公开(公告)号：US20100208663A1

公开(公告)日：2010-08-19

申请号：US12738972

申请日：2008-10-22

申请人： Jun Hirano ,  Takashi Aramaki ,  Chun Keong Benjamin Lim ,  Chan Wah Ng ,  Tien Ming Benjamin Koh ,  Pek Yew Tan ,  Keigo Aso

发明人： Jun Hirano ,  Takashi Aramaki ,  Chun Keong Benjamin Lim ,  Chan Wah Ng ,  Tien Ming Benjamin Koh ,  Pek Yew Tan ,  Keigo Aso

IPC分类号： H04W40/00

CPC分类号： H04W40/02 ,  H04L45/308 ,  H04W80/04 ,  H04W88/06

摘要： The invention discloses a technique to efficiently realize a routing based on preference of a mobile terminal in case the mobile terminal is connected to a mobility management domain of network base different from a home network domain. According to this technique, a mobile terminal (mobile node; MN) 101 has two interfaces, and these interfaces are connected to a mobility management domain (local mobility domain) 11 under the condition that these interfaces are connected to MAG 111 and MAG 112 respectively. In case MN itself decides one of the interfaces to be used for a specific packet flow communication, a routing preference to instruct that the packet flow is to be sent on a routing via the interface is notified to MAG. When MAG notifies the routing preference to LMA (filtering agent) 110, filtering based on the routing preference is carried out.

摘要翻译： 本发明公开了一种在移动终端连接到不同于家庭网络域的网络基地的移动性管理域的情况下，基于移动终端的偏好来有效地实现路由的技术。 根据该技术，移动终端（移动节点; MN）101具有两个接口，并且这些接口在这些接口分别连接到MAG 111和MAG 112的条件下连接到移动性管理域（本地移动性域）11 。 在MN本身决定要用于特定分组流通信的接口之一的情况下，通知经由接口在路由上发送分组流的路由选择。 当MAG向LMA（过滤代理）110通知路由选择时，执行基于路由选择的过滤。

公开(公告)号：US20100199332A1

公开(公告)日：2010-08-05

申请号：US12665006

申请日：2008-06-12

申请人： Jens Bachmann ,  Kilian Weniger ,  Takashi Aramaki ,  Jon Schuringa ,  Jun Hirano ,  Shinkichi Ikeda

发明人： Jens Bachmann ,  Kilian Weniger ,  Takashi Aramaki ,  Jon Schuringa ,  Jun Hirano ,  Shinkichi Ikeda

IPC分类号： G06F17/30 ,  H04J1/16 ,  H04L12/56

CPC分类号： H04L63/164 ,  H04L63/029 ,  H04L63/0428 ,  H04L63/0471 ,  H04W12/02 ,  H04W36/0011 ,  H04W60/00 ,  H04W80/04 ,  H04W88/16

摘要： The invention provides a method for trust relationship detection between a core and access network for a user equipment. The gist is that a security tunnel establishment procedure is used so one entity, be it part of the core network or be it the user equipment itself, is provided with information to determine whether the access network is trusted or untrusted. The information may comprise a first IP address/prefix, which is initially assigned to the user equipment, upon attaching to the access network. The necessary information may further comprise a second IP address/prefix, which is an address/prefix that is allocated at a trusted entity of the core network. Depending which entity determines the trust relationship of the access network, it might be necessary to transmit either the first IP address/prefix or the second IP address/prefix or the first and the second IP address/prefix using the security tunnel establishment procedure.

摘要翻译： 本发明提供了一种用于用户设备的核心和接入网络之间的信任关系检测的方法。 要点是使用安全隧道建立过程，因此一个实体（作为核心网络的一部分，或者是用户设备本身）被提供有用于确定接入网络是可信任还是不受信任的信息。 信息可以包括在附接到接入网络时最初分配给用户设备的第一IP地址/前缀。 必要的信息还可以包括第二IP地址/前缀，其是在核心网络的可信实体处分配的地址/前缀。 根据哪个实体确定接入网络的信任关系，可能需要使用安全隧道建立过程来发送第一IP地址/前缀或第二IP地址/前缀或第一和第二IP地址/前缀。

公开(公告)号：US20100189000A1

公开(公告)日：2010-07-29

申请号：US12665238

申请日：2008-06-13

申请人： Jun Hirano ,  Chan Wah Ng ,  Mohana Dhamayanthi Jeyatharan ,  Chun Keong Benjamin Lim ,  Pek Yew Tan

发明人： Jun Hirano ,  Chan Wah Ng ,  Mohana Dhamayanthi Jeyatharan ,  Chun Keong Benjamin Lim ,  Pek Yew Tan

