公开(公告)号：US08176525B2

公开(公告)日：2012-05-08

申请号：US11540272

申请日：2006-09-29

申请人： Edwin Koehler, Jr. ,  Cherif Sleiman ,  Timothy Mendonca

发明人： Edwin Koehler, Jr. ,  Cherif Sleiman ,  Timothy Mendonca

IPC分类号： H04L29/06

CPC分类号： H04L65/1069 ,  H04L63/102 ,  H04L63/105 ,  H04L65/1006

摘要： This invention provides a method, system and apparatus for allowing media context sensitive SIP signaling exchange (such as voice) and call establishment while denying or challenging any other session description protocol (“SDP”) extension dialogs which might not be desired (such as instant messaging, video, Web broadcasting or pushing, data and/or application sharing and the like) by a user. The method and apparatus may further include defining user client media policy preferences, the user media policy preferences establishing the parameters for evaluating a media session request received by a user client, and providing the user client media policy preferences to a policy enforcement point device, the policy enforcement point device evaluating the media session request received by the user client and applying the user client media policy preferences to the media session request. The method and apparatus may further include utilizing a user client portal to gain access to a media policy database, the media policy database providing storage for user client media policy preferences.

摘要翻译： 本发明提供一种用于允许媒体上下文敏感的SIP信令交换（例如语音）和呼叫建立的方法，系统和装置，同时拒绝或挑战可能不需要的任何其他会话描述协议（“SDP”）扩展对话（例如即时 消息，视频，网络广播或推送，数据和/或应用共享等）。 该方法和装置还可以包括定义用户客户端媒体策略偏好，用户媒体策略偏好，建立用于评估由用户客户端接收的媒体会话请求的参数，以及向策略执行点设备提供用户客户端媒体策略偏好， 策略执行点设备评估由用户客户端接收的媒体会话请求，并将用户客户端媒体策略偏好应用于媒体会话请求。 所述方法和装置还可以包括利用用户客户门户来访问媒体策略数据库，所述媒体策略数据库为用户客户端媒体策略偏好提供存储。

公开(公告)号：US07764677B2

公开(公告)日：2010-07-27

申请号：US11524215

申请日：2006-09-20

申请人： Edwin Koehler, Jr. ,  Sergio Fiszman ,  Cherif Sleiman

发明人： Edwin Koehler, Jr. ,  Sergio Fiszman ,  Cherif Sleiman

IPC分类号： H04L12/28

CPC分类号： H04L61/2015 ,  H04L63/0815 ,  H04L63/20

摘要： The present invention advantageously provides a method, system and apparatus for allocating addresses to secure unique local networks by providing a brokered federated policy and identity management system, the brokered federated policy and identity management system having an address domain manager that allocates network addresses, the address domain manager arranged to interoperate with a network identity management module, the network identity management module providing management of identity at an application level, receiving an authorization from the brokered federated policy and identity management system, and assigning a network address to a unique local network based on the authorization from the brokered federated policy and identity management system. The method, system and apparatus may further include authenticating a user, wherein authenticating a user includes passing an assertion token to a device of the user. The method, system and apparatus may yet further include providing user policies to a policy enforcement point in a network.

摘要翻译： 本发明有利地提供了一种方法，系统和装置，用于通过提供经纪的联合策略和身份管理系统来分配地址以保护独特的本地网络，所述互联的联合策略和身份管理系统具有分配网络地址的地址域管理器，地址 域管理器被安排为与网络身份管理模块进行交互操作，网络身份管理模块提供在应用级别的身份管理，从经纪的联合策略和身份管理系统接收授权，并将网络地址分配给唯一的本地网络 经授权的联邦政策和身份管理系统。 方法，系统和装置还可以包括认证用户，其中认证用户包括将断言令牌传递给用户的设备。 该方法，系统和装置还可以进一步包括向网络中的策略执行点提供用户策略。

