公开(公告)号：US12056244B2

公开(公告)日：2024-08-06

申请号：US17223493

申请日：2021-04-06

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Jianpo Han ,  Yinzhi Dong

IPC: G06F21/57

CPC classification number: G06F21/575 ,  G06F2221/034

Abstract: Examples described herein relate to deferred authentication in secure boot systems. An untrusted component is identified in a boot sequence in a trusted execution environment. A secure boot authentication of the untrusted component is deferred for a predetermined period and access to hardware resources is restricted. An image digest and privilege rights including access to hardware resources associated with the untrusted component is obtained in an untrusted execution environment. A request including the image digest and the privilege rights is sent to a central node over a secure connection. A response including a signature based on image digest and approved privileges is received from the central node. The untrusted component is authenticated in the trusted execution environment using the signature before expiry of the predetermined period. Access to the hardware resources is provided to the untrusted component in the trusted execution environment based on the approved privileges.

公开(公告)号：US11902886B2

公开(公告)日：2024-02-13

申请号：US17528308

申请日：2021-11-17

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Liao Xu ,  Jianpo Han ,  Zhenlei Wang

IPC: H04W48/16 ,  H04W88/08 ,  H04W84/12

CPC classification number: H04W48/16 ,  H04W88/08 ,  H04W84/12

Abstract: Examples of techniques for optimizing Neighbour Report (NR) are disclosed. In an example, a first virtual access point (VAP) operating in a 2.4 Giga Hertz (GHz) or 5 GHz band may determine a first Service Set Identifier (SSID) of the first VAP operating in a 2.4 GHz or 5 GHz band. The first VAP may identify a set of co-located VAPs operating in a 6 GHz band. The first VAP may filter the set of co-located VAPs to obtain a neighbour list comprising a second VAP, from the set, having a second SSID identical to the first SSID. Using the neighbour list, the first VAP may generate a Neighbour Report.

公开(公告)号：US11805415B2

公开(公告)日：2023-10-31

申请号：US17083420

申请日：2020-10-29

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Guangzhi Ran ,  Qiang Zhou ,  Jianpo Han

IPC: H04W12/069 ,  H04W12/041 ,  H04W12/082

CPC classification number: H04W12/069 ,  H04W12/041 ,  H04W12/082

Abstract: In embodiments of the present disclosure, there is provided a method for authenticating an access point. In the method, a request for joining a network is received from an access point. A neighbor authentication notification is transmitted to the access point for obtaining an authentication code from a neighbor access point that is connected in the network in accordance with a determination that the access point is verified. The authentication code that is generated by the neighbor access point is received from the access point. The access point is accepted to join the network in accordance with a determination that the authentication code is valid. Embodiments of the present disclosure present a safe and effective way for authenticating the access point that is requesting to join the network, which provides enhanced authentication and increases the security level of the network.

公开(公告)号：US11722898B2

公开(公告)日：2023-08-08

申请号：US17385652

申请日：2021-07-26

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Jianpo Han ,  Yafeng Jiang ,  Guangzhi Ran

IPC: H04L29/06 ,  H04W12/121 ,  H04L9/40

CPC classification number: H04W12/121 ,  H04L63/029

Abstract: Systems and methods are provided for a detection and defense system relating to a network connection sharing application. For example, the system can simulate a request for a network password using a conventional application that shares this information. The application may be implemented on, for example, a mobile device or a virtual machine (VM). In some embodiments, the mobile device/VM attempts to establish a network connection to an access point (AP) using the shared password over a tunnel established between the AP and mobile device/VM. If the mobile device/VM can connect to the AP, an assumption may be made that the user credentials have been leaked and a potential security risk exists. An alert can be sent to a network administrator of the communication network (e.g., to perform an action, etc.). The action may include, for example, changing the password, removing access from one or more users, and the like.

公开(公告)号：US11617204B2

公开(公告)日：2023-03-28

申请号：US17082888

申请日：2020-10-28

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Jianpo Han ,  Qiang Zhou ,  Guangzhi Ran

IPC: H04W74/04 ,  H04W56/00 ,  H04W72/1273 ,  H04W74/00 ,  H04W84/12

Abstract: An example device comprising: a processor to determine that a client device is located in an overlapping area between the first network device and a second network device, to synchronize a first clock of the first network device with a second clock of the second network device, to negotiate, with the second network device, a overlapping access window, an overlapping forbidden window, and a non-overlapping access window for the first network device and the second network device in beacon intervals, to allocate the overlapping access window, the overlapping forbidden window, and the non-overlapping access window by the first network device, to store the allocated overlapping access window, the allocated overlapping forbidden window, and the allocated non-overlapping access window as channel scheduling rules for spatial reuse, and to control frame transmission of the network device based on the channel scheduling rules.

