Abstract: A method wherein an access point authenticates itself with neighboring access points and establishes secure and mutually authenticated communication channels with its neighboring access points. When an access point learns of a neighboring access point, it initiates an authentication with an authentication server through the neighboring access point. Once access points have mutually authenticated each other, whenever a station authenticates itself with a first access point, the first access point communicates the station's authentication context information, for example session key and session identifier, to each neighboring access point. Thus, when the station roams to a neighboring access point, the neighboring access point presents the station with a reauthentication protocol, for example LEAP reauthentication, and if the reauthentication is successful, communication between the station and the neighboring access point takes place immediately and no new EAP authentication needs to occur.

Abstract: A method and system for handling roaming mobile nodes in a wireless network. The system uses a Subnet Context Manager to store current Network session keys, security policy and duration of the session (e.g. session timeout) for mobile nodes, which is established when the mobile node is initially authenticated. Pairwise transit keys are derived from the network session key. The Subnet Context Manager handles subsequent reassociation requests. When a mobile node roams to a new access point, the access point obtains the network session key from the Subnet Context Manager and validates the mobile node by computing a new pairwise transient key from the network session key.

Abstract: A Wireless LAN Context Control Protocol (WLCCP) is used to establish and manage a wireless network topology and securely manages the “operational context” for mobile stations in a campus network. The WLCCP registration protocol can automatically create and delete links in the network, securely distribute operational context, and reliably establish Layer 2 forwarding paths on wireless links. A single infrastructure node is established as the central control point for each subnet, and enables APs and MNs to select the parent node that provides the “least-cost path” to a backbone LAN. Context messages provide a general-purpose transport for context and management information. WLCCP “Trace” messages facilitate network diagnostic tools. Ethernet or UDP/IP encapsulation can be used for WLCCP messages. Ethernet encapsulation is employed for intra-subnet (e.g. AP-to-AP or AP-to-SCM) WLCCP messages. IP encapsulation is used for inter-subnet WLCCP messages and may also be used for intra-subnet WLCCP messages.

Abstract: In an example embodiment, a system for providing a Virtual Local Area Network (VLAN) by use of encryption states or encryption keys for identifying a VLAN. A table of data including a VLAN and an associated encryption state or key is provided for assignment of encryption states or keys, for devices in a wireless local area network.

Abstract: A Wireless LAN Context Control Protocol (WLCCP) is used to establish and manage a wireless network topology and securely manages the “operational context” for mobile stations in a campus network. The WLCCP registration protocol can automatically create and delete links in the network, securely distribute operational context, and reliably establish Layer 2 forwarding paths on wireless links. A single infrastructure node is established as the central control point for each subnet, and enables APs and MNs to select the parent node that provides the “least-cost path” to a backbone LAN. Context messages provide a general-purpose transport for context and management information. WLCCP “Trace” messages facilitate network diagnostic tools. Ethernet or UDP/IP encapsulation can be used for WLCCP messages. Ethernet encapsulation is employed for intra-subnet (e.g. AP-to-AP or AP-to-SCM) WLCCP messages. IP encapsulation is used for inter-subnet WLCCP messages and may also be used for intra-subnet WLCCP messages.

Abstract: A Wireless LAN Context Control Protocol (WLCCP) is used to establish and manage a wireless network topology and securely manages the “operational context” for mobile stations in a campus network. The WLCCP registration protocol can automatically create and delete links in the network, securely distribute operational context, and reliably establish Layer 2 forwarding paths on wireless links. A single infrastructure node is established as the central control point for each subnet, and enables APs and MNs to select the parent node that provides the “least-cost path” to a backbone LAN. Context messages provide a general-purpose transport for context and management information. WLCCP “Trace” messages facilitate network diagnostic tools. Ethernet or UDP/IP encapsulation can be used for WLCCP messages. Ethernet encapsulation is employed for intra-subnet (e.g. AP-to-AP or AP-to-SCM) WLCCP messages. IP encapsulation is used for inter-subnet WLCCP messages and may also be used for intra-subnet WLCCP messages.

