公开(公告)号：US08270406B2

公开(公告)日：2012-09-18

申请号：US12516229

申请日：2007-10-31

申请人： Heuk Park ,  Jong-Tae Song ,  Kyung-Gyu Jeon ,  Soon-Seok Lee

发明人： Heuk Park ,  Jong-Tae Song ,  Kyung-Gyu Jeon ,  Soon-Seok Lee

IPC分类号： H04L12/28

CPC分类号： H04L63/1441 ,  H04L63/1466

摘要： Provided are a method and apparatus for blocking forged multicast packets. The apparatus includes input and output ports connected to user terminals; a forwarding process unit transferring a frame input through one of the input ports to one of the output ports connected to a user terminal having a destination address; a determination unit determining an address of a user terminal connected to one of the input ports from a source address included in the frame; a filtering database storing information on the output port connected to the user terminal having the destination address of the frame based on information received from the determination unit; a multicast gate information unit including information on multicast media access control (MAC) addresses of frames providing a monodirectional multicast service and blocking or forwarding all frames having a corresponding multicast MAC address as the destination address by checking whether the input and output ports are connected to an Internet group management protocol (IGMP) querier or not; and a port information transference unit learning the multicast MAC address of the IGMP querier connected to the apparatus, obtaining information on a port having the multicast MAC address as the destination address from the filtering database, and transferring the information to the multicast gate information unit. According to the present application, forged traffic is blocked from being multicasted and thus restricted resources of a network are prevented from being wasted. As a result, the network may be used more efficiently in an industrial field.

摘要翻译： 提供了一种用于阻止伪造的组播数据包的方法和装置。 该装置包括连接到用户终端的输入和输出端口; 转发处理单元，将通过所述输入端口之一输入的帧传送到连接到具有目的地地址的用户终端的输出端口之一; 确定单元，从包括在所述帧中的源地址确定连接到所述输入端口之一的用户终端的地址; 过滤数据库，其基于从所述确定单元接收的信息，存储关于连接到具有所述帧的目的地地址的用户终端的输出端口的信息; 组播门信息单元，其包括提供单向多播服务的帧的组播媒体访问控制（MAC）地址的信息，并且通过检查输入和输出端口是否连接到所述具有相应多播MAC地址的所有帧作为目的地地址来阻止或转发 一个互联网组管理协议（IGMP）查询器; 以及端口信息转发单元，用于学习与该装置连接的IGMP查询器的组播MAC地址，从过滤数据库获取具有组播MAC地址的端口作为目的地地址的信息，并将该信息传送给组播门信息单元。 根据本申请，伪造的业务被阻止被多播，从而防止网络的资源被浪费。 结果，可以在工业领域中更有效地使用网络。

公开(公告)号：US20120230269A1

公开(公告)日：2012-09-13

申请号：US13414910

申请日：2012-03-08

申请人： Noik PARK ,  Young Boo KIM ,  Soon Seok LEE ,  Heuk PARK ,  Jong Geun PARK ,  Jongtae SONG ,  Sunghyun YOON ,  Eun Joo KIM ,  Kyung-Gyu CHUN

发明人： Noik PARK ,  Young Boo KIM ,  Soon Seok LEE ,  Heuk PARK ,  Jong Geun PARK ,  Jongtae SONG ,  Sunghyun YOON ,  Eun Joo KIM ,  Kyung-Gyu CHUN

IPC分类号： H04W28/02 ,  H04W72/04

CPC分类号： H04W28/08 ,  H04L45/42 ,  H04L47/2441 ,  H04W40/00 ,  H04W88/08

摘要： An integrated access system for All-IP converged network is provided. According to an aspect, by integrating the common factors of existing complex wireless networks to load-reduce and simplify the wireless networks and convert them using Internet access technology to thereby simplify a network architecture, integratively operating radio accesses, ensuring end-to-end quality, and providing service adaptiveness, easiness in operation, CAPEX/OPEX, and excellent service adaptiveness can be achieved.

摘要翻译： 提供全IP融合网络的综合接入系统。 一方面，通过整合现有复杂无线网络的共同因素，减轻和简化无线网络，并使用互联网接入技术进行转换，从而简化网络架构，集成运行无线接入，确保端到端的质量 ，提供服务适应性，操作简便性，CAPEX / OPEX，以及优异的服务适应性。

公开(公告)号：US08189467B2

公开(公告)日：2012-05-29

申请号：US12540687

申请日：2009-08-13

申请人： Jongtae Song ,  Soon Seok Lee ,  Bong Tae Kim

发明人： Jongtae Song ,  Soon Seok Lee ,  Bong Tae Kim

IPC分类号： H04J3/16

CPC分类号： H04L47/822 ,  H04L47/70 ,  H04L47/745 ,  H04L47/762 ,  H04L47/781 ,  H04L47/805 ,  H04L67/322

摘要： Provided are a network resource control method and apparatus for guaranteeing an admission rate of a high-priority service. In the method and apparatus, the admission rate of the high-priority service is increased by differentiating between the high-priority service and a low-priority service by either rejecting the low-priority service or reducing a bandwidth allocated to the low-priority service when the low-priority service has already been accepted.

