Method for providing fast secure handoff in a wireless mesh network
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
H04K-001/00
출원번호
US-0935513
(2007-11-06)
등록번호
US-8249256
(2012-08-21)
발명자
/ 주소
Korus, Michael F.
Shatil, Ohad
출원인 / 주소
Motorola Solutions, Inc.
대리인 / 주소
Karpinia, Randi L.
인용정보
피인용 횟수 :
27인용 특허 :
4
초록▼
Disclosed is a method for providing fast secure handoff in a wireless mesh network. The method comprises configuring multiple first level key holders (R0KHs) within a radio access network to which supplicants within the multi-hop wireless mesh network are capable of establishing a security associati
Disclosed is a method for providing fast secure handoff in a wireless mesh network. The method comprises configuring multiple first level key holders (R0KHs) within a radio access network to which supplicants within the multi-hop wireless mesh network are capable of establishing a security association, configuring a common mobility domain identifier within the first level key holders of a mobility domain, and propagating identity of a first level key holder and the mobility domain identifier through the wireless mesh network to enable the supplicants within the mobility domain to perform fast secure handoff.
대표청구항▼
1. A method for providing fast secure handoff in a wireless mesh network, comprising: configuring a plurality of access points as first level key holders (R0KHs) within a radio access network to which one or more supplicants within the wireless mesh network are capable of establishing a security ass
1. A method for providing fast secure handoff in a wireless mesh network, comprising: configuring a plurality of access points as first level key holders (R0KHs) within a radio access network to which one or more supplicants within the wireless mesh network are capable of establishing a security association;configuring a common mobility domain identifier within the configured plurality of first level key holders access points of a mobility domain;propagating identity of a first level key holder access point and the mobility domain identifier of the mobility domain through the wireless mesh network to enable the one or more supplicants within the mobility domain to perform fast secure handoff;recording one of the configured plurality of first level key holder access point of the mobility domain as a “root” first level key holder when the one or more supplicant initially establishes security association with the mobility domain;recording one of the configured plurality of first level key holder access point as a “current” first level key holder when the one or more supplicant has already established a security association within the mobility domain; anddetermining whether the “current” first level key holder access point in the mobility domain has failed and on determining that the “current” first level key holder access point has failed further determining another one of the plurality of first level key holder access point within the mobility domain and marking the another one of the plurality of first level key holder access point as the “current” first level key holder access point, oron determining that the “current” first level key holder access point has not failed further determining that the “root” first level key holder access point has failed and marking the “current” first level key holder access point as the “root” first level key holder access point. 2. The method of claim 1, wherein configuring the plurality of access points as R0KHs within the radio access network comprises configuring the identity of each of the R0KHs in intelligent access points (IAPs). 3. The method of claim 1, wherein configuring the plurality of access points as R0KHs within the radio access network comprises configuring the identity of at least one of the R0KHs in a central server. 4. The method of claim 1, wherein the propagation of the identity of the first level key holder access point is limited to a routing domain of a single intelligent access point (IAP) when the first level key holder access point is configured in the IAP. 5. The method of claim 1, wherein propagating identity of the first level key holder access point and the mobility domain identifier comprises receiving and forwarding the identity of the first level key holder access point and the mobility domain identifier by a mesh access point when the mesh access point is associated with the first level key holder access point. 6. The method of claim 1, wherein propagating mobility domain identifier of the mobility domain comprises propagating using a mobility domain information element (MDIE). 7. The method of claim 1, wherein propagating identity of the first level key holder access point comprises propagating using a fast transition information element (FTIE). 8. The method of claim 1, further comprising determining, by a supplicant, fast handoff opportunities based on the propagation of the mobility domain identifier. 9. The method of claim 8, wherein the supplicant analyses the mobility domain identifier advertised by the mesh access points to determine fast handoff targets, which are identified as being in the same mobility domain as the supplicant. 