• 专利附录
  • 专利说明
  • 权利要求
  • 类似技术
  • 同族专利
  • 引用文献
  • 法律状态
  • 优先权
    • 专利摘要:
    Routing method with security and authentication at the level of frames. It discloses a routing method to be implemented in the firmware of a router that provides greater security at low cost since it works, substantially, at the level of layer 2 of the osi model. The described router incorporates various levels of security in which it comprises a first stage (1) of mac address detection (10), a second stage (2) of authorization of mac addresses (10), a third stage (3) of authorizations of users for said mac address and optional higher level protections such as, for example, a fourth stage (3) of time restrictions, a fifth stage (5) of additional restrictions such as port blocking, protocols, web pages, among others . (Machine-translation by Google Translate, not legally binding)
    公开号:ES2552675A1
    申请号:ES201430822
    申请日:2014-05-29
    公开日:2015-12-01
    发明作者:José Antonio ENRIQUE SALPICO
    申请人:Tecteco Security Systems S L;Tecteco Security Systems Sl;
    IPC主号:
    专利说明:

    METHOD OF ROUTING WITH SAFETY AND AUTHENTICATION AT LEVEL OF
    FRAMES
    D E S C R I P C I O N
    5
    OBJECT OF THE INVENTION
    The present invention discloses a method of routing signals in a data network. More specifically, the present invention discloses a routing method 10 that incorporates security improvements at the frame level (layer 2 of the OSI model, by the acronym of the English expression "Open System Interconnection", in Spanish "Open Interconnection System ").
    BACKGROUND OF THE INVENTION
    fifteen
    Various methods of signal routing are known in the art and, even, some of said mechanisms incorporate complex security algorithms so that the interconnection between the devices of a network is only for the users who should be part of it.
    twenty
    Usually, said user identification is carried out at the level of layer 3 of the OSI model, that is, by means of IP addresses (by the acronym of the English expression "Internet Protocol", in Spanish "Internet Protocol") or in layers higher than is. Therefore, the devices responsible for routing and prior security identification must have 25 devices capable of interpreting, at a minimum, data at the level of layer 3 of the OSI model.
    In addition, the identification from IP addresses is insufficient to guarantee the identification of a user in that any user through any device can configure their IP address without having extensive knowledge in computer networks. This makes IP addresses easily supplantable.
    To solve these problems of the prior art, various communication methods have been developed to improve the security of existing routers. In particular, document EP1170925 discloses a method of communication between devices that it uses
    access vectors stored in an address table in which the vectors comprise data indicative of whether the MAC address (for the acronym in English "Media Access Control") of a node You can communicate with the MAC address of another. In short, this document discloses a method that detects if a node has permission to send information to another based on the MAC addresses of both nodes but does not disclose the possibility of using these MAC addresses to access a particular network .
    On the other hand, document US8316438 discloses a system in which a personal computer 10, which has a specific MAC address, when sending data to a Gateway passes through a network adapter that determines the permissions for transmission of information for said portable computer and performs the blocking of said signal or, on the contrary, allows the transfer of data. Therefore, this document discloses that it is possible to have a low-cost intermediate network adapter that works in layer 2 of the OSI model to filter the entry of users to the network. However, among other problems, the network would require the incorporation of multiple network adapters to perform this filtering and the configuration of a new user would require reconfiguring all the network adapters in the system, which makes the system impractical. In addition, it would be enough to get a computer whose MAC address is incorporated into the network adapters to access it.
    twenty
    DESCRIPTION OF THE INVENTION
    Therefore, there is a need to incorporate a security system that, on the one hand, represents a low computational cost and, on the other, increases the security of networks 25 by blocking unauthorized users and allowing said user table to be updated. easily.
    The present invention discloses a routing method that can be incorporated into the router by means of its firmware and which, operating at the level of layer 2 of the OSI 30 model represents a low computational cost and allows to significantly improve the performance of current routers No need to modify existing networks by adding new hardware.
