System for dynamic, scalable secure sub-grouping in mobile ad-hoc networks

US 20030233538A1
Filed: 06/28/2002
Published: 12/18/2003
Est. Priority Date: 05/31/2002
Status: Abandoned Application

First Claim

Patent Images

1. A network communication method for establishing secure collaborative group communication among a subset of nodes in a mobile ad-hoc MANET, said method comprising the steps of:

creating a secure virtual communications channel between each member node of said subset of nodes;

managing the membership of said subset.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Invention provides MANET plus VPN: secure virtual private subgroups communicating within a mobile ad hoc network. Wireless communication system is taught suitable for ad hoc mobile wireless as well as mesh and peer to peer networks. Also taught relative to MANET is an embodiment wherein network protocols, including TBRPF, are employed at the network layer, and upon which another layer, Enclaves, provides capability for secure VPN (virtual private networks) within the MANET.

Dynamic group management capability, intrusion tolerant Enclaves, with multi leader and multi casting TBRPF layer coupled with Enclaves layer (VPN) are taught as inventive embodiments.

Citations

8 Claims

1. A network communication method for establishing secure collaborative group communication among a subset of nodes in a mobile ad-hoc MANET, said method comprising the steps of:
- creating a secure virtual communications channel between each member node of said subset of nodes;
  
  managing the membership of said subset.
- View Dependent Claims (2, 3)
- - 2. A network communication method as in claim 1 wherein determination of MANET membership includes:
    - establishment of MANET via protocol enabling routing node intercommunication whereby each routing node disseminates routing information to one or more neighbor nodes based on a broadcast tree maintained in part by that routing node, the routing nodes determining a path to the destination node based on the routing information.
  - 3. A network communication method as in claim 1 wherein determination of MANET membership includes:
    - establishment of a MANET where the nodes intercommunicate via a protocol wherein routing nodes each disseminate link-related information to zero or more neighbor nodes based on a tree developed and maintained by that routing node, said routing nodes operable to determine whether a link-state change in the first wireless route has interrupted communications between between the nodes and that the communicating node has accordingly selected an alternate wireless route through the network; and
      
      a queue storing communications affected by the interruption and transmitting such communications to the client and the server to resume communications between the client and the server over the alternate wireless route from the point of interruption.

4. A wireless network communication method for mobile ad-hoc wireless network member communication said communication method comprising:
- creating secure virtual groups of member nodes;
  
  managing group membership so as to maintain group security.

5. A wireless mesh network communication method for mobile wireless network member communication, said communication method comprising:
- creating secure groups of member nodes wherein more than one node acts as leader;
  
  managing, at least partially through the acts of the leader nodes group, group membership so as to maintain group security.

6. A wireless communication system for mobile ad-hoc wireless network member communication said system comprising:
- a plurality of communicating nodes wherein some nodes assume a leadership role;
  
  and wherein the acts of at least some of the leaders maintain network communications substantially secure from unauthorized access.

7. A wireless communication system for mesh MANET member communication wherein the network layer includes protocols operable to support multicasting by member
- View Dependent Claims (8)
- - 8. The system as in claim 7 further including an Enclaves stack layer operable to create secure VPN among subset of member nodes, and interoperable with said multicasting layer so multicasting functions within the secure subset.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Systems, Inc.
Original Assignee
Cisco Systems, Inc.
Inventors
Dutertre, Bruno

Application Number

US10/185,961
Publication Number

US 20030233538A1
Time in Patent Office

Days
Field of Search
US Class Current

713/151
CPC Class Codes

H04L 63/0272   Virtual private networks

H04L 63/0457   wherein the sending and rec...

H04L 63/08   for authentication of entit...

H04L 63/104   Grouping of entities

H04W 12/033   of the user plane, e.g. use...

H04W 12/041   Key generation or derivation

H04W 12/0433   Key management protocols

H04W 12/069   using certificates or pre-s...

H04W 40/02   Communication route or path...

H04W 84/18   Self-organising networks, e...

System for dynamic, scalable secure sub-grouping in mobile ad-hoc networks

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

8 Claims

Specification

Solutions

Use Cases

Quick Links

System for dynamic, scalable secure sub-grouping in mobile ad-hoc networks

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

8 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links