专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US07743408B2 Secure association and management frame verification 有权
标题翻译：安全关联和管理框架验证
公开(公告)号：US07743408B2
公开(公告)日：2010-06-22
申请号：US10734817
申请日：2003-12-12
申请人： Bernard D. Aboba , Timothy M. Moore
发明人： Bernard D. Aboba , Timothy M. Moore
IPC分类号： G06F7/04
CPC分类号： H04W48/20 , H04L63/0823 , H04L63/0869 , H04W12/06
摘要： Network devices access a communications network and engage in secure associations with one or more network access points upon authenticating the access points and upon verifying the discovery information that is broadcast by the access point. Once a secure association is created, management frames that are subsequently transmitted between the network devices and the access points and that are used to control the secure association are verified to further enhance the security of the communications network.
摘要翻译：网络设备访问通信网络并且在认证接入点之后并且在验证由接入点广播的发现信息时，与一个或多个网络接入点进行安全关联。一旦创建了安全关联，则验证随后在网络设备和接入点之间传输并用于控制安全关联的管理帧，以进一步增强通信网络的安全性。

2. 发明申请

US20090124205A1 PHYSICAL AND MAC ADAPTATION FOR INTERFERENCE MITIGATION WITH COGNITIVE RADIO 有权
标题翻译：用于认知无线电干扰减轻的物理和MAC适配
公开(公告)号：US20090124205A1
公开(公告)日：2009-05-14
申请号：US11939217
申请日：2007-11-13
申请人： Bernard D. Aboba , Paramvir Bahl , Gopala S. Narlanka , Jitendra D. Padhye , Bozidar Radunovic , Ramachandran Ramjee , Kun Tan , Miguel Oom Temudo de Castro
发明人： Bernard D. Aboba , Paramvir Bahl , Gopala S. Narlanka , Jitendra D. Padhye , Bozidar Radunovic , Ramachandran Ramjee , Kun Tan , Miguel Oom Temudo de Castro
IPC分类号： H04B17/00
CPC分类号： H04B17/382 , H04B17/345
摘要： A communication device cognitively monitors interference signals across a communication band so that adaptations for physical and medium access control (MAC) of data packet transmissions are appropriate for a particular interference signal. Characteristics of an interference signal of interest (e.g., bandwidth, power and/or duration relative to an average data packet transmitted over a communication channel of the communication device) are sensed for an appropriate adaptation (e.g., forward error correction, modulation technique, back off, request to send/clear to send protocol, etc.). Patterns for known types of interference sources can be compared so that when recognized an associated adaptation can be used.
摘要翻译：通信设备认知地监测跨通信频带的干扰信号，使得数据分组传输的物理和媒体接入控制（MAC）的适配适用于特定的干扰信号。感兴趣的干扰信号的特征（例如，相对于在通信设备的通信信道上传输的平均数据分组的带宽，功率和/或持续时间）被适当的适配（例如，前向纠错，调制技术，后向关闭，请求发送/清除发送协议等）。可以比较已知类型的干扰源的模式，使得当识别出可以使用相关联的适配时。

3. 发明授权

US06941465B1 Method of enforcing a policy on a computer network 失效
标题翻译：在计算机网络上执行策略的方法
公开(公告)号：US06941465B1
公开(公告)日：2005-09-06
申请号：US09360912
申请日：1999-07-26
申请人： Ashwin Palekar , Bernard D. Aboba , Narendra C. Gidwani , Michel Guittet , Todd L. Paul , David L. Eitelbach , Stephen E. Bensley
发明人： Ashwin Palekar , Bernard D. Aboba , Narendra C. Gidwani , Michel Guittet , Todd L. Paul , David L. Eitelbach , Stephen E. Bensley
IPC分类号： G06F21/00 , H04L9/00 , H04L29/06
CPC分类号： H04L63/102 , G06F21/6218 , H04L63/20
摘要： A policy server program evaluates one or more policy statements based on the group or groups to which a user belongs as well as other conditions. Each policy statement expresses an implementation of the access policy of the network, and is associated with a profile. The profile contains one or more actions that are to be applied to the user. The policy server program determines the identity of the group or groups to which the user belongs by referencing one or more group attributes contained in a user object which is located in a directory on the network. The user object and its group parameters are established when the user is added to the directory, while a policy statement for a group can be created at any time.
摘要翻译：策略服务器程序根据用户所属的组或其他条件来评估一个或多个策略语句。每个策略语句表示网络的访问策略的实现，并且与配置文件相关联。配置文件包含要应用于用户的一个或多个操作。策略服务器程序通过引用位于网络上的目录中的用户对象中包含的一个或多个组属性来确定用户所属的组或组的身份。当用户添加到目录时，建立用户对象及其组参数，同时可以创建组的策略语句。

