公开(公告)号：US20100088400A1

公开(公告)日：2010-04-08

申请号：US12245601

申请日：2008-10-03

申请人： Flemming S. Andreasen ,  Kent K. Leung

发明人： Flemming S. Andreasen ,  Kent K. Leung

IPC分类号： G06F15/16

CPC分类号： H04W8/26

摘要： A method is provided in one example implementation and the method includes identifying through a home bearer manager that an Internet Protocol (IP) address has been previously sent to an access terminal, the IP address being issued by a visited bearer manager as a result of the access terminal requesting registration in a visited network. The method further includes communicating the IP address to the access terminal in response to the access terminal registering in a home network. The registrations in the home and the visited network allow a plurality of packets to be communicated to the access terminal via the IP address. In more specific embodiments, the IP address serves as a care of address (CoA) address and a home IP address concurrently. The IP address can be exchanged via a mobile IP (MIP) exchange. The home and visited bearer managers are independent or interdependent.

摘要翻译： 在一个示例实现中提供了一种方法，并且该方法包括通过归属承载管理器识别互联网协议（IP）地址已经被先前发送到接入终端，该IP地址是被访问承载管理器作为由 访问终端请求在访问网络中注册。 该方法还包括响应于接入终端在家庭网络中注册而将IP地址传送到接入终端。 家庭和访问网络中的注册允许多个分组经由IP地址被传送到接入终端。 在更具体的实施例中，IP地址同时用作地址（CoA）地址和归属IP地址。 IP地址可以通过移动IP（MIP）交换进行交换。 家庭和访问的承运人经理是独立的或相互依存的。

公开(公告)号：US07668174B1

公开(公告)日：2010-02-23

申请号：US10273705

申请日：2002-10-17

申请人： Alpesh Patel ,  Kent K. Leung ,  Madhavi W. Chandra

发明人： Alpesh Patel ,  Kent K. Leung ,  Madhavi W. Chandra

IPC分类号： H04L12/56

CPC分类号： H04W60/00 ,  H04L29/06 ,  H04L29/12273 ,  H04L29/12311 ,  H04L61/2053 ,  H04L61/2084 ,  H04W8/04 ,  H04W8/26 ,  H04W60/04 ,  H04W60/06 ,  H04W80/04

摘要： The present invention provides methods and apparatus for managing an IP address assigned to a Mobile Node. In one embodiment, the Mobile Node appends an extension to the registration request that is sent to its Home Agent, which indicates that the Mobile Node requests use of the IP address previously assigned to the Mobile Node for an additional period of time. When the Home Agent receives the registration request, it indicates whether a lease on the IP address previously assigned to the Mobile Node has been granted by the Home Agent for an additional period of time. In another embodiment, the Home Agent sends a first control message to determine whether the Mobile Node continues to use the IP address. The Home Agent then determines whether a second control message has been received in order to ascertain whether the Mobile Node continues to use the IP address previously assigned to the Mobile Node. The present invention is preferably performed when a Mobile Node returns to its home network, thereby enabling the Mobile Node to retain the IP address assigned to it.

摘要翻译： 本发明提供了用于管理分配给移动节点的IP地址的方法和装置。 在一个实施例中，移动节点将附加到发送到其归属代理的注册请求的扩展，其指示移动节点请求使用先前分配给移动节点的IP地址一段时间。 当归属代理接收到注册请求时，它指示先前分配给移动节点的IP地址上的租约是否已由归属代理许可一段时间。 在另一个实施例中，归属代理发送第一控制消息以确定移动节点是否继续使用IP地址。 归属代理然后确定是否已经接收到第二控制消息以便确定移动节点是否继续使用先前分配给移动节点的IP地址。 本发明优选地在移动节点返回到其归属网络时进行，从而使得移动节点能够保留分配给它的IP地址。

公开(公告)号：US07630352B2

公开(公告)日：2009-12-08

申请号：US11646230

申请日：2006-12-26

申请人： Kent K. Leung ,  Alpesh S. Patel

发明人： Kent K. Leung ,  Alpesh S. Patel

IPC分类号： H04W4/00 ,  H04M3/00

CPC分类号： H04W80/04 ,  H04W8/04 ,  H04W48/08

摘要： Methods and apparatus for registering a mobile device such as a mobile node or mobile router with a Home Agent in an asymmetric link environment. A Foreign Agent associates each of one or more interfaces of the Foreign Agent with a different care-of address. An agent advertisement including the care-of address for the one or more interfaces of the Foreign Agent is then sent via one or more uplinks. A registration request is received via a downlink router. The registration request identifies a care-of address associated with one of the one or more interfaces of the Foreign Agent. One of the interfaces identified by the care-of address is ascertained, thereby identifying the interface to which the mobile device has roamed. The registration request is forwarded to the Home Agent. A registration reply is received from the Home Agent. The registration reply is then forwarded to the mobile device via the ascertained interface.

