Providing secure network access for short-range wireless computing devices

US 20020032855A1
Filed: 05/25/2001
Published: 03/14/2002
Est. Priority Date: 09/08/2000
Status: Active Grant

First Claim

Patent Images

1. A method of enabling location-independent packet routing in a short-range wireless networking environment, comprising the steps of:

providing one or more portable client devices, each of the client devices identified by a constant client address and equipped with a short-range wireless communications capability for communicating in the short-range wireless networking environment;

providing one or more application servers, each of the application servers equipped for communicating with the client devices over the short-range wireless networking environment;

transmitting a packet from a selected one of the client devices to a selected one of the application servers;

receiving the transmitted packet at a Foreign Address Masquerader (FAM);

accessing, by the FAM, a FAM translation record;

applying, by the FAM, a network address translation to replace a client address and port in the transmitted packet with a masquerading address and port retrieved by the accessing step, thereby creating a modified packet; and

forwarding, by the FAM, the modified packet to the selected application server.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention provides methods, systems, and computer program instructions for providing location-independent packet routing and secure access in a wireless networking environment (such as that encountered within a building), enabling client devices to travel seamlessly within the environment. Each client device uses a constant address. An address translation process that is transparent to the client and server is automatically performed as the device roams through the environment, enabling efficient client migration from one supporting access point to another. The secure access techniques provide user-centric authentication and allow policy-driven packet filtering, while taking advantage of encryption capabilities that are built in to the hardware at each endpoint.

117 Citations

65 Claims

1. A method of enabling location-independent packet routing in a short-range wireless networking environment, comprising the steps of:
- providing one or more portable client devices, each of the client devices identified by a constant client address and equipped with a short-range wireless communications capability for communicating in the short-range wireless networking environment;
  
  providing one or more application servers, each of the application servers equipped for communicating with the client devices over the short-range wireless networking environment;
  
  transmitting a packet from a selected one of the client devices to a selected one of the application servers;
  
  receiving the transmitted packet at a Foreign Address Masquerader (FAM);
  
  accessing, by the FAM, a FAM translation record;
  
  applying, by the FAM, a network address translation to replace a client address and port in the transmitted packet with a masquerading address and port retrieved by the accessing step, thereby creating a modified packet; and
  
  forwarding, by the FAM, the modified packet to the selected application server.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method according to claim 1, wherein the client address is the constant client address, and wherein the FAM translation record comprises the constant client address and port, a server address and port, and the masquerading address and port.
  - 3. The method according to claim 2, further comprising the step of providing a routing coordinator, wherein the routing coordinator maintains a plurality of connection table records, each of the connection table records comprising a client address and port, a server address and port, and a masquerading address and port.
  - 4. The method according to claim 1, further comprising the steps of:
    - determining, by the FAM, that the selected client device does not have a valid session key for encryption;
      
      obtaining, by the FAM, user credentials for a user of the selected client device;
      
      authenticating, by the FAM, the user credentials by contacting an authentication server;
      
      establishing the valid session key when the authenticating step completes successfully; and
      
      using the established session key, by the selected client device and the FAM, to encrypt packets that are transmitted over a link between the selected client device and the FAM.
  - 5. The method according to claim 4, wherein the step of using the established session key to encrypt packets further comprises the step of using a hardware encryption component of the selected client device and of the FAM to perform the packet encryption.
  - 6. The method according to claim 5, further comprising the step of storing a client media access control (MAC) address, the established session key, and an identification of the user by a routing coordinator.
  - 7. The method according to claim 6, further comprising the steps of:
    - querying the routing coordinator, by a filtering module, to obtain the user identification associated with a particular MAC address; and
      
      using the user identification, by the filtering module, to filter inbound and outbound packets.
  - 8. The method according to claim 6, further comprising the steps of:
    - querying the routing coordinator, when a particular client device roams to a different FAM, to obtain the established session key associated with a particular MAC address of the particular client device; and
      
      providing the obtained session key to the different FAM.