摘要翻译： 提供了一种用于保证高优先级服务的准入速率的网络资源控制方法和装置。 在该方法和装置中，通过拒绝低优先级业务或减少分配给低优先级业务的带宽，高优先级业务与低优先级业务之间的差异化来提高高优先级业务的准入速率 当低优先级服务已被接受时。

公开(公告)号：US20110085470A1

公开(公告)日：2011-04-14

申请号：US12902108

申请日：2010-10-11

申请人： No Ik PARK ,  Soon Seok Lee ,  Young Boo Kim

发明人： No Ik PARK ,  Soon Seok Lee ,  Young Boo Kim

IPC分类号： H04L12/28 ,  H04L12/66

CPC分类号： H04L65/1069 ,  H04L29/12028 ,  H04L29/12301 ,  H04L29/12311 ,  H04L61/103 ,  H04L61/2076 ,  H04L61/2084 ,  H04L65/80

摘要： In an apparatus and method for integrated signal processing for an IP-based wired and wireless convergence network, based on an ID of a second user acquired in response to a service call request from a first user terminal, a unique address corresponding to the ID is acquired. The location address corresponding to the unique address, acquired from the address information of the terminals being stored and managed, i.e., the transport address of the second user terminal, is acquired. An IP connection request is sent to the acquired transport address of the second user terminal and the transport address of the first user terminal, and upon completion of the IP connection, data traffic for the requested service is transferred.

摘要翻译： 在基于IP的有线和无线汇聚网络的集成信号处理的装置和方法中，基于响应于来自第一用户终端的服务呼叫请求而获取的第二用户的ID，与该ID对应的唯一地址是 获得了 获取与存储和管理的终端的地址信息相对应的唯一地址的位置地址，即第二用户终端的传送地址。 IP连接请求被发送到所获取的第二用户终端的传输地址和第一用户终端的传输地址，并且在完成IP连接时，传送所请求服务的数据业务。

公开(公告)号：US20110082941A1

公开(公告)日：2011-04-07

申请号：US12898929

申请日：2010-10-06

申请人： Sun Cheul Kim ,  Seong Moon ,  Ho Yong Ryu ,  Kyeong Ho Lee ,  Soon Seok Lee

发明人： Sun Cheul Kim ,  Seong Moon ,  Ho Yong Ryu ,  Kyeong Ho Lee ,  Soon Seok Lee

IPC分类号： G06F15/16

CPC分类号： H04L61/2592 ,  H04L12/2859 ,  H04L29/1249 ,  H04L29/12575 ,  H04L61/256 ,  H04L67/104

摘要： In order for a peer node to perform direct communication with a correspondent peer node in an Internet protocol network, the peer node receives a virtual address of the correspondent peer node from a server, and then when the peer node can directly set a tunnel with the correspondent peer node, the peer node sets a tunnel with the correspondent peer node, and when the peer node cannot directly set a tunnel with the correspondent peer node, the peer node sets a tunnel with a tunnel repeater. Thereafter, the peer node connects a virtual address of the correspondent peer node as route information to the tunnel. Thereby, a packet using a virtual address of the correspondent peer node as a destination is transmitted to the correspondent peer node through a predetermined tunnel.

摘要翻译： 为了使对等节点与互联网协议网络中的通信对等节点进行直接通信，对等节点从服务器接收对端节点的虚拟地址，然后当对等节点可以直接设置与 通信对端节点，对端节点与通信对端节点建立隧道，当对等节点不能直接设置通信对端节点的隧道时，对端节点设置隧道中继器。 此后，对等节点将通信对端节点的虚拟地址作为路由信息连接到隧道。 由此，使用通信对端节点的虚拟地址作为目的地的分组通过预定的隧道被发送到对端节点。

公开(公告)号：US20110072515A1

公开(公告)日：2011-03-24

申请号：US12882557

申请日：2010-09-15

申请人： Pyung-Koo PARK ,  Tae Ho Lee ,  Soon Seok Lee ,  Sung Back Hong

发明人： Pyung-Koo PARK ,  Tae Ho Lee ,  Soon Seok Lee ,  Sung Back Hong

IPC分类号： G06F11/00 ,  G06F15/173

CPC分类号： H04L63/1458

摘要： A method and apparatus for collaboratively protecting against a Distributed Denial of Service (DDoS) attack are provided. The method performed by a network apparatus includes detecting data suspected as being used in the DDoS attack by monitoring traffic forwarded to a service server, notifying a security apparatus that the detected data is suspected as being used in the DDoS attack, and performing at least one of a first operation and a second operation, the first operation being receiving an analysis result for the detected data from the security apparatus and controlling the traffic based on the analysis result, and the second operation being controlling, prior to the first operation, the traffic based on a rule set in advance.