摘要翻译： 用于在非对称链路环境中用归属代理注册诸如移动节点或移动路由器的移动设备的方法和装置。 外部代理将外部代理的一个或多个接口中的每一个与不同的转交地址相关联。 然后，经由一个或多个上行链路发送包括外部代理的一个或多个接口的转交地址的代理广告。 通过下行链路路由器接收注册请求。 注册请求标识与外地代理的一个或多个接口之一相关联的转交地址。 确定由转交地址识别的接口之一，从而确定移动设备漫游到的接口。 注册请求将转发给归属代理。 从本地代理收到注册答复。 然后通过确定的接口将注册答复转发到移动设备。

公开(公告)号：US07626963B2

公开(公告)日：2009-12-01

申请号：US11258720

申请日：2005-10-25

申请人： Alpesh S. Patel ,  Kent K. Leung ,  Joseph A. Salowey ,  Yu-Cheng Shao

发明人： Alpesh S. Patel ,  Kent K. Leung ,  Joseph A. Salowey ,  Yu-Cheng Shao

IPC分类号： H04W4/00

CPC分类号： H04L63/162 ,  H04L9/083 ,  H04L9/0844 ,  H04L63/0853 ,  H04L63/0892 ,  H04L2209/80 ,  H04L2463/061 ,  H04W8/04 ,  H04W12/06 ,  H04W80/04

摘要： Methods and apparatus for dynamically generating a set of Mobile IP keys are disclosed. The set of Mobile IP keys is dynamically generated using an existing HLR/AuC authentication infrastructure. This is accomplished, in part, by obtaining an International Mobile Subscriber Identity (IMSI) that uniquely identifies a particular Mobile Node. Once a set of Mobile IP keys is generated from authentication information associated with the IMSI, the Mobile Node may register with its Home Agent using the set of Mobile IP keys.

摘要翻译： 公开了用于动态生成一组移动IP密钥的方法和装置。 移动IP密钥集是使用现有的HLR / AuC认证基础设施动态生成的。 这部分地通过获得唯一地标识特定移动节点的国际移动用户标识（IMSI）来实现。 一旦从与IMSI相关联的认证信息生成一组移动IP密钥，则移动节点可以使用一组移动IP密钥向其归属代理注册。

公开(公告)号：US20090141688A1

公开(公告)日：2009-06-04

申请号：US12368159

申请日：2009-02-09

申请人： Kent K. Leung ,  Gopal Dommety

发明人： Kent K. Leung ,  Gopal Dommety

IPC分类号： H04W60/00

CPC分类号： H04L29/12311 ,  H04L29/12839 ,  H04L61/2084 ,  H04L61/6022 ,  H04L63/0281 ,  H04L63/1466 ,  H04L69/329 ,  H04W8/26 ,  H04W12/06 ,  H04W12/12 ,  H04W60/00 ,  H04W80/04 ,  H04W88/08 ,  H04W88/182

摘要： An invention is disclosed that enables proxy Mobile IP registration to be performed in a secure manner. Various security mechanisms may be used independently, or in combination with one another, to authenticate the identity of a node during the registration process. First, an Access Point receiving a packet from a node verifies that the source MAC address identified in the packet is in the Access Point's client association table. In addition, as a second mechanism, the Access Point ensures that a one-to-one mapping exists for the source MAC address and source IP address identified in the packet in a mapping table maintained by the Access Point. As a third mechanism, a binding is not modified in the mobility binding table maintained by the Home Agent unless there is a one-to-one mapping in the mobility binding table between the source MAC address and the source IP address. Similarly, the Foreign Agent may also maintain a mapping between the source IP address and the source MAC address in its visitor table to ensure a one-to-one mapping between a source IP address and the associated MAC address. The MAC address is preferably transmitted in a MAC address extension to the registration request and registration reply packets. In this manner, the Access Point, Home Agent, and Foreign Agent may ascertain the node's MAC address and ensure a one-to-one mapping between the IP address and the MAC address during the registration process.

