公开(公告)号：US09854000B2

公开(公告)日：2017-12-26

申请号：US14534429

申请日：2014-11-06

申请人： Daniel G. Wing ,  Flemming S. Andreasen ,  Kent K. Leung

发明人： Daniel G. Wing ,  Flemming S. Andreasen ,  Kent K. Leung

IPC分类号： G06F11/00 ,  H04L29/06

CPC分类号： H04L63/166 ,  H04L63/1408 ,  H04L63/145

摘要： In one embodiment, a method includes identifying unusual behavior with respect to a handshake between a first endpoint and a second endpoint that are included in a network, and determining whether the unusual behavior with respect to the handshake indicates presence of malicious software. The method also includes identifying at least one of the first endpoint and the second endpoint as potentially being infected by the malicious software if it is determined that the unusual behavior with respect to the handshake indicates the presence of malicious software.

公开(公告)号：US09049046B2

公开(公告)日：2015-06-02

申请号：US13179539

申请日：2011-07-10

申请人： Flemming S. Andreasen ,  Kent K. Leung ,  Michel Khouderchah ,  Jayaraman R. Iyer ,  Timothy P. Stammers

发明人： Flemming S. Andreasen ,  Kent K. Leung ,  Michel Khouderchah ,  Jayaraman R. Iyer ,  Timothy P. Stammers

IPC分类号： H04W4/00 ,  H04L12/46 ,  H04J3/16 ,  H04J3/22 ,  H04J1/16 ,  H04J3/14 ,  H04L1/00 ,  H04L12/26 ,  H04L29/12 ,  H04L12/707 ,  H04W40/24

CPC分类号： H04W28/0226 ,  H04L12/4633 ,  H04L29/12367 ,  H04L45/22 ,  H04L45/26 ,  H04L61/2514 ,  H04W40/24 ,  H04W48/16

摘要： A method is provided in one example embodiment and includes communicating an in-band message packet from a first network element; receiving a response to the in-band message from a second network element, the response contains tunnel identification binding data that identifies a tunnel on a backhaul link on which traffic from a user equipment can flow; and receiving instructions from the second network element to offload a received data packet from the backhaul link. In particular instances, the in-band message is set to loopback when the in-band message is sent from the first network element. In other embodiments, the tunnel identification binding data is provided in the payload of the in-band message when the in-band message is sent from the first network element. In other examples, the method can include receiving an assigned Internet protocol (IP) address of the user equipment in the response to the in-band message.

摘要翻译： 在一个示例实施例中提供了一种方法，并且包括从第一网络元件传送带内消息分组; 从第二网络单元接收对带内消息的响应，该响应包含隧道识别绑定数据，其标识来自用户设备可以流动的业务的回程链路上的隧道; 以及从所述第二网络单元接收指令以从所述回程链路卸载所接收的数据分组。 在特定情况下，当从第一网络元件发送带内消息时，带内消息被设置为环回。 在其他实施例中，当从第一网络元件发送带内消息时，在带内消息的有效载荷中提供隧道标识绑定数据。 在其他示例中，该方法可以包括在对带内消息的响应中接收用户设备的分配的因特网协议（IP）地址。

公开(公告)号：US09030991B2

公开(公告)日：2015-05-12

申请号：US13179540

申请日：2011-07-10

申请人： Flemming S. Andreasen ,  Kent K. Leung ,  Michel Khouderchah ,  Jayaraman R. Iyer ,  Timothy P. Stammers

发明人： Flemming S. Andreasen ,  Kent K. Leung ,  Michel Khouderchah ,  Jayaraman R. Iyer ,  Timothy P. Stammers

IPC分类号： H04W4/00 ,  H04L12/46 ,  H04L12/26 ,  H04L12/28 ,  H04L12/16 ,  H04B1/38 ,  H04L29/12 ,  H04L12/707 ,  H04W40/24

CPC分类号： H04W28/0226 ,  H04L12/4633 ,  H04L29/12367 ,  H04L45/22 ,  H04L45/26 ,  H04L61/2514 ,  H04W40/24 ,  H04W48/16

摘要： A method is provided in one example embodiment and includes receiving a downstream data packet transported on a backhaul link at a first network element, the downstream data packet is associated with a user equipment; identifying whether a downstream tunnel used to communicate the data packet to the user equipment has become dormant; and communicating an in-band message to a second network element that the downstream tunnel is dormant. In other examples, the method can include dropping the data packet when a network address port translation binding has expired or does not exist. In certain implementations, the method can include identifying the downstream tunnel as dormant when an activity timer has expired, or identifying the downstream tunnel as dormant based on a stale state setting.

