A technique for identity based networking is disclosed. A system according to the technique can include a WAN, a first VLAN, a second VLAN, and a network database. The first VLAN and second VLAN can be coupled to the WAN. The network database can include VLAN information. In operation, a client that
A technique for identity based networking is disclosed. A system according to the technique can include a WAN, a first VLAN, a second VLAN, and a network database. The first VLAN and second VLAN can be coupled to the WAN. The network database can include VLAN information. In operation, a client that is authorized on the second VLAN can attempt to connect to the first VLAN. A switch in the WAN can perform a lookup in the network database and determine that the client is authorized on the second VLAN. Based on this information, the client can be connected to the second VLAN using VLAN tunneling.
대표청구항▼
1. A system, comprising: a first network domain seed configured to be coupled to (1) a first network domain member supporting a first virtual local area network (VLAN) and (2) a network database storing authorization information of a client, the first network domain seed being physically separate fr
1. A system, comprising: a first network domain seed configured to be coupled to (1) a first network domain member supporting a first virtual local area network (VLAN) and (2) a network database storing authorization information of a client, the first network domain seed being physically separate from the first network domain member;the first network domain seed configured to be coupled to a second network domain seed coupled to (1) a second network domain member supporting a second VLAN and (2) the network database, the second network domain seed being physically separate from the second network domain member;the first network domain seed configured to receive a query from the first network domain member, the query indicating that the client is attempting to connect to the second VLAN through the first network domain member;the first network domain seed configured (1) to perform a lookup in the network database based on the query to determine that the client is authorized on the second network domain member, and (2) authorize the client to connect to the second network domain member through the first network domain member via VLAN tunneling. 2. The system of claim 1, wherein the network database is stored remotely from both the first network domain seed and the second network domain seed. 3. The system of claim 1, wherein the network database is stored on the second network domain seed. 4. The system of claim 1, wherein the second network domain member has a first tunnel affinity with respect to the first VLAN, the system further comprising: a third network domain member configured to support the second VLAN, the third network domain member having a second tunnel affinity with respect to the first VLAN;in operation, the first network domain member tunneling to the second network domain member instead of the third network domain member based, at least in part, on the first tunnel affinity. 5. The system of claim 1, wherein the first network domain seed, the second network domain seed, the first network domain member, and the second network domain member are in geographically distinct locations. 6. The system of claim 1, wherein the network database includes IP addresses for network switches, VLAN names, and VLAN tunnel affinities. 7. A system as recited in claim 1, further comprising at least three access points configured to be coupled to the first network domain member, a location of the client being determinable by triangulation using data detected by the at least three access points. 8. A method comprising: receiving, at a first network domain member, a log-in request from a client coupled to the first network domain member supporting a first virtual local area network (VLAN), the first network domain member being physically separate from a first network domain seed;sending, from the first network domain member a query to the first network domain seed requesting VLAN information associated with a client configuration on a second network domain member supporting a second VLAN;receiving the VLAN information at the first network domain member;determining, using the VLAN information, that the client is configured on the second network domain member; andconnecting the client from the first network domain member to the second network domain member via VLAN tunneling. 9. The method of claim 8, wherein a network database storing the VLAN information is stored locally with respect to the first network domain seed. 10. The method of claim 8, the method further comprising sending a query to a second network domain seed supporting the second network domain member requesting VLAN information associated with the client configuration. 11. The method of claim 8, wherein the VLAN information includes tunnel affinity information of (1) the second network domain member with respect to the first network domain member, and (2) a third network domain member supporting the second VLAN with respect to the first network domain member, further comprising: defining a comparison between the tunnel affinity information of the second network domain member to the tunnel affinity information of the third network domain member; andconnecting the client to the first network domain member via the second network domain member based on the comparison. 12. The method of claim 8, further comprising: querying for a location of the client; andreturning a location of a network domain member that received an initial log-in request of the client. 13. A system comprising: a first network domain member configured to (1) support a first virtual local area network (VLAN) and (2) receive a log-in request from a client (i) coupled to a first network domain member, and (ii) authorized to connect to a second VLAN, the first network domain member being physically separate from a network domain seed;the first network domain member configured to query a network domain seed for VLAN information associated with a client configuration on the second network domain member;the first network domain member configured to connect the client to the second VLAN via a VLAN tunnel based on the VLAN information received in response to the query. 14. The system of claim 13, wherein a network database is stored locally with respect to the first network domain seed. 15. The system of claim 13, wherein the first network domain member is configured to query a second network domain seed coupled to the second network domain member. 16. The system of claim 13, wherein the VLAN information includes tunnel affinity information of (1) the second network domain member with respect to the first network domain member, and (2) a third network domain member supporting the second VLAN with respect to the first network domain member, wherein: the first network domain member is configured to define a comparison of the tunnel affinity information of the second network domain member to the tunnel affinity information of the third network domain member; andthe first network domain member is configured to connect the client to the first network domain member via the second network domain member based on the comparison. 17. The system of claim 13, wherein: the first network domain member is configured to query the client's location;the first network domain member is configured to include the client's location in the log-in request.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (165)
Kuhnel Thomas,CHX ; Varlese Christopher,CHX, ATM switching architecture for a wireless telecommunications network.
