METHOD FOR RECONFIGURING SECURITY MECHANISM OF A WIRELESS NETWORK AND THE MOBILE NODE AND NETWORK NODE THEREOF
First Claim
Patent Images
1. A method for reconfiguring security management mechanism of a wireless network, comprising the steps of:
- a network node sending a broadcast packet to a mobile node in the same domain, wherein the broadcast packet includes a plurality of authentication protocols supported by the network node;
the mobile node selecting one authentication protocol in accordance with the received broadcast packet, and sending an encrypted negotiation packet to the network node;
the network node examining whether the negotiation packet is valid by communicating with an authentication server;
the network node conducting an authentication process according to the authentication protocol in the protocol packet if the negotiation packet is valid;
the mobile node communicating with the network node to complete the authentication process; and
the mobile node and the network node generating a security association after the authentication process, wherein the security association includes an authentication key for protecting signaling packets.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for reconfiguring the security mechanism of a wireless network system includes steps of: sending a packet from a network node to a mobile node; sending a negotiation packet from the mobile node to the network node according to a selected authentication protocol; the mobile node and the network node proceeding the authentication process if the received negotiation packet is valid; the mobile node and the network node generating a security association after the authentication process is completed.
100 Citations
20 Claims
-
1. A method for reconfiguring security management mechanism of a wireless network, comprising the steps of:
-
a network node sending a broadcast packet to a mobile node in the same domain, wherein the broadcast packet includes a plurality of authentication protocols supported by the network node; the mobile node selecting one authentication protocol in accordance with the received broadcast packet, and sending an encrypted negotiation packet to the network node; the network node examining whether the negotiation packet is valid by communicating with an authentication server; the network node conducting an authentication process according to the authentication protocol in the protocol packet if the negotiation packet is valid; the mobile node communicating with the network node to complete the authentication process; and the mobile node and the network node generating a security association after the authentication process, wherein the security association includes an authentication key for protecting signaling packets. - View Dependent Claims (2, 3, 4)
-
-
5. A security management method used at a network end, comprising the steps of:
-
a plurality of network nodes and edged network nodes at the network end taking their certificates from an authentication server upon startup; the network nodes and edged network nodes broadcasting the certificates to their neighboring nodes; the neighboring nodes forwarding their certificates to the network nodes and edged network nodes; and the network nodes and edged network nodes establishing a security association with their neighboring nodes. - View Dependent Claims (6)
-
-
7. A mobile node of a wireless network with a security management mechanism, comprising:
-
a client-end platform controller; a client-end platform controller notifier configured to monitor packet transmission and to transmit received packets to the client-end platform controller; a security parameter recorder configured to record a pre-shared key and an authentication key generated during an authentication process; and a client-end security protection unit connected to the client-end platform controller, the client-end platform controller notifier and the security parameter recorder, wherein the client-end security protection unit verifies packets passing the client-end platform controller and client-end platform controller notifier in accordance with data in the security parameter recorder; a plurality of client-end authentication modules each corresponding to a set of authentication protocols, and connected to the security parameter recorder and client-end platform controller; a client-end platform registrar connected to the client-end platform controller and the client-end authentication modules for defining a template of each authentication protocol and receiving a registration application of each authentication protocol; and a protocol selector connected to the client-end platform controller for selecting an authentication protocol to determine the security management mechanism. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A network node of a wireless network with a security management mechanism, comprising:
-
a platform controller; a platform controller notifier configured to monitor packet transmission and to transmit received packets to the platform controller; a security parameter database configured to record common secret information with neighboring nodes; and a security protection unit connected to the platform controller, the platform controller notifier and the security parameter database, wherein the security protection unit verifies packets passing the platform controller and platform controller notifier in accordance with data in the security parameter database; a plurality of authentication modules each corresponding to an authentication protocol and connected to the security parameter database and platform controller; a platform registrar connected to the platform controller and the authentication modules for defining a template of each authentication protocol and for receiving a registration application of each authentication protocol; and a mobile node database connected to the platform controller and the platform controller notifier for recording all mobile nodes in the same domain. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
Specification