公开(公告)号：US08369329B2

公开(公告)日：2013-02-05

申请号：US11325064

申请日：2006-01-03

申请人： Edwin Koehler, Jr. ,  John Yoakum ,  Cherif Sleiman

发明人： Edwin Koehler, Jr. ,  John Yoakum ,  Cherif Sleiman

IPC分类号： H04L12/28 ,  G06F15/16

CPC分类号： H04L41/0806 ,  H04L12/4645 ,  H04L29/12009 ,  H04L29/12801 ,  H04L41/12 ,  H04L61/6004

摘要： A Dynamic Hierarchical Address Resource Management Architecture (DHARMA) coordinates a logical hierarchy of address spaces with a virtual topology of network elements using a manageable database environment. Address spaces are apportioned into hierarchical levels in accordance with a network policy. Network elements may be represented as objects, coupled via the logical address space. Both address space hierarchy definition and virtual topology modelling may occur independent from actual network deployment. As a result, multiple address space hierarchy definitions and virtual topologies can be pre-generated and stored for selective use during network deployment. With such an arrangement, a flexible addressing architecture is provided which may advantageously be used in any network that desires dynamic network configuration. The connection between the logical address hierarchy and the virtual network topology may advantageously be implemented through the use of a logical tag that links a virtual network element to a logical address hierarchy level.

摘要翻译： 动态分层地址资源管理体系结构（DHARMA）使用可管理的数据库环境来协调地址空间的逻辑层次结构和网络元素的虚拟拓扑结构。 地址空间根据网络策略分配到层次级别。 网络元素可以被表示为通过逻辑地址空间耦合的对象。 地址空间层次结构定义和虚拟拓扑建模都可能与实际网络部署无关。 因此，可以预先生成和存储多个地址空间层次结构定义和虚拟拓扑，以便在网络部署期间进行选择性使用。 通过这样的布置，提供了灵活的寻址架构，其可有利地用于期望动态网络配置的任何网络中。 可以有利地通过使用将虚拟网络元件链接到逻辑地址层次结构级别的逻辑标签来实现逻辑地址层次结构和虚拟网络拓扑之间的连接。

公开(公告)号：US20080083010A1

公开(公告)日：2008-04-03

申请号：US11540272

申请日：2006-09-29

申请人： Edwin Koehler ,  Cherif Sleiman ,  Timothy Mendonca

发明人： Edwin Koehler ,  Cherif Sleiman ,  Timothy Mendonca

IPC分类号： H04L9/00

CPC分类号： H04L65/1069 ,  H04L63/102 ,  H04L63/105 ,  H04L65/1006

摘要： This invention provides a method, system and apparatus for allowing media context sensitive SIP signaling exchange (such as voice) and call establishment while denying or challenging any other session description protocol (“SDP”) extension dialogs which might not be desired (such as instant messaging, video, Web broadcasting or pushing, data and/or application sharing and the like) by a user. The method and apparatus may further include defining user client media policy preferences, the user media policy preferences establishing the parameters for evaluating a media session request received by a user client, and providing the user client media policy preferences to a policy enforcement point device, the policy enforcement point device evaluating the media session request received by the user client and applying the user client media policy preferences to the media session request. The method and apparatus may further include utilizing a user client portal to gain access to a media policy database, the media policy database providing storage for user client media policy preferences.

摘要翻译： 本发明提供一种用于允许媒体上下文敏感的SIP信令交换（例如语音）和呼叫建立的方法，系统和装置，同时拒绝或挑战可能不需要的任何其他会话描述协议（“SDP”）扩展对话（例如即时 消息，视频，网络广播或推送，数据和/或应用共享等）。 该方法和装置还可以包括定义用户客户端媒体策略偏好，用户媒体策略偏好，建立用于评估由用户客户端接收的媒体会话请求的参数，以及向策略执行点设备提供用户客户端媒体策略偏好， 策略执行点设备评估由用户客户端接收的媒体会话请求，并将用户客户端媒体策略偏好应用于媒体会话请求。 所述方法和装置还可以包括利用用户客户门户来访问媒体策略数据库，所述媒体策略数据库为用户客户端媒体策略偏好提供存储。