Brockel Kenneth H. ; Procopio ; Jr. Victor J. ; Major Paul A. ; Vigants Arvids ; Pasirstein Joseph ; Wood Richard W., Apparatus and processes for realistic simulation of wireless information transport systems.
Watanabe Fujio,FIX ; Buot Theodore,FIX ; Kuntze Roland,FIX ; Jokela Jari,FIX, Apparatus, and associated method for selecting a size of a contention window for a packet of data system.
Adachi Hideo,JPX, Base station apparatus for radiocommunication network, method of controlling communication across radiocommunication network, radiocommunication network system, and radio terminal apparatus.
Pickering Leslie W. (Atlanta GA) Barnhart Eric N. (Lawrenceville GA) Harvey Bruce A. (Norcross GA) Witten Michael L. (Decatur GA), Cell engineering tool and methods.
Tate Duncan Hartley,AUX ; Palmer Robert,AUX ; Heinze Garry Colin,AUX ; Shahbaz Mourad Christopher Manoug,AUX ; Mikelaitis Peter Ian,AUX ; Gorog Peter Alexander Ernest,AUX, Digital communication system for simultaneous transmission of data from constant and variable rate sources.
Wah Benjamin W. (1109 Cumberland Ave. West Lafayette IN 47906) Juang Jie-Yong (32-7 Hilltop Dr. West Lafayette IN 47906), Efficient contention-resolution protocol for local multiaccess networks.
Lund Carsten (New Providence NJ) Phillips Steven (New York NY) Reingold Nicholas F. (Madison NJ), Fair prioritized scheduling in an input-buffered switch.
Wang Zhonghe (Lake Worth FL) Schwendeman Robert John (Pompano Beach FL), Flexible mobility management in a two-way messaging system and method therefor.
Huang Chia-Chi (Hsinchu NY TWX) Bantz David F. (Chappaqua NY) Bauchot Frederic (Saint Jeannet NY FRX) Natarajan Kadathur S. (Millwood NY) Narasimhan Anand (New York NY) Wetterwald Michele M. (Cagnes , Handoff monitoring in cellular communication networks using slow frequency hopping.
Tobagi Fouad A. (Los Altos CA) Fratta Luigi (Segrate ITX) Borgonovo Flaminio (Cant ITX), Local area communication network utilizing a round robin access scheme with improved channel utilization.
Laux,Carlos V.; Toor,Kamaldip; de Siqueira,Marcio G.; Valluru,Sudhakar S.; Hayashi,Steven, Method and apparatus for adjusting operational parameter of a wireless device bases upon a monitored characteristic.
Bo S. P. Wallentin SE; Leif P. Lindskog SE; Thomas Rimhagen SE; Per O. G. Bark SE; Ulf A. Hansson SE; Harri Vilander FI, Method and apparatus for dynamically adapting a connection state in a mobile communications system.
Olson,Timothy; Shuen,Pauline; Sanzgiri,Ajit; Winget,Nancy; Roshan,Pejman, Method and apparatus for locating rogue access point switch ports in a wireless network.
Stratis Glafkos ; Mendoza Julian ; Mendoza Javier ; Anantha Veeraraghavan A., Method and apparatus for predicting signal characteristics in a wireless communication system.
Yamano Larry C. ; Holloway John T. ; Frank Edward H. ; Mallory Tracy D. ; Corry Alan G. ; Forrest Craig S. ; Peterson Kevin H. ; Robinson Timothy B. ; Snow Dane, Method and apparatus for reducing signal processing requirements for transmitting packet-based data with a modem.
Rappaport, Theodore; Skidmore, Roger; Reifsneider, Eric, Method and system for designing or deploying a communications network which considers frequency dependent effects.
Darryl Steven Richman ; Moshe Lichtman ; Mark R. Enstrom ; Thomas E. Lennon ; Ralph A. Lipe ; Pierre-Yves Santerre ; Robert T. Short ; David W. Voth, Method for automatically configuring devices including a network adapter without manual intervention and without prior configuration information.
Hluchyj Michael G. (Wellesley MA) Bhargave Amit (Somerville MA) Yin Nanying (Cambridge MA), Method for prioritizing, selectively discarding, and multiplexing differing traffic type fast packets.
Scott, Mark; Cheng, Anita; Ho, Simon; Irimescu, George; Voineag, Dorel; Wong, William; Yao, Min; Zadeh, Row J., Method, system, and computer program product for providing voice over the internet communication.
Gitlin Richard D. (Little Silver NJ) Sabnani Krishan K. (Westfield NJ) Woo Thomas Y. C. (Red Bank NJ), Methods and apparatus for bandwidth reduction in a two-way paging system.
