[특허]Mesh networks with exclusion capability

Mesh networks with exclusion capability 원문보기

IPC분류정보
국가/구분	United States(US) Patent 등록
국제특허분류(IPC7판)	G06F-007/04 G06F-015/16 H04L-029/06 G06F-017/30
출원번호	UP-0738272 (2003-12-17)
등록번호	US-7665126 (2010-04-04)
발명자 / 주소	Simon, Daniel R. Bahl, Paramvir Wang, Helen Jiahe
출원인 / 주소	Microsoft Corporation
대리인 / 주소	Lee & Hayes, PLLC
인용정보	피인용 횟수 : 14 인용 특허 : 20

초록 ▼

In an exemplary method implementation, a method includes: designating a neighborhood administrator; receiving notification of a delinquent router from the designated neighborhood administrator; and excluding the delinquent router responsive to the notification. In an exemplary mesh router implementation, a mesh router is capable of establishing a wireless mesh network with other mesh routers, the mesh router is further capable of designating a neighborhood administrator mesh router; and the mesh router is adapted to exclude another mesh router that is associated with a particular certificate when the particular certificate has been identified as delinquent by the designated neighborhood administrator. mesh router.

대표청구항 ▼

The invention claimed is: 1. A mesh router comprising: at least one processor; a network interface configured to communicatively couple the mesh router with one or more other mesh routers on a network; and one or more media configured to store a mesh-router- producing-entity-issued certificate of a plurality of certificates issued by a mesh-router-producing entity, the stored certificate comprising a name, a signature, and a public key, wherein the name corresponds to a name of the mesh router, the signature corresponds to an authentication by the mesh-router- -producing entity, and the public key certifying that the mesh-router-producing-entity-issued certificate is bound to the name of the mesh router and configured to store processor-executable instructions capable of being executed by the at least one processor, the processor-executable instructions configured to direct the router to perform actions comprising: initializing by designating the mesh router to be a single neighborhood administrator, the designated neighborhood administrator offering to be the neighborhood administrator and being designated by at least one other mesh router of the one or more other mesh routers on a network, granting, by the designated neighborhood administrator, access to the network to mesh routers that possess at least one of the plurality of certificates issued by the mesh-router-producing entity; detecting a delinquent mesh router of the one or more mesh routers of the network and deciding whether to exclude a delinquent mesh router certificate associated with the delinquent mesh router, the delinquent mesh router certificate comprising a name of the delinquent mesh router, a signature created by a producing entity, and a public key corresponding to the delinquent mesh router; receiving the delinquent mesh router certificate and notification of the associated delinquent mesh router from the designated neighborhood administrator, the notification being signed by the designated neighborhood administrator to authenticate the notification; and excluding the delinquent mesh router responsive to the authenticated notification based on the associated delinquent mesh router certificate; wherein the router comprises a mesh router that effectively treats the associated delinquent mesh router certificate as being revoked and/or invalid based on the authenticated notification from the designated neighborhood administrator even when the associated delinquent mesh router certificate is issued and authenticated by an entity other than the designated neighborhood administrator. 2. The mesh router as recited in claim 1, wherein the mesh router further comprises: a wireless transceiver that enables wireless communication with end devices and/or other routers. 3. The mesh router as recited in claim 1, wherein the mesh router is associated with a certificate; and wherein the certificate associated with the mesh router and the associated delinquent certificate of the delinquent mesh router are both signed by a producing entity. 4. The mesh router as recited in claim 1, wherein the one or more media further include a data structure; and wherein the processor-executable instructions are configured to direct the router to perform a further action comprising: mapping an exclusion indication in the data structure to at least one of (i) the associated delinquent certificate and (ii) an identifier of the delinquent router. 5. The mesh router as recited in claim 4, wherein the data structure further maps respective shared secret keys to respective routers. 