Mesh networks with exclusion capability
First Claim
1. A mesh router comprising:
- at least one processor;
a network interface configured to communicatively couple the mesh router with one or more other mesh routers on a network; and
one or more media configured to store a mesh-router- producing-entity-issued certificate of a plurality of certificates issued by a mesh-router-producing entity, the stored certificate comprising a name, a signature, and a public key, wherein the name corresponds to a name of the mesh router, the signature corresponds to an authentication by the mesh-router- -producing entity, and the public key certifying that the mesh-router-producing-entity-issued certificate is bound to the name of the mesh router and configured to store processor-executable instructions capable of being executed by the at least one processor, the processor-executable instructions configured to direct the router to perform actions comprising;
initializing by designating the mesh router to be a single neighborhood administrator, the designated neighborhood administrator offering to be the neighborhood administrator and being designated by at least one other mesh router of the one or more other mesh routers on a network,granting, by the designated neighborhood administrator, access to the network to mesh routers that possess at least one of the plurality of certificates issued by the mesh-router-producing entity;
detecting a delinquent mesh router of the one or more mesh routers of the network and deciding whether to exclude a delinquent mesh router certificate associated with the delinquent mesh router, the delinquent mesh router certificate comprising a name of the delinquent mesh router, a signature created by a producing entity, and a public key corresponding to the delinquent mesh router;
receiving the delinquent mesh router certificate and notification of the associated delinquent mesh router from the designated neighborhood administrator, the notification being signed by the designated neighborhood administrator to authenticate the notification; and
excluding the delinquent mesh router responsive to the authenticated notification based on the associated delinquent mesh router certificate;
wherein the router comprises a mesh router that effectively treats the associated delinquent mesh router certificate as being revoked and/or invalid based on the authenticated notification from the designated neighborhood administrator even when the associated delinquent mesh router certificate is issued and authenticated by an entity other than the designated neighborhood administrator.
2 Assignments
0 Petitions
Accused Products
Abstract
In an exemplary method implementation, a method includes: designating a neighborhood administrator; receiving notification of a delinquent router from the designated neighborhood administrator; and excluding the delinquent router responsive to the notification. In an exemplary mesh router implementation, a mesh router is capable of establishing a wireless mesh network with other mesh routers, the mesh router is further capable of designating a neighborhood administrator mesh router; and the mesh router is adapted to exclude another mesh router that is associated with a particular certificate when the particular certificate has been identified as delinquent by the designated neighborhood administrator. mesh router.
71 Citations
25 Claims
-
1. A mesh router comprising:
-
at least one processor; a network interface configured to communicatively couple the mesh router with one or more other mesh routers on a network; and one or more media configured to store a mesh-router- producing-entity-issued certificate of a plurality of certificates issued by a mesh-router-producing entity, the stored certificate comprising a name, a signature, and a public key, wherein the name corresponds to a name of the mesh router, the signature corresponds to an authentication by the mesh-router- -producing entity, and the public key certifying that the mesh-router-producing-entity-issued certificate is bound to the name of the mesh router and configured to store processor-executable instructions capable of being executed by the at least one processor, the processor-executable instructions configured to direct the router to perform actions comprising; initializing by designating the mesh router to be a single neighborhood administrator, the designated neighborhood administrator offering to be the neighborhood administrator and being designated by at least one other mesh router of the one or more other mesh routers on a network, granting, by the designated neighborhood administrator, access to the network to mesh routers that possess at least one of the plurality of certificates issued by the mesh-router-producing entity; detecting a delinquent mesh router of the one or more mesh routers of the network and deciding whether to exclude a delinquent mesh router certificate associated with the delinquent mesh router, the delinquent mesh router certificate comprising a name of the delinquent mesh router, a signature created by a producing entity, and a public key corresponding to the delinquent mesh router; receiving the delinquent mesh router certificate and notification of the associated delinquent mesh router from the designated neighborhood administrator, the notification being signed by the designated neighborhood administrator to authenticate the notification; and excluding the delinquent mesh router responsive to the authenticated notification based on the associated delinquent mesh router certificate; wherein the router comprises a mesh router that effectively treats the associated delinquent mesh router certificate as being revoked and/or invalid based on the authenticated notification from the designated neighborhood administrator even when the associated delinquent mesh router certificate is issued and authenticated by an entity other than the designated neighborhood administrator. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method for implementing an exclusion capability, the method comprising:
-