4. 发明授权

US07778170B2 Spectrum and medium access allocation for fairness 有权
标题翻译：频谱和媒体访问分配公平
公开(公告)号：US07778170B2
公开(公告)日：2010-08-17
申请号：US11939625
申请日：2007-11-14
申请人： Bernard D. Aboba , Paramvir Bahl , Miguel Oom Temudo de Castro , Gopala S. Narlanka , Jitendra D. Padhye , Bozidar Raduvic , Ramachandran Ramjee , Kun Tan
发明人： Bernard D. Aboba , Paramvir Bahl , Miguel Oom Temudo de Castro , Gopala S. Narlanka , Jitendra D. Padhye , Bozidar Raduvic , Ramachandran Ramjee , Kun Tan
IPC分类号： H04J1/16
CPC分类号： H04W28/20 , H04W84/18
摘要： Each node or link of an ad hoc network assists in the distributed allocation of a data channel to increase fairness, even in a multi-hop network, by tracking a measure of link weight for itself and sharing this information over a control channel with neighboring nodes. The metric can be provided over a dedicated control channel, added as a header to data communication on a data channel, or inferred by monitoring data traffic from the neighboring node. The link weight can be adjusted by a link quality factor based on provided or inferred metrics such as transmission rates, ratio of transmission errors, idle time, etc. For multiple flow queues at a subject node, one with a higher transmission rate can be selected for increased fairness. When a packet is received, medium access includes allocating bandwidth, including bonding multiple frequencies that are determined to be available to both nodes.
摘要翻译：自组织网络的每个节点或链路有助于数据信道的分布式分配，以便甚至在多跳网络中，通过跟踪自身的链路权重的度量并且通过与相邻节点的控制信道共享该信息来增加公平性。该度量可以通过专用控制信道提供，作为标题添加到数据信道上的数据通信，或通过监视来自相邻节点的数据业务来推断。链路权重可以通过基于提供或推断的度量（例如传输速率，传输错误率，空闲时间等）的链路质量因子进行调整。对于主体节点处的多个流队列，可以选择具有较高传输速率的流量队列增加公平性。当接收到分组时，介质访问包括分配带宽，包括绑定被确定为可用于两个节点的多个频率。

5. 发明授权

US07636935B2 Method of enforcing a policy on a computer network 失效
标题翻译：在计算机网络上执行策略的方法
公开(公告)号：US07636935B2
公开(公告)日：2009-12-22
申请号：US11197155
申请日：2005-08-04
申请人： Ashwin Palekar , Bernard D. Aboba , Narendra C. Gidwani , Michel Guittet , Todd L. Paul , David L. Eitelbach , Stephen E. Bensley
发明人： Ashwin Palekar , Bernard D. Aboba , Narendra C. Gidwani , Michel Guittet , Todd L. Paul , David L. Eitelbach , Stephen E. Bensley
IPC分类号： H04L9/00 , H04L9/32
CPC分类号： H04L63/102 , G06F21/6218 , H04L63/20
摘要： A policy server program evaluates one or more policy statements based on the group or groups to which a user belongs as well as other conditions. Each policy statement expresses an implementation of the access policy of the network, and is associated with a profile. The profile contains one or more actions that are to be applied to the user. The policy server program determines the identity of the group or groups to which the user belongs by referencing one or more group attributes contained in a user object which is located in a directory on the network. The user object and its group parameters are established when the user is added to the directory, while a policy statement for a group can be created at any time.
摘要翻译：策略服务器程序根据用户所属的组或其他条件来评估一个或多个策略语句。每个策略语句表示网络的访问策略的实现，并且与配置文件相关联。配置文件包含要应用于用户的一个或多个操作。策略服务器程序通过引用位于网络上的目录中的用户对象中包含的一个或多个组属性来确定用户所属的组或组的身份。当用户添加到目录时，建立用户对象及其组参数，同时可以创建组的策略语句。