9. A method of enabling location-independent packet routing in a short-range wireless networking environment, comprising the steps of:
- providing one or more portable client devices, each of the client devices identified by a constant client address and equipped with a short-range wireless communications capability for communicating in the short-range wireless networking environment;
  
  providing one or more application servers, each of the application servers equipped for communicating with the client devices over the short-range wireless networking environment;
  
  transmitting a packet from a selected one of the application servers to a selected one of the client devices;
  
  receiving the transmitted packet at a Home Address Masquerader (HAM);
  
  accessing, by the HAM, a HAM translation record;
  
  applying, by the HAM, a network address translation to replace a masquerading address and port in the transmitted packet with a Foreign Address Masquerader (FAM) address and port retrieved by the step of accessing the HAM translation record, thereby creating a first modified packet;
  
  forwarding, by the HAM, the first modified packet to the FAM;
  
  receiving the forwarded packet at the FAM;
  
  accessing, by the FAM, a FAM translation record;
  
  applying, by the FAM, a network address translation to replace the FAM address and port in the forwarded packet with a client address and port retrieved by the step of accessing the FAM translation record, thereby creating a second modified packet; and
  
  forwarding, by the FAM, the second modified packet to the selected client device.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41)
- - 10. The method according to claim 9, wherein the client address comprises the constant client address, and wherein the FAM translation record comprises the constant client address and client port, a server address and port, and the FAM address and port.
  - 11. The method according to claim 9, wherein the client address comprises the constant client address, and wherein the HAM translation record comprises the constant client address and port, the masquerading address and port, and the FAM address and port.
  - 12. The method according to claim 9, wherein:
    - the client address comprises the constant client address;
      
      the FAM translation record comprises the constant client address and client port, a server address and port, and the FAM address and port; and
      
      the HAM translation record comprises the client address and port, the masquerading address and port, and the FAM address and port.
  - 13. The method according to claim 10, further comprising the step of providing a routing coordinator, wherein the routing coordinator maintains a plurality of connection table records, each of the connection table records comprising a client address and port, a server address and port, a masquerading address and port, a Home Address Masquerader (HAM) address and port, and zero or more FAM records.
  - 14. The method according to claim 13, further comprising the step of inserting the FAM records into a selected connection table record when a FAM sends a notification to the routing coordinator about an ability of the FAM to communicate with a selected client device identified by the client address and port in the selected connection table record.
  - 15. The method according to claim 13, further comprising the step of creating each of the connection table records when a HAM sends a notification to the routing coordinator about a new connection.
  - 16. The method according to claim 15, further comprising the step of sending the notification when the HAM receives an outbound packet from a particular client device, and (1) no matching HAM translation record exists for the particular client device and (2) no FAM translation record can otherwise be created for the particular client device.
  - 17. The method according to claim 13, further comprising the step of creating the connection table records when a FAM sends a notification to the routing coordinator about an ability of the FAM to communicate with a particular client device that is participating in a particular connection, and wherein no previous connection table record exists for the particular connection.
  - 18. The method according to claim 13, further comprising the step of receiving, by a particular HAM, the zero or more FAM records from the routing coordinator.
  - 19. The method according to claim 18, further comprising the step of transmitting the zero or more FAM records from the routing coordinator to the particular HAM when the FAM records are created by the routing coordinator.
  - 20. The method according to claim 18, further comprising the step of requesting, by a particular HAM, the FAM records when the particular HAM receives a packet from a particular server that is addressed to a particular masquerading address and port.
  - 21. The method according to claim 13, further comprising the step of deleting, by the routing coordinator, the FAM records from one or more connection table records when the routing coordinator receives a notification from a corresponding FAM.
  - 22. The method according to claim 21, wherein the notification identifies a corresponding client device, and further comprising the step of transmitting the notification from the corresponding FAM when the corresponding FAM can no longer communicate with the corresponding client device.
  - 23. The method according to claim 22, wherein the notification is initiated upon receipt, by the corresponding FAM, of an explicit link termination message from the corresponding client device.
  - 24. The method according to claim 22, wherein the notification is initiated, by the corresponding FAM, upon an implicit link termination due to inactivity with the corresponding client device.
  - 25. The method according to claim 21, further comprising the step of notifying a corresponding HAM identified in the connection table records that the corresponding FAM records are being deleted.
  - 27. The method according to claim 26, wherein:
    - the FAM translation record comprises the constant client address and client port, the server address and port, the masquerading address and port, and the FAM address and port; and
      