communicatively coupling a mesh router with one or more other mesh routers on a network; storing a mesh-router-producing-entity-issued certificate of a plurality of certificates issued by a mesh-router producing entity, the stored certificate comprising a name, a signature, and a public key, wherein the name corresponds to a name of the mesh router, the signature corresponds to an authentication by the mesh-router-producing entity, and the public key certifying that the mesh-router-producing-entity-issued certificate is bound to the name of the mesh router and configured to store processor-executable instructions capable of being executed by at least one processor; initializing by designating by at least one other mesh router a single designated neighborhood administrator amongst a plurality of mesh routers of a network; granting, by the designated neighborhood administrator, access to the network to mesh routers that possess at least one of the plurality of certificates issued by the mesh-router-producing entity; detecting a delinquent mesh router of the one or more mesh routers of the network and deciding whether to exclude a delinquent mesh router certificate associated with the delinquent mesh router, the delinquent mesh router certificate comprising a name of the delinquent mesh router, a signature created by a producing entity, and a public key corresponding to the delinquent mesh router; receiving the delinquent mesh router certificate and a notification of the associated delinquent mesh router from the designated neighborhood administrator, the notification being signed by the designated neighborhood administrator to authenticate the notification; and excluding the delinquent mesh router responsive to the authenticated notification based on the associated delinquent mesh router certificate; wherein the receiving comprises receiving an identification of a certificate that is associated with the delinquent mesh router, the certificate comprising a name of the delinquent mesh router, a signature created by a producing entity, and a public key corresponding to the delinquent mesh router and further wherein the router comprises a mesh router that effectively treats the associated delinquent mesh router certificate as being revoked and/or invalid based on the authenticated notification from the designated neighborhood administrator even when the associated delinquent mesh router certificate is issued and authenticated by an entity other than the designated neighborhood administrator. - View Dependent Claims (7, 8, 9, 10, 11, 12, 13)
-
-
14. A mesh router that is capable of establishing a wireless mesh network with other mesh routers, the mesh router further capable of designating at least one other mesh router as a single neighborhood administrator, the neighborhood administrator deciding whether to exclude a delinquent mesh router certificate;
-
the mesh router comprising at least one processor and one or more media configured to store a mesh-router-producing-entity-issued certificate of a plurality of certificates issued by a mesh-router-producing entity, the stored certificate comprising a name, a signature, and a public key, wherein the name corresponds to a name of the mesh router, the signature corresponds to an authentication by the mesh-router-producing entity, and the public key certifying that the mesh-router-producing-entity-issued certificate is bound to the name of the mesh router and configured to store processor-executable instructions capable of being executed by the at least on processor; the mesh router designated as the single neighborhood administrator configured to grant other mesh routers that possess at least one of the plurality of certificates issue by the mesh-router-producing entity, access to the wireless mesh network; the mesh router configured to exclude another mesh router that is associated with a particular certificate when the particular certificate has been identified as delinquent and sent by the designated neighborhood administrator; wherein the particular certificate that is associated with the another mesh router comprises a name of the another mesh router, a signature created by a producing entity, and a public key corresponding to the another mesh router. - View Dependent Claims (15, 16, 17, 18)
-
-
19. One or more processor-accessible computer storage media comprising processor-executable instructions that, when executed, direct a device to perform actions comprising:
-
storing a mesh-router-producing-entity-issued certificate of a plurality of certificates issued by a mesh-router-producing entity, the stored certificate comprising a name, a signature, and a public key, wherein the name corresponds to a name of a mesh router, the signature corresponds to an authentication by the mesh-router-producing entity, and the public key certifying that the mesh-router-producing-entity-issued certificate is bound to the name of the mesh router; initializing by designating at least one other mesh router as a single neighborhood administrator, the initialized designated neighborhood administrator offering to be the neighborhood administrator, deciding whether to exclude a delinquent mesh router certificate; granting, by the single neighborhood administrator, access to a network to mesh routers that possess at least one of the plurality of certificates issued by the mesh-router-producing entity; receiving the delinquent mesh router certificate and notification of the associated delinquent mesh router from the single neighborhood administrator, the delinquent mesh router certificate comprising a name of the delinquent mesh router, the notification being signed by the single neighborhood administrator to authenticate the notification, and a public key corresponding to the delinquent mesh router; and excluding the delinquent mesh router certificate responsive to the authenticated notification received from the designated neighborhood administrator. - View Dependent Claims (20, 21)
-
-
22. A system for implementing an exclusion capability, the system comprising:
-
coupling means for communicatively coupling a mesh router with one or more other mesh routers on a network; storing means for storing a mesh-router-producing-entity-issued certificate of a plurality of certificates issued by a mesh-router-producing entity, the stored certificate comprising a name, a signature, and a public key, wherein the name corresponds to a name of the mesh router, the signature corresponds to an authentication by the mesh-router-producing entity, and the public key certifying that the mesh-router-producing-entity-issued certificate is bound to the name of the mesh router and processor-executable instructions capable of being executed by the at least one processor; designation means for designating at least one other mesh router as a single neighborhood administrator, the neighborhood administrator deciding whether to exclude a delinquent mesh router certificate; granting means for granting access to the network to mesh routers that possess at least one of the plurality of certificates issued by the mesh-router-producing entity; detection means for detecting the delinquent mesh router of the one or more mesh routers of the network and deciding whether to exclude the delinquent mesh router certificate associated with the delinquent mesh router, the delinquent mesh router certificate comprising a name of the delinquent mesh router, a signature created by a producing entity, and a public key corresponding to the delinquent mesh router; receiving means for receiving the delinquent mesh router certificate and a notification of an associated delinquent mesh router from the designated neighborhood administrator; and exclusion means for excluding the delinquent mesh router responsive to the notification and based on the delinquent mesh router certificate associated with the delinquent mesh router, the delinquent mesh router certificate comprising the name of the delinquent mesh router, the signature created by a producing entity, and the public key corresponding to the delinquent mesh router. - View Dependent Claims (23, 24, 25)
-
Specification