公开(公告)号：US11546222B2

公开(公告)日：2023-01-03

申请号：US16372467

申请日：2019-04-02

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Guangzhi Ran ,  Qiang Zhou ,  Jianpo Han ,  Wei Huang

IPC: H04W56/00 ,  H04L41/12 ,  H04L12/46 ,  H04L61/5007

Abstract: An example first device may include a processor to establish a plurality of links associating between the first network device and a second network device, the plurality of links corresponding to a plurality of virtual local area networks (VLANs) that a plurality of client devices associated with the first network device belong to; create a mapping between the plurality of links and the plurality of VLANs; and forward data received from a particular client device among the plurality of client devices in a particular VLAN of the plurality of VLANs to the second network device via a particular link corresponding to the particular VLAN based on the mapping.

公开(公告)号：US11405775B2

公开(公告)日：2022-08-02

申请号：US15780525

申请日：2017-04-28

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Jianpo Han ,  Xuefu Wang ,  Guangzhi Ran ,  Qiang Zhou

IPC: H04W8/26 ,  H04L101/622 ,  H04W40/22 ,  H04W40/32 ,  H04W84/12

Abstract: Some examples relate to use of a three-address scheme for forwarding frames in a wireless mesh network (WMN). In an example, a node in a WMN may receive an Ethernet packet from a station outside of the WMN. The Ethernet packet may include a first address scheme comprising a destination address (DA) field, and a source address (SA) of the Ethernet packet. The Ethernet packet may be encapsulated in a second Ethernet packet comprising second address scheme. The second Ethernet packet may be encapsulated in an IEEE 802.11 frame comprising a third address scheme.

公开(公告)号：US20220225218A1

公开(公告)日：2022-07-14

申请号：US17145689

申请日：2021-01-11

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Jiaqi Li ,  Jianpo Han ,  Guangzhi Ran

IPC: H04W48/16 ,  H04W52/02

Abstract: In embodiments of the present disclosure, there is provided an approach for performing channel scan by utilizing a target wake time (TWT) mechanism. According to embodiments of the present disclosure, a compound AP transmits, to an uplink AP, a request to negotiate a schedule for a TWT session. The compound AP receives a response to the request from the uplink AP. The response comprises timing information of the TWT session. Then, the compound AP performs channel scan during a sleep period determined from the timing information. Data transmission between the compound AP and the uplink AP is disabled during the sleep period. Embodiments of the present disclosure provide an effective way for performing the channel scan, thereby ensuring data delivery and enhancing connection robustness between the compound AP and the uplink AP.

公开(公告)号：US11368253B2

公开(公告)日：2022-06-21

申请号：US16448062

申请日：2019-06-21

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Xuefu Wang ,  Jianpo Han

IPC: H04L1/18 ,  H04L1/16 ,  H04W84/18

Abstract: Systems and methods for improving the performance and stability of bonding radios are provided. One method includes receiving a packet from a client device. Next, the method includes determining whether the received packet is an expected next packet and transmitting the received packet to a next destination if the received packet is the expected next packet. In an event the received packet is not the expected next packet, transmitting the received packet to a queue, setting a timer to wait for the expected next packet, and transmitting a message to the sender of the received packet requesting that the expected next packet be sent.

公开(公告)号：US11082880B2

公开(公告)日：2021-08-03

申请号：US16753246

申请日：2017-10-27

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Yafeng Jiang ,  Guangzhi Ran ,  Qiang Zhou ,  Jianpo Han

IPC: H04W28/02 ,  H04B17/345 ,  H04L12/26 ,  H04W24/08

Abstract: An example wireless device, comprising: a radio system including an antenna, to receive receiver feedback information, the receiver feedback information being information collected by a receiver relating to receiving status of the receiver; a memory; and a processor executing instructions stored on the memory to: determine whether a level of noises and interferences associated with the receiver exceeds a predefined threshold based on the receiver feedback information; in response to determining that the level of noises and interferences associated with the receiver does not exceed the predefined threshold, obtain a revised data error ratio based on an original data error ratio and the receiver feedback information, the original data error ratio being a data error ratio collected by the wireless device; and adjust the data rate associated with the receiver based on the revised data error ratio.