    The present invention discloses a method of signal routing in a router
    5
    10
    fifteen
    twenty
    25
    which includes:
    • means of connection to a series of devices;
    • a table of allowed user addresses; Y
    • a user authorization table;
    in which the table of allowed user addresses comprises MAC addresses of devices with permission to access the network, and in which the user authorization table comprises a series of identification data of allowed users related to at least one, MAC address and comprising the steps of:
    a) determine the MAC address of the device to be connected to the router;
    b) identify if the MAC address determined in step a) is in the table of allowed user addresses; Y
    c) grant a level of access to the network;
    in which if in step b) it is identified that the MAC address is in the table of allowed user addresses, a step b1) of reading the identification data of allowed users for said MAC address is started from the table of user authorization and a step b2) of user identification in which the user identification data is requested from the device and compares said user identification data with the data read in step b1).
    As regards access levels, the present invention contemplates three main levels: a first level of access denial in which access to the network is completely prevented; a second level of partial authorization in which access to at least part of the network is granted, for example only to the intranet; and a third level in which full access to the network is granted. However, other types of levels may be incorporated within the scope of the present invention without departing from the scope of protection of the present invention.
    Preferably, the present invention contemplates that if, in step b), it is identified that the MAC address does not correspond to any of the addresses in the table of allowed user addresses, in step c) access to the network is denied.
    Preferably, if in step b) it is identified that the MAC address corresponds to one of the addresses in the table of allowed user addresses and in step b2) it is identified that user identification data corresponds to one of the identification data read in
    stage b1), in stage c) access to at least part of the network is granted.
    In addition, in the case in which the MAC address of the device does not correspond to any of the addresses provided in the table of allowed user addresses or that the user identification data read in step b1) does not correspond to the data of identification of allowed users stored in the user authorization table for the MAC address of the user, in step c) a restricted access to the network is granted or even access (2000) to the network could be denied.
    10 With regard to restricted access to the network, this restricted access can be interpreted, in particular, as only the reception of data, only access to the intranet (for example, to connect to printers, scanners, etc.) and / or only to Sending data without receiving them.
    Additionally, the router may comprise an additional control variable that is based on a restriction table and a stage e) in which for at least one of the users of the user authorization table, access restrictions are provided. Such restrictions may be, for example, a restriction of hourly access in which, in stage c) access to the network is allowed, a restriction to web pages in which, in stage c)
    20 denies access to at least one web page, a restriction of protocols, in which in stage c) communication is denied by at least one protocol (for example, the FTP protocol, whose acronym comes from the expression in English "File Transfer Protocol"), a restriction of ports, in which in stage c) the communication is denied by at least one port, etc.
    25
    On the other hand, the present invention also relates to a router that executes a routing method of the type explained above.
    DESCRIPTION OF THE DRAWINGS
    30
    To complement the description that is being made and in order to help a better understanding of the features of the invention, according to a preferred example of practical realization thereof, a set of drawings is accompanied as an integral part of said description. where, with an illustrative and non-limiting nature, the
    next:
    Figure 1 shows a schematic view of a communication flow in a preferred embodiment of the present invention.
    5
    Figure 2 shows a flow chart indicating the operation of a routing method according to the present invention.
    PREFERRED EMBODIMENT OF THE INVENTION
    10
    Figure 1 shows a preferred embodiment of the present invention. In particular, Figure 1 shows a first embodiment in which the router is connected to a series of user devices (101, 102, 103, 104), each of said user devices (101, 102, 103, 104) a MAC address.
    fifteen
    Initially, the router of Figure 1 detects, in a first stage (1) the MAC address (10) of the active device (101), that is, one of the devices of the series of user devices (101, 102, 103, 104) who intends to make use of the network. Subsequently, in a second stage (2) it performs an authorization of the MAC address (10) of the active device 20 (101), that is, it determines whether the MAC address (10) of said device corresponds to
    any of the MAC addresses stored in a table of allowed user addresses of the router. If the MAC authorization (21) is carried out, that is, it is determined that the MAC address (10) of the device corresponds to any of the addresses stored in the router, then a third stage (3) is given step in the 25 that a user authorization is made. Otherwise, access is denied (2000).
    In said third stage (3) it is intended to identify the user who is using the authorized equipment to enter the network, however, in particular embodiments of the present invention, this authorization is not necessary for all MAC addresses of the 30 devices users in terms of devices such as printers, fax machines, scanners, etc. For those who do not need to perform this user authorization.