10. A method for providing fast secure handoff in a wireless mesh network, comprising: configuring a plurality of access points as first level key holders (R0KHs) in at least one of a plurality of mobility domains within a radio access network;configuring a common mobility domain identifier within each of the configured plurality of first level key holder access points in the at least one mobility domain;establishing, by a supplicant, an initial security association with an authenticator associated with a first level key holder access point in the at least one mobility domain based on an information propagated by the authenticator, the information including identity of the first level key holder access point and the common mobility domain identifier of the at least one mobility domain; andrecording, by the supplicant, the first level key holder access point as a root first level key holder access point after establishing the initial security association with the authenticator associated with the first level key holder access point;establishing, by the supplicant, a fast security association with at least one other authenticator associated with at least one other first level key holder access point in the at least one mobility domain based on an information propagated by the at least one other authenticator, the information including identity of the at least one other first level key holder access point and the common mobility domain identifier of the at least one mobility domain; andrecording, by the supplicant, the at least one other first level key holder access point as a current first level key holder access point after establishing the fast security association with the at least one other authenticator associated with the at least one other first level key holder access point. 11. The method of claim 10, wherein the supplicant is a mesh access point and further comprising propagating, by the mesh access point, identity of the current first level key holder access point and the common mobility identifier of the at least one mobility domain to enable other supplicants to establish a security association with the mesh access point. 12. The method of claim 10, wherein establishing the fast security association further comprises: sending, by the supplicant, an association request including identity of the first level key holder access point to the at least one other authenticator;receiving, by the supplicant, an association response including identity of the at least one other first level holder access point from the at least one other authenticator,wherein the at least one other authenticator obtains a key from the first level holder for the supplicant to complete the fast security association. 13. The method of claim 10, wherein the at least one other authenticator is a mesh access point and further comprising configuring the mesh access point as a second level key holder (R1KH) when the mesh access point establishes a security association with one of the first level key holder access points in the at least one mobility domain. 14. The method of claim 13, wherein the second level key holder mesh access point is capable of communicating with each of the first level key holders access points in the at least one mobility domain. 15. The method of claim 14, wherein the second level key holder mesh access point communicates with the first level key holder access point to obtain a level one pairwise master key (PMK-R1) and performs a 4-way handshake with the supplicant to complete the fast security association with the supplicant.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (4)
Sood, Kapil; Walker, Jesse, Methods and apparatus for providing a key management system for wireless communication networks.
Rahman, Shahriar I.; Cam-Winget, Nancy; Dharanipragada, Kalyan R., Securing multiple links and paths in a wireless mesh network including rapid roaming.
Jung, Edward K. Y.; Levien, Royce A.; Lord, Richard T.; Lord, Robert W.; Malamud, Mark A., Mobile device sharing facilitation methods and systems featuring a subset-specific source identification.
Jung, Edward K. Y.; Levien, Royce A.; Lord, Richard T.; Lord, Robert W.; Malamud, Mark A., Mobile device sharing facilitation methods and systems featuring exclusive data presentation.
Jung, Edward K. Y.; Levien, Royce A.; Lord, Richard T.; Lord, Robert W.; Malamud, Mark A., Mobile device sharing facilitation methods and systems in a context of plural communication records.
Jung, Edward K. Y.; Levien, Royce A.; Lord, Richard T.; Lord, Robert W.; Malamud, Mark A., Mobile device sharing facilitation methods and systems operable in network equipment.
Jung, Edward K. Y.; Levien, Royce A.; Lord, Richard T.; Lord, Robert W.; Malamud, Mark A., Mobile device sharing facilitation methods and systems with recipient-dependent inclusion of a data selection.
Hyde, Roderick A.; Levien, Royce A.; Lord, Richard T.; Lord, Robert W.; Malamud, Mark A.; Tegreene, Clarence T., Protocols for allocating communication services cost in wireless communications.
Hyde, Roderick A.; Levien, Royce A.; Lord, Richard T.; Lord, Robert W.; Malamud, Mark A.; Reudink, Douglas O.; Tegreene, Clarence T., Protocols for facilitating broader access in wireless communications by conditionally authorizing a charge to an account of a third party.
Hyde, Roderick A.; Levien, Royce A.; Lord, Richard T.; Lord, Robert W.; Malamud, Mark A.; Tegreene, Clarence T., Protocols for facilitating third party authorization for a rooted communication device in wireless communications.
Hyde, Roderick A.; Levien, Royce A.; Lord, Richard T.; Lord, Robert W.; Malamud, Mark A.; Tegreene, Clarence T., Systems and methods for communication management.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.