专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20070218875A1 Detecting address spoofing in wireless network environments 有权
标题翻译：在无线网络环境中检测地址欺骗
公开(公告)号：US20070218875A1
公开(公告)日：2007-09-20
申请号：US11377151
申请日：2006-03-16
申请人： Patrice Calhoun , Nancy Cam-Winget , Mark Krischer , Robert O'Hara
发明人： Patrice Calhoun , Nancy Cam-Winget , Mark Krischer , Robert O'Hara
IPC分类号： H04M1/66
CPC分类号： H04W12/12 , H04L63/126 , H04L63/1466 , H04L63/1483 , H04W8/26 , H04W84/12
摘要： Methods, apparatuses and systems directed to detecting address spoofing in wireless networks by, after receiving a wireless management frame, transmitting verification messages to determine whether a given wireless node (e.g., a wireless access point, or wireless client) has legitimately lost its connection state.
摘要翻译：针对无线网络中的地址欺骗检测的方法，装置和系统，在接收到无线管理帧之后，发送验证消息以确定给定的无线节点（例如，无线接入点或无线客户端）是否合法地失去了其连接状态。

2. 发明申请

US20110113252A1 CONCIERGE REGISTRY AUTHENTICATION SERVICE 审中-公开
标题翻译：协调注册认证服务
公开(公告)号：US20110113252A1
公开(公告)日：2011-05-12
申请号：US12613784
申请日：2009-11-06
申请人： Mark Krischer , James Edward Burns , Nancy Cam-Winget , Esteban Raul Torres
发明人： Mark Krischer , James Edward Burns , Nancy Cam-Winget , Esteban Raul Torres
IPC分类号： H04L9/32
CPC分类号： H04L63/0823 , H04L63/126 , H04W12/12 , H04W48/08 , H04W48/18
摘要： In an example embodiment described herein is an apparatus comprising a transceiver configured to send and receive data, and logic coupled to the transceiver. The logic is configured to determine from a beacon received by the wireless transceiver whether an associated wireless device sending the beacon supports a protocol for advertising available services from the associated wireless device. The logic is configured to send a request for available services from the associated wireless device via the wireless transceiver responsive to determining the associated wireless device supports the protocol. The logic is configured to receive a response to the request via the wireless transceiver, the response comprising a signature. The logic is configured to validate the response by confirming the signature comprises network data cryptographically bound with service data.
摘要翻译：在这里描述的一个示例实施例中，包括被配置为发送和接收数据的收发机和耦合到收发器的逻辑的装置。逻辑被配置为从由无线收发机接收的信标确定发送信标的相关联的无线设备是否支持用于从相关联的无线设备广告可用服务的协议。逻辑被配置为响应于确定相关联的无线设备支持协议，经由无线收发器从相关联的无线设备发送可用服务的请求。逻辑被配置为经由无线收发器接收对请求的响应，响应包括签名。逻辑被配置为通过确认签名包括加密地与服务数据绑定的网络数据来验证响应。

3. 发明申请

US20080184331A1 Intrusion Prevention System for Wireless Networks 有权
标题翻译：无线网络入侵防御系统
公开(公告)号：US20080184331A1
公开(公告)日：2008-07-31
申请号：US11668206
申请日：2007-01-29
申请人： Nancy Cam-Winget , Mark Krischer , Robert B. O'Hara
发明人： Nancy Cam-Winget , Mark Krischer , Robert B. O'Hara
IPC分类号： G06F21/00 , H04L9/00
CPC分类号： H04W12/08 , H04L63/0227 , H04L63/123 , H04L63/1408 , H04W12/02 , H04W84/12
摘要： In one embodiment, a method includes receiving security context information relevant to a connection between a wireless network infrastructure component and a wireless client, wherein the security context information comprises at least, an identification of the wireless client, and wherein the security context information identifies any security protocols associated with the connection; validating the connection based on the security context information; and transmitting the security context information to one or more detector wireless access points.
摘要翻译：在一个实施例中，一种方法包括接收与无线网络基础设施组件和无线客户端之间的连接相关的安全上下文信息，其中所述安全上下文信息至少包括所述无线客户端的标识，并且其中所述安全上下文信息标识任何与连接相关的安全协议; 基于安全上下文信息验证连接; 以及将所述安全上下文信息发送到一个或多个检测器无线接入点。