6. A method for implementing an exclusion capability, the method comprising: communicatively coupling a mesh router with one or more other mesh routers on a network; storing a mesh-router-producing-entity-issued certificate of a plurality of certificates issued by a mesh-router producing entity, the stored certificate comprising a name, a signature, and a public key, wherein the name corresponds to a name of the mesh router, the signature corresponds to an authentication by the mesh-router-producing entity, and the public key certifying that the mesh-router-producing-entity-issued certificate is bound to the name of the mesh router and configured to store processor-executable instructions capable of being executed by at least one processor; initializing by designating by at least one other mesh router a single designated neighborhood administrator amongst a plurality of mesh routers of a network; granting, by the designated neighborhood administrator, access to the network to mesh routers that possess at least one of the plurality of certificates issued by the mesh-router-producing entity; detecting a delinquent mesh router of the one or more mesh routers of the network and deciding whether to exclude a delinquent mesh router certificate associated with the delinquent mesh router, the delinquent mesh router certificate comprising a name of the delinquent mesh router, a signature created by a producing entity, and a public key corresponding to the delinquent mesh router; receiving the delinquent mesh router certificate and a notification of the associated delinquent mesh router from the designated neighborhood administrator, the notification being signed by the designated neighborhood administrator to authenticate the notification; and excluding the delinquent mesh router responsive to the authenticated notification based on the associated delinquent mesh router certificate; wherein the receiving comprises receiving an identification of a certificate that is associated with the delinquent mesh router, the certificate comprising a name of the delinquent mesh router, a signature created by a producing entity, and a public key corresponding to the delinquent mesh router and further wherein the router comprises a mesh router that effectively treats the associated delinquent mesh router certificate as being revoked and/or invalid based on the authenticated notification from the designated neighborhood administrator even when the associated delinquent mesh router certificate is issued and authenticated by an entity other than the designated neighborhood administrator. 7. The method as recited in claim 6, further comprising: receiving an offer from a node to be the neighborhood administrator; and designating the node to be the neighborhood administrator by at least one other mesh router. 8. The method as recited in claim 6, wherein the receiving comprises: receiving one or more packets via at least one wireless communication. 9. The method as recited in claim 6, wherein the receiving comprises: receiving the notification via an out-of-band avenue. 10. The method as recited in claim 6, wherein the receiving comprises: receiving an identification of the delinquent router. 11. The method as recited in claim 6, wherein the identification of the certificate comprises a copy of the certificate. 12. The method as recited in claim 6, wherein the excluding comprises: storing an exclusion indication that is mapped to an identification of the delinquent router. 13. The method as recited in claim 6, wherein the excluding comprises: storing an exclusion indication that is mapped to a certificate that is associated with the delinquent router. 14. A mesh router that is capable of establishing a wireless mesh network with other mesh routers, the mesh router further capable of designating at least one other mesh router as a single neighborhood administrator, the neighborhood administrator deciding whether to exclude a delinquent mesh router certificate; the mesh router comprising at least one processor and one or more media configured to store a mesh-router-producing-entity-issued certificate of a plurality of certificates issued by a mesh-router-producing entity, the stored certificate comprising a name, a signature, and a public key, wherein the name corresponds to a name of the mesh router, the signature corresponds to an authentication by the mesh-router-producing entity, and the public key certifying that the mesh-router-producing-entity-issued certificate is bound to the name of the mesh router and configured to store processor-executable instructions capable of being executed by the at least on processor; the mesh router designated as the single neighborhood administrator configured to grant other mesh routers that possess at least one of the plurality of certificates issue by the mesh-router-producing entity, access to the wireless mesh network; the mesh router configured to exclude another mesh router that is associated with a particular certificate when the particular certificate has been identified as delinquent and sent by the designated neighborhood administrator; wherein the particular certificate that is associated with the another mesh router comprises a name of the another mesh router, a signature created by a producing entity, and a public key corresponding to the another mesh router. 15. The mesh router as recited in claim 14, wherein the certificate is included in the mesh router during production. 16. The mesh router as recited in claim 14, wherein the mesh router is further configured to exclude the other mesh router by refusing to forward packets that are authenticated by the other mesh router. 17. The mesh router as recited in claim 14, wherein the mesh router is further configured to exclude the other mesh router by refusing to perform an authentication key exchange protocol with the other mesh router. 