摘要翻译： 提供了一种用于协同防御分布式拒绝服务（DDoS）攻击的方法和装置。 由网络装置执行的方法包括通过监视转发到服务服务器的流量来检测疑似被用于DDoS攻击中的数据，通知安全设备所检测到的数据被怀疑在DDoS攻击中被使用，以及执行至少一个 在第一操作和第二操作中，第一操作是从安全装置接收检测到的数据的分析结果，并且基于分析结果来控制流量，第二操作在第一操作之前控制流量 基于事先设定的规则。

公开(公告)号：US20100142380A1

公开(公告)日：2010-06-10

申请号：US12607208

申请日：2009-10-28

申请人： Kyung-Gyu CHUN ,  Soon Seok LEE

发明人： Kyung-Gyu CHUN ,  Soon Seok LEE

IPC分类号： H04L12/56 ,  H04J14/02 ,  H04L12/26

CPC分类号： H04L12/1836 ,  H04J14/0227 ,  H04J14/0238 ,  H04J14/0256 ,  H04J14/0258 ,  H04J14/0273 ,  H04J14/0282 ,  H04J14/0283 ,  H04J14/0286 ,  H04Q11/0062 ,  H04Q2011/0073 ,  H04Q2011/0092

摘要： A multicasting method and apparatus in a network including a transport multiprotocol label switch (T-MPLS) network and a wavelength division multiplexing (WDM) network are disclosed. At least one of first switches, connected to the T-MPLS network, second switches connected to the WDM network, and a switch hub establishes a multicasting path by using a label switch path (LSP) ID and a label switch router (LSR) ID, in which the first switch on the multicasting path multicasts a T-MPLS signal, the switch hub converts the T-MPLS signal into an optical multicasting signal and multicasts the converted optical multicasting signal, and the second switch receives the optical multicasting signal and multicasts it in units of the T-MPLS signal.

摘要翻译： 公开了一种包括传输多协议标签交换机（T-MPLS）网络和波分复用（WDM）网络）的网络中的组播方法和装置。 连接到T-MPLS网络的第一交换机中的至少一个，连接到WDM网络的第二交换机和交换机集线器通过使用标签交换路径（LSP）ID和标签交换路由器（LSR）ID来建立多播路径 其中组播路径上的第一个交换机组播T-MPLS信号，交换机集线器将T-MPLS信号转换为光学组播信号，并组播转换的光学组播信号，第二个交换机接收光学组播信号和组播 它以T-MPLS信号为单位。

公开(公告)号：US20100046513A1

公开(公告)日：2010-02-25

申请号：US12516088

申请日：2007-10-31

申请人： Heuk Park ,  Kyung-Gyu Jeon ,  Soon-Seok Lee ,  Jong-Tae Song

发明人： Heuk Park ,  Kyung-Gyu Jeon ,  Soon-Seok Lee ,  Jong-Tae Song

IPC分类号： H04L12/56

CPC分类号： H04N7/17318 ,  H04N7/17345 ,  H04N21/2543 ,  H04N21/25816 ,  H04N21/472 ,  H04N21/6125 ,  H04N21/6405

摘要： A system for and a method of providing IPTV service in a next generation network are provided. The system includes a service control unit, a transmission control unit, and an L2 switch unit. A service control unit authenticates a user terminal by receiving a request for providing a service from the user terminal which desires to receive the IPTV service and search for subscription information including the IPTV service for which the user has watching authority, when the user is an IPTV service subscriber. A transmission control unit extracts identification information of the user and a multicast address through which the IPTV service is provided from the subscription information found by the service control unit. An L2 switch unit performs switching so as to connect the multicast router which provides the IPTV service to the user terminal by identifying the watching authority of the user for the IPTV service corresponding to the request of the user terminal for providing the service by using the identification information and the multicast address through which the IPTV service provided, which are extracted by the transmission control unit.

