-
21.发明授权公开(公告)号:US08166527B2
公开(公告)日:2012-04-24
申请号:US11985801
申请日:2007-11-16
IPC分类号: G06F21/00
摘要: Techniques for security association management on a home and foreign agent are described. In one embodiment, in response to a first mobile network registration request from a mobile node, a remote authentication facility is accessed to retrieve a security association for the mobile node for authenticating and providing a first network connectivity to the mobile node, wherein the security association is associated with a lifespan. The security association is inserted in a local security association database (SADB) to create a security association entry, wherein the security association entry includes the lifespan. A second mobile network registration request from the mobile node after the first connectivity is terminated is received and the security association entry in the local SADB that corresponds to the mobile node is used to provide authentication of the mobile node without having to access the remote authentication facility again if the lifespan associated with the security association entry is valid.
摘要翻译: 描述了家庭和外国代理人的安全关联管理技术。 在一个实施例中,响应于来自移动节点的第一移动网络注册请求,访问远程认证设备以检索用于移动节点的安全关联,用于认证并向移动节点提供第一网络连接,其中安全关联 与寿命相关联。 安全关联被插入到本地安全关联数据库(SADB)中以创建安全关联条目,其中安全关联条目包括寿命。 接收到在第一连接终止之后来自移动节点的第二移动网络注册请求,并且使用与移动节点对应的本地SADB中的安全关联条目来提供移动节点的认证,而不必访问远程认证设备 如果与安全关联条目相关联的寿命有效,则再次。
-
公开(公告)号:US08146140B2
公开(公告)日:2012-03-27
申请号:US11771943
申请日:2007-06-29
IPC分类号: G06F7/04
摘要: Techniques for Mobile IP bulk registration revocation are described herein. According to one embodiment, a first mobile agent of a mobile IP network sends a registration revocation message to a second mobile agent of the mobile IP network. The registration revocation message includes information identifying multiple home IP addresses of multiple mobile nodes whose registrations are to be revoked. In response to the registration revocation, the second mobile agent terminates bindings of services associated with multiple mobile nodes identified by the multiple home IP addresses and sends an acknowledgement message to the first mobile agent. Other methods and apparatuses are also described.
摘要翻译: 本文描述了移动IP批量注册撤销的技术。 根据一个实施例,移动IP网络的第一移动代理向移动IP网络的第二移动代理发送注册撤销消息。 注册撤销消息包括识别要注册被撤销的多个移动节点的多个归属IP地址的信息。 响应于注册撤销,第二移动代理终止与由多个归属IP地址标识的多个移动节点相关联的服务的绑定,并向第一移动代理发送确认消息。 还描述了其它方法和装置。
-
公开(公告)号:US07801530B2
公开(公告)日:2010-09-21
申请号:US11117581
申请日:2005-04-27
申请人: Anand K. Oswal , Jayaraman R. Iyer
发明人: Anand K. Oswal , Jayaraman R. Iyer
CPC分类号: H04W36/026 , H04W88/18
摘要: Caching content includes receiving at a cell site a content request for content. The cell site is associated with a cell, and the content request is received from a mobile node present in the cell. The content is retrieved in response to the content request. The content is cached at the cell site and sent to the mobile node. One or more recipient cell sites are identified. The content is distributed to the one or more recipient cell sites while the mobile node is present in the cell.
摘要翻译: 缓存内容包括在小区站点接收内容的内容请求。 小区站点与小区相关联,并且从小区中存在的移动节点接收内容请求。 响应于内容请求检索内容。 内容被缓存在小区站点并发送到移动节点。 识别一个或多个受体细胞位点。 当移动节点存在于小区中时,内容被分发到一个或多个接收方小区站点。
-
公开(公告)号:US20090183240A1
公开(公告)日:2009-07-16
申请号:US12408884
申请日:2009-03-23
CPC分类号: H04L63/104
摘要: A network system for authorizing an endpoint node for a communication service includes an operator network and an organization network. The operator network operates to perform a device authorization operation to authorize the endpoint node for a communication session. The organization network operates to facilitate a service authorization operation to authorize the endpoint node for the communication service of the communication session.