IPC分类号： H04W40/00 ,  H04L12/26

CPC分类号： H04L63/12 ,  H04W8/06 ,  H04W8/26 ,  H04W80/04

摘要： Disclosed is a technique to prevent the registration of false information that a mobile router is managing prefix information that is not actually managed. According to the technique, when a mobile network prefix is registered from an MR (mobile router 20) to a CN 30 (correspondent node), an HA (home agent) 10, for example, intervenes in signaling related to the registration to prevent the registration of false prefix information. For example, in process 150, the MR notifies the prefix information and the HA detects a test message 120 sent from the CN to the MR to check whether the prefix information used for the destination address is valid. If the prefix information is invalid, the packet is discarded.

摘要翻译： 公开了防止移动路由器正在管理未被实际管理的前缀信息的虚假信息的技术。 根据该技术，当将移动网络前缀从MR（移动路由器20）注册到CN30（对应节点）时，HA（归属代理）10例如介入与注册有关的信令，以防止 注册假前缀信息。 例如，在过程150中，MR通知前缀信息，并且HA检测从CN发送到MR的测试消息120，以检查用于目的地地址的前缀信息是否有效。 如果前缀信息无效，则丢弃报文。

公开(公告)号：US20100061296A1

公开(公告)日：2010-03-11

申请号：US12447391

申请日：2007-10-30

申请人： Keigo Aso ,  Jun Hirano

发明人： Keigo Aso ,  Jun Hirano

IPC分类号： H04W40/00

CPC分类号： H04W8/26 ,  H04W8/12 ,  H04W80/04

摘要： A technology is disclosed for providing a packet transfer control method that can transmit a DU message to a specific CN or a specific flow to prompt a change in destination, while maintaining a transfer request to a CoA from a HA. In the technology, when a home agent receives a packet addressed to a mobile terminal from a predetermined communication terminal, the mobile terminal transmits a second message to the home agent, the second message including information required for the home agent to transmit a first message to the predetermined communication terminal. The first message states that a currently used address addressed to the mobile terminal cannot be used. The home agent generates the first message based on the information included in the second message and transmits the generated first message to the predetermined communication terminal.

摘要翻译： 公开了一种技术，用于提供可以向特定CN或特定流发送DU消息以提示目的地改变的分组传送控制方法，同时保持来自HA的CoA的传送请求。 在该技术中，当归属代理从预定通信终端接收到寻址到移动终端的分组时，移动终端向归属代理发送第二消息，第二消息包括归属代理发送第一消息所需的信息 预定的通信终端。 第一个消息指出，不能使用寻址到移动终端的当前使用的地址。 归属代理基于第二消息中包含的信息生成第一消息，并将生成的第一消息发送到预定通信终端。

公开(公告)号：US20100034170A1

公开(公告)日：2010-02-11

申请号：US12527548

申请日：2008-02-22

申请人： Jun Hirano ,  Chun Keong Benjamin Lim ,  Chan Wah Ng ,  Tien Ming Koh ,  Pek Yew Tan

发明人： Jun Hirano ,  Chun Keong Benjamin Lim ,  Chan Wah Ng ,  Tien Ming Koh ,  Pek Yew Tan

IPC分类号： H04W36/00

CPC分类号： H04L47/10 ,  H04L47/283

摘要： Disclosed in a technique for more accurately checking a network condition such as a transmission delay generated in packet transmission between two nodes and other network conditions. A buffering node 10 is a network node having the function of transferring a packet. When a packet received by a network interface 11 is buffered in a cache 14, a buffer time processor 12 refers to an internal clock 13 to record the time of that moment (the buffered time). Then, when this packet is transferred, the buffer time processor refers again to the current time indicated by the internal clock and subtracts the buffered time from the current time to calculate a buffering time generated by a buffering delay in packet transmission. This buffering time is added to the packet and transmitted.

摘要翻译： 公开了一种更准确地检查诸如在两个节点之间的分组传输中产生的传输延迟和其他网络状况的网络状况的技术。 缓冲节点10是具有传送分组功能的网络节点。 当由网络接口​​11接收的分组被缓存在高速缓存14中时，缓冲时间处理器12参考内部时钟13来记录该时刻（缓冲时间）。 然后，当该分组被传送时，缓冲时间处理器再次参考由内部时钟指示的当前时间，并从当前时间减去缓冲时间，以计算由分组传输中的缓冲延迟产生的缓冲时间。 该缓冲时间被添加到分组并被发送。

