专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08726022B2 Method for the access of the mobile terminal to the WLAN and for the data communication via the wireless link securely 有权
标题翻译：用于通过无线链路可靠地接入移动终端到WLAN和进行数据通信的方法
公开(公告)号：US08726022B2
公开(公告)日：2014-05-13
申请号：US10534067
申请日：2003-08-05
申请人： Manxia Tie , Houjian Tang , Bianling Zhang , Ning Zhang , Xumao Ye
发明人： Manxia Tie , Houjian Tang , Bianling Zhang , Ning Zhang , Xumao Ye
IPC分类号： H04L29/06
CPC分类号： H04W12/06 , H04L63/0442 , H04L63/0823 , H04L63/0869 , H04L63/10 , H04W8/00 , H04W12/04 , H04W80/04 , H04W84/12
摘要： The present invention relates to a method for the secure access of mobile terminal to the Wireless Local Area Network (WLAN) and for secure data communication via wireless link, which, combining the common key encryption technology and the symmetry encryption technology, has resolved the failure in WLAN to provide effective control on secure MT access, and overcome the limitation on the confidentiality of the data communication via wireless link. When MT logs on AP, both parts must perform the certificate authentication through AS. Only the MT holding the legitimate certificate can access to AP holing the legitimate certificate; MT and AP perform the negotiation of common key for conversation, complete the dynamic revision of the secret key in each authentication, each secret key and in the process of conversation to achieve confidential data communication. Anyway, the method has not only achieved control on the access of MT, but also ensured the security of MT access and high confidentiality of communication.
摘要翻译：本发明涉及移动终端安全接入无线局域网（WLAN）和通过无线链路进行安全数据通信的方法，其结合了公共密钥加密技术和对称加密技术，解决了故障在WLAN中提供对安全MT接入的有效控制，并克服了通过无线链路对数据通信的机密性的限制。当MT登录AP时，两个部分必须通过AS执行证书认证。只有持有合法证书的MT才能访问AP合法证书; MT和AP执行会话通用密钥的协商，在每个认证，每个密钥和对话过程中完成密钥的动态修改，实现机密数据通信。无论如何，该方法不仅可以实现对MT的访问控制，而且可以保证MT接入的安全性和高度的通信机密性。

2. 发明申请

US20100037302A1 PEER-TO-PEER ACCESS CONTROL METHOD OF TRIPLE UNIT STRUCTURE 有权
标题翻译：三重单元结构的对等接入控制方法
公开(公告)号：US20100037302A1
公开(公告)日：2010-02-11
申请号：US12519955
申请日：2007-06-25
申请人： Xiaolong Lai , Jun Cao , Manxia Tie , Bianling Zhang
发明人： Xiaolong Lai , Jun Cao , Manxia Tie , Bianling Zhang
IPC分类号： H04L29/06
CPC分类号： H04L63/0869
摘要： This invention relates to a peer-to-peer access control method of a triple-unit structure for safely implementing bidirectional authentication between the terminal and the network. According to the method, on the basis of the access control method of the existing double-unit triple-entity structure, the authenticator function is implemented in the access controller, and the authentication protocol function is implemented in the terminal and the access controller, so that the terminal, the access controller and the server all participate in the authentication, and the trust relationship is established between the terminal and the access controller directly, which renders security very reliable. The invention not only solves the technical problems of the access control method of the existing double-unit double-entity structure that the access flexibility is limited and the extension of the number of the access controllers is inconvenient, but also solves the technical problems of the existing access control method of the double-unit triple-entity structure that the process for establishing the trust relationship is complicated and the security of the network may be influenced, thus achieving advantages of high security performance, no requirement of changing existing network structures and relative independency of the authentication protocol.
摘要翻译：本发明涉及用于在终端和网络之间安全地实现双向认证的三单元结构的对等接入控制方法。根据该方法，在现有的双单元三实体结构的访问控制方法的基础上，在接入控制器中实现认证方的功能，在终端和接入控制器中实现认证协议功能，终端，接入控制器和服务器都参与认证，直接在终端和接入控制器之间建立信任关系，使安全性非常可靠。本发明不仅解决了现有的双单元双实体结构的访问控制方法的技术问题，即访问灵活性有限，访问控制器数量的扩展不方便，而且解决了建立信任关系的过程复杂，网络安全性可能受影响的双单元三实体结构的现有访问控制方法，从而实现高安全性能的优势，无需改变现有网络结构和相对性认证协议的独立性。