4. 发明授权

US07882349B2 Insider attack defense for network client validation of network management frames 有权
标题翻译：内部网络攻击防范网络客户端验证网络管理帧
公开(公告)号：US07882349B2
公开(公告)日：2011-02-01
申请号：US11295334
申请日：2005-12-06
申请人： Nancy Cam-Winget , Mark Krischer , Robert B. O'Hara, Jr.
发明人： Nancy Cam-Winget , Mark Krischer , Robert B. O'Hara, Jr.
IPC分类号： H04L29/06 , H04L9/32 , G06F9/00
CPC分类号： H04L63/061 , H04L63/123 , H04L63/1441 , H04W12/08
摘要： Method for detecting an attack on a broadcast key shared between an access point and its wireless clients. Upon detection of the attack, actions are implemented to react to the attack as defined in one or more security policies. Detection of the attack is achieved by examining both a link message integrity check and an infrastructure management frame protection (IMFP) message integrity check contained in a broadcast management frame.
摘要翻译：用于检测在接入点与其无线客户端之间共享的广播密钥的攻击的方法。在检测到攻击后，将采取行动来对一个或多个安全策略中定义的攻击做出反应。通过检查包含在广播管理帧中的链路消息完整性检查和基础架构管理帧保护（IMFP）消息完整性检查来实现攻击的检测。

5. 发明授权

US07788480B2 Protected dynamic provisioning of credentials 有权
标题翻译：受保护的凭据的动态配置
公开(公告)号：US07788480B2
公开(公告)日：2010-08-31
申请号：US10702167
申请日：2003-11-05
申请人： Nancy Cam Winget , Mark Krischer , Ilan Frenkel , Hao Zhou
发明人： Nancy Cam Winget , Mark Krischer , Ilan Frenkel , Hao Zhou
IPC分类号： H04L29/06 , G06F15/173 , G06F15/16
CPC分类号： H04L63/0442 , H04L63/0435 , H04L63/061 , H04L63/0823 , H04L63/162 , H04L63/166
摘要： A method and implementation is disclosed for secure communication between two or more parties. A secure tunnel is established between parties using an encryption algorithm. An authentication process is performed between parties over the secured tunnel. The provisioning of credentials is thereafter performed between parties.
摘要翻译：公开了一种用于两个或多个方之间的安全通信的方法和实现。使用加密算法在各方之间建立安全通道。在安全隧道之间的各方之间执行认证过程。之后在各方之间执行凭证的提供。

6. 发明授权

US07809354B2 Detecting address spoofing in wireless network environments 有权
标题翻译：在无线网络环境中检测地址欺骗
公开(公告)号：US07809354B2
公开(公告)日：2010-10-05
申请号：US11377151
申请日：2006-03-16
申请人： Patrice R. Calhoun , Nancy Cam-Winget , Mark Krischer , Robert B. O'Hara, Jr.
发明人： Patrice R. Calhoun , Nancy Cam-Winget , Mark Krischer , Robert B. O'Hara, Jr.
IPC分类号： H04M1/66 , H04M1/68 , H04M3/16
CPC分类号： H04W12/12 , H04L63/126 , H04L63/1466 , H04L63/1483 , H04W8/26 , H04W84/12
摘要： Methods, apparatuses and systems directed to detecting address spoofing in wireless networks by, after receiving a wireless management frame, transmitting verification messages to determine whether a given wireless node (e.g., a wireless access point, or wireless client) has legitimately lost its connection state.
摘要翻译：针对无线网络中的地址欺骗检测的方法，装置和系统，在接收到无线管理帧之后，发送验证消息以确定给定的无线节点（例如，无线接入点或无线客户端）是否合法地失去了其连接状态。

7. 发明申请

US20090235077A1 NETWORK INFRASTRUCTURE VALIDATION OF NETWORK MANAGEMENT FRAMES 有权
标题翻译：网络管理框架的网络基础设施验证
公开(公告)号：US20090235077A1
公开(公告)日：2009-09-17
申请号：US12430375
申请日：2009-04-27
申请人： Nancy Cam Winget , Mark Krischer , Sheausong Yang , Ajit Sanzgiri , Timothy Olson , Pauline Shuen
发明人： Nancy Cam Winget , Mark Krischer , Sheausong Yang , Ajit Sanzgiri , Timothy Olson , Pauline Shuen
IPC分类号： H04L9/32 , G06F21/20 , H04W4/00
CPC分类号： H04W12/04 , H04L41/00 , H04L63/062 , H04L63/08 , H04L63/083 , H04L63/123 , H04L63/126 , H04L63/1408 , H04W12/10 , H04W12/12 , H04W84/12 , H04W88/08
摘要： A detection-based defense to a wireless network. Elements of the infrastructure, e.g., access points or scanning-only access points, detect intruders by detecting spoofed frames, such as from rogue access points. Access points include a signature, such as a message integrity check, with their management frames in a manner that enables neighboring access points to be able to validate the management frames, and to detect spoofed frames. When a neighboring access point receives a management frame, obtains a key for the access point sending the frame, and validates the management frame using the key.
摘要翻译：基于检测的无线网络防御。基础设施的元件，例如接入点或仅扫描接入点，通过检测欺骗性帧（例如从流氓接入点）来检测入侵者。接入点包括诸如消息完整性检查之类的签名，以及其管理帧的方式使得相邻接入点能够验证管理帧，并且检测被欺骗的帧。当相邻接入点接收到管理帧时，获取发送帧的接入点的密钥，并使用密钥验证管理帧。