摘要翻译： 在一个示例实施例中提供了一种方法，并且包括接收在第一网络元件的回程链路上传送的下游数据分组，所述下游数据分组与用户设备相关联; 识别用于将数据包传送给用户设备的下游隧道是否已经处于休眠状态; 以及将所述带内消息传送到所述下游隧道处于休眠状态的第二网络元件。 在其他示例中，该方法可以包括当网络地址端口转换绑定已经到期或不存在时丢弃数据分组。 在某些实现中，该方法可以包括当活动定时器已经到期时将下游隧道识别为休眠，或者基于陈旧状态设置将下游隧道识别为休眠。

公开(公告)号：US08711847B2

公开(公告)日：2014-04-29

申请号：US12987311

申请日：2011-01-10

申请人： Flemming S. Andreasen ,  Frank Brockners ,  Vojislav Vucetic

发明人： Flemming S. Andreasen ,  Frank Brockners ,  Vojislav Vucetic

IPC分类号： H04L12/66 ,  H04L12/28 ,  H04L12/56 ,  G06F9/26

CPC分类号： H04W4/24 ,  H04L12/1403 ,  H04L47/14 ,  H04L47/20 ,  H04L65/1016

摘要： A method is provided in one example embodiment and includes communicating location and access network information for an end user to a policy and charging rules function (PCRF) element that is coupled to a network element. The network element receives packets for a communications flow from the end user if the flow is initiated through a wireless network and through a wireline network. In more specific embodiments, the location and access network information is used to initiate one or more applications for the end user. The method could also include communicating to an application function that the end user has attached to one of the networks, has been assigned an Internet Protocol (IP) address, and the location and access network information for the end user.

摘要翻译： 在一个示例实施例中提供了一种方法，并且包括将最终用户的位置和访问网络信息传递到耦合到网络元件的策略和计费规则功能（PCRF）元素。 如果通过无线网络和有线网络启动流，则网络元件从最终用户接收用于通信流的分组。 在更具体的实施例中，位置和访问网络信息被用于为终端用户启动一个或多个应用。 该方法还可以包括与最终用户已经附接到网络之一的应用功能的通信，已被分配了因特网协议（IP）地址，以及最终用户的位置和接入网络信息。

公开(公告)号：US20130013688A1

公开(公告)日：2013-01-10

申请号：US13543692

申请日：2012-07-06

申请人： Qi Wang ,  Jerry Liansuo Li ,  Guangxin You ,  Zhidong She ,  Nick George Pope ,  Flemming S. Andreasen

发明人： Qi Wang ,  Jerry Liansuo Li ,  Guangxin You ,  Zhidong She ,  Nick George Pope ,  Flemming S. Andreasen

IPC分类号： G06F15/16

CPC分类号： H04L61/1541 ,  H04L63/104 ,  H04L67/16

摘要： A method is provided in one example embodiment and includes establishing a connection between a client and a messaging fabric of a conductor element associated with a video system; defining a service having a set of features using a set of interfaces associated with an Extensible Messaging and Presence Protocol (XMPP); assigning a plurality of XML namespaces for the set of features of the service; assigning an identifier to the service; and registering the service in a service directory in order to create a mapping between the XML namespaces and the identifier.