      the HAM translation record comprises the client address and port, the masquerading address and port, and the FAM address and port.
  - 28. The method according to claim 26, further comprising the step of providing a routing coordinator, wherein the routing coordinator maintains a plurality of connection table records, each of the connection table records comprising a client address and port, a server address and port, a masquerading address and port, a HAM address and port, and zero or more FAM records.
  - 29. The method according to claim 28, further comprising the step of inserting the FAM records into a selected connection table record when a FAM sends a notification to the routing coordinator about an ability of the FAM to communicate with a selected client device identified by the client address and port in the selected connection table record.
  - 30. The method according to claim 29, further comprising the step of sending the notification when the FAM receives an outbound packet from the selected client device, and no matching FAM translation record exists for the selected client device.
  - 31. The method according to claim 28, further comprising the step of creating each of the connection table records when a HAM sends a notification to the routing coordinator about a new connection.
  - 32. The method according to claim 31, further comprising the step of sending the notification when the HAM receives an outbound packet from a particular client device, and (1) no matching HAM translation record exists for the particular client device and (2) no FAM translation record can otherwise be created for the particular client device.
  - 33. The method according to claim 28, further comprising the step of creating the connection table records when a FAM sends a notification to the routing coordinator about an ability of the FAM to communicate with a particular client device that is participating in a particular connection, and wherein no previous connection table record exists for the particular connection.
  - 34. The method according to claim 28, further comprising the step of receiving, by a particular HAM, the zero or more FAM records from the routing coordinator.
  - 35. The method according to claim 34, further comprising the step of transmitting the zero or more FAM records from the routing coordinator to the particular HAM when the FAM records are created by the routing coordinator.
  - 36. The method according to claim 34, further comprising the step of requesting, by a particular HAM, the FAM records when the particular HAM receives a packet from a particular server that is addressed to a particular masquerading address and port.
  - 37. The method according to claim 28, further comprising the step of deleting, by the routing coordinator, the FAM records from one or more connection table records when the routing coordinator receives a notification from a corresponding FAM.
  - 38. The method according to claim 37, wherein the notification identifies a corresponding client device, and further comprising the step of transmitting the notification from the corresponding FAM when the corresponding FAM can no longer communicate with the corresponding client device.
  - 39. The method according to claim 38, wherein the notification is initiated upon receipt, by the corresponding FAM, of an explicit link termination message from the corresponding client device.
  - 40. The method according to claim 38, wherein the notification is initiated, by the corresponding FAM, upon an implicit link termination due to inactivity with the corresponding client device.
  - 41. The method according to claim 37, further comprising the step of notifying a corresponding HAM identified in the connection table records that the corresponding FAM records are being deleted.

26. A method of enabling location-independent packet routing in a short-range wireless networking environment, comprising the steps of:
- providing one or more portable client devices, each of the client devices identified by a constant client address and equipped with a short-range wireless communications capability for communicating in the short-range wireless networking environment;
  
  providing one or more application servers, each of the application servers equipped for communicating with the client devices over the short-range wireless networking environment;
  
  transmitting a first packet from a selected one of the client devices to a selected one of the application servers, further comprising the steps of;
  
  transmitting the first packet from the selected client device using the constant client address and a client port as a packet source and an address and port of the selected application server as a packet destination;
  
  receiving the transmitted first packet at a Foreign Address Masquerader (FAM);
  
  accessing, by the FAM, a FAM translation record;
  
  applying, by the FAM, a network address translation to replace the constant client address and client port in the transmitted first packet with a masquerading address and port retrieved by the accessing step, thereby creating a first modified packet; and
  
  forwarding, by the FAM, the first modified packet to the selected application server; and
  
  transmitting a second packet from the selected application server to the selected client device, further comprising the steps of;
  
  transmitting the second packet from the selected application server using the address and port of the selected application server as the packet source and the masquerading address and port as the packet destination;
  
  receiving the transmitted second packet at a Home Address Masquerader (HAM);
  
  accessing, by the HAM, a HAM translation record;
  
  applying, by the HAM, the network address translation to replace the masquerading address and port in the transmitted second packet with a FAM address and port retrieved by the step of accessing the HAM translation record, thereby creating a second modified packet;
  
  forwarding, by the HAM, the second modified packet to either the FAM or a different dynamically-determined FAM which becomes the FAM;
  
  receiving the forwarded second modified packet at the FAM;
  
  again accessing, by the FAM, the FAM translation record;
  
  again applying, by the FAM, the network address translation to replace the FAM address and port in the forwarded second modified packet with the constant client address and the client port retrieved by the step of again accessing the FAM translation record, thereby creating a third modified packet; and
  
  forwarding, by the FAM, the third modified packet to the selected client device.

