要与新的接入点进行双向握手，建立与新接入点的安全通信。双向握手由无线站向相邻接入点发送重新关联请求开始，重新关联请求包括在预认证期间建立的增加的密钥号码。无线站接收来自相邻接入点的重新连接响应。为了防止重播攻击，相邻接入点可以验证重新关联请求中发送的重新密钥号码是否与重新密钥响应中发送的密钥号码相匹配。

4. 发明申请

WO2005057878A1 SYSTEM AND METHOD FOR PROVISIONING AND AUTHENTICATING VIA A NETWORK 审中-公开
标题翻译：用于通过网络提供和认证的系统和方法
公开(公告)号：WO2005057878A1
公开(公告)日：2005-06-23
申请号：PCT/US2004/033489
申请日：2004-10-12
申请人： CISCO TECHNOLOGY, INC.
发明人： CAM WINGET, Nancy , ZHOU, Hao , KRISCHER, Mark , SALOWEY, Joseph , STIEGLITZ, Jeremy , GILLAI, Saar , JAKKAHALLI, Padmanabha
IPC分类号： H04L29/06
CPC分类号： H04L63/08 , H04L9/0838 , H04L63/0435 , H04L63/0442 , H04L63/0869 , H04L63/1458 , H04W12/02 , H04W12/08 , H04W12/12
摘要： System architecture and corresponding method for securing communication via a network (e.g. IEEE 802.11) is provided. In accordance with one embodiment, the present system and method protocol, may be suitably configured to achieve mutual authentication by using a shared secret to establish a tunnel used to protect weaker authentication methods (e.g. user names and passwords). The shared secret, referred to in this embodiment as the protected access credential may be advantageously used to mutually authenticate a server and a peer upon securing a tunnel for communication via a network. The present system and method disclosed and claimed herein, in one aspect thereof, comprises the steps of 1) providing a communication implementation between a first and a second party; 2) provisioning a secure credential between the first and the second party; and 3) establishing a secure tunnel between the first and the second party using the secure credential.
摘要翻译：提供了用于通过网络（例如，IEEE 802.11）保护通信的系统架构和相应的方法。根据一个实施例，本系统和方法协议可以被适当地配置为通过使用共享秘密来建立用于保护较弱认证方法（例如，用户名和密码）的隧道来实现相互认证。在本实施例中被称为受保护的访问凭证的共享秘密可以有利地用于在保护用于经由网络进行通信的隧道的相互认证服务器和对等体之间。在本文中公开和要求保护的本系统和方法在其一个方面包括以下步骤：1）提供第一方和第二方之间的通信实现; 2）在第一方和第二方之间提供安全证书; 以及3）使用安全证书在第一方和第二方之间建立安全隧道。

5. 发明申请

WO2005041531A1 SYSTEM AND METHOD FOR PROTECTING NETWORK MANAGEMENT FRAMES 审中-公开
标题翻译：用于保护网络管理框架的系统和方法
公开(公告)号：WO2005041531A1
公开(公告)日：2005-05-06
申请号：PCT/US2004/028824
申请日：2004-09-07
申请人： CISCO TECHNOLOGY, INC.
发明人： SAPKOTA, Bhawani , CAM WINGET, Nancy
IPC分类号： H04L29/06
CPC分类号： H04L63/126 , H04L41/00 , H04L63/08 , H04L63/083 , H04L63/123 , H04W12/06 , H04W12/10 , H04W12/12 , H04W84/12
摘要： System architecture and corresponding method for securing the transmission of management frame packets on a network (e.g. IEEE 802.11) is provided. Once a trust relationship is created between a transmitter and a receiver on the network such that the transmitter is authorized to communicate over the network, a key and corresponding message integrity check may be generated in order to sign management frame communications via the network. The message integrity check and a replay protection value may be transmitted with the management frame packet. Upon receipt, the message integrity check and replay protection value are authenticated to verify permitted transmission of the management frame packet.
摘要翻译：提供了用于保护网络上的管理帧分组的传输的系统架构和相应方法（例如，IEEE 802.11）。一旦在网络上的发射机和接收机之间建立信任关系，使得发射机被授权通过网络进行通信，则可以生成密钥和对应的消息完整性检查，以便通过网络对管理帧通信进行签名。消息完整性检查和重放保护值可以与管理帧分组一起发送。接收到消息完整性检查和重放保护值后，验证管理帧包的允许传输。

6. 发明申请

WO2004049740A2 802.11USING A COMPRESSED REASSOCIATION EXCHANGE TO FACILITATE FAST HANDOFF 审中-公开
标题翻译： 802.11USING压缩式重组交流，以便更快捷的手持
公开(公告)号：WO2004049740A2
公开(公告)日：2004-06-10
申请号：PCT/US2003/036061
申请日：2003-11-13
申请人： CISCO TECHNOLOGY, INC.
发明人： MEIER, Robert , REBO, Richard D. , GRISWOLD, Victor J. , SMTIH, Douglas A. , CAM WINGET, Nancy
IPC分类号： H04Q7/00
CPC分类号： H04W12/06 , G06Q20/3674 , H04L9/0836 , H04L9/0891 , H04L63/06 , H04L63/08 , H04L2209/80 , H04L2463/061 , H04W12/04 , H04W84/12 , Y10S707/99945 , Y10S707/99948
摘要： A method and system for handling roaming mobile nodes in a wireless network. The system uses a Subnet Context Manager to store current Network session keys, security policy and duration of the session (e.g. session timeout) for mobile nodes, which is established when the mobile node is initially authenticated. Pairwise transit keys are derived from the network session key. The Subnet Context Manager handles subsequent reassociation requests. When a mobile node roams to a new access point, the access point obtains the network session key from the Subnet Context Manager and validates the mobile node by computing a new pairwise transient key from the network session key.
摘要翻译：一种在无线网络中处理漫游移动节点的方法和系统。该系统使用子网上下文管理器来存储移动节点当前初始认证时建立的当前网络会话密钥，安全策略和会话的持续时间（例如会话超时）。成对传输密钥是从网络会话密钥导出的。子网上下文管理器处理后续重新关联请求。当移动节点漫游到新的接入点时，接入点从子网络上下文管理器获得网络会话密钥，并通过从网络会话密钥计算新的成对瞬态密钥来验证移动节点。