    However, the present invention contemplates that the router comprises a user authorization table in which, for at least one of the stored MAC addresses
    5
    10
    fifteen
    twenty
    25
    30
    in the table of allowed user addresses, at least one username and password are available to identify, in addition to the equipment that is connected to the network, the user who is making use of that equipment.
    So if the user identification (31) has been carried out, a fourth stage (4) of time restriction is carried out and, in case of an incorrect identification (31), the access (2000) to the network is denied .
    Regarding the fourth stage (4) of time restriction, the realization of Figure 1 contemplates that for at least one of the users there is a time restriction parameter that can be implemented as an additional parameter of the user authorization table or as an independent table of time restrictions.
    This time restriction means that, on the router, certain permissions are available for each of the users, for example, one of the users must have access only during part of the working day to certain resources such as printers, etc. to organize the work in an office or, in another example, a child control can be available so that if you access with the password of a child user you only have access to the internet until a certain time and, once this is exceeded Now, you have restricted access to resources. In the case of child control, this restricted access to resources can be, for example, that there is no access to the internet but to internal network resources such as printers, scanners, etc.
    Additionally, the present invention contemplates that, in addition to the time restriction, the method of the present invention allows the incorporation of additional restriction mechanisms such as, for example, a fifth stage (5) in which additional restrictions are provided, such as, restricting the access through certain ports, communication protocols, to certain web pages, among others.
    Once the level of access for the user has been defined and if it is determined that there is no restriction, it can be granted access to the network (1000). Otherwise, access is denied (2000)
    Figure 2 shows a flow chart of a second embodiment of the present
    invention.
    In said embodiment, a first step (1) of data entry is provided, in this case, the MAC address of the device that is intended to be connected to the network, and configuration data comprising a table are arranged as inputs to the flow chart. of allowed user addresses, a user authorization table and, in this particular example, a time restriction table and an additional restrictions table are provided.
    10 Once the input data is detected, a second MAC authorization stage (2) is carried out in which it is determined whether the MAC address of the first stage (1) corresponds to one of the MAC addresses of the address table of allowed users. If said MAC address corresponds to one of the addresses stored in the table of allowed user addresses, by means of a first decision operator (200),
    15 MAC address corresponds (202) with one of the stored addresses, we proceed to a third stage (3) of user authorization. If it is determined that the non-correspondence (201) of the MAC address with the stored addresses, the access (2000) to the network is denied.
    20 In the third stage (3) the authorization of the user is carried out, that is, the user is interrogated for a username-password pair. Subsequently, if the username-password pair corresponds to those stored in the user authorization table for said MAC address, the authentication (303) of the user is determined and, otherwise, it is determined that an authorized user has not been authenticated and
    25 can proceed in two different ways, a first form of actuation (301) in which restricted access (3000) is given to the user, for example, only to the intranet and, a second form of actuation (302) in which it proceeds to Deny access (2000) to the network for non-authentication.
    After the authentication (303) of the user, it is determined whether a time restriction has been defined for said user by means of a fourth stage (4). From there, through a logical decision operator, it is determined that it is a user with a time restriction for which a first action (401) can be chosen denying access or a second action (402) granting restricted access (3000) to the user.
    If it is determined that it is a user without time restriction, the access without time restrictions for the user is authorized (403).
    Finally, the present invention contemplates a fifth stage (5) of additional restrictions 5 in which it is determined whether there are additional restrictions for said user. If the existence of an additional restriction (501) is determined, restricted access (3000) is granted to the user and if it is a user for whom the non-existence of additional restrictions (502) has been determined, access to the network is granted (1000 ).
    10 In order to give greater clarity to the present description, the definition of restricted access (3000) to the network refers to the existence of a partial block (301), for example, access to the internet is granted only, access is denied to certain protocols (for example, FTP), access to certain web pages is denied, certain ports are blocked, etc. Additionally, when it is mentioned that access is denied (2000), it refers to a complete block (2001) preventing the user's communication, both with the network devices, and with an external network such as the internet.