摘要翻译： 提供了一种在下一代网络中提供IPTV服务的系统和方法。 该系统包括业务控制单元，传输控制单元和L2交换单元。 服务控制单元通过从用户终端接收提供服务的请求来认证用户终端，该用户终端希望接收IPTV服务，并且当用户是IPTV时，搜索包括用户具有观看权限的IPTV服务的订阅信息 服务订户。 传输控制单元从服务控制单元发现的订阅信息提取用户的识别信息和提供IPTV服务的多播地址。 L2交换单元进行交换，以通过使用识别符号来识别与用户终端的用户终端的请求对应的用于IPTV服务的用户的观看权限，从而将提供IPTV业务的组播路由器连接到用户终端 信息和IPTV服务提供的多播地址，由传输控制单元提取。

公开(公告)号：US07561524B2

公开(公告)日：2009-07-14

申请号：US11510405

申请日：2006-08-25

申请人： Kyung Gyu Chun ,  Soon Seok Lee

发明人： Kyung Gyu Chun ,  Soon Seok Lee

IPC分类号： H04L12/26

CPC分类号： H04L69/40 ,  H04L43/00 ,  H04L43/0823 ,  H04L69/22

摘要： Provided is a method for measuring performance of a multi-protocol label switching label switched path (MPLS LSP), using a fast failure detection (FFD) packet among MPLS operation and management (OAM) packets recommended by International Telecommunication Union-Telecommunication standardization sector (ITU-T) Y.1711 to detect a packet error generated in the MPLS LSP and newly defining bytes not used in the FFD frame to use the bytes for parity check.An ingress node performs the steps of: calculating a parity value of an MPLS packet as byte interleaved parity (BIP)-8 before transmitting the MPLS packet; storing the calculated parity value of the MPLS packet in an MPLS OAM packet of an FFD structure; and transmitting the MPLS OAM packet whenever transmitting the MPLS packet. And an egress node performs the steps of: calculating a parity value of a received MPLS packet; comparing a parity value of an MPLS packet stored in the MPLS OAM packet with the parity value of the received MPLS packet; and when the two parity values are not identical, determining that an error has occurred in the MPLS packet and discarding the MPLS packet.

摘要翻译： 提供了一种使用国际电信联盟电信标准化部门推荐的MPLS操作和管理（OAM）分组中的快速故障检测（FFD）分组来测量多协议标签交换标签交换路径（MPLS LSP）的性能的方法（ ITU-T）Y.1711检测在MPLS LSP中生成的分组错误，并且新定义FFD帧中未使用的字节，以使用字节进行奇偶校验。 入口节点执行以下步骤：在发送MPLS分组之前，计算MPLS分组的奇偶校验值作为字节交织奇偶校验（BIP）-8; 将所计算的所述MPLS分组的奇偶校验值存储在FFD结构的MPLS OAM分组中; 并在发送MPLS报文时发送MPLS OAM报文。 并且出口节点执行以下步骤：计算接收的MPLS分组的奇偶校验值; 将存储在MPLS OAM分组中的MPLS分组的奇偶校验值与接收的MPLS分组的奇偶校验值进行比较; 并且当两个奇偶校验值不相同时，确定在MPLS分组中已经发生错误并丢弃MPLS分组。

公开(公告)号：US20090154394A1

公开(公告)日：2009-06-18

申请号：US12203632

申请日：2008-09-03

申请人： No-ik PARK ,  Soon-seok LEE

发明人： No-ik PARK ,  Soon-seok LEE

IPC分类号： H04W4/00

CPC分类号： H04W76/11 ,  H04L65/1016 ,  H04L65/1083 ,  H04L65/80 ,  H04W80/10

摘要： A call control method for an Internet Protocol (IP)-based mobility service is provided. The call control method for ensuring service continuity in a mobile communication service environment, includes: receiving a call signal message including permanent IP addresses and transport IP addresses from a transmitter terminal and a receiver terminal, and acquiring the permanent IP addresses and the transport IP addresses of the transmitter terminal and the receiver terminal; and performing call control between the transmitter terminal and the receiver terminal on the basis of the transport IP addresses and the permanent IP addresses of the transmitter terminal and the receiver terminal. Therefore, by interfacing with an IP multimedia subsystem (IMS) for controlling a Session Initiation Protocol (SIP)-based service, an IP mobility control apparatus for controlling mobility of a terminal when a call is controlled, and a network control apparatus for controlling a network, it is possible to prevent data transmission from being interrupted while the terminal is moving, thereby providing an IP-based seamless, high-quality service.

摘要翻译： 提供了一种基于互联网协议（IP）的移动业务的呼叫控制方法。 用于确保移动通信服务环境中的服务连续性的呼叫控制方法包括：从发送终端和接收终端接收包括永久IP地址和传输IP地址的呼叫信号消息，并获取永久IP地址和传输IP地址 的发射机终端和接收机终端; 并根据发送终端和接收终端的传送IP地址和永久IP地址，在发送终端与接收终端之间进行呼叫控制。 因此，通过与用于控制基于会话发起协议（SIP）的服务的IP多媒体子系统（IMS）接口，用于在呼叫被控制时控制终端的移动性的IP移动性控制装置，以及用于控制 网络，可以防止在终端移动时数据传输中断，从而提供基于IP的无缝，高质量的服务。