A METHOD FOR IDENTIFYING A TASK AUTHORIZATION

US 20100071049A1
Filed: 03/19/2007
Published: 03/18/2010
Est. Priority Date: 04/11/2006
Status: Abandoned Application

First Claim

Patent Images

1-15. -15. (canceled)

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In an ad hoc mesh network, roles are assignment to the different network nodes, for example mesh point or mesh portal. The invention envisages that a network node identifies the certification and thus the permitted roles of another network node before it sends a message to said other network node. This ensures that the roles maintain their integrity and the security in the network is enhanced.

Citations

33 Claims

1-15. -15. (canceled)

16. A method for identifying a task authorization for a task for a first network node, comprising:
- determining a security requirement assigned to the task;
  
  checking whether the first network node fulfills the security requirement; and
  
  if the security requirement is not fulfilled, refusing the task authorization for the first network node.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
- - 17. The method as claimed in claim 16, wherein the task comprises the receipt of message to be sent by a network node to the first network node.
  - 18. The method as claimed in claim 16, wherein the refusal includes a suppression of sending the message from the network node to the first network node.
  - 19. The method as claimed in claim 18, wherein the determination of the security requirement undertaken is based on the type of message.
  - 20. The method as claimed in claim 18, wherein the determination of the security requirement undertaken is based on at least one of the following types:
    - a message intended for the first network node,a message intended to be routed by the first network node,a Route-Request or Route-Reply message, ora message from a non-mesh-enabled further network node for routing into a mesh network.
  - 21. The method as claimed in claim 16, wherein the task comprises the routing of a message of a network node by the first network node.
  - 22. The method as claimed in claim 21, wherein the refusal comprises not entering and/or removing an entry of the network node from a routing table of the network node.
  - 23. The method as claimed in claim 21, wherein the check is conducted by the network node.
  - 24. The method as claimed in claim 23, wherein a certificate of the first network node is used for checking a security request.
  - 25. The method as claimed in claim 23, wherein a certificate of the first network node in accordance with X.509v3 is used to check a security request.
  - 26. The method as claimed in claim 24, wherein the certificate has attributes on the basis of which the check is conducted.
  - 27. The method as claimed in claim 26, wherein a network node class is used as the task authorization.
  - 28. The method as claimed in claim 27, wherein the network node class is selected from the group consisting of:
    - mesh point, mesh access point, lightweight mesh point, station, and mesh portal.

29. A network node, comprising:
- a processing unit constructed and arranged such that,to determine a task authorization for a task for a first network node, the node determines a security requirement assigned to the task,to check whether the first network node meets the security requirement, andto refuse the task authorization for the first network node if the first network node does not meet the security requirement.
- View Dependent Claims (30, 31)
- - 30. The network node as claimed in claim 29, wherein the refusal comprises not entering the first network node into or removing it from a routing table of the network node.
  - 31. The network node as claimed in claim 29, wherein the task comprises the receipt of a message to be sent by a network node to the first network node and the refusal includes suppression of the transmission of the message to be sent.

32. A network, comprising:
- at least one network node,wherein the at least one network node has;
  
  a processing unit embodied,to determine a task authorization for a task for a first network node, where the node determines a security requirement assigned to the task,to check whether the first network node meets the security requirement, andto refuse the task authorization for the first network node if the first network node does not meet the security requirement.
- View Dependent Claims (33)
- - 33. The network in accordance with claim 32, wherein the network is an ad-hoc network or a mesh network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Unify GmbH & Co. KG (Atos SE)
Original Assignee
Unify GmbH & Co. KG (Atos SE)
Inventors
Schwingerschlögl, Cheistian, Bahr, Michael

Application Number

US12/226,177
Publication Number

US 20100071049A1
Time in Patent Office

Days
Field of Search
US Class Current

726/10
CPC Class Codes

G06F 21/606   by securing the transmissio...

G06F 21/6209   to a single file or object,...

H04L 63/0823   using certificates cryptogr...

H04L 63/10   for controlling access to d...

H04W 12/08   Access security

H04W 84/20   Master-slave selection or c...

A METHOD FOR IDENTIFYING A TASK AUTHORIZATION

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

33 Claims

Specification

Solutions

Use Cases

Quick Links

A METHOD FOR IDENTIFYING A TASK AUTHORIZATION

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

33 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links