公开(公告)号：US20090313680A1

公开(公告)日：2009-12-17

申请号：US12158968

申请日：2006-12-26

申请人： Jun Hirano

发明人： Jun Hirano

IPC分类号： H04L29/06

CPC分类号： H04W12/08 ,  H04L12/2818 ,  H04L12/283 ,  H04L12/2898 ,  H04L12/4633 ,  H04L63/0272 ,  H04L63/104 ,  H04L63/20 ,  H04W76/10 ,  H04W80/04 ,  H04W84/005

摘要： Disclosed is a technique capable of proper execution of access control based on various security policies set by a home user with regards to a packet sent from a visitor node. According to the technique, a MR (Mobile Router) 10 which manages a mobile PAN 30 determines whether a sender of a packet from a communication terminal connected to the mobile PAN is a home user's node which is allowed direct access into a home network or a visitor node (VN 31), and forwards the packet from the home user's node to an HA 20 while forwarding the packet from the visitor node to a policy server 36 located in a DMZ 35. This allows the policy server to perform access control on every packet from a visitor node which attempts to gain access into the home network based on a security policy 36a.

摘要翻译： 公开了一种能够基于由用户对由访问者节点发送的分组设置的各种安全策略来适当地执行访问控制的技术。 根据该技术，管理移动PAN30的MR（移动路由器）10确定来自连接到移动PAN的通信终端的分组的发送者是否是被允许直接访问家庭网络的家庭用户节点，或者 访问节点（VN31），并且将分组从归属用户节点转发到HA 20，同时将分组从访问节点转发到位于DMZ 35中的策略服务器36.这允许策略服务器对每个 来自访问节点的分组，其尝试基于安全策略36a来访问归属网络。

公开(公告)号：US20090268664A1

公开(公告)日：2009-10-29

申请号：US12094104

申请日：2006-11-22

申请人： Jun Hirano ,  Mohana Dhamayanthi Jeyatharan ,  Chan Wah Ng ,  Pek Yew Tan

发明人： Jun Hirano ,  Mohana Dhamayanthi Jeyatharan ,  Chan Wah Ng ,  Pek Yew Tan

IPC分类号： H04W40/02

CPC分类号： H04W8/082 ,  H04W80/04 ,  H04W84/005

摘要： The present invention provides a technique to optimize communication route when two end nodes separated away from own home perform data communication with each other. According to this technique, a communication node (the initiator node 174) adds a predetermined destination option including own home address to a header of a packet to be transmitted to a correspondent node (LFN 151) under control of MR 141. HA 121 of MR copies a predetermined destination option and inserts it into a tunnel packet header when this packet is tunneled to MR. When the packet is transferred to the communication node under control, MR checks, by using the server, whether the predetermined destination option is inserted into the tunnel packet header or not. If it is inserted into the packet, a route optimization processing is started with the transmitter of the packet including the predetermined destination option with home address.

摘要翻译： 本发明提供了一种当两个终端节点与自己的家庭分离时彼此进行数据通信的优化通信路由的技术。 根据该技术，在MR 141的控制下，通信节点（发起方节点174）将包括自己的归属地址的预定目的地选项添加到要发送到对应节点（LFN 151）的分组的报头.MR 121的HA 121 复制预定的目的地选项，并且当该分组被隧道传送到MR时将其插入到隧道分组报头中。 当分组被传送到控制下的通信节点时，MR通过使用服务器检查预定的目的地选项是否被插入到隧道分组报头中。 如果插入到分组中，则使用包含具有归属地址的预定目的地选项的分组的发射机开始路由优化处理。

公开(公告)号：US20090265453A1

公开(公告)日：2009-10-22

申请号：US11817917

申请日：2006-03-07

申请人： Jun Hirano ,  Chan Wah Ng ,  Pek Yew Tan

发明人： Jun Hirano ,  Chan Wah Ng ,  Pek Yew Tan

IPC分类号： G06F15/16

CPC分类号： H04W12/12 ,  H04L41/00 ,  H04L45/00 ,  H04L63/126 ,  H04L63/1458 ,  H04L2463/142 ,  H04W8/08 ,  H04W8/26 ,  H04W12/10 ,  H04W40/02 ,  H04W80/04 ,  H04W84/005

摘要： In order to verify if upper-level router information, or ULRI (information on the upper-level router with respect to a predetermined node) is valid, MN (Mobile Node) 220 associated to ULMR (Upper-Level Mobile Router) 210 acquires ULRI such as the address of ULMR (310), inserts ULRI into a BU (Binding Update) message, and sends it to HA (Home Agent) 235 (320). On receiving the BU message with ULRI, HA sends a BA (Binding Acknowledgement) message set to pass through the router that is specified in ULRI (330). If ULRI is valid, ULMR forwards the BA message to MN (340). If ULRI is not valid, ULMR discards the BA message.

