Authentication and authorization in proximity based service communication using a group key
US-2024314112-A1 · Sep 19, 2024 · US
Network security parameter generation and distribution
US9369448B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9369448-B2 |
| Application number | US-201113170979-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jun 28, 2011 |
| Priority date | Jun 1, 2011 |
| Publication date | Jun 14, 2016 |
| Grant date | Jun 14, 2016 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Disclosed are various embodiments for facilitating network security parameter distribution and generation in a converged network incorporating multiple heterogeneous link layer networking technologies. Embodiments are provided for connecting network devices through multiple heterogeneous link layer networking technologies using a converged network password. Embodiments are provided for connecting network devices through multiple heterogeneous link layer networking technologies using a pairing event protocol, such as, for example, a push button protocol.
First claim
Opening claim text (preview).
Therefore, the following is claimed: 1. A system, comprising: a plurality of network devices in data communication by way of a converged data communications network employing a plurality of heterogeneous link layer technologies; and wherein at least one of the network devices includes a plurality of network interfaces to the converged data communications network, a first one of the network interfaces employs a first one of the heterogeneous link layer technologies, a second one of the network interfaces employs a second one of the heterogeneous link layer technologies, and the at least one of the network devices further includes network security parameter management logic that is configured to: obtain a converged network password, the at least one network device configured to use the converged network password for pairing of each of the plurality of network interfaces to the converged data communications network using native pairing protocols associated with the network interfaces; and connect to the converged data communications network by pairing one of the network interfaces using a native pairing protocol of a corresponding one of the heterogeneous link layer technologies based at least in part on the converged network password. 2. The system of claim 1 , wherein the network security parameter management logic is further configured to: generate a first network password for the first one of the network interfaces based at least in part on the converged network password; and generate a second network password for the second one of the network interfaces based at least in part on the converged network password. 3. The system of claim 2 , wherein the first network password and the second network password are each individually generated by applying a separate hash function to the converged network password. 4. The system of claim 2 , wherein the first network password is generated by applying a hash function to the converged network password, and the second network password is generated by truncating the first network password. 5. The system of claim 1 , wherein the one of the network interfaces is the first one of the network interfaces, and the network security parameter management logic is further configured to connect to the converged data communications network by pairing the second one of the network interfaces using another native paring protocol of the second one of the heterogeneous link layer technologies based at least in part on the converged network password. 6. The system of claim 1 , wherein the one of the network interfaces is the first one of the network interfaces, and the network security parameter management logic is further configured to: obtain, by way of the first one of the network interfaces, a network security parameter for pairing the second one of the network interfaces; and connect to the converged data communications network by pairing the second one of the network interfaces based at least in part on the network security parameter. 7. The system of claim 1 , wherein the at least one of the network devices further includes an abstraction layer configured to: obtain a first data frame and a second data frame from a network layer; route the first data frame to a destination by way of the first one of the network interfaces; and route the second data frame to the destination by way of the second one of the network interfaces. 8. The system of claim 7 , wherein a media access control (MAC) address is allocated to the abstraction layer, and the MAC address is unique within the converged data communications network. 9. The system of claim 1 , wherein the at least one of the network devices further includes network security parameter distribution logic configured to: obtain a request for a network security parameter, the request originating in another one of the network devices; determine whether the network security parameter is associated with at least one of the network interfaces; send the network security parameter to the other one of the network devices by way of the converged data communications network when the network security parameter is associated with the at least one of the network interfaces; and propagate the request in the converged data communications network away from the other one of the network devices when the network security parameter is not associated with the at least one of the network interfaces. 10. A system, comprising: a plurality of network devices in data communication by way of a converged data communications network employing a plurality of heterogeneous link layer technologies; and a gateway device, corresponding to a first one of the network devices, the gateway device comprising network security parameter distribution logic that is configured to: obtain a network security parameter for each of a plurality of network portions of the converged data communications network, a first one of the network portions employing a first one of the heterogeneous link layer technologies, a second one of the network portions employing a second one of the heterogeneous link layer technologies, each of the network security parameters facilitating an authenticated connection to a corresponding one of the network portions; obtain a request for at least one of the network security parameters originating from a second one of the network devices; and provide the at least one of the network security parameters to the second one of the network devices by way of the converged data communications network. 11. The system of claim 10 , wherein the gateway device further comprises logic that maintains a topology of the network devices connected to the converged data communications network. 12. The system of claim 10 , wherein the gateway device is configured to route data from the converged data communications network to another network. 13. The system of claim 10 , wherein the request is obtained from a third one of the network devices, and the at least one of the network security parameters is provided to the second one of the network devices by way of the third one of the network devices. 14. The system of claim 10 , wherein at least one of the network devices corresponds to a relay network device having a plurality of first network interfaces, at least one of the network devices corresponds to a terminal network device having a plurality of second network interfaces, the relay network device is configured to relay management frames and data frames between the first network interfaces, and the terminal network device is configured to relay management frames but not data frames between the second network interfaces. 15. A method, comprising: generating, in a first one of a plurality of network devices, a pairing event; distributing, in the first one of the network devices, the pairing event to a converged data communications network by way of a first one of a plurality of heterogeneous link layer technologies; obtaining, in a second one of a plurality of network devices, the pairing event by way of the converged data communications network; initiating, in the second one of the network devices, a pairing with a third one of the network devices by way of a second one of the heterogeneous link layer technologies using a native pairing event protocol of the second one of the heterogeneous link layer technologies; and wherein the pairing is configured to connect the third one of the network devices to the converged data communications network by way of the second one of the heterogeneous link layer technologies. 16. The method of claim 15 , whe
Assignees
Inventors
Classifications
for managing network security; network security policies in general (filtering policies H04L63/0227) · CPC title
- H04L63/06Primary
for supporting key management in a packet data network (cryptographic mechanisms or cryptographic arrangements for key management H04L9/08) · CPC title
Restricting access to network management systems or functions, e.g. using authorisation function to access network configuration · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9369448B2 cover?
- Disclosed are various embodiments for facilitating network security parameter distribution and generation in a converged network incorporating multiple heterogeneous link layer networking technologies. Embodiments are provided for connecting network devices through multiple heterogeneous link layer networking technologies using a converged network password. Embodiments are provided for connecti…
- Who is the assignee on this patent?
- Klein Philippe, Kliger Avi, Broadcom Corp
- What technology area does this patent fall under?
- Primary CPC classification H04L63/06. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Jun 14 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).