3. 发明申请

US20090300358A1 METHOD FOR MANAGING NETWORK KEY AND UPDATING SESSION KEY 有权
标题翻译：用于管理网络密钥和更新会话密钥的方法
公开(公告)号：US20090300358A1
公开(公告)日：2009-12-03
申请号：US12442513
申请日：2007-07-17
申请人： Liaojun Pang , Jun Cao , Haibo Tian , Zhenhai Huang , Bianling Zhang
发明人： Liaojun Pang , Jun Cao , Haibo Tian , Zhenhai Huang , Bianling Zhang
IPC分类号： H04L9/32 , H04L9/06
CPC分类号： H04L9/0891 , H04L2209/80 , H04W12/04 , H04W12/10
摘要： A method for managing network key and updating session key is provided. The step of the key management includes: constructing key request group, constructing key negotiation response group, and constructing key negotiation acknowledgement group. The step of multicasting key management method includes multicasting main key negotiation protocol and multicasting session key distribution protocol. The multicasting main key negotiation protocol comprises key updating informs group, constructing encryption key negotiation request group, constructing key negotiation response group and constructing key negotiation acknowledgement group. The multicasting session key distribution protocol comprises multicasting session key request and multicasting session key distribution.
摘要翻译：提供了一种管理网络密钥和更新会话密钥的方法。密钥管理的步骤包括：构建密钥请求组，建立密钥协商响应组，建立密钥协商确认组。组播密钥管理方法的步骤包括组播主密钥协商协议和组播会话密钥分发协议。组播主密钥协商协议包括密钥更新通知组，构建加密密钥协商请求组，建立密钥协商响应组，构建密钥协商确认组。组播会话密钥分发协议包括组播会话密钥请求和组播会话密钥分发。

4. 发明授权

US08631232B2 Wireless personal area network accessing method 有权
标题翻译：无线个域网访问方式
公开(公告)号：US08631232B2
公开(公告)日：2014-01-14
申请号：US12863272
申请日：2009-01-14
申请人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang , Bianling Zhang , Zhiqiang Qin , Qizhu Song
发明人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang , Bianling Zhang , Zhiqiang Qin , Qizhu Song
IPC分类号： H04L29/00
CPC分类号： H04W12/04 , H04L63/205 , H04W12/06
摘要： A wireless personal area network accessing method is provided, the method includes that: a coordinator broadcasts a beacon frame, the beacon frame includes the information about whether the coordinator sends an authentication requirement, the beacon frame also includes the authentication supported by the coordinator and key management package when a device receipts the authentication requirement, the device receives the beacon frame, the authentication between the coordinator and the device is made by using a authentication method corresponding to the authentication supported by the coordinator and key management package, when the device determines that the coordinator and the device is directly made according to the authentication result, or the association between the coordinator and the device is made after making session key negotiation.
摘要翻译：提供了无线个人区域网络访问方法，该方法包括：协调器广播信标帧，信标帧包括关于协调器是否发送认证要求的信息，信标帧还包括由协调器和密钥支持的认证管理包，当设备收到认证要求时，设备收到信标帧，协调器和设备之间的认证是通过使用与协调器和密钥管理包所支持的认证相对应的认证方法进行的，当设备确定协调器和设备根据认证结果直接进行，或者在进行会话密钥协商之后进行协调器与设备之间的关联。

5. 发明授权

US08225092B2 Access authentication method suitable for the wire-line and wireless network 有权
标题翻译：接入认证方式适用于有线和无线网络
公开(公告)号：US08225092B2
公开(公告)日：2012-07-17
申请号：US11816743
申请日：2006-02-21
申请人： Xiaolong Lal , Jun Cao , Hong Guo , Zhenhai Huang , Bianling Zhang
发明人： Xiaolong Lal , Jun Cao , Hong Guo , Zhenhai Huang , Bianling Zhang
IPC分类号： H04L29/06
CPC分类号： H04L63/0823 , H04L9/083 , H04L9/0891 , H04L9/3263 , H04L9/3273 , H04L2209/80
摘要： An access authentication method includes pre-establishing a security channel between the authentication server of the access point and the authentication server of the user terminal and performing the authentication process at user terminal and access point. The authentication process includes 1) the access point sending the authentication_activating message; 2) the user terminal sending the authentication server of user terminal request message; 3) the authentication server of the user terminal sending to the user terminal response message; and 4) completing the authentication.
摘要翻译：访问认证方法包括在接入点的认证服务器和用户终端的认证服务器之间预先建立安全信道，并在用户终端和接入点执行认证过程。认证过程包括：1）接入点发送认证激活消息; 2）用户终端发送用户终端请求消息的认证服务器; 3）用户终端的认证服务器发送给用户终端应答消息; 和4）完成认证。