18. The mesh router as recited in claim 14, wherein the mesh router is further configured to exclude the other mesh router by mapping, in a data structure of the mesh router, an exclusion indication to (i) an identifier of the other mesh router, (ii) the particular certificate, and/or (iii) a secret key shared between the mesh router and the other mesh router. 19. One or more processor-accessible computer storage media comprising processor-executable instructions that, when executed, direct a device to perform actions comprising: storing a mesh-router-producing-entity-issued certificate of a plurality of certificates issued by a mesh-router-producing entity, the stored certificate comprising a name, a signature, and a public key, wherein the name corresponds to a name of a mesh router, the signature corresponds to an authentication by the mesh-router-producing entity, and the public key certifying that the mesh-router-producing-entity-issued certificate is bound to the name of the mesh router; initializing by designating at least one other mesh router as a single neighborhood administrator, the initialized designated neighborhood administrator offering to be the neighborhood administrator, deciding whether to exclude a delinquent mesh router certificate; granting, by the single neighborhood administrator, access to a network to mesh routers that possess at least one of the plurality of certificates issued by the mesh-router-producing entity; receiving the delinquent mesh router certificate and notification of the associated delinquent mesh router from the single neighborhood administrator, the delinquent mesh router certificate comprising a name of the delinquent mesh router, the notification being signed by the single neighborhood administrator to authenticate the notification, and a public key corresponding to the delinquent mesh router; and excluding the delinquent mesh router certificate responsive to the authenticated notification received from the designated neighborhood administrator. 20. The one or more processor-accessible computer storage media as recited in claim 19, wherein the action of receiving comprises an action of: receiving the notification wherein the notification identifies the delinquent mesh router certificate such that a mesh router that is associated with the delinquent mesh router certificate can be determined directly from the delinquent mesh router certificate and from a stored data structure. 21. The one or more processor-accessible computer storage media as recited in claim 19, wherein the action of excluding comprises an action of: mapping an exclusion indication to at least one of the delinquent mesh router certificate and an identifier of a mesh router that is associated with the delinquent mesh router certificate. 22. A system for implementing an exclusion capability, the system comprising: coupling means for communicatively coupling a mesh router with one or more other mesh routers on a network; storing means for storing a mesh-router-producing-entity-issued certificate of a plurality of certificates issued by a mesh-router-producing entity, the stored certificate comprising a name, a signature, and a public key, wherein the name corresponds to a name of the mesh router, the signature corresponds to an authentication by the mesh-router-producing entity, and the public key certifying that the mesh-router-producing-entity-issued certificate is bound to the name of the mesh router and processor-executable instructions capable of being executed by the at least one processor; designation means for designating at least one other mesh router as a single neighborhood administrator, the neighborhood administrator deciding whether to exclude a delinquent mesh router certificate; granting means for granting access to the network to mesh routers that possess at least one of the plurality of certificates issued by the mesh-router-producing entity; detection means for detecting the delinquent mesh router of the one or more mesh routers of the network and deciding whether to exclude the delinquent mesh router certificate associated with the delinquent mesh router, the delinquent mesh router certificate comprising a name of the delinquent mesh router, a signature created by a producing entity, and a public key corresponding to the delinquent mesh router; receiving means for receiving the delinquent mesh router certificate and a notification of an associated delinquent mesh router from the designated neighborhood administrator; and exclusion means for excluding the delinquent mesh router responsive to the notification and based on the delinquent mesh router certificate associated with the delinquent mesh router, the delinquent mesh router certificate comprising the name of the delinquent mesh router, the signature created by a producing entity, and the public key corresponding to the delinquent mesh router. 23. The system as recited in claim 22, wherein the exclusion means comprises: refusal means for refusing to forward packets that are authenticated by the delinquent router and/or for refusing to perform an authentication key exchange protocol with the delinquent mesh router. 24. The system as recited in claim 22, wherein the system comprises a mesh router. 25. The system as recited in claim 22, wherein the system comprises one or more processor-accessible computer storage media.