摘要翻译： 在一个示例实施例中提供了一种方法，并且包括建立客户端与与视频系统相关联的导体元件的消息传送结构之间的连接; 使用与可扩展消息传递和呈现协议（XMPP）相关联的一组接口来定义具有一组特征的服务; 为服务的一组特征分配多个XML命名空间; 向服务分配标识符; 并将服务注册到服务目录中，以便创建XML命名空间和标识符之间的映射。

公开(公告)号：US20120082132A1

公开(公告)日：2012-04-05

申请号：US13179538

申请日：2011-07-10

申请人： Flemming S. Andreasen ,  Kent K. Leung ,  Michel Khouderchah ,  Jayaraman R. Iyer ,  Timothy P. Stammers

发明人： Flemming S. Andreasen ,  Kent K. Leung ,  Michel Khouderchah ,  Jayaraman R. Iyer ,  Timothy P. Stammers

IPC分类号： H04W4/00 ,  H04W36/00

CPC分类号： H04W28/0226 ,  H04L12/4633 ,  H04L29/12367 ,  H04L45/22 ,  H04L45/26 ,  H04L61/2514 ,  H04W40/24 ,  H04W48/16

摘要： A method is provided in one example embodiment and includes receiving a data packet over a first link at a first network element; establishing an out-of-band channel over a second link between the first network element and a second network element; and receiving instructions at the first network element to offload the data packet from the first link. In more particular embodiments, the first network element is a mobile enabled router, and the second network element is a gateway general packet radio service support node or a packet data network gateway. The method can also include receiving a discovery message from the second network element, the discovery message triggering the establishment of the out-of-band channel. In certain cases, the data packet is offloaded based on a type of data in the data packet.

摘要翻译： 在一个示例实施例中提供了一种方法，并且包括在第一网络元件上的第一链路上接收数据分组; 在第一网络元件和第二网络元件之间的第二链路上建立带外频道; 以及在所述第一网络元件处接收指令以从所述第一链路卸载所述数据分组。 在更具体的实施例中，第一网络元件是支持移动的路由器，并且第二网络元件是网关通用分组无线电服务支持节点或分组数据网络网关。 该方法还可以包括从第二网络元件接收发现消息，该发现消息触发了带外信道的建立。 在某些情况下，根据数据包中的数据类型卸载数据包。

公开(公告)号：US20110090815A1

公开(公告)日：2011-04-21

申请号：US12848141

申请日：2010-07-31

申请人： Srinath Gundavelli ,  Frank Brockners ,  Mark Grayson ,  Kent K. Leung ,  Flemming S. Andreasen

发明人： Srinath Gundavelli ,  Frank Brockners ,  Mark Grayson ,  Kent K. Leung ,  Flemming S. Andreasen

IPC分类号： H04L12/26

CPC分类号： H04L45/741 ,  H04L12/4633 ,  H04L29/12367 ,  H04L29/12377 ,  H04L61/106 ,  H04L61/2514 ,  H04L61/2517 ,  H04L69/22

摘要： An example method is provided and includes receiving a packet associated with a flow, determining a tunnel identifier for the flow, and determining a flow identifier for the flow. The method includes associating the flow identifier and the tunnel identifier to an Internet protocol (IP) address to generate a binding to be used for a network address and port translation (NAPT). In other embodiments, a routing decision is executed based on the binding between the identifiers and the IP address. The flow identifier can be a context identifier (CID), and the tunnel identifier can be a softwire tunnel ID. In yet other embodiments, the packet can be tagged as part of an encapsulation operation, which includes providing information about a network location at which the network address and port translation is to be executed.

摘要翻译： 提供了示例性方法，并且包括接收与流相关联的分组，确定流的隧道标识符，以及确定流的流标识符。 该方法包括将流标识符和隧道标识符与因特网协议（IP）地址相关联，以生成用于网络地址和端口转换（NAPT）的绑定。 在其他实施例中，基于标识符和IP地址之间的绑定来执行路由决定。 流标识符可以是上下文标识符（CID），隧道标识符可以是软线隧道ID。 在其他实施例中，分组可以被标记为封装操作的一部分，其包括提供关于将要执行网络地址和端口转换的网络位置的信息。

公开(公告)号：US07805127B2

公开(公告)日：2010-09-28

申请号：US11715210

申请日：2007-03-06

申请人： Flemming S. Andreasen ,  Jonathan D. Rosenberg ,  Jayaraman R. Iyer ,  Biswaranjan Panda

发明人： Flemming S. Andreasen ,  Jonathan D. Rosenberg ,  Jayaraman R. Iyer ,  Biswaranjan Panda