    权利要求:
    Claims (10)
    [1]
    5
    10
    fifteen
    twenty
    25
    30
    R E I V I N D I C A C I O N E S
    1. Signal routing method on a router comprising:
    • connection means to a series of devices (101, 102, 103, 104);
    • a table of allowed user addresses; Y
    • a user authorization table;
    in which the table of allowed user addresses comprises MAC addresses (10) of devices with permission to access the network characterized in that the user authorization table comprises a series of identification data of allowed users related to at least one, MAC address (10) and because it includes the steps of:
    a) determine the MAC address (10) of the device to be connected to the router;
    b) identify if the MAC address (10) determined in step a) is in the table of allowed user addresses; Y
    c) grant or deny a level of access to the network;
    in which if in step b) it is identified that the MAC address (10) is in the table of allowed user addresses, a step b1) of reading the identification data of allowed users for said MAC address (10) is started ) from the user authorization table and a step b2) of user identification in which the user identification data is requested from the device and compares said user identification data with the data read in step b1).
    [2]
    2. Method, according to claim 1, characterized in that if, in step b), it is identified that the MAC address (10) does not correspond to any of the addresses in the table of allowed user addresses, in step c) it is Denies access (2000) to the network.
    [3]
    3. Method, according to claim 1, characterized in that, if in step b) it is identified that the MAC address (10) corresponds to one of the addresses in the table of allowed user addresses and in step b2) it is identified that User identification data corresponds to one of the identification data read in stage b1), in stage c) access is granted to at least part of the network
    [4]
    4. Method, according to claim 1, characterized in that in step c) a restricted access (3000) to the network is granted.
    [5]
    5. Method, according to revindication 4, characterized in that the restricted access (3000) to the network comprises only the reception of data.
    5 6. Method according to claim 1, characterized in that the router comprises a table
    restrictions and because it includes a stage e) in which for at least one of the users of the user authorization table, access restrictions are provided.
    [7]
    7. Method, according to claim 6, characterized in that said restrictions comprise
    10 a restriction of hourly access in which, in step c) access (1000) to the network is granted.
    [8]
    8. Method, according to claim 6, characterized in that said restrictions comprise a restriction to web pages in which, in step c) access to at least one web page is denied.
    fifteen
    [9]
    9. Method, according to claim 6, characterized in that said restrictions comprise a restriction of protocols, in which in step c) the communication is denied by at least one protocol.
    20 10. Method, according to claim 9 characterized in that the at least one protocol is the
    FTP protocol
    [11]
    11. Method, according to claim 6, characterized in that said restrictions comprise a port restriction, in which in step c) the communication is denied by means of
    25 minus one, port.
    [12]
    12. Router executing a routing method according to any one of claims 1 to 11.
    类似技术:
    公开号 | 公开日 | 专利标题
    ES2552675B1|2016-10-10|Routing method with security and frame-level authentication
    ES2337437B2|2011-02-07|S NETWORK INSURANCE BASED ON CONTEXTOPROCEDIMENT AND SYSTEM TO CONTROL WIRELESS ACCESS TO RESOURCE.
    US7840763B2|2010-11-23|Methods and systems for achieving high assurance computing using low assurance operating systems and processes
    US7703126B2|2010-04-20|Hierarchical trust based posture reporting and policy enforcement
    WO2016200656A1|2016-12-15|System, apparatus and method for access control list processing in a constrained environment
    CN103558994A|2014-02-05|Method for encrypting solid state disk partitions and solid state disk