公开(公告)号：US20080069102A1

公开(公告)日：2008-03-20

申请号：US11524215

申请日：2006-09-20

申请人： Edwin Koehler ,  Sergio Fiszman ,  Cherif Sleiman

发明人： Edwin Koehler ,  Sergio Fiszman ,  Cherif Sleiman

IPC分类号： H04L12/56

CPC分类号： H04L61/2015 ,  H04L63/0815 ,  H04L63/20

摘要： The present invention advantageously provides a method, system and apparatus for allocating addresses to secure unique local networks by providing a brokered federated policy and identity management system, the brokered federated policy and identity management system having an address domain manager that allocates network addresses, the address domain manager arranged to interoperate with a network identity management module, the network identity management module providing management of identity at an application level, receiving an authorization from the brokered federated policy and identity management system, and assigning a network address to a unique local network based on the authorization from the brokered federated policy and identity management system. The method, system and apparatus may further include authenticating a user, wherein authenticating a user includes passing an assertion token to a device of the user. The method, system and apparatus may yet further include providing user policies to a policy enforcement point in a network.

摘要翻译： 本发明有利地提供了一种方法，系统和装置，用于通过提供经纪的联合策略和身份管理系统来分配地址以保护独特的本地网络，所述互联的联合策略和身份管理系统具有分配网络地址的地址域管理器，地址 域管理器被安排为与网络身份管理模块进行交互操作，网络身份管理模块提供在应用级别的身份管理，从经纪的联合策略和身份管理系统接收授权，并将网络地址分配给唯一的本地网络 经授权的联邦政策和身份管理系统。 方法，系统和装置还可以包括认证用户，其中认证用户包括将断言令牌传递给用户的设备。 该方法，系统和装置还可以进一步包括向网络中的策略执行点提供用户策略。

公开(公告)号：US20060256736A1

公开(公告)日：2006-11-16

申请号：US11325064

申请日：2006-01-03

申请人： Edwin Koehler ,  John Yoakum ,  Cherif Sleiman

发明人： Edwin Koehler ,  John Yoakum ,  Cherif Sleiman

IPC分类号： H04L12/28

CPC分类号： H04L41/0806 ,  H04L12/4645 ,  H04L29/12009 ,  H04L29/12801 ,  H04L41/12 ,  H04L61/6004

摘要： A Dynamic Hierarchical Address Resource Management Architecture (DHARMA) coordinates a logical hierarchy of address spaces with a virtual topology of network elements using a manageable database environment. Address spaces are apportioned into hierarchical levels in accordance with a network policy. Network elements may be represented as objects, coupled via the logical address space. Both address space hierarchy definition and virtual topology modelling may occur independent from actual network deployment. As a result, multiple address space hierarchy definitions and virtual topologies can be pre-generated and stored for selective use during network deployment. With such an arrangement, a flexible addressing architecture is provided which may advantageously be: used in any network that desires dynamic network configuration. The connection between the logical address hierarchy and the virtual network topology may advantageously be implemented through the use of a logical tag that links a virtual network element to a logical address hierarchy level.

摘要翻译： 动态分层地址资源管理体系结构（DHARMA）使用可管理的数据库环境来协调地址空间的逻辑层次结构和网络元素的虚拟拓扑结构。 地址空间根据网络策略分配到层次级别。 网络元素可以被表示为通过逻辑地址空间耦合的对象。 地址空间层次结构定义和虚拟拓扑建模都可能与实际网络部署无关。 因此，可以预先生成和存储多个地址空间层次结构定义和虚拟拓扑，以便在网络部署期间进行选择性使用。 通过这样的布置，提供了灵活的寻址架构，其可以有利地是：在需要动态网络配置的任何网络中使用。 可以有利地通过使用将虚拟网络元件链接到逻辑地址层次结构级别的逻辑标签来实现逻辑地址层次结构和虚拟网络拓扑之间的连接。