6. 发明授权

US08176325B2 Peer-to-peer access control method based on ports 有权
标题翻译：基于端口的对等访问控制方法
公开(公告)号：US08176325B2
公开(公告)日：2012-05-08
申请号：US11816715
申请日：2006-02-21
申请人： Xiaolong Lai , Jun Cao , Bianling Zhang , Zhenhai Huang , Hong Guo
发明人： Xiaolong Lai , Jun Cao , Bianling Zhang , Zhenhai Huang , Hong Guo
IPC分类号： H04L29/06
CPC分类号： H04L63/0869 , H04L9/0894 , H04L9/321 , H04L2209/80
摘要： A port based peer access control method, comprises the steps of: 1) enabling the authentication control entity; 2) two authentication control entities authenticating each other; 3) setting the status of the controlled port. The method may further comprise the steps of enabling the authentication server entity, two authentication subsystems negotiating the key. By modifying the asymmetry of background technique, the invention has advantages of peer control, distinguishable authentication control entity, good scalability, good security, simple key negotiation process, relatively complete system, high flexibility, thus the invention can satisfy the requirements of central management as well as resolve the technical issues of the prior network access control method, including complex process, poor security, poor scalability, so it provides essential guarantee for secure network access.
摘要翻译：一种基于端口的对等接入控制方法，包括步骤：1）启用认证控制实体; 2）两个认证控制实体相互认证; 3）设置受控端口的状态。该方法还可以包括以下步骤：启用认证服务器实体，两个认证子系统协商该密钥。通过修改背景技术的不对称性，本发明具有对等控制，可区分认证控制实体，良好的可扩展性，良好的安全性，简单的密钥协商过程，系统相对完整，灵活性高等优点，因此本发明可以满足中央管理的要求解决现有网络访问控制方法的技术问题，包括复杂过程，安全性差，可扩展性差，为安全网络访问提供了必要的保证。

7. 发明申请

US20110055561A1 ACCESS AUTHENTICATION METHOD SUITABLE FOR THE WIRE-LINE AND WIRELESS NETWORK 有权
标题翻译：适用于线路和无线网络的接入认证方法
公开(公告)号：US20110055561A1
公开(公告)日：2011-03-03
申请号：US11816743
申请日：2006-02-21
申请人： Xiaolong Lai , Jun Cao , Hong Guo , Zhenhai Huang , Bianling Zhang
发明人： Xiaolong Lai , Jun Cao , Hong Guo , Zhenhai Huang , Bianling Zhang
IPC分类号： G06F21/00 , H04L9/32
CPC分类号： H04L63/0823 , H04L9/083 , H04L9/0891 , H04L9/3263 , H04L9/3273 , H04L2209/80
摘要： An access authentication method includes pre-establishing a security channel between the authentication server of the access point and the authentication server of the user terminal and performing the authentication process at user terminal and access point. The authentication process includes 1) the access point sending the authentication_activating message; 2) the user terminal sending the authentication server of user terminal request message; 3) the authentication server of the user terminal sending to the user terminal response message; and 4) completing the authentication.
摘要翻译：访问认证方法包括在接入点的认证服务器和用户终端的认证服务器之间预先建立安全信道，并在用户终端和接入点执行认证过程。认证过程包括：1）接入点发送认证激活消息; 2）用户终端发送用户终端请求消息的认证服务器; 3）用户终端的认证服务器发送给用户终端应答消息; 和4）完成认证。