摘要翻译： 为了验证上级路由器信息或ULRI（相对于预定节点的上级路由器的信息）是否有效，与ULMR（上位移动路由器）210相关联的MN（移动节点）220获取ULRI 例如ULMR（310）的地址，将ULRI插入到BU（绑定更新）消息中，并将其发送到HA（归属代理）235（320）。 在使用ULRI接收到BU消息时，HA发送BA（绑定确认）消息集，以通过ULRI（330）中指定的路由器。 如果ULRI有效，则ULMR将BA消息转发到MN（340）。 如果ULRI无效，ULMR将丢弃BA消息。

公开(公告)号：US20090135822A1

公开(公告)日：2009-05-28

申请号：US11915418

申请日：2006-05-31

申请人： Jun Hirano ,  Chan Wah Ng ,  Pek Yew Tan ,  Tien-Ming Benjamin Koh

发明人： Jun Hirano ,  Chan Wah Ng ,  Pek Yew Tan ,  Tien-Ming Benjamin Koh

IPC分类号： H04L12/56

CPC分类号： H04W8/085 ,  H04W8/26 ,  H04W80/04 ,  H04W84/005

摘要： A technology is disclosed for reducing the number of encapsulations required when MAP forwards a packet to a mobile node which is layered within mobile networks, with mobile networks nested and multiple mobile routers chained behind MAP (Mobility Anchor Point). MAP 120 manages the binding information between RCoA and LCoA for each of lower-level nodes and grasps the prefixes of each of lower-level mobile routers, for example, the prefix of mobile network 104 of MR 140 or the prefix of mobile network 106 of MR 142. For example, MAP 120 informs MR 140 of the prefix of the mobile network 106 and the binding information between RCoA and LCoA. In this way, MR 140 can grasp a next forwarding destination of the packet transmitted from MAP 120 to MN 150, and the packet can be reached at MN 150 unless the packet is encapsulated multiple times.

摘要翻译： 公开了一种技术，用于减少MAP将数据包转发到移动网络中分层的移动节点所需的封装数量，移动网络嵌套，多个移动路由器链接在MAP（移动锚点）之后。 MAP 120管理每个较低级别节点的RCoA和LCoA之间的绑定信息，并且掌握每个下级移动路由器的前缀，例如MR 140的移动网络104的前缀或移动网络106的前缀 MR 142.例如，MAP 120向MR 140通知移动网络106的前缀以及RCoA和LCoA之间的绑定信息。 以这种方式，MR 140可以抓住从MAP 120发送到MN 150的分组的下一个转发目的地，并且可以在MN 150到达分组，除非分组被多次封装。

公开(公告)号：US20090016264A1

公开(公告)日：2009-01-15

申请号：US11815169

申请日：2006-01-27

申请人： Jun Hirano ,  Takahisa Aoyama ,  Takeshi Tanaka

发明人： Jun Hirano ,  Takahisa Aoyama ,  Takeshi Tanaka

IPC分类号： H04Q7/00

CPC分类号： H04W40/18 ,  H04W8/08 ,  H04W8/26 ,  H04W80/04 ,  H04W88/14 ,  H04W88/18 ,  H04W92/24

摘要： There is disclosed a technology in which a packet to be sent to a mobile terminal (an MN), distributed from a correspondent node (a CN), can surely reach the MN even in a situation in which the MN is moving. According to the technology, identification information of a plurality of access routers (ARs) 300 potentially currently connected to the MN is added to an IP packet to be transmitted from a CN 500 to an MN 200. When the AR receives this IP packet, the AR judges whether or not the MN is connected thereunder. If the MN exists under the AR, the IP packet is transmitted to the MN. On the other hand, if any MN does not exist under the AR, the IP packet is transferred to another AR based on the identification information added to the IP packet. As a result, the IP packet is successively transferred between the plurality of ARs so that the IP packet can be passed to the MN under the AR currently connected to the MN.

摘要翻译： 公开了一种技术，其中即使在MN正在移动的情况下，要发送到从通信节点（CN）分发的移动终端（MN）的分组也可以肯定地到达MN。 根据该技术，将可能当前连接到MN的多个接入路由器（AR）300的识别信息添加到要从CN 500发送到MN 200的IP分组。当AR接收到该IP分组时， AR判断MN是否连接在其上。 如果MN存在于AR下，则将IP分组发送到MN。 另一方面，如果在AR下不存在任何MN，则根据添加到IP分组的标识信息将IP分组传送到另一个AR。 结果，IP分组在多个AR之间被连续地传送，使得IP分组可以在目前连接到MN的AR下传送到MN。