摘要翻译: 用于授权通信服务的端点节点的网络系统包括运营商网络和组织网络。 运营商网络操作以执行设备授权操作以授权端点节点进行通信会话。 组织网络操作以促进服务授权操作以授权端点节点用于通信会话的通信服务。
-
公开(公告)号:US20080235783A1
公开(公告)日:2008-09-25
申请号:US11688113
申请日:2007-03-19
申请人: Kevin Shatzkamer , Anand K. Oswal , Jayaraman Iyer , Mark Grayson , Navan Narang
发明人: Kevin Shatzkamer , Anand K. Oswal , Jayaraman Iyer , Mark Grayson , Navan Narang
IPC分类号: G06F17/00
CPC分类号: H04W12/06 , H04L29/12113 , H04L61/1541 , H04L63/0272 , H04L63/0892 , H04L63/164 , H04W12/02
摘要: In one embodiment, a security gateway receives an IPSec Initiation (IPSec INIT) request from a client. The security gateway may communicate with a AAA server to authenticate the client. After authentication, the security gateway intercepts a URR Discovery request from the client. The security gateway determines registration information for a response to the registration request. The registration information may be information on where the client can locate a D-GANC. A response is generated using the determined information and sent to the client. The response to the discovery request is performed without communicating with a P-GANC. Accordingly, a security gateway is used to authenticate the client and also to respond to the discovery request. This does not require that a P-GANC function be deployed in a network. Thus, cost and processing power may be saved.
摘要翻译: 在一个实施例中,安全网关从客户端接收IPSec启动(IPSec INIT)请求。 安全网关可以与AAA服务器进行通信,以验证客户端。 认证后,安全网关从客户端拦截URR发现请求。 安全网关确定用于对注册请求的响应的注册信息。 注册信息可以是客户端可以在哪里定位D-GANC的信息。 使用确定的信息产生响应并发送给客户端。 在不与P-GANC通信的情况下执行对发现请求的响应。 因此,安全网关用于认证客户端并且还响应于发现请求。 这不需要在网络中部署P-GANC功能。 因此,可以节省成本和处理能力。
-
26.发明申请SYSTEM AND METHOD FOR COMMUNICATING WITH A NETWORK NODE BEHIND A SUBSCRIBER STATION WITH AN IP CONVERGENCE SUB-LAYER 有权与网络节点通信的系统和方法包含具有IP合并子层的订户站公开(公告)号:US20080014955A1
公开(公告)日:2008-01-17
申请号:US11456647
申请日:2006-07-11
IPC分类号: H04Q7/20
CPC分类号: H04W8/26 , H04L29/12801 , H04L61/2015 , H04L61/6004
摘要: A system and method for providing service in a network having a wireless component is disclosed. The system and method comprise receiving a request for a dynamic address from a user node connected to a subscriber station having a convergence sub-layer, providing the dynamic address to the user node, associating the dynamic address with a service flow associated with the subscriber station, and sending data addressed to the dynamic address through the service flow. The dynamic address is based on a subscriber identifier associated with the subscriber station and a client identifier associated with the user node.
摘要翻译: 公开了一种在具有无线部件的网络中提供服务的系统和方法。 该系统和方法包括从连接到具有会聚子层的用户站的用户节点接收对动态地址的请求,向用户节点提供动态地址,将动态地址与与用户站相关联的服务流 并通过服务流发送寻址到动态地址的数据。 动态地址基于与用户站相关联的用户标识符和与用户节点相关联的客户端标识。
-
公开(公告)号:US20140241515A1
公开(公告)日:2014-08-28
申请号:US13777202
申请日:2013-02-26
申请人: Anand K. Oswal , Pritam Shah
发明人: Anand K. Oswal , Pritam Shah
IPC分类号: H04M3/56
CPC分类号: H04M3/56 , H04M3/42348 , H04M2203/2094 , H04M2242/30
摘要: In one embodiment, a method includes receiving a first request to join a conference from a first user device. The location of the first user device is determined. Based on the location of the first user device, the proximity of the first user device relative to endpoints configured to facilitate the conference is identified. A first one of the endpoints that is more proximate to the first user device than other endpoints is selected for handling the conferences.
摘要翻译: 在一个实施例中,一种方法包括从第一用户设备接收加入会议的第一请求。 确定第一用户设备的位置。 基于第一用户设备的位置,识别第一用户设备相对于被配置为便于会议的端点的接近度。 选择比其他端点更接近第一用户设备的端点中的第一个端点用于处理会议。
-
28.发明授权System and method for ensuring persistent communications between a client and an authentication server 有权确保客户端和认证服务器之间持久通信的系统和方法公开(公告)号:US08555350B1
公开(公告)日:2013-10-08
申请号:US11473767
申请日:2006-06-23
IPC分类号: G06F7/00
CPC分类号: H04L67/1027 , H04L63/0428 , H04L63/0853 , H04L63/0892
摘要: A system for facilitating persistent communications between entities in a network. In a specific embodiment, the system is adapted to facilitate fast reauthentication of a client performed by a server, such as an Authentication, Authorization, and Accounting (AAA) server, that is coupled to the client via a load balancer. The system includes a first message to be exchanged between the server and the client, wherein the first message includes a field identifying the server and/or the client. A matching module communicates with or is otherwise incorporated within the load balancer. The matching module includes one or more routines for employing the field to selectively route the first message to the client and/or server. In a more specific embodiment, the server a fast reauthentication module adapted to append the field in the message. The field includes sub-realm information identifying the server.