42. A method of enabling secure network access in a short-range wireless networking environment, comprising the steps of:
- providing one or more portable client devices, each of the client devices equipped with a short-range wireless communications capability for communicating in the short-range wireless networking environment;
  
  receiving, by a network access point, a communication from a selected one of the client devices;
  
  determining, by the network access point, that the selected client device does not have a valid session key for encryption;
  
  obtaining, by the network access point, user credentials for a user of the selected client device;
  
  authenticating, by the network access point, the user credentials by contacting an authentication server;
  
  establishing the valid session key when the authenticating step completes successfully; and
  
  using the established session key, by the selected client device and the network access point, to encrypt packets that are transmitted over a link between the selected client device and the network access point.
- View Dependent Claims (43, 44, 45, 46, 49, 50, 51)
- - 43. The method according to claim 42, wherein the step of using the established session key to encrypt packets further comprises the step of using a hardware encryption component of the selected client device and of the network access point to perform the packet encryption.
  - 44. The method according to claim 42, further comprising the step of storing a client media access control (MAC) address, the established session key, and an identification of the user in a lookup table.
  - 45. The method according to claim 44, further comprising the steps of:
    - querying the lookup table, by a filtering module, to obtain the user identification associated with a particular MAC address; and
      
      using the user identification, by the filtering module, to filter inbound and outbound packets.
  - 46. The method according to claim 44, further comprising the steps of:
    - querying the lookup table, when a particular client device roams to a different FAM, to obtain the established session key associated with a particular MAC address of the particular client device; and
      
      providing the obtained session key to the different FAM.
  - 49. The system according to claim 48, wherein the means for transmitting a packet further comprises:
    - means for receiving the transmitted packet at the FAM;
      
      means for accessing, by the FAM, a FAM translation record;
      
      means for applying, by the FAM, a network address translation to replace the constant client address and a client port in the transmitted packet with the masquerading address and port retrieved by the accessing step, thereby creating a modified packet; and
      
      means for forwarding, by the FAM, the modified packet to the selected application server.
  - 50. The system according to claim 48, wherein the means for transmitting a response packet further comprises:
    - transmitting the response packet from the selected application server to the selected client device;
      
      receiving the transmitted response packet at the HAM;
      
      accessing, by the HAM, a HAM translation record;
      
      applying, by the HAM, a network address translation to replace the masquerading address and port in the transmitted response packet with the FAM address and port retrieved by the step of accessing the HAM translation record, thereby creating a first modified response packet;
      
      forwarding, by the HAM, the first modified response packet to the FAM;
      
      receiving the forwarded packet at the FAM;
      
      accessing, by the FAM, a FAM translation record;
      
      applying, by the FAM, a network address translation to replace the FAM address and port in the forwarded packet with the constant client address and a client port retrieved by the step of accessing the FAM translation record, thereby creating a second modified response packet; and
      
      forwarding, by the FAM, the second modified response packet to the selected client device.
  - 51. The system according to claim 48, further comprising:
    - means for determining, by the FAM, that the selected client device does not have a valid session key for encryption;
      
      means for obtaining, by the FAM, user credentials for a user of the selected client device;
      
      means for authenticating, by the FAM, the user credentials by contacting an authentication server;
      
      means for establishing the valid session key when the authenticating step completes successfully;
      
      means for supplying the established session key to a hardware component of the selected client device and to a hardware component of the FAM; and
      
      means for using the supplied session key, by the hardware components, to encrypt packets that are transmitted over a link between the selected client device and the FAM.

47. A method of enabling location-independent packet routing in a short-range wireless networking environment, comprising the steps of:
- establishing, by a client device, a first connection to a first application server;
  
  assigning the first connection to a first Home Address Masquerader (HAM);
  
  establishing, by the client device, a second connection to a second application server; and
  
  assigning the second connection to a second HAM, wherein the first HAM and the second HAM are distinct.