IPC分类号： H04M11/00

CPC分类号： H04W12/08 ,  G06Q20/102 ,  H04L12/14 ,  H04L12/1403 ,  H04L41/0893 ,  H04L41/5029 ,  H04L41/5061 ,  H04L45/50 ,  H04L47/10 ,  H04L47/14 ,  H04L47/15 ,  H04L47/70 ,  H04L47/724 ,  H04L47/805 ,  H04L47/824 ,  H04L61/2015 ,  H04L63/08 ,  H04L63/0892 ,  H04L63/102 ,  H04L63/162 ,  H04L65/1006 ,  H04L65/1016 ,  H04L67/141 ,  H04L69/14 ,  H04L69/24 ,  H04W8/26 ,  H04W12/06 ,  H04W28/18 ,  H04W36/0033 ,  H04W36/12 ,  H04W36/14 ,  H04W48/14 ,  H04W60/00 ,  H04W80/04 ,  H04W80/10 ,  H04W92/02

摘要： A method for creating an accounting record in a policy server in a communication network. The method also includes receiving policy data from one or more application layer elements. The method includes receiving accounting data from one or more lower layer elements, such that the accounting data is associated with the policy data. The method also includes consolidating the accounting data and the policy data received.

摘要翻译： 一种用于在通信网络中的策略服务器中创建记帐记录的方法。 该方法还包括从一个或多个应用层元素接收策略数据。 该方法包括从一个或多个下层元素接收会计数据，使得会计数据与策略数据相关联。 该方法还包括合并会计数据和收到的策略数据。

公开(公告)号：US07620708B2

公开(公告)日：2009-11-17

申请号：US11142031

申请日：2005-05-31

申请人： Flemming S. Andreasen

发明人： Flemming S. Andreasen

IPC分类号： H04L12/16 ,  G06F17/00

CPC分类号： H04L41/5045 ,  H04L41/12

摘要： The present invention provides a method for performing automatic discovery of controlling policy enforcement points in a policy push computer network. The method involves a policy decision point sending a discover message toward an end point on a computer network; receiving a response from a policy enforcement point; reading a name and address from the received response; and sending a policy decision message to the name and address read from the response. The policy decision message is characterized by content suitable for being installed for a policy enforcement point. In an embodiment, the discover message sent includes a resource reservation protocol and a new policy enforcement point discover object. In another embodiment, the discover message sent causes the policy enforcement point to process the discover message. The policy decision point can receive notification that installation of the policy decision for the policy enforcement point failed.

摘要翻译： 本发明提供了一种用于在策略推送计算机网络中执行控制策略执行点的自动发现的方法。 该方法涉及策略决策点向计算机网络上的终点发送发现消息; 从政策执行点收到答复; 从收到的回复中读取姓名和地址; 并向响应中读取的名称和地址发送策略决策消息。 策略决策消息的特征在于适合于为策略执行点安装的内容。 在一个实施例中，发送的发现消息包括资源预留协议和新的策略执行点发现对象。 在另一个实施例中，发送的发现消息导致策略执行点处理发现消息。 策略决策点可以接收到针对策略执行点的策略决策的安装失败的通知。

公开(公告)号：US09960928B1

公开(公告)日：2018-05-01

申请号：US13543769

申请日：2012-07-06

申请人： Nick George Pope ,  Flemming S. Andreasen ,  Qi Wang ,  Jerry Liansuo Li

发明人： Nick George Pope ,  Flemming S. Andreasen ,  Qi Wang ,  Jerry Liansuo Li

IPC分类号： G06F15/16 ,  G06F12/00 ,  G06F17/00 ,  H04N21/00 ,  H04L12/28

CPC分类号： H04L12/2816 ,  H04L41/00 ,  H04L63/0815 ,  H04L2012/2849 ,  H04N21/2665 ,  H04N21/4104 ,  H04N21/4227 ,  H04N21/4622 ,  H04N21/4627 ,  H04N21/6125 ,  H04N21/64322

摘要： A method is provided in one example embodiment and includes establishing a connection between a client and a messaging fabric of a conductor element associated with a video system; creating a plurality of nodes for system management events; and receiving a subscription request for a particular one of the system management events. The particular subscription request and system management event is authenticated and authorized by use of an identifier associated with the particular subscription request and system management event.