8. 发明授权

US07562224B2 System and method for multi-session establishment for a single device 有权
标题翻译：用于单个设备的多会话建立的系统和方法
公开(公告)号：US07562224B2
公开(公告)日：2009-07-14
申请号：US11098253
申请日：2005-04-04
申请人： Mark Krischer , Nancy Cam Winget
发明人： Mark Krischer , Nancy Cam Winget
IPC分类号： H04L29/06 , H04L9/14
CPC分类号： H04L63/0815 , H04L67/14
摘要： A system and method that allows a device to complete a single complete authentication sequence to a AAA server resulting in as many secure sessions required for the different applications or subsystems determined by the client's identity and the AAA server's policy. As the device is authenticated, it is determined where there are other sessions for the device. The sessions are established by generating unique new keying material that is passed to each session. This can be accomplished by (a) the authenticator or AAA server issuing the keys and distributing them to both the supplicant and applications (via their authenticators); or (b) authenticator or the AAA server mutually generating the session unique keys with the supplicant that are then distributed to the applications (via their authenticators).
摘要翻译：一种允许设备完成到AAA服务器的单个完整认证序列的系统和方法，从而产生由客户机身份和AAA服务器策略确定的不同应用或子系统所需的安全会话数量。当设备进行身份验证时，确定设备的其他会话位置。会话通过生成传递给每个会话的唯一新的密钥材料来建立。这可以通过（a）认证者或AAA服务器发出密钥并将其分发给请求者和应用程序（通过其认证者）来实现; 或者（b）认证者或AAA服务器与请求者相互产生会话唯一密钥，然后分发给应用程序（通过其认证者）。

9. 发明申请

US20050141498A1 Network infrastructure validation of network management frames 有权
标题翻译：网络基础设施验证网络管理框架
公开(公告)号：US20050141498A1
公开(公告)日：2005-06-30
申请号：US11029987
申请日：2005-01-05
申请人： Nancy Cam Winget , Mark Krischer , Timothy Olson , Pauline Shuen , Ajit Sanzgiri , Sheausong Yang
发明人： Nancy Cam Winget , Mark Krischer , Timothy Olson , Pauline Shuen , Ajit Sanzgiri , Sheausong Yang
IPC分类号： H04L12/24 , H04L12/28 , H04L12/56 , H04L29/06
CPC分类号： H04W12/04 , H04L41/00 , H04L63/062 , H04L63/08 , H04L63/083 , H04L63/123 , H04L63/126 , H04L63/1408 , H04W12/10 , H04W12/12 , H04W84/12 , H04W88/08
摘要： A detection-based defense to a wireless network. Elements of the infrastructure, e.g., access points or scanning-only access points, detect intruders by detecting spoofed frames, such as from rogue access points. Access points include a signature, such as a message integrity check, with their management frames in a manner that enables neighboring access points to be able to validate the management frames, and to detect spoofed frames. When a neighboring access point receives a management frame, obtains a key for the access point sending the frame, and validates the management frame using the key.
摘要翻译：基于检测的无线网络防御。基础设施的元件，例如接入点或仅扫描接入点，通过检测欺骗性帧（例如来自恶意访问点）来检测入侵者。接入点包括诸如消息完整性检查之类的签名，以及其管理帧的方式使得邻近接入点能够验证管理帧，并且检测被欺骗的帧。当相邻接入点接收到管理帧时，获取发送帧的接入点的密钥，并使用密钥验证管理帧。

10. 发明授权

US08713626B2 Network client validation of network management frames 有权
标题翻译：网络客户端验证网络管理帧
公开(公告)号：US08713626B2
公开(公告)日：2014-04-29
申请号：US11295327
申请日：2005-12-06
申请人： Nancy Cam-Winget , Mark Krischer , Robert B. O'Hara, Jr.
发明人： Nancy Cam-Winget , Mark Krischer , Robert B. O'Hara, Jr.
IPC分类号： G06F21/00
CPC分类号： H04W12/06 , H04L9/32 , H04L41/00 , H04L63/08 , H04L63/101 , H04L63/12 , H04L63/123 , H04L63/20 , H04W12/10 , H04W12/12 , H04W88/08
摘要： Methods and systems for use in a wireless client that includes one or more wireless network interfaces for communicating with at least one access point wherein the method enables the wireless client to validate the authenticity and integrity of received management frames. The method includes receiving a protected wireless network management frame from an access point verifying a message integrity check (MIC) appended to the protected wireless network management frame. One or more security policies are then conditionally applied based on a failure to verify the MIC.
摘要翻译：一种用于无线客户端的方法和系统，包括用于与至少一个接入点进行通信的一个或多个无线网络接口，其中所述方法使无线客户端能够验证所接收的管理帧的真实性和完整性。该方法包括从验证附加到受保护的无线网络管理帧的消息完整性检查（MIC）的接入点接收受保护的无线网络管理帧。然后基于验证MIC的故障有条件地应用一个或多个安全策略。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式