摘要翻译： 公开了能够以安全的方式执行代理移动IP注册的发明。 各种安全机制可以独立地或彼此组合地使用以在注册过程期间认证节点的身份。 首先，从节点接收分组的接入点验证分组中标识的源MAC地址在接入点的客户端关联表中。 另外，作为第二种机制，接入点确保了由接入点维护的映射表中的源MAC地址和源IP地址中的一个一对一映射。 作为第三种机制，在归属代理维护的移动性绑定表中，绑定不会被修改，除非在源MAC地址和源IP地址之间的迁移绑定表中存在一对一的映射。 类似地，外地代理还可以在其访问者表中保持源IP地址和源MAC地址之间的映射，以确保源IP地址和相关MAC地址之间的一对一映射。 MAC地址优选地以MAC地址扩展发送到注册请求和注册应答分组。 以这种方式，接入点，归属代理和外部代理可以确定节点的MAC地址，并确保在注册过程中IP地址和MAC地址之间的一对一映射。

公开(公告)号：US07475241B2

公开(公告)日：2009-01-06

申请号：US10635882

申请日：2003-08-05

申请人： Alpesh Patel ,  Kent K. Leung ,  Stefan Raab ,  Gopal Dommety

发明人： Alpesh Patel ,  Kent K. Leung ,  Stefan Raab ,  Gopal Dommety

IPC分类号： H04L9/00

CPC分类号： H04W12/04 ,  H04L9/083 ,  H04L9/0863 ,  H04L9/0891 ,  H04L9/321 ,  H04L63/068 ,  H04L63/0892 ,  H04L2209/80 ,  H04L2463/061 ,  H04L2463/081 ,  H04W12/06 ,  H04W80/04

摘要： Methods and apparatus for providing a centralized source of session keys to be shared by a Home Agent and a Mobile Node are disclosed. In accordance with one aspect of the invention, a Mobile Node registers with a Home Agent supporting Mobile IP by sending a registration request to the Home Agent. The Home Agent sends a request message (e.g., access-request message) to a AAA server, the request message identifying the Mobile Node. The AAA server then derives key information from a key or password associated with the Mobile Node. The AAA server then sends a reply message (e.g., access-reply message) to the Home Agent, the reply message including the key information associated with the Mobile Node, thereby enabling the Home Agent to derive a shared key to be shared between the Mobile Node and the Home Agent from the key information. The Home Agent derives a key from the key information, the key being a shared key between the Mobile Node and the Home Agent. A registration reply is then sent to the Mobile Node. When the Mobile Node receives a registration reply from the Home Agent, the registration reply indicates that the Mobile Node is to derive a key to be shared between the Mobile Node and the Home Agent. The Mobile Node then derives a key to be shared between the Mobile Node and the Home Agent from key information stored at the Mobile Node. The Mobile Node may initiate “re-keying” by sending a subsequent registration request to the Home Agent.

摘要翻译： 公开了用于提供由归属代理和移动节点共享的会话密钥的集中源的方法和装置。 根据本发明的一个方面，移动节点通过向归属代理发送注册请求来向支持移动IP的归属代理注册。 归属代理向AAA服务器发送请求消息（例如，访问请求消息），该请求消息标识移动节点。 然后，AAA服务器从与移动节点相关联的密钥或密码导出密钥信息。 AAA服务器然后向归属代理发送应答消息（例如，接入应答消息），该回复消息包括与移动节点相关联的密钥信息，从而使归属代理能够导出要在移动台之间共享的共享密钥 节点和归属代理从关键信息。 归属代理从密钥信息中导出密钥，密钥是移动节点和归属代理之间的共享密钥。 然后将注册答复发送到移动节点。 当移动节点从归属代理接收到注册请求时，注册应答指示移动节点将导出要在移动节点和归属代理之间共享的密钥。 移动节点然后从存储在移动节点处的密钥信息中导出要在移动节点和归属代理之间共享的密钥。 移动节点可以通过向归属代理发送后续注册请求来启动“重新键入”。

公开(公告)号：US07421077B2

公开(公告)日：2008-09-02

申请号：US11595214

申请日：2006-11-08

申请人： Kent K. Leung

发明人： Kent K. Leung

IPC分类号： H04K1/00

CPC分类号： H04L63/08 ,  H04L63/0892 ,  H04W80/04

摘要： Methods and apparatus for authenticating a mobile node are disclosed. A server is configured to provide a plurality of security associations associated with a plurality of mobile nodes. A packet identifying a mobile node may then be sent to the server from a network device such as a Home Agent. A security association for the mobile node identified in the packet may then be obtained from the server. The security association may be sent to the network device to permit authentication of the mobile node. Alternatively, authentication of the mobile node may be performed at the server by applying the security association.