    Wang et al.2013|Towards a security-enhanced firewall application for openflow networks
    ES2763183T3|2020-05-27|Computer network security
    EP3532970B1|2021-12-01|A system and method for securing electronic devices
    WO2015196890A1|2015-12-30|Security access control method for hard disk, and hard disk
    US9703987B2|2017-07-11|Identity based connected services
    US20200267147A1|2020-08-20|Network authorization in web-based or single sign-on authentication environments
    Rios et al.2017|From SMOG to Fog: a security perspective
    Peters et al.2018|BASTION-SGX: Bluetooth and architectural support for trusted I/O on SGX
    US20160050066A1|2016-02-18|Management of an encryption key for a secure data storage device on a trusted device paired to the secure device over a personal area network
    CN101764788A|2010-06-30|Safe access method based on extended 802.1x authentication system
    US11165773B2|2021-11-02|Network device and method for accessing a data network from a network component
    ES2514365T3|2014-10-28|Industrial automation system and method for its protection
    KR20170017860A|2017-02-15|Network virtualization system based of network vpn
    Hassan et al.2014|Self-adaptive security for mobiles agents
    Amiri et al.2012|Survey on network access control technology in MANETs
    ES2733075T3|2019-11-27|System, method and device to prevent cyber attacks
    US20210306348A1|2021-09-30|System and method for securing electronic devices
    BR102020010985A2|2020-12-08|METHOD, DEVICE AND SYSTEM FOR SECURE CONNECTION IN WIRELESS COMMUNICATION NETWORKS, NON-TRANSITIONAL DIGITAL STORAGE MEDIA
    KR20160077369A|2016-07-04|The ICT system for circulating information
    同族专利:
    公开号 | 公开日
    ES2552675B1|2016-10-10|
    AU2015265782A1|2016-12-22|
    WO2015181429A1|2015-12-03|
    MX2016015592A|2017-07-13|
    EP3151505B1|2018-03-28|
    KR20170016878A|2017-02-14|
    PT3151505T|2018-06-29|
    ES2673938T3|2018-06-26|
    WO2015181431A1|2015-12-03|
    AU2015265782B2|2018-12-06|
    WO2015181430A1|2015-12-03|
    MX359691B|2018-10-04|
    EP3151144A1|2017-04-05|
    US20170187703A1|2017-06-29|
    US10129246B2|2018-11-13|
    US10257186B2|2019-04-09|
    CA2950677A1|2015-12-03|
    US20170230350A1|2017-08-10|
    US20170195162A1|2017-07-06|
    EP3151505A1|2017-04-05|
    KR20170015340A|2017-02-08|
    EP3151506A1|2017-04-05|
    KR20170013298A|2017-02-06|
    引用文献:
    公开号 | 申请日 | 公开日 | 申请人 | 专利标题
    US20030220994A1|2002-02-28|2003-11-27|Chunrong Zhu|Wireless network access system and method|
    US20060137005A1|2004-12-16|2006-06-22|Samsung Electronics Co., Ltd.|System for and method of authenticating device and user in home network|
    US7568092B1|2005-02-09|2009-07-28|Sun Microsystems, Inc.|Security policy enforcing DHCP server appliance|
    US7574202B1|2006-07-21|2009-08-11|Airsurf Wireless Inc.|System and methods for a secure and segregated computer network|
    US20080209071A1|2006-12-18|2008-08-28|Fujitsu Limited|Network relay method, network relay apparatus, and network relay program|
    EP2667664A1|2012-05-25|2013-11-27|Comcast Cable Communications, LLC|Method and devices for providing access to public and private wireless networks|
    US6393484B1|1999-04-12|2002-05-21|International Business Machines Corp.|System and method for controlled access to shared-medium public and semi-public internet protocol networks|
    US6981143B2|2001-11-28|2005-12-27|International Business Machines Corporation|System and method for providing connection orientation based access authentication|
    US7533412B2|2002-04-23|2009-05-12|Stmicroelectronics S.A.|Processor secured against traps|
    US7249187B2|2002-11-27|2007-07-24|Symantec Corporation|Enforcement of compliance with network security policies|
    US7735114B2|2003-09-04|2010-06-08|Foundry Networks, Inc.|Multiple tiered network security system, method and apparatus using dynamic user policy assignment|
    WO2005091159A1|2004-03-24|2005-09-29|Exers Technologies. Inc.|Authentication system being capable of controlling authority based of user and authenticator.|
    US20070220252A1|2005-06-06|2007-09-20|Sinko Michael J|Interactive network access controller|
    US7966650B2|2008-02-22|2011-06-21|Sophos Plc|Dynamic internet address assignment based on user identity and policy compliance|