Blakeney ; II Robert D. (San Diego CA) Karmi Gadi (San Diego CA) Tiedemann ; Jr. Edward G. (San Diego CA) Weaver ; Jr. Lindsay A. (San Diego CA), Mobile station assisted soft handoff in a CDMA cellular communications system.
Wright Andrew S.,CAX ; Lai Cuong Hon,CAX ; Shin Soon S.,CAX ; Newton Helen R.,CAX, Multiple access communication network with combined contention and reservation mode access.
Shepard Howard M (Great River NY) Barkan Edward D. (South Setauket NY) Swartz Jerome (Stonybrook NY), Narrow bodied, single- and twin-windowed portable laser scanning head for reading bar code symbols.
Shepard Howard M. (Great River NY) Barkan Edward D. (South Setauket NY) Swartz Jerome (Stonybrook NY), Narrow-bodied, single- and twin-windowed portable laser scanning head for reading bar code symbols.
Shepard Howard M. (Great River NY) Barkan Edward D. (South Setauket NY) Swartz Jerome (Stonybrook NY), Narrow-bodied, single- and twin-windowed portable scanning head for reading bar code symbols.
Shepard Howard M. (Great River NY) Barkan Edward D. (South Setauket NY) Swartz Jerome (Stonybrook NY), Narrow-bodied, single-and twin-windowed portable laser scanning head for reading bar code symbols.
Shepard Howard M. (Great River NY) Barkan Edward D. (South Setauket NY) Swartz Jerome (Stonybrook NY), Narrow-bodied, single-and twin-windowed portable laser scanning head for reading bar code symbols.
Sprecher Jerry W. (Danville CA) Winters ; Jr. Donald J. (Danville CA) Rajwany Amirali S. (Walnut Creek CA) Dodson Michael W. (Walnut Creek CA) Penning Gene R. (Antioch CA) Harrington Darryl F. (Pitts, Network management system.
Zook Ronald E. (Boulder CO) Gombrich Peter P. (Boulder CO), Portable handheld terminal including optical bar code reader and electromagnetic transceiver means for interactive wirel.
Broekhoven Paul V. (Needham MA) Fitzmartin Daniel (Newton MA) Blasche Paul (Arlington MA) Cox ; Jr. Duncan B. (Manchester MA) Upadhyay Triveni (Burlington MA), Precorrelation digital spread spectrum receiver.
Fortune Steven J. (Summit NJ) Gay David M. (New Providence NJ) Kernighan Brian W. (Berkeley Heights NJ) Landron Orlando (Shrewsbury Township ; Monmouth County NJ) Valenzuela Reinaldo A. (Holmdel NJ) , Prediction of indoor electromagnetic wave propagation for wireless indoor systems.
Lockhart ; Jr. Robert K. (Lauderhill FL) Macko William J. (Tamarac FL) Bass Robert H. (Sunrise FL) Wallace Craig S. (Coral Springs FL) Moore Morris A. (Sunrise FL), Re-linked portable data terminal controller system.
Simpson Raymond W. (Hamilton Square NJ) Chandler Donald G. (Pennington NJ) Bowers John (Monmouth Junction NJ), Remote control system, components and methods.
Clarkson, Kenneth L.; Hampel, Karl Georg; Hobby, John D.; Polakos, Paul Anthony, Road-based evaluation and interpolation of wireless network parameters.
Weinberg Aaron (Potomac MD) Ebert Paul M. (Potomac MD) Fee Joseph J. (Wheaton MD) Kaminsky Yaroslav (Herndon VA) Keblawi Feisal S. (Vienna VA) Scales Walter C. (McLean VA), Spread spectrum communications method and apparatus.
Gilhousen Klein S. (San Diego CA) Jacobs Irwin M. (La Jolla CA) Weaver ; Jr. Lindsay A. (San Diego CA), Spread spectrum multiple access communication system using satellite or terrestrial repeaters.
Croft Thomas M. (Cary NC) Dent Paul W. (Stehag SEX) Harte Lawrence J. (Cary NC) Solve Torbjorn (Lund SEX), Standby power savings with cumulative parity check in mobile phones.
Rappaport, Theodore; Skidmore, Roger; Henty, Benjamin, System and method for design, tracking, measurement, prediction and optimization of data communication networks.
Gilhousen Klein S. (San Diego CA) Jacobs Irwin M. (La Jolla CA) Padovani Roberto (San Diego CA) Weaver ; Jr. Lindsay A. (San Diego CA) Wheatley ; III Charles E. (Del Mar CA) Viterbi Andrew J. (La Jol, System and method for generating signal waveforms in a CDMA cellular telephone system.
Cromer,Daryl Carvis; Jakes,Philip John; Locker,Howard Jeffrey; Griffiths, Jr.,Ronald John, System and method for passive scanning of authorized wireless channels.
Seazholtz John W. ; Farris Robert D., Use of cellular digital packet data (CDPD) communications to convey system identification list data to roaming cellular.
Carter, Scott J.; Flanders, Edward L.; Hannah, Stephen E., Wireless LAN architecture for integrated time-critical and non-time-critical services within medical facilities.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.