摘要翻译： 公开了用于认证移动节点的方法和装置。 服务器被配置为提供与多个移动节点相关联的多个安全关联。 然后可以从诸如归属代理的网络设备将标识移动节点的分组发送到服务器。 然后可以从服务器获得在分组中标识的移动节点的安全关联。 可以将安全关联发送到网络设备以允许移动节点的认证。 或者，可以通过应用安全关联在服务器处执行移动节点的认证。

公开(公告)号：US07130629B1

公开(公告)日：2006-10-31

申请号：US09520601

申请日：2000-03-08

申请人： Kent K. Leung ,  Gopal Dommety

发明人： Kent K. Leung ,  Gopal Dommety

IPC分类号： H04Q7/20

CPC分类号： H04W80/04 ,  H04W8/26 ,  H04W80/10

摘要： Methods and apparatus for performing registration on behalf of a session associated with a mobile node are disclosed. The mobile node composes a registration request including a NAI identifying a userID and a sub-NAI that uniquely identifies a session associated with the NAI. The mobile node then sends the registration request. When the Home Agent authenticates the mobile node, the Home Agent returns an IP address associated with the session. The NAI and sub-NAI may then be mapped to this IP address in a mobility binding table associated with the Home Agent as well as a visitor table associated with the Foreign Agent to which the mobile node has roamed.

摘要翻译： 公开了代表与移动节点相关联的会话执行注册的方法和装置。 移动节点组成注册请求，其包括标识用户ID的NAI和唯一地标识与NAI相关联的会话的子NAI。 移动节点然后发送注册请求。 归属代理认证移动节点时，归属代理返回与该会话关联的IP地址。 然后可以将NAI和子NAI映射到与归属代理相关联的移动性绑定表中的该IP地址以及与移动节点漫游到的外部代理相关联的访问表。

公开(公告)号：US06795857B1

公开(公告)日：2004-09-21

申请号：US10241286

申请日：2002-09-09

申请人： Kent K. Leung ,  Gopal K. Dommety

发明人： Kent K. Leung ,  Gopal K. Dommety

IPC分类号： G06F15173

CPC分类号： H04W12/06 ,  H04L63/08 ,  H04L63/0892 ,  H04W8/02 ,  H04W12/04 ,  H04W80/04 ,  H04W88/182

摘要： Methods and apparatus for enabling a node that does not support Mobile IP to roam from a first Foreign Agent to a second Foreign Agent are disclosed. In a Foreign Agent that supports Mobile IP, a method of registering a node that does not support Mobile IP with a Home Agent that supports Mobile IP includes detecting a node in a vicinity of the Foreign Agent, composing a registration request specifying a node ID associated with the node, and sending the registration request to the Home Agent. When the Home Agent receives the registration request from a first Foreign Agent, the Home Agent updates a mobility binding table to associate the first Foreign Agent with the node. In addition, the Home Agent notifies a second Foreign Agent to update its visitor table to reflect roaming of the node from the second Foreign Agent to the first Foreign Agent.

摘要翻译： 公开了使不支持移动IP的节点从第一外部代理漫游到第二外部代理的方法和装置。 在支持移动IP的外地代理中，将支持移动IP的归属代理不支持移动IP的节点注册的方法包括检测外地代理附近的节点，构成指定相关联的节点ID的注册请求 并将注册请求发送到归属代理。 当家庭代理接收到来自第一外部代理的注册请求时，归属代理更新移动性绑定表以将第一外部代理与该节点相关联。 此外，归属代理通知第二外部代理更新其访问表，以反映该节点从第二个外部代理漫游到第一个外部代理。

公开(公告)号：US06466964B1

公开(公告)日：2002-10-15

申请号：US09333831

申请日：1999-06-15

申请人： Kent K. Leung ,  Gopal K. Dommety

发明人： Kent K. Leung ,  Gopal K. Dommety

IPC分类号： G06F1516

CPC分类号： H04W12/06 ,  H04L63/08 ,  H04L63/0892 ,  H04W8/02 ,  H04W12/04 ,  H04W80/04 ,  H04W88/182

摘要： Methods and apparatus for enabling a node that does not support Mobile IP to roam from a first Foreign Agent to a second Foreign Agent are disclosed. In a Foreign Agent that supports Mobile IP, a method of registering a node that does not support Mobile IP with a Home Agent that supports Mobile IP includes detecting a node in a vicinity of the Foreign Agent, composing a registration request specifying a node ID associated with the node, and sending the registration request to the Home Agent. When the Home Agent receives the registration request from a first Foreign Agent, the Home Agent updates a mobility binding table to associate the first Foreign Agent with the node. In addition, the Home Agent notifies a second Foreign Agent to update its visitor table to reflect roaming of the node from the second Foreign Agent to the first Foreign Agent.

摘要翻译： 公开了用于使不支持移动IP的节点从第一外部代理漫游到第二外部代理的方法和装置。 在支持移动IP的外地代理中，将支持移动IP的归属代理不支持移动IP的节点注册的方法包括检测外地代理附近的节点，构成指定相关联的节点ID的注册请求 并将注册请求发送到归属代理。 当家庭代理接收到来自第一外部代理的注册请求时，归属代理更新移动性绑定表以将第一外部代理与该节点相关联。 此外，归属代理通知第二外部代理更新其访问表，以反映该节点从第二个外部代理漫游到第一个外部代理。