公开(公告)号：US20090100179A1

公开(公告)日：2009-04-16

申请号：US12208058

申请日：2008-09-10

申请人： Jongtae Song ,  Soon Seok Lee ,  Young Sun Kim

发明人： Jongtae Song ,  Soon Seok Lee ,  Young Sun Kim

IPC分类号： G06F15/16

CPC分类号： G06F15/16

摘要： Provided is a method of controlling resources using out-of-band signaling. A central admission entity checks subscription information of a user requesting resources and policies of a network for call setting, determines whether the resources are to be assigned, and distributes an IP-level flow descriptor to an edge node of the network in order to assign the resources. The edge node receiving the IP-level flow descriptor performs mapping of the IP-level flow descriptor to flow state aware (FSA) parameters, and generates a start node. Thus, a process of in-band signaling can be simplified by omitting respond and reconfirm operations.

摘要翻译： 提供了使用带外信令来控制资源的方法。 中央许可实体检查请求用于呼叫设置的网络的资源和策略的用户的订阅信息，确定是否要分配资源，并且将IP级流描述符分发到网络的边缘节点，以便分配 资源。 接收IP级流描述符的边缘节点执行IP级流描述符到流状态感知（FSA）参数的映射，并生成起始节点。 因此，可以通过省略响应和重新确认操作来简化带内信令的处理。

公开(公告)号：US20100131325A1

公开(公告)日：2010-05-27

申请号：US12540687

申请日：2009-08-13

申请人： Jongtae Song ,  Soon Seok Lee ,  Bong Tae Kim

发明人： Jongtae Song ,  Soon Seok Lee ,  Bong Tae Kim

IPC分类号： G06Q10/00 ,  G06Q50/00

CPC分类号： H04L47/822 ,  H04L47/70 ,  H04L47/745 ,  H04L47/762 ,  H04L47/781 ,  H04L47/805 ,  H04L67/322

摘要： Provided are a network resource control method and apparatus for guaranteeing an admission rate of a high-priority service. In the method and apparatus, the admission rate of the high-priority service is increased by differentiating between the high-priority service and a low-priority service by either rejecting the low-priority service or reducing a bandwidth allocated to the low-priority service when the low-priority service has already been accepted.

摘要翻译： 提供了一种用于保证高优先级服务的准入速率的网络资源控制方法和装置。 在该方法和装置中，通过拒绝低优先级业务或减少分配给低优先级业务的带宽，高优先级业务与低优先级业务之间的差异化来提高高优先级业务的准入速率 当低优先级服务已被接受时。

公开(公告)号：US08189467B2

公开(公告)日：2012-05-29

申请号：US12540687

申请日：2009-08-13

申请人： Jongtae Song ,  Soon Seok Lee ,  Bong Tae Kim

发明人： Jongtae Song ,  Soon Seok Lee ,  Bong Tae Kim

IPC分类号： H04J3/16

CPC分类号： H04L47/822 ,  H04L47/70 ,  H04L47/745 ,  H04L47/762 ,  H04L47/781 ,  H04L47/805 ,  H04L67/322

摘要： Provided are a network resource control method and apparatus for guaranteeing an admission rate of a high-priority service. In the method and apparatus, the admission rate of the high-priority service is increased by differentiating between the high-priority service and a low-priority service by either rejecting the low-priority service or reducing a bandwidth allocated to the low-priority service when the low-priority service has already been accepted.

摘要翻译： 提供了一种用于保证高优先级服务的准入速率的网络资源控制方法和装置。 在该方法和装置中，通过拒绝低优先级业务或减少分配给低优先级业务的带宽，高优先级业务与低优先级业务之间的差异化来提高高优先级业务的准入速率 当低优先级服务已被接受时。

公开(公告)号：US20070143486A1

公开(公告)日：2007-06-21

申请号：US11524971

申请日：2006-09-21

申请人： Kuk Chang Kang ,  Soon Seok Lee ,  Young Sun Kim

发明人： Kuk Chang Kang ,  Soon Seok Lee ,  Young Sun Kim

IPC分类号： G06F15/16

CPC分类号： H04L63/08 ,  H04L29/12311 ,  H04L29/1282 ,  H04L61/2015 ,  H04L61/2084 ,  H04L61/6013 ,  H04L63/102

摘要： A method and apparatus for supporting user mobility by allowing guest access in an Internet service network and a billing method based on the same are provided. The method for supporting user mobility by allowing guest access in an Internet service network includes the steps of: performing user authentication and querying a subscriber DB to determine whether a user is a host user or a guest user when a subscriber ID is inputted; querying the subscriber DB to determine whether there is an available bandwidth for the guest user when the user is the guest user; and querying the subscriber DB to provide a service package corresponding to the guest user when there is an available bandwidth for the guest user.