摘要翻译: 用于促进网络中的实体之间的持久通信的系统。 在特定实施例中,该系统适于促进由诸如认证,授权和计费(AAA)服务器的服务器执行的客户端的快速重新认证,所述服务器经由负载平衡器耦合到客户端。 该系统包括要在服务器和客户端之间交换的第一消息,其中第一消息包括标识服务器和/或客户端的字段。 匹配模块与负载均衡器通信或以其他方式并入其中。 匹配模块包括用于使用该字段选择性地将第一消息路由到客户端和/或服务器的一个或多个例程。 在更具体的实施例中,服务器是适于将字段附加到消息中的快速重新认证模块。 该字段包括标识服务器的子域信息。
-
公开(公告)号:US08149843B2
公开(公告)日:2012-04-03
申请号:US11477747
申请日:2006-06-28
申请人: Anand K. Oswal , Jayaraman Iyer , Bhaskar Bhupalam
发明人: Anand K. Oswal , Jayaraman Iyer , Bhaskar Bhupalam
IPC分类号: H04L12/28 , G06F15/173
摘要: Techniques for exchanging capabilities in a wireless network are provided. In one embodiment, a first device receives a capability message over a communication link from a second device in a WiMAX network. The communication link may be between any combination of base stations and gateways. For example, the R4, R6, or R8 interface may be used. Other interfaces may also be appreciated in a WiMAX network. The capability message includes one or more capabilities supported by a second device in the WiMAX network. Capabilities to support are then determined based on the one or more capabilities. These capabilities will be supported by the first device for communications with the second device. The first device is then configured to support the determined capabilities. Accordingly, the first device is dynamically configured based on the capability message received.
摘要翻译: 提供了用于在无线网络中交换能力的技术。 在一个实施例中,第一设备通过来自WiMAX网络中的第二设备的通信链路接收能力消息。 通信链路可以在基站和网关的任何组合之间。 例如,可以使用R4,R6或R8接口。 在WiMAX网络中也可以理解其他接口。 能力消息包括由WiMAX网络中的第二设备支持的一个或多个能力。 然后基于一个或多个能力来确定支持能力。 这些功能将被第一个与第二个设备进行通信的设备支持。 然后将第一设备配置为支持所确定的能力。 因此,基于所接收的能力消息动态地配置第一设备。
-
30.发明授权Blacklisting of unlicensed mobile access (UMA) users via AAA policy database 有权通过AAA策略数据库将未经授权的移动接入(UMA)用户列入黑名单公开(公告)号:US08064882B2
公开(公告)日:2011-11-22
申请号:US11716267
申请日:2007-03-09
申请人: Kevin Shatzkamer , Anand K. Oswal , Casey Yoon , Mark Grayson
发明人: Kevin Shatzkamer , Anand K. Oswal , Casey Yoon , Mark Grayson
IPC分类号: H04M1/66
CPC分类号: H04W8/06 , H04L63/101 , H04W12/08 , H04W12/12 , H04W88/14
摘要: In one embodiment, while being connected to the network, a security issue may be detected and associated with the device. The device may be placed on a blacklist for the security issue. The blacklist is a list that is used to deny service for the device when it attempts to connect. Thus, the device is disconnected from the network. Identification information for the device is added to the blacklist at the authentication server. If the device attempts to reconnect to the network, the request is received at the authentication server. The authentication server can then check the blacklist and deny the request for access to the network if the identification information is on the blacklist. This denial is determined without sending the request to the HLR. Accordingly, the HLR is protected in that requests from a device that may be considered a security issue are not sent to the HLR.
摘要翻译: 在一个实施例中,当连接到网络时,可以检测安全问题并与设备相关联。 为了安全问题,设备可能被放置在黑名单上。 黑名单是用于在尝试连接时拒绝该设备的服务的列表。 因此,设备与网络断开连接。 设备的识别信息被添加到认证服务器的黑名单。 如果设备尝试重新连接到网络,则在认证服务器处接收到请求。 然后,如果识别信息在黑名单上,认证服务器可以检查黑名单并拒绝接入网络的请求。 确定此拒绝,而不向HLR发送请求。 因此,HLR受到保护,因为来自可能被认为是安全问题的设备的请求不被发送到HLR。
-
-
-
-
-
-
-
-
-
搜索结果
58 条记录 (耗时 0.03 秒)