Abstract: Determining the location of a radio tag or client station of a wireless network, and the location of coverage holes by receiving from a plurality of wireless stations of the wireless network path loss information of the path loss of one or more location frames received at the respective wireless stations. The location frames transmitted by the radio tag or client station having a pre-defined frame structure. The radio tags and client stations use a common infrastructure for transmitting a location frame configured for radiolocation by path loss measurement. The common infrastructure includes a pre-defined protocol common for both radio tags and client stations for transmitting information for reception by the plurality of stations of the wireless network for radiolocation. The pre-defined protocol includes using the location frame having the pre-defined frame structure.

Abstract: According to a particular embodiment, a method for assisting in a handoff is provided that includes receiving signaling from one or more access points, which may transmit information to a mobile station. The information may be used to execute a handoff from an enterprise network to a cellular network or from the cellular network to the enterprise network.

Abstract: A method and system for handling roaming mobile nodes in a wireless network. The system uses a Subnet Context Manager to store current Network session keys, security policy and duration of the session (e.g. session timeout) for mobile nodes, which is established when the mobile node is initially authenticated. Pairwise transit keys are derived from the network session key. The Subnet Context Manager handles subsequent reassociation requests. When a mobile node roams to a new access point, the access point obtains the network session key from the Subnet Context Manager and validates the mobile node by computing a new pairwise transient key from the network session key.

Abstract: A method wherein an access point authenticates itself with neighboring access points and establishes secure and mutually authenticated communication channels with its neighboring access points. When an access point learns of a neighboring access point, it initiates an authentication with an authentication server through the neighboring access point. Once access points have mutually authenticated each other, whenever a station authenticates itself with a first access point, the first access point communicates the station's authentication context information, for example session key and session identifier, to each neighboring access point. Thus, when the station roams to a neighboring access point, the neighboring access point presents the station with a reauthentication protocol, for example LEAP reauthentication, and if the reauthentication is successful, communication between the station and the neighboring access point takes place immediately and no new EAP authentication needs to occur.

Abstract: Determining the location of a radio tag or client station of a wireless network, and the location of coverage holes by receiving from a plurality of wireless stations of the wireless network path loss information of the path loss of one or more location frames received at the respective wireless stations. The location frames transmitted by the radio tag or client station having a pre-defined frame structure. The radio tags and client stations use a common infrastructure for transmitting a location frame configured for radiolocation by path loss measurement. The common infrastructure includes a pre-defined protocol common for both radio tags and client stations for transmitting information for reception by the plurality of stations of the wireless network for radiolocation. The pre-defined protocol includes using the location frame having the pre-defined frame structure.

Abstract: A system for providing a Virtual Local Area Network (VLAN) by use of an encryption states or encryption keys for identifying a VLAN. A table of data including a VLAN and an associated encryption state or key is provided for assignment of encryption states or keys, for devices in a wireless local area network.

Abstract: A method and system for handling roaming mobile nodes in a wireless network. The system uses a Subnet Context Manager to store current Network session keys, security policy and duration of the session (e.g. session timeout) for mobile nodes, which is established when the mobile node is initially authenticated. Pairwise transit keys are derived from the network session key. The Subnet Context Manager handles subsequent reassociation requests. When a mobile node roams to a new access point, the access point obtains the network session key from the Subnet Context Manager and validates the mobile node by computing a new pairwise transient key from the network session key.

Abstract: A method wherein an access point authenticates itself with neighboring access points and establishes secure and mutually authenticated communication channels with its neighboring access points. When an access point learns of a neighboring access point, it initiates an authentication with an authentication server through the neighboring access point. Once access points have mutually authenticated each other, whenever a station authenticates itself with a first access point, the first access point communicates the station's authentication context information, for example session key and session identifier, to each neighboring access point. Thus, when the station roams to a neighboring access point, the neighboring access point presents the station with a reauthentication protocol, for example LEAP reauthentication, and if the reauthentication is successful, communication between the station and the neighboring access point takes place immediately and no new EAP authentication needs to occur.