摘要翻译： 提供了一种通过允许因特网服务网络中的访客访问来支持用户移动性的方法和装置，以及基于该移动性的计费方法。 通过允许在因特网服务网络中的访客访问来支持用户移动性的方法包括以下步骤：当输入用户ID时，执行用户认证和查询订户DB以确定用户是主机用户还是来宾用户; 当用户是访客用户时，查询用户DB以确定访客用户是否存在可用带宽; 并且当存在用于访客用户的可用带宽时，查询订户DB以提供对应于访客用户的服务包。

公开(公告)号：US20070116004A1

公开(公告)日：2007-05-24

申请号：US11503339

申请日：2006-08-11

申请人： Kuk Chang Kang ,  Soon Seok Lee ,  Young Sun Kim

发明人： Kuk Chang Kang ,  Soon Seok Lee ,  Young Sun Kim

IPC分类号： H04L12/56 ,  H04L12/28

CPC分类号： H04L47/24 ,  H04L29/12226 ,  H04L47/15 ,  H04L47/18 ,  H04L47/70 ,  H04L47/724 ,  H04L47/785 ,  H04L61/2015

摘要： Provided is a method and apparatus for guaranteeing QoS using end-to-end CAC in an Internet service network. The method includes the steps of: (a) performing a subscriber domain CAC by querying a subscriber DB to determine whether to admit a call based on available bandwidth information of a subscriber when a subscriber terminal requests resource reservation; (b) performing a network domain CAC by querying a resource DB based on a result of the subscriber domain CAC to determine whether a resource required for service can be reserved or not; and (c) updating reserved bandwidth information and available bandwidth information of a subscriber domain in the subscriber DB and resource use information of a network domain in the resource DB when the resource reservation is completed through the steps (a) and (b).

摘要翻译： 提供了一种用于在因特网服务网络中使用端到端CAC来保证QoS的方法和装置。 该方法包括以下步骤：（a）当用户终端请求资源预留时，通过查询用户DB来确定是否允许基于用户可用带宽信息的呼叫来执行用户域CAC; （b）通过基于用户域CAC的结果查询资源DB来执行网络域CAC，以确定是否可以保留服务所需的资源; 以及（c）当通过步骤（a）和（b）完成资源预留时，更新用户DB中订户域的预留带宽信息和可用带宽信息以及资源DB中的网络域的资源使用信息。

公开(公告)号：US20070133408A1

公开(公告)日：2007-06-14

申请号：US11635554

申请日：2006-12-08

申请人： No Ik Park ,  Soon Seok Lee ,  Young Sun Kim

发明人： No Ik Park ,  Soon Seok Lee ,  Young Sun Kim

IPC分类号： H04L12/26

CPC分类号： H04L47/2433 ,  H04L12/14 ,  H04L12/1425 ,  H04L12/1485 ,  H04L47/15 ,  H04L47/2441 ,  H04L47/70 ,  H04L47/781 ,  H04L47/805 ,  H04L63/0236 ,  H04L63/08 ,  H04L63/1408

摘要： Provided is a traffic authentication apparatus using information on a header of a packet for traffic authentication. The apparatus includes a call admission control agent receiving a call admission request from a calling terminal; a network controller determining whether to approve the call admission request received by the call admission control agent and obtaining call information from the call admission request; and a networking unit which, when the networking unit receives traffic from the calling terminal, compares information on the header of a packet of the traffic with the call information received from the network controller and authenticates the traffic.