7. 发明申请

WO2006107713A1 SYSTEM AND METHOD FOR MULTI-SESSION ESTABLISHMENT 审中-公开
标题翻译：多种会议制度的系统与方法
公开(公告)号：WO2006107713A1
公开(公告)日：2006-10-12
申请号：PCT/US2006/011710
申请日：2006-03-31
申请人： CISCO TECHNOLOGY, INC.
发明人： CAM WINGET, Nancy , KRISCHER, Mark , STIEGLITZ, Jeremy
IPC分类号： H04L9/00
CPC分类号： H04L63/0815 , H04L9/0838 , H04L63/0892 , H04L2209/80 , H04W12/06
摘要： A system and method that allows a device to complete a single complete authentication sequence to a AAA server resulting in as many secure sessions required for the different applications or subsystems determined by the client’ s identity and the AAA server’s policy. As the device is authenticated, it is determined where there are other sessions for the device. The other sessions are established by generating unique new keying material that is passed to each session. The system and method also supports disjoint authentication server farms and disjoint policy or authorization servers for multi-session establishment. The authentication server can be provided with global knowledge of authenticators for additional sessions for a supplicant and can split authentication requests as needed to different authentication servers.
摘要翻译：一种允许设备完成到AAA服务器的单个完整认证序列的系统和方法，从而产生由客户端身份和AAA服务器策略确定的不同应用或子系统所需的安全会话数量。当设备进行身份验证时，确定设备的其他会话位置。其他会话通过生成传递给每个会话的唯一新的密钥材料来建立。该系统和方法还支持不连续的认证服务器场和不相交的策略或授权服务器，用于多会话建立。认证服务器可以被提供给认证者的全球知识，用于请求方的附加会话，并且可以根据需要将认证请求分割到不同的认证服务器。

8. 发明申请

WO2006107542A3 SYSTEM AND METHOD FOR ACHIEVING MACHINE AUTHENTICATION WITHOUT MAINTAINING ADDITIONAL CREDENTIALS 审中-公开
公开(公告)号：WO2006107542A3
公开(公告)日：2006-10-12
申请号：PCT/US2006/009195
申请日：2006-03-15
申请人： CISCO TECHNOLOGY, INC.
发明人： ZHOU, Hao , SALOWEY, Joseph , CAM WINGET, Nancy
IPC分类号： H04L9/00
摘要： A Machine Authentication PAC (Protected Access Credential) serves as machine credentials to obtain network access without requiring server storage and management of the additional set of credentials. The first time authentication is performed, user authentication is executed. After the supplicant and server have mutually authenticated each other and satisfied other validations, the supplicant requests a Machine Authentication PAC from the server. The Server randomly generates a cryptographic key (Device Key) and sends it to the supplicant along with an encrypted ticket, comprising the Device Key and other information and encrypted with a key only known to the Server. The supplicant caches the Machine Authentication PAC in its non-volatile memory for future use. When the machine needs to access certain network services before a user is available, the supplicant uses the Machine Authentication PAC to gain authorization for the machine to limited access on the network, without requiring user input.

9. 发明申请

WO2005048524A1 PROTECTED DYNAMIC PROVISIONING OF CREDENTIALS 审中-公开
标题翻译：保护动态提供证据
公开(公告)号：WO2005048524A1
公开(公告)日：2005-05-26
申请号：PCT/US2004/033477
申请日：2004-10-12
申请人： CISCO TECHNOLOGY, INC.
发明人： CAM WINGET, Nancy , KRISCHER, Mark , FRENKEL, Ilan , ZHOU, Hau
IPC分类号： H04L9/08
CPC分类号： H04L63/0442 , H04L63/0435 , H04L63/061 , H04L63/0823 , H04L63/162 , H04L63/166
摘要： A method and implementation is disclosed for secure communication between two or more parties. A secure tunnel is established between parties using an encryption algorithm. An authentication process is performed between parties over the secured tunnel. The provisioning of credentials is thereafter performed between parties.
摘要翻译：公开了一种用于两个或多个方之间的安全通信的方法和实现。使用加密算法在各方之间建立安全通道。在安全隧道之间的各方之间执行认证过程。之后在各方之间执行凭证的提供。

10. 发明申请

WO2006084025A3 METHOD AND SYSTEM FOR INTER-SUBNET PRE-AUTHENTICATION 审中-公开
公开(公告)号：WO2006084025A3
公开(公告)日：2006-08-10
申请号：PCT/US2006/003667
申请日：2006-02-02
申请人： CISCO TECHNOLOGY, INC.
发明人： STIEGLITZ, Jeremy , CAM WINGET, Nancy
IPC分类号： H04L9/00 , H04K1/00
摘要： A method and system for performing pre-authentication across inter-subnets. A pre-authentication request is received by a first access point associated with a first subnet from a mobile node requesting that is requesting pre-authentication with a second access point associated with a second subnet. The request is forwarded by the access point to a first authenticator that is the authenticator for the first subnet. The first authenticator obtains from a root infrastructure node the address for a second authenticator that is the authenticator for the second access point. The first authenticator then pre-authenticates the mobile node with the second authenticator by sending a message to the address for the second authenticator.

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式