    US8891358B2|2008-10-16|2014-11-18|Hewlett-Packard Development Company, L.P.|Method for application broadcast forwarding for routers running redundancy protocols|
    US9047458B2|2009-06-19|2015-06-02|Deviceauthority, Inc.|Network access protection|
    US9119070B2|2009-08-31|2015-08-25|Verizon Patent And Licensing Inc.|Method and system for detecting unauthorized wireless devices|
    US8745758B2|2009-11-02|2014-06-03|Time Warner Cable Enterprises Llc|Apparatus and methods for device authorization in a premises network|
    WO2014039047A1|2012-09-07|2014-03-13|Nokia Corporation|Methods and apparatus for network sharing control|DE102014107793B9|2014-06-03|2018-05-09|Fujitsu Technology Solutions Intellectual Property Gmbh|Method of routing data between computer systems, computer network infrastructure and computer program product|
    CN106211152B|2015-04-30|2019-09-06|新华三技术有限公司|A kind of wireless access authentication method and device|
    BR112017025301A2|2015-05-26|2018-08-07|Rizzuti Luca|? telecommunication system, univocal user credential identification and validation device, and univocal method of assigning a user's credentials?|
    FR3038421B1|2015-06-30|2017-08-18|Oberthur Technologies|METHOD FOR MANAGING PROFILES IN A SECURE ELEMENT|
    CN106375102B|2015-07-22|2019-08-27|华为技术有限公司|A kind of service registration method, application method and relevant apparatus|
    US10200342B2|2015-07-31|2019-02-05|Nicira, Inc.|Dynamic configurations based on the dynamic host configuration protocol|
    CN105162728B|2015-07-31|2018-07-31|小米科技有限责任公司|Method for network access, equipment and system|
    US10044674B2|2016-01-04|2018-08-07|Afero, Inc.|System and method for automatic wireless network authentication in an internet of thingssystem|
    US10440025B2|2016-06-07|2019-10-08|Gryphon Online Safety, Inc|Remotely controlling access to online content|
    US10353880B2|2016-03-14|2019-07-16|Wipro Limited|System and method for governing performances of multiple hardware devices|
    EP3430775A1|2016-03-17|2019-01-23|Johann Schlamp|Constructible automata for internet routes|
    US10547588B2|2016-04-30|2020-01-28|Nicira, Inc.|Method of translating a logical switch into a set of network addresses|
    EP3253020A1|2016-06-03|2017-12-06|Gemalto Sa|A method and an apparatus for publishing assertions in a distributed database of a mobile telecommunication network|
    US10645057B2|2016-06-22|2020-05-05|Cisco Technology, Inc.|Domain name system identification and attribution|
    US20180013618A1|2016-07-11|2018-01-11|Aruba Networks, Inc.|Domain name system servers for dynamic host configuration protocol clients|
    US10397303B1|2016-08-29|2019-08-27|Amazon Technologies, Inc.|Semantic annotation and translations for devices|
    DE102016116077A1|2016-08-29|2018-03-01|Unify Patente Gmbh & Co. Kg|A method for assigning a MAC address to a communication device in a network environment and database with MAC addresses|
    US10097517B2|2016-09-01|2018-10-09|Cybersight, Inc.|Secure tunnels for the internet of things|
    US10855465B2|2016-11-10|2020-12-01|Ernest Brickell|Audited use of a cryptographic key|
    US10498712B2|2016-11-10|2019-12-03|Ernest Brickell|Balancing public and personal security needs|
    US10652245B2|2017-05-04|2020-05-12|Ernest Brickell|External accessibility for network devices|
    WO2018203902A1|2017-05-04|2018-11-08|Ernest Brickell|Assuring external accessibility for devices on a network|
    US10348706B2|2017-05-04|2019-07-09|Ernest Brickell|Assuring external accessibility for devices on a network|
    US10129255B1|2017-05-12|2018-11-13|International Business Machines Corporation|Device authentication with MAC address and time period|
    US10419445B2|2017-07-03|2019-09-17|Sap Se|Credential change management system|
    US10609064B2|2017-07-06|2020-03-31|Bank Of America Corporation|Network device access control and information security|
    WO2019084524A1|2017-10-27|2019-05-02|Cleverdome, Inc.|Software defined network for creating a trusted network system|
    FR3076142A1|2017-12-21|2019-06-28|Bull Sas|METHOD AND SERVER OF TOPOLOGICAL ADDRESS ALLOCATION TO NETWORK SWITCHES, COMPUTER PROGRAM AND CLUSTER OF CORRESPONDING SERVERS|