48. A system for enabling location-independent packet routing in a short-range wireless networking environment, comprising:
- one or more portable client devices, each of the client devices identified by a constant client address and equipped with a short-range wireless communications capability for communicating in the short-range wireless networking environment;
  
  one or more application servers, each of the application servers equipped for communicating with the client devices over the short-range wireless networking environment;
  
  means for transmitting a packet from a selected one of the client devices to a selected one of the application servers using a masquerading address and port for the selected client device instead of the constant client address by forwarding the packet through a Foreign Address Masquerader (FAM); and
  
  means for transmitting a response packet from the selected application server to the selected client device using the masquerading address and port by forwarding the response packet through a Home Address Masquerader (HAM) and either the FAM or a dynamically-determined different FAM which then becomes the FAM.

52. A system for enabling secure network access in a short-range wireless networking environment, comprising:
- one or more portable client devices, each of the client devices equipped with a short-range wireless communications capability for communicating in the short-range wireless networking environment;
  
  means for receiving, by a network access point, a communication from a selected one of the client devices;
  
  means for determining, by the network access point, that the selected client device does not have a valid session key for encryption;
  
  means for obtaining, by the network access point, user credentials for a user of the selected client device;
  
  means for authenticating, by the network access point, the user credentials by contacting an authentication server;
  
  means for establishing the valid session key when the means for authenticating completes successfully; and
  
  means for using the established session key, by the selected client device and the network access point, to encrypt packets that are transmitted over a link between the selected client device and the network access point.
- View Dependent Claims (53, 54, 55, 56, 58, 59, 60)
- - 53. The system according to claim 52, wherein the means for using the established session key to encrypt packets further comprises means for using a hardware encryption component of the selected client device and of the network access point to perform the packet encryption.
  - 54. The system according to claim 52, further comprising means for storing a client media access control (MAC) address, the established session key, and an identification of the user in a lookup table.
  - 55. The system according to claim 54, further comprising:
    - means for querying the lookup table, by a filtering module, to obtain the user identification associated with a particular MAC address; and
      
      means for using the user identification, by the filtering module, to filter inbound and outbound packets.
  - 56. The system according to claim 54, further comprising:
    - means for querying the lookup table, when a particular client device roams to a different FAM, to obtain the established session key associated with a particular MAC address of the particular client device; and
      
      means for providing the obtained session key to the different FAM.
  - 58. The computer program instructions according to claim 57, wherein the computer program instructions for transmitting a packet further comprise:
    - computer program instructions for receiving the transmitted packet at the FAM;
      
      computer program instructions for accessing, by the FAM, a FAM translation record;
      
      computer program instructions for applying, by the FAM, a network address translation to replace the constant client address and a client port in the transmitted packet with the masquerading address and port retrieved by the accessing step, thereby creating a modified packet; and
      
      computer program instructions for forwarding, by the FAM, the modified packet to the selected application server.
  - 59. The computer program instructions according to claim 57, wherein the computer program instructions for transmitting a response packet further comprise:
    - computer program instructions for transmitting the response packet from the selected application server to the selected client device;
      
      computer program instructions for receiving the transmitted response packet at the HAM;
      
      computer program instructions for accessing, by the HAM, a HAM translation record;
      
      computer program instructions for applying, by the HAM, a network address translation to replace the masquerading address and port in the transmitted response packet with the FAM address and port retrieved by the step of accessing the HAM translation record, thereby creating a first modified response packet;
      
      computer program instructions for forwarding, by the HAM, the first modified response packet to the FAM;
      
      computer program instructions for receiving the forwarded packet at the FAM;
      
      computer program instructions for accessing, by the FAM, a FAM translation record;
      
      computer program instructions for applying, by the FAM, a network address translation to replace the FAM address and port in the forwarded packet with the constant client address and a client port retrieved by the step of accessing the FAM translation record, thereby creating a second modified response packet; and
      
      computer program instructions for forwarding, by the FAM, the second modified response packet to the selected client device.
  - 60. The computer program instructions according to claim 57, further comprising:
    - computer program instructions for determining, by the FAM, that the selected client device does not have a valid session key for encryption;
      
      computer program instructions for obtaining, by the FAM, user credentials for a user of the selected client device;
      
      computer program instructions for authenticating, by the FAM, the user credentials by contacting an authentication server;
      
      computer program instructions for establishing the valid session key when the authenticating step completes successfully;
      
      computer program instructions for supplying the established session key to a hardware component of the selected client device and to a hardware component of the FAM; and
      
      computer program instructions for using the supplied session key, by the hardware components, to encrypt packets that are transmitted over a link between the selected client device and the FAM.