摘要翻译： 提供了使用关于用于业务认证的分组的报头的信息的业务认证装置。 该装置包括接收来自呼叫终端的呼叫许可请求的呼叫许可控制代理; 网络控制器，确定是否批准由呼叫许可控制代理接收到的呼叫许可请求，并从呼叫许可请求获得呼叫信息; 以及联网单元，当所述网络单元从所述主叫终端接收到流量时，将与所述网络控制器接收到的所述业务的分组的报头的信息与所述呼叫信息进行比较，并认证所述流量。

公开(公告)号：US20110085470A1

公开(公告)日：2011-04-14

申请号：US12902108

申请日：2010-10-11

申请人： No Ik PARK ,  Soon Seok Lee ,  Young Boo Kim

发明人： No Ik PARK ,  Soon Seok Lee ,  Young Boo Kim

IPC分类号： H04L12/28 ,  H04L12/66

CPC分类号： H04L65/1069 ,  H04L29/12028 ,  H04L29/12301 ,  H04L29/12311 ,  H04L61/103 ,  H04L61/2076 ,  H04L61/2084 ,  H04L65/80

摘要： In an apparatus and method for integrated signal processing for an IP-based wired and wireless convergence network, based on an ID of a second user acquired in response to a service call request from a first user terminal, a unique address corresponding to the ID is acquired. The location address corresponding to the unique address, acquired from the address information of the terminals being stored and managed, i.e., the transport address of the second user terminal, is acquired. An IP connection request is sent to the acquired transport address of the second user terminal and the transport address of the first user terminal, and upon completion of the IP connection, data traffic for the requested service is transferred.

摘要翻译： 在基于IP的有线和无线汇聚网络的集成信号处理的装置和方法中，基于响应于来自第一用户终端的服务呼叫请求而获取的第二用户的ID，与该ID对应的唯一地址是 获得了 获取与存储和管理的终端的地址信息相对应的唯一地址的位置地址，即第二用户终端的传送地址。 IP连接请求被发送到所获取的第二用户终端的传输地址和第一用户终端的传输地址，并且在完成IP连接时，传送所请求服务的数据业务。

公开(公告)号：US20110082941A1

公开(公告)日：2011-04-07

申请号：US12898929

申请日：2010-10-06

申请人： Sun Cheul Kim ,  Seong Moon ,  Ho Yong Ryu ,  Kyeong Ho Lee ,  Soon Seok Lee

发明人： Sun Cheul Kim ,  Seong Moon ,  Ho Yong Ryu ,  Kyeong Ho Lee ,  Soon Seok Lee

IPC分类号： G06F15/16

CPC分类号： H04L61/2592 ,  H04L12/2859 ,  H04L29/1249 ,  H04L29/12575 ,  H04L61/256 ,  H04L67/104

摘要： In order for a peer node to perform direct communication with a correspondent peer node in an Internet protocol network, the peer node receives a virtual address of the correspondent peer node from a server, and then when the peer node can directly set a tunnel with the correspondent peer node, the peer node sets a tunnel with the correspondent peer node, and when the peer node cannot directly set a tunnel with the correspondent peer node, the peer node sets a tunnel with a tunnel repeater. Thereafter, the peer node connects a virtual address of the correspondent peer node as route information to the tunnel. Thereby, a packet using a virtual address of the correspondent peer node as a destination is transmitted to the correspondent peer node through a predetermined tunnel.

摘要翻译： 为了使对等节点与互联网协议网络中的通信对等节点进行直接通信，对等节点从服务器接收对端节点的虚拟地址，然后当对等节点可以直接设置与 通信对端节点，对端节点与通信对端节点建立隧道，当对等节点不能直接设置通信对端节点的隧道时，对端节点设置隧道中继器。 此后，对等节点将通信对端节点的虚拟地址作为路由信息连接到隧道。 由此，使用通信对端节点的虚拟地址作为目的地的分组通过预定的隧道被发送到对端节点。

公开(公告)号：US20110072515A1

公开(公告)日：2011-03-24

申请号：US12882557

申请日：2010-09-15

申请人： Pyung-Koo PARK ,  Tae Ho Lee ,  Soon Seok Lee ,  Sung Back Hong

发明人： Pyung-Koo PARK ,  Tae Ho Lee ,  Soon Seok Lee ,  Sung Back Hong

IPC分类号： G06F11/00 ,  G06F15/173

CPC分类号： H04L63/1458

摘要： A method and apparatus for collaboratively protecting against a Distributed Denial of Service (DDoS) attack are provided. The method performed by a network apparatus includes detecting data suspected as being used in the DDoS attack by monitoring traffic forwarded to a service server, notifying a security apparatus that the detected data is suspected as being used in the DDoS attack, and performing at least one of a first operation and a second operation, the first