    US20190215368A1|2018-01-06|2019-07-11|Jacqueline Thanh-Thao Do|Internet of Things -Enabled Toothbrush Device to Monitor Human Vital Signs|
    US10855674B1|2018-05-10|2020-12-01|Microstrategy Incorporated|Pre-boot network-based authentication|
    US11068600B2|2018-05-21|2021-07-20|Kct Holdings, Llc|Apparatus and method for secure router with layered encryption|
    US10938821B2|2018-10-31|2021-03-02|Dell Products L.P.|Remote access controller support registration system|
    CN109286637B|2018-11-19|2021-05-14|南京邮电大学|Defense method for D-LinkDir series router configuration interface loophole|
    US11146565B2|2018-11-28|2021-10-12|Motorola Mobility Llc|Mobile electronic communications device having multiple device paths|
    US11075877B2|2019-01-11|2021-07-27|Charter Communications Operating, Llc|System and method for remotely filtering network traffic of a customer premise device|
    US11063982B2|2019-01-25|2021-07-13|Unisys Corporation|Object scope definition for enterprise security management tool|
    US11218440B2|2019-04-30|2022-01-04|Hewlett Packard Enterprise Development Lp|Contiguous subnet IP address allocation|
    CN111932780B|2020-07-11|2022-03-04|南京理工大学|Power management system based on block chain technology|
    法律状态:
    2014-10-15| PC2A| Transfer of patent|Owner name: JOSE ANTONIO ENRIQUE SALPICO Effective date: 20141009 |
    2015-06-30| PC2A| Transfer of patent|Owner name: TECTECO SECURITY SYSTEMS, S.L. Effective date: 20150624 |
    2016-10-10| FG2A| Definitive protection|Ref document number: 2552675 Country of ref document: ES Kind code of ref document: B1 Effective date: 20161010 |
    优先权:
    申请号 | 申请日 | 专利标题
    ES201430822A|ES2552675B1|2014-05-29|2014-05-29|Routing method with security and frame-level authentication|US15/314,381| US20170230350A1|2014-05-29|2014-05-29|Network element and method for improved user authentication in communication networks|
    ES201430822A| ES2552675B1|2014-05-29|2014-05-29|Routing method with security and frame-level authentication|
    AU2015265782A| AU2015265782B2|2014-05-29|2015-05-29|Method and network element for improved access to communication networks|
    KR1020167035843A| KR20170015340A|2014-05-29|2015-05-29|Method and network element for improved access to communication networks|
    PCT/ES2015/070421| WO2015181429A1|2014-05-29|2015-05-29|Method and network element for improved user authentication in communication networks|
    EP15738129.4A| EP3151506A1|2014-05-29|2015-05-29|Improved assignment and distribution of network configuration parameters to devices|
    EP15735721.1A| EP3151505B1|2014-05-29|2015-05-29|Method and network element for improved access to communications networks|
    US15/314,915| US10129246B2|2014-05-29|2015-05-29|Assignment and distribution of network configuration parameters to devices|
    CA2950677A| CA2950677A1|2014-05-29|2015-05-29|Network element and method for improved access to communication networks|
    PCT/ES2015/070422| WO2015181430A1|2014-05-29|2015-05-29|Improved assignment and distribution of network configuration parameters to devices|
    KR1020167035695A| KR20170013298A|2014-05-29|2015-05-29|Improved assignment and distribution of network configuration parameters to devices|
    MX2016015592A| MX359691B|2014-05-29|2015-05-29|Method and network element for improved access to communication networks.|
    EP15735720.3A| EP3151144A1|2014-05-29|2015-05-29|Method and network element for improved user authentication in communication networks|
    PT157357211T| PT3151505T|2014-05-29|2015-05-29|Method and network element for improved access to communications networks|
    ES15735721.1T| ES2673938T3|2014-05-29|2015-05-29|Procedure and network element for improved access to communication networks|
    US15/314,725| US10257186B2|2014-05-29|2015-05-29|Method and network element for improved access to communication networks|
    PCT/ES2015/070423| WO2015181431A1|2014-05-29|2015-05-29|Method and network element for improved access to communication networks|
    KR1020167035995A| KR20170016878A|2014-05-29|2015-05-29|Method and network element for improved user authentication in communication networks|
    [返回顶部]