57. Computer program instructions embodied on one or more computer readable media, the computer program instructions adapted for enabling location-independent packet routing in a short-range wireless networking environment and comprising:
- computer program instructions for accessing one or more portable client devices, each of the client devices identified by a constant client address and equipped with a short-range wireless communications capability for communicating in the short-range wireless networking environment;
  
  computer program instructions for accessing one or more application servers, each of the application servers equipped for communicating with the client devices over the short-range wireless networking environment;
  
  computer program instructions for transmitting a packet from a selected one of the client devices to a selected one of the application servers using a masquerading address and port for the selected client device instead of the constant client address by forwarding the packet through a Foreign Address Masquerader (FAM); and
  
  computer program instructions for transmitting a response packet from the selected application server to the selected client device using the masquerading address and port by forwarding the response packet through a Home Address Masquerader (HAM) and either the FAM or a different dynamically-determined FAM which then becomes the FAM.

61. Computer program instructions embodied on one or more computer readable media, the computer program instructions adapted for enabling secure network access in a short-range wireless networking environment, comprising:
- computer program instructions for accessing one or more portable client devices, each of the client devices equipped with a short-range wireless communications capability for communicating in the short-range wireless networking environment;
  
  computer program instructions for receiving, by a network access point, a communication from a selected one of the client devices;
  
  computer program instructions for determining, by the network access point, that the selected client device does not have a valid session key for encryption;
  
  computer program instructions for obtaining, by the network access point, user credentials for a user of the selected client device;
  
  computer program instructions for authenticating, by the network access point, the user credentials by contacting an authentication server;
  
  computer program instructions for establishing the valid session key when the computer program instructions for authenticating complete successfully; and
  
  computer program instructions for using the established session key, by the selected client device and the network access point, to encrypt packets that are transmitted over a link between the selected client device and the network access point.
- View Dependent Claims (62, 63, 64, 65)
- - 62. The computer program instructions according to claim 61, wherein the computer program instructions for using the established session key to encrypt packets further comprises computer program instructions for using a hardware encryption component of the selected client device and of the network access point to perform the packet encryption.
  - 63. The computer program instructions according to claim 61, further comprising computer program instructions for storing a client media access control (MAC) address, the established session key, and an identification of the user in a lookup table.
  - 64. The computer program instructions according to claim 63, further comprising:
    - computer program instructions for querying the lookup table, by a filtering module, to obtain the user identification associated with a particular MAC address; and
      
      computer program instructions for using the user identification, by the filtering module, to filter inbound and outbound packets.
  - 65. The computer program instructions according to claim 63, further comprising:
    - computer program instructions for querying the lookup table, when a particular client device roams to a different FAM, to obtain the established session key associated with a particular MAC address of the particular client device; and
      
      computer program instructions for providing the obtained session key to the different FAM.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Reefedge Networks LLC (IPNav)
Original Assignee
Symantec Corporation (NortonLifeLock Inc.)
Inventors
Singhal, Sandeep Kishan, Park, Yoonho, Gopal, Ajei Sarat, Neves, Richard Kent, Anand, Rangachari

Granted Patent

US 6,851,050 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/154
CPC Class Codes

H04L 61/00   Network arrangements, proto...

H04L 61/25   of the same type

H04L 61/2521   Translation architectures o...

H04L 61/2539   Hiding addresses; Keeping a...

H04L 61/255   Maintenance or indexing of ...

H04L 61/5084   Providing for device mobili...

H04L 63/0227   Filtering policies mail mes...

H04L 63/0428   wherein the data content is...

H04L 63/062   for key distribution, e.g. ...

H04L 63/08   for authentication of entit...

H04L 63/083   using passwords cryptograph...

H04W 12/02   Protecting privacy or anony...

H04W 12/04   Key management, e.g. using ...

H04W 12/06   Authentication

H04W 12/08   Access security

H04W 40/00   Communication routing or co...

H04W 8/12   between location registers ...

H04W 8/26   Network addressing or numbe...

H04W 80/04   Network layer protocols, e....

H04W 84/10   Small scale networks; Flat ...

H04W 88/08 : Access point devices

View All

Providing secure network access for short-range wireless computing devices

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

117 Citations

65 Claims

Specification

Solutions

Use Cases

Quick Links

Providing secure network access for short-range wireless computing devices

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

117 Citations

65 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links