이 특허에 인용된 특허 (20)

Agrawal,Dharma P.; Venkataraman,Lakshmi, Authentication scheme for ad hoc and sensor wireless networks.
상세보기
Aull,Kenneth W.; McCullough,Vincent J., Automated tracking of certificate pedigree.
상세보기
Joris Johannes Maria Wils ; James Scott Hiscock ; William Daniel Townsend, Automatic load sharing for network routers.
상세보기
Adya,Atul; Bahl,Paramvir; Chandra,Ranveer; Qiu,Lili, Collaboratively locating disconnected clients and rogue access points in a wireless network.
상세보기
Ades,Stephen, Communications meshes.
상세보기
Madruga, Ewerton L.; Garcia-Luna-Aceves, Joaquin J., Core assisted mesh protocol for multicast routing in ad-hoc Networks.
상세보기
Dickinson, Alexander G.; Rohrbach, Mark D.; Clayton, Richard F.; Stark, Gregory H.; Ferrante, Michelle, Cryptographic server with provisions for interoperability between cryptographic systems.
상세보기
Thomas P. Hardjono, Detecting and locating a misbehaving device in a network domain.
상세보기
Onishi Katsuyoshi (Yokohama JPX) Ikeda Naoya (Ebina JPX) Takada Osamu (Sagamihara JPX) Koyama Toshiaki (Zama JPX) Enomoto Hiromichi (Hadano JPX), Internetworking apparatus for connecting plural network systems and communication network system composed of plural netw.
상세보기
Peterson, Diane L., Method and apparatus for load balancing a distributed processing system.
상세보기
Amit Gupta ; Radia J. Perlman, Method and apparatus for using digital signatures to filter packets in a network.
상세보기
Gehrmann,Christian; Blom,Rolf, Method and arrangement in a communication network.
상세보기
Chmora,Andrew L.; Ourivski,Alexei V., Method and system for distributed certificate management in ad-hoc networks.
상세보기
Dare,Peter Roy; Owlett,John, Method and system for key certification.
상세보기
William Aiello ; Sachin Lodha ; Rafail Ostrovsky, Method for efficiently revoking digital identities.
상세보기
Gasser Morrie (Saugus MA) Goldstein Andrew C. (Hudson MA) Kaufman Charles W. (Northborough MA), Method for performing group exclusion in hierarchical group structures.
상세보기
Naghian, Siam?k; Lindstrom, Tapio; K?rkk?inen, Tero; M?kinen, Jarmo T.; L?hetkangas, Keijo; Mustonen, Kai, Mobile mesh Ad-Hoc networking.
상세보기
Danknick Daniel A. (Orange CA), Network protocol sensor.
상세보기
Gase Stephen T. (Boise ID) White Craig R. (Boise ID), Printer/client network with centrally updated printer drivers and printer status monitoring.
상세보기
Danknick Daniel A. (Orange CA), System for reducing bus contention using counter of outstanding acknowledgement in sending processor and issuing of ackn.
상세보기

이 특허를 인용한 특허 (14)

Jung, Edward K. Y.; Tegreene, Clarence T., Aggregating mote-associated index data.
상세보기
Jung, Edward K. Y.; Tegreene, Clarence T., Aggregation and retrieval of mote network data.
상세보기
Goto, Fumihide, Apparatus and method for sharing of an encryption key in an ad-hoc network.
상세보기
Frincu, Andrei Catalin; Alexandru, George Bogdan, Autonomous key update mechanism with blacklisting of compromised nodes for mesh networks.
상세보기
Jung, Edward K. Y.; Tegreene, Clarence T., Discovery of occurrence-data.
상세보기
Satish, Sourabh; Hernacki, Brian, Endpoint management using trust rating data.
상세보기
Graffi, Kalman; Hollick, Matthias; Mogre, Parag Sudhir; Ziller, Andreas, Method for misbehaviour detection in secure wireless mesh networks.
상세보기
Jung, Edward K. Y.; Tegreene, Clarence T., Mote-associated index creation.
상세보기
Jung, Edward K. Y.; Tegreene, Clarence T., Occurrence data detection and storage for mote networks.
상세보기
Zhong, Gary; Cooley, Shaun P., Scheduling malware signature updates in relation to threat awareness and environmental safety.
상세보기
Jung, Edward K. Y.; Tegreene, Clarence T., Transmission of aggregated mote-associated index data.
상세보기
Jung, Edward K. Y.; Tegreene, Clarence T., Transmission of aggregated mote-associated log data.
상세보기
Jung, Edward K. Y.; Tegreene, Clarence T., Using federated mote-associated logs.
상세보기
Jung, Edward K. Y.; Tegreene, Clarence T., Using mote-associated indexes.
상세보기