6. 发明授权

US07549048B2 Efficient and secure authentication of computing systems 有权
标题翻译：计算系统的高效安全认证
公开(公告)号：US07549048B2
公开(公告)日：2009-06-16
申请号：US10804591
申请日：2004-03-19
申请人： Trevor William Freeman , Timothy M. Moore , Bernard D. Aboba , Daniel R. Simon
发明人： Trevor William Freeman , Timothy M. Moore , Bernard D. Aboba , Daniel R. Simon
IPC分类号： H04L9/00
CPC分类号： H04L63/0428 , G06F21/31 , H04L63/0838 , H04L63/0846 , H04L63/166 , H04L63/205
摘要： The principles of the present invention relate to systems, methods, and computer program products for more efficiently and securely authenticating computing systems. In some embodiments, a limited use credential is used to provision more permanent credentials. A client receives a limited-use (e.g., a single-use) credential and submits the limited-use credential over a secure link to a server. The server provisions an additional credential (for subsequent authentication) and sends the additional credential to the client over the secure link. In other embodiments, computing systems automatically negotiate authentication methods using an extensible protocol. A mutually deployed authentication method is selected and secure authentication is facilitated with a tunnel key that is used encrypt (and subsequently decrypt) authentication content transferred between a client and a server. The tunnel key is derived from a shared secret (e.g., a session key) and nonces.
摘要翻译：本发明的原理涉及用于更有效和安全地认证计算系统的系统，方法和计算机程序产品。在一些实施例中，使用有限使用凭证来提供更多的永久证书。客户端接收有限使用（例如，一次性使用）凭证，并通过安全链接提交有限使用凭证到服务器。服务器提供附加证书（用于后续认证），并通过安全链路将附加证书发送给客户端。在其他实施例中，计算系统使用可扩展协议自动协商认证方法。选择相互部署的认证方法，并且利用在客户机和服务器之间传送的认证内容进行加密（并且随后解密）的隧道密钥来促进安全认证。隧道密钥从共享秘密（例如，会话密钥）和随机数导出。

7. 发明申请

US20080279092A1 Channel control based on error correction values 有权
标题翻译：基于纠错值的通道控制
公开(公告)号：US20080279092A1
公开(公告)日：2008-11-13
申请号：US11801785
申请日：2007-05-11
申请人： Amer A. Hassan , Bernard D. Aboba , Kun Tan , Jiansong Zhang
发明人： Amer A. Hassan , Bernard D. Aboba , Kun Tan , Jiansong Zhang
IPC分类号： G06F11/00
CPC分类号： H04L1/002 , H04L1/0002 , H04L1/0009 , H04L1/0021 , H04L1/203
摘要： A computing device configured for wireless communication may effectively control adaptation to channel conditions. The device may be configured to identify and classify conditions impacting performance of a channel so that appropriate adaptations may be made. Interference may be detected by correlating received signal strength and packet errors. High received signal strength correlated to a high packet error rate may signify presence of a source of interference. Once a source of interference is detected, other criteria may be used to determine the nature of the interference so that an adaptation that is minimally disruptive of applications can be selected. Additionally, channel degradation may be predicted by monitoring trends in error rates, including Forward Error Correction rates, and adaptation may be used before packet error rates exceed an unacceptable level.
摘要翻译：配置用于无线通信的计算设备可以有效地控制对信道条件的适配。该设备可以被配置为识别和分类影响信道性能的条件，以便进行适当的调整。可以通过将接收的信号强度和分组错误相关联来检测干扰。与高分组错误率相关的高接收信号强度可能意味着存在干扰源。一旦检测到干扰源，可以使用其他标准来确定干扰的性质，从而可以选择最小程度地破坏应用的适配。另外，可以通过监视错误率的趋势（包括前向纠错率）来预测信道恶化，并且可以在分组错误率超过不可接受的水平之前使用适配。

