Abstract: A method, apparatus and system enable a secure wireless platform. Specifically, embodiments of the present invention may utilize a secure processing area to enforce security mechanisms on the wireless platform, thus isolating the security measures (e.g., security keys) from the host operating system on the wireless node.

Abstract: Embodiments of methods and apparatus for providing a delayed attack protection system for network traffic are generally described herein. Other embodiments may be described and claimed.

Abstract: Method and system of secured direct link set-up (DLS) for wireless networks. In accordance with aspects of the method, techniques are disclosed for setting up computationally secure direct links between stations in a wireless network in a manner that is computationally secure. A direct link comprising a new communication session is set up between first and second stations in a wireless local area network (WLAN) hosted by an access point (AP), the direct link comprising a new communication session. The AP generates a unique session key for the new communication session and transfers secured copies of the session key to each of the first and second stations in a manner under which only the first and second stations can obtain the session key. A security mechanism is then implemented on the unsecured direct link to secure the direct link between the first and second stations using a secure session key derived from the session key.

Abstract: Methods for transferring a credential between two devices according to a secure protocol are described. Portions of messages in the protocol are encrypted to prevent theft and tampering. Systems using the methods are described and claimed.

Abstract: A method, apparatus and system enable a mobile device to roam while maintaining a persistent IP tunnel. Specifically, a mobile router may be utilized to enable a mobile device to maintain a persistent IP tunnel while the device roams. In one embodiment, the mobile device is a virtual host and the mobile router is a virtual mobile router.

Abstract: Before a transition from a current access point (AP) to a new AP, a mobile wireless station (STA) may determine mobility capabilities, network infrastructure and resource information that may be used to select a transition mechanism to use via information acquired by the current AP regarding the new AP.

Abstract: Embodiments of wireless communication devices and methods for protecting broadcasted management control messages from insider forgery in wireless network are generally described herein.

Abstract: In a re-association communications sequence between a mobile wireless device and an access point, a substantially unique may be derived and transmitted to the mobile wireless device in one of the re-association messages. The mobile wireless device may then transmit the value back to the e access point to verify that it is the same mobile wireless device.

Abstract: A reservation protocol is provided to enable a client mobile station to make a number of reservations with a number of access points to facilitate its access of a network at a future point in time, as it roams, and subsequently exercise one of the reservations

Abstract: Embodiments of methods and apparatus for providing integrity protection for management and control traffic of wireless communication networks are generally described herein. Other embodiments may be described and claimed.

Abstract: Systems and methods provide a mechanism for wireless stations and access points to negotiate security parameters for protecting management frames. The access point and station determine which management frames they are capable of and desire to protect. Data indicating protected frames are then exchanged between the station and access point to select which management frames are to be protected and a protection mechanism to be used for protecting the management frames.

Abstract: An embodiment of the present invention provides a method of pre-allocating and communicating IP address information during wireless communication by an access point, comprising pre-caching by said AP a predetermined number of IP addresses from a backend Dynamic Host Configuration Protocol (DHCP) server. An embodiment may further comprise providing by said AP an IP subnet roaming information element that provides the IP Address that a wireless station (STA) will be obtaining if a wireless station (STA) roams to a particular AP and providing by said AP an IP subnet roaming information element that provides an IP subnet mask that determines the network address and host address portion of the IP addresses and providing by said AP provides an IP subnet roaming information element that provides that provides a Default gateway router address.

Abstract: A system, apparatus, method and article to manage roaming in a wireless communication system are described. An apparatus may include a first wireless device having a processor to receive roaming information for a second wireless device from a third wireless device, and send the roaming information to the second wireless device to establish a connection with the third wireless device. Other embodiments are described and claimed.

Abstract: A method of authenticating a device's access to a communications node is disclosed. The method of operation includes the communications node generating a first value for use in the derivation of a first encryption key, the first encryption key being at least partially used to authenticate the device's access to the communications node in a first communications exchange. The method of operation includes the communications node modifying the first value, independent of the device, to create a second value. The method includes the communications node using the second value in authenticating the device's access to the communications node in a second communications exchange. Embodiments of the present invention include but are not limited to communications nodes and devices, subsystems, and systems equipped to operate in the above-described manner.

Abstract: In an embodiment, a method includes registering applications and network services for notification of an out-of-band introduction, and using the out-of-band introduction to bootstrap secure in-band provisioning of credentials and policies that are used to control subsequent access and resource sharing on an in-band channel. In another embodiment, an apparatus implements the method.

Abstract: Briefly, in accordance with one embodiment of the invention, is an apparatus 115, comprising: a first Access Point (AP) 120 capable of wireless communication with said apparatus 115; a second Access Point (AP) 105 in communication with said first Access Point (AP) 120; and a pre-authentication channel 125 between said apparatus 115 and said second Access Point 105 via said first Access Point (AP) 120, said pre-authentication channel 125 enabling pre-keying associations between said apparatus and said second Access Point (AP) 105.

Abstract: Briefly, some embodiments of the invention may provide devices, systems and methods for configuration of wireless access point. For example, a method in accordance with an embodiment of the invention may include determining whether a wireless communication station is authorized to configure a wireless access point not associated therewith based on a comparison of a first string transmitted by said wireless access point and indicating a unique identifier of said wireless access point to a second string entered at the wireless communication station.

Abstract: Briefly, in accordance with one embodiment of the invention, an apparatus comprising Management Frames utilized in wireless communications associated with the apparatus, and the Management Frames being protection-capable or non-protection-capable and wherein the Management Frames indicate whether or not they are protection-capable.

Abstract: Briefly, in accordance with an embodiment of the invention, an apparatus and method to provide authentication and secure communication is provided. In one example, the method may include transmitting machine credentials of a first device, wherein the machine credentials are used to authenticate the first device so that the first device is able to communicate with a second device after the first device transitions from a first power state to a second power state in response to a command received by the first device from another device, wherein power consumption of the first device in the first power state is less than the power consumption of the first device in the second power state. The first device may be used in either a wired or wireless network.

Abstract: Briefly, in accordance with one embodiment of the invention, a pairwise master key may be utilized to generate nonces for authenticated key exchange during a rekeying event in a wireless local area network.