Managing establishment and removal of security associations in a wireless mesh network
First Claim
Patent Images
1. A node configured to manage a security association with at least one particular neighbor node in a wireless network, the node comprising:
- a neighbor node table configured to store an entry for at least one neighbor node comprising attributes associated with the neighbor node, wherein the attributes comprise at least one of;
Link Quality Measurements (LQMs) which account for the quality of a wireless link with the particular neighbor node;
routing metrics which account for metrics along a route to the particular neighbor node;
mobility domain information comprising a mobility domain value advertised by the particular neighbor node;
mobility information about the particular neighbor node; and
security association state information for the particular node;
a security module configured to store security association information associated with each neighbor node, anda routing module communicatively coupled to the security module, wherein the routing module is configured to;
determine, based on particular attributes associated with each neighbor node in the neighbor node table, at least one of the particular neighbor nodes from the neighbor node table that the node will attempt to establish a security association with;
select at least one of the particular neighbor nodes the node will attempt to establish the security association with; and
send a first message to the security module to trigger the security module to attempt to establish a particular security association with the particular neighbor node that is selected.
7 Assignments
0 Petitions
Accused Products
Abstract
Techniques and technologies are provided for managing establishment, maintenance and removal of security associations (SAs) between nodes in an ad hoc network, such as a wireless mesh network.
-
Citations
38 Claims
-
1. A node configured to manage a security association with at least one particular neighbor node in a wireless network, the node comprising:
-
a neighbor node table configured to store an entry for at least one neighbor node comprising attributes associated with the neighbor node, wherein the attributes comprise at least one of; Link Quality Measurements (LQMs) which account for the quality of a wireless link with the particular neighbor node; routing metrics which account for metrics along a route to the particular neighbor node; mobility domain information comprising a mobility domain value advertised by the particular neighbor node; mobility information about the particular neighbor node; and security association state information for the particular node; a security module configured to store security association information associated with each neighbor node, and a routing module communicatively coupled to the security module, wherein the routing module is configured to; determine, based on particular attributes associated with each neighbor node in the neighbor node table, at least one of the particular neighbor nodes from the neighbor node table that the node will attempt to establish a security association with; select at least one of the particular neighbor nodes the node will attempt to establish the security association with; and send a first message to the security module to trigger the security module to attempt to establish a particular security association with the particular neighbor node that is selected. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A method for managing a security association between a node and at least one particular neighbor node in a wireless network, wherein the node comprises:
- a neighbor node table configured to store an entry for at least one neighbor node comprising attributes associated with the neighbor node;
a security module configured to store security association information associated with each neighbor node, and a routing module communicatively coupled to the security module, the method comprising;determining, at the routing module based on particular attributes associated with each neighbor node in the neighbor node table, at least one of the particular neighbor nodes from the neighbor node table that the node will attempt to establish a security association with, wherein the particular attributes comprise;
Link Quality Measurements (LQMs) which account for the quality of a wireless link with the particular neighbor node, routing metrics which account for metrics along a route to the particular neighbor node, mobility domain information comprising a mobility domain value advertised by the particular neighbor node, mobility information about the particular neighbor node, and security association state information for the particular node;selecting, at the routing module, at least one of the particular neighbor nodes the node will attempt to establish the security association with; and sending a first message from the routing module to the security module to trigger the security module to attempt to establish a particular security association with the particular neighbor node that is selected. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
- a neighbor node table configured to store an entry for at least one neighbor node comprising attributes associated with the neighbor node;
-
34. A system, comprising:
-
a particular neighbor node; and a node configured to manage a security association with the particular neighbor node, wherein the node comprises; a neighbor node table configured to store an entry for at least the particular neighbor node comprising attributes associated with the particular neighbor node, wherein the attributes comprise;
Link Quality Measurements (LQMs) which account for the quality of a wireless link with the particular neighbor node, routing metrics which account for metrics along a route to the particular neighbor node, mobility domain information comprising a mobility domain value advertised by the particular neighbor node, mobility information about the particular neighbor node, and security association state information for the particular node;a security module configured to store security association information associated with each neighbor node, and a routing module communicatively coupled to the security module, wherein the routing module is configured to;
determine, based on particular attributes associated with each neighbor node in a neighbor node table, at least one of the particular neighbor nodes from the neighbor node table that the node will attempt to establish a security association with;
select at least one of the particular neighbor nodes the node will attempt to establish the security association with; and
send a first message to the security module to trigger the security module to attempt to establish a particular security association with the particular neighbor node that is selected. - View Dependent Claims (35, 36, 37, 38)
-
Specification