8. 发明授权

US07287276B2 Coordinated network initiator management that avoids security conflicts 有权
标题翻译：协调网络启动器管理，避免安全冲突
公开(公告)号：US07287276B2
公开(公告)日：2007-10-23
申请号：US10658838
申请日：2003-09-08
申请人： Alan M. Warwick , Bernard D. Aboba
发明人： Alan M. Warwick , Bernard D. Aboba
IPC分类号： G06F15/16 , G06F17/00 , G06F9/00
CPC分类号： H04L63/0428 , H04L63/08 , H04L63/166 , H04L63/20 , H04L67/1097
摘要： An abstraction module that facilitates security configuration amongst a number of initiators in a manner that there are no conflicts in the security information across all initiators. The abstraction module exposes a common interface that may be used to configure any of the initiators, receives through this common interface an indication that a selected one of the initiators is to be configured to communicate with a selected target device, and retrieves security information from a common database, the database including information that is relevant to configuring security for any of the plurality of initiators. The abstraction module identifies a security configuration for the selected initiator using the retrieved security information and, if the settings would not cause a conflict with any of the other of the initiators, uses the identified security configuration to configure the selected initiator.
摘要翻译：一种抽象模块，可以在多个启动器之间实现安全配置，方式是在所有启动器之间的安全信息中没有冲突。抽象模块公开了可以用于配置任何发起者的公共接口，通过该公共接口接收指示所选择的一个发起者被配置为与所选择的目标设备进行通信，并且从一个公共数据库，数据库包括与为多个发起者中的任何一个配置安全性相关的信息。抽象模块使用检索到的安全信息来识别所选择的启动器的安全配置，并且如果设置不会引起与任何其他启动器的冲突，则使用所识别的安全配置来配置所选择的启动器。

9. 发明授权

US06850528B1 System and method for maintaining network system information 有权
标题翻译：维护网络系统信息的系统和方法
公开(公告)号：US06850528B1
公开(公告)日：2005-02-01
申请号：US09197405
申请日：1998-11-20
申请人： Kenneth Lynn Crocker , Wei Jiang , Gurdeep Singh Pall , Bernard D. Aboba , Narendra C. Gidwani
发明人： Kenneth Lynn Crocker , Wei Jiang , Gurdeep Singh Pall , Bernard D. Aboba , Narendra C. Gidwani
IPC分类号： H04L12/24 , H04L12/56
CPC分类号： H04L45/00 , H04L41/22
摘要： A system for maintaining network information. The system resides in a network comprising a plurality of sub-networks in communication with one another over a communications backbone. Each sub-network has a router for use in performing communications with other sub-networks. A directory service is linked to the communications backbone and includes a database. The database stores router attribute information that is published by each of the routers. Using a query engine associated with the directory service, meaningful information can be gathered from the database as a function of specified router attribute information.
摘要翻译：维护网络信息的系统。系统驻留在包括通过通信骨干彼此通信的多个子网络的网络中。每个子网络具有用于与其他子网络进行通信的路由器。目录服务链接到通信骨干网，并包括一个数据库。数据库存储每个路由器发布的路由器属性信息。使用与目录服务相关联的查询引擎，可以根据指定的路由器属性信息从数据库收集有意义的信息。

10. 发明授权

US07856655B2 System and method for improved network security 有权
标题翻译：提高网络安全性的系统和方法
公开(公告)号：US07856655B2
公开(公告)日：2010-12-21
申请号：US10882537
申请日：2004-06-30
申请人： Brian D. Swander , Bernard D. Aboba
发明人： Brian D. Swander , Bernard D. Aboba
IPC分类号： H04L9/32 , G06F7/04 , H04K1/00 , G06F15/16 , G06F17/00
CPC分类号： H04L63/0236 , H04L63/061 , H04L63/08 , H04L63/164
摘要： A system is provided for establishing a secure link among multiple users on a single machine with a remote machine. The system includes a subsystem to filter traffic so that traffic from each user is separate. The subsystem generates and associates a Security Association (SA) with at least one filter corresponding to the user and the traffic, and employs the SA to establish the secure link. An Internet Key Exchange module and a policy module may be included to generate and associate the security association, wherein the policy module is configured via Internet Protocol Security (IPSEC).
摘要翻译：提供了一种用于在具有远程机器的单个机器上的多个用户之间建立安全链路的系统。该系统包括一个过滤流量的子系统，以便来自每个用户的流量是分开的。子系统生成并将安全关联（SA）与至少一个与用户和流量对应的过滤器关联起来，并使用SA建立安全链路。可以包括互联网密钥交换模块和策略模块以生成和关联安全关联，其中策略模块通过因特网协议安全（IPSEC）配置。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式