IPC	Description
A	생활필수품
A62	인명구조; 소방(사다리 E06C)
A62B	인명구조용의 기구, 장치 또는 방법(특히 의료용에 사용되는 밸브 A61M 39/00; 특히 물에서 쓰이는 인명구조 장치 또는 방법 B63C 9/00; 잠수장비 B63C 11/00; 특히 항공기에 쓰는 것, 예. 낙하산, 투출좌석 B64D; 특히 광산에서 쓰이는 구조장치 E21F 11/00)
A62B-1/08	.. 윈치 또는 풀리에 제동기구가 있는 것

내보내기 구분	파일저장 인쇄 메일전송
구성항목	기본정보 상세정보 관리번호, 국가코드, 자료구분, 상태, 출원번호, 출원일자, 공개번호, 공개일자, 등록번호, 등록일자, 발명명칭(한글), 발명명칭(영문), 출원인(한글), 출원인(영문), 출원인코드, 대표IPC 관리번호, 국가코드, 자료구분, 상태, 출원번호, 출원일자, 공개번호, 공개일자, 공고번호, 공고일자, 등록번호, 등록일자, 발명명칭(한글), 발명명칭(영문), 출원인(한글), 출원인(영문), 출원인코드, 대표출원인, 출원인국적, 출원인주소, 발명자, 발명자E, 발명자코드, 발명자주소, 발명자 우편번호, 발명자국적, 대표IPC, IPC코드, 요약, 미국특허분류, 대리인주소, 대리인코드, 대리인(한글), 대리인(영문), 국제공개일자, 국제공개번호, 국제출원일자, 국제출원번호, 우선권, 우선권주장일, 우선권국가, 우선권출원번호, 원출원일자, 원출원번호, 지정국, Citing Patents, Cited Patents
저장형식	Text(ASCII format) Excel format PIAS분석(.xls)
메일정보	받는사람 (필수) @ 보내는사람 (선택) @ 제목 내용 KISTI 검색결과 이메일 서비스
안내	총 건의 자료가 검색되었습니다. 다운받으실 자료의 인덱스를 입력하세요. (1-10,000) 검색결과의 순서대로 최대 10,000건 까지 다운로드가 가능합니다. 데이타가 많을 경우 속도가 느려질 수 있습니다.(최대 2~3분 소요) 다운로드 파일은 UTF-8 형태로 저장됩니다. 파일의 내용이 제대로 보이지 않을실 때는 웹브라우저 상단의 보기 -> 인코딩 -> 자동선택 여부를 확인하십시오. ~ Text(ASCII format) Excel format

연합인증

Mesh networks with exclusion capability 원문보기

초록 ▼

대표청구항 ▼

연구과제 타임라인

이 특허에 인용된 특허 (20)

이 특허를 인용한 특허 (14)

관련 콘텐츠

특허 원문 보기

IPC 상위 출원인

AI-Helper ※ AI-Helper는 오픈소스 모델을 사용합니다.

선택된 텍스트

연합인증

Mesh networks with exclusion capability 원문보기

초록 ▼

대표청구항 ▼

연구과제 타임라인

전체(0) 논문(0) 특허(0) 보고서(0)

전체(0) 논문(0) 특허(0) 보고서(0)

이 특허에 인용된 특허 (20)

이 특허를 인용한 특허 (14)

관련 콘텐츠

특허 원문 보기

IPC 상위 출원인

AI-Helper ※ AI-Helper는 오픈소스 모델을 사용합니다.

선택된 텍스트