8. 发明授权

US08572378B2 Method for protecting the first message of security protocol 有权
标题翻译：保护安全协议第一条消息的方法
公开(公告)号：US08572378B2
公开(公告)日：2013-10-29
申请号：US13140632
申请日：2009-12-07
申请人： Xiaolong Lai , Jun Cao , Yuelei Xiao , Manxia Tie , Zhenhai Huang , Bianling Zhang , Yanan Hu
发明人： Xiaolong Lai , Jun Cao , Yuelei Xiao , Manxia Tie , Zhenhai Huang , Bianling Zhang , Yanan Hu
IPC分类号： H04L29/06
CPC分类号： H04W12/10 , H04L9/0838 , H04L9/3242 , H04L9/3273 , H04L63/123 , H04L2209/80
摘要： The present invention provides a method for protecting the first message of a security protocol and the method includes the following steps: 1) initialization step; 2) the initiating side sends the first message; 3) the responding side receives the first message. The method for protecting the first message of the security protocol provided by the present invention can implement that: 1) Pre-Shared Master Key (PSMK), which is shared by the initiating side and responding side, and the security parameter in the first message are bound by using computation function of Message Integrality Code (MIC) or Message Authentication Code (MAC), and thus the fabrication attack of the first message in the security protocol is avoided effectively; 2) during computing the MIC or MAC of the first message, only PSMK and the security parameter of the first message are selected to be computed, and thus the computation load of the initiating side and the responding side is effectively reduced and the computation resource is saved.
摘要翻译：本发明提供一种保护安全协议的第一消息的方法，该方法包括以下步骤：1）初始化步骤; 2）发起方发送第一个消息; 3）响应端接收第一条消息。用于保护本发明提供的安全协议的第一消息的方法可以实现：1）由起始侧和响应侧共享的预共享主密钥（PSMK）和第一消息中的安全参数通过使用消息完整性代码（MIC）或消息认证码（MAC）的计算功能来限制，从而有效地避免了安全协议中的第一消息的制造攻击; 2）在计算第一个消息的MIC或MAC期间，仅选择PSMK和第一个消息的安全参数进行计算，从而有效减少发起方和响应方的计算负载，计算资源为保存

9. 发明授权

US08417951B2 Roaming authentication method based on WAPI 有权
标题翻译：基于WAPI的漫游认证方法
公开(公告)号：US08417951B2
公开(公告)日：2013-04-09
申请号：US12990580
申请日：2009-05-11
申请人： Bianling Zhang , Jun Cao , Xiaolong Lai
发明人： Bianling Zhang , Jun Cao , Xiaolong Lai
IPC分类号： H04W12/06
CPC分类号： H04W12/06 , H04L63/0823 , H04W84/12
摘要： A roaming authentication method based on WAPI. The present invention includes the steps of adopting a terminal and a wireless access point to initiate a WAPI security mechanism, relating the terminal to the wireless access point, and initiating a WAPI authentication process and so on. And a highly safe and convenient roaming authentication method based on WAPI is provided, so as to solve the technical problem that how the specific method of certificate roaming authentication is realized, the certificate of external network authentication server can not be obtained to establish a trustful relationship, and the terminal perhaps can not realize roaming authentication.
摘要翻译：基于WAPI的漫游认证方法。本发明包括以下步骤：采用终端和无线接入点来发起WAPI安全机制，将终端与无线接入点相关联，并启动WAPI认证过程等。并提供了一种基于WAPI的高度安全，便捷的漫游认证方法，解决了如何实现证书漫游认证的具体方法的技术问题，无法获得外部网络认证服务器的证书建立可信赖的关系终端可能无法实现漫游认证。

10. 发明申请

US20110029776A1 WIRELESS PERSONAL AREA NETWORK ACCESS METHOD BASED ON PRIMITIVE 有权
标题翻译：基于初步的无线个人区域网络接入方法
公开(公告)号：US20110029776A1
公开(公告)日：2011-02-03
申请号：US12863285
申请日：2009-01-14
申请人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang , Bianling Zhang , Zhiqiang Qin , Qizhu Song
发明人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang , Bianling Zhang , Zhiqiang Qin , Qizhu Song
IPC分类号： H04L9/32
CPC分类号： H04W12/04 , H04L29/08576 , H04L63/0428 , H04L63/08 , H04W12/06
摘要： A wireless personal area network access method based on the primitive, includes: a coordinator broadcasts a beacon frame to the device which requests connecting to the wireless personal area network (WPAN), the beacon frame includes the authentication request information for the device and the authentication and a key management tool supported by the coordinator; the device authenticates the authentication request information, when the coordinator has an authentication request to the device, the coordinator and the device execute the authentication based on the primitive and obtains the conversation key.
摘要翻译：基于原语的无线个人区域网络访问方法包括：协调器向请求连接到无线个域网（WPAN）的设备广播信标帧，信标帧包括用于设备的认证请求信息和认证和协调员支持的关键管理工具; 设备对认证请求信息进行认证，当协调器向设备发送认证请求时，协调器和设备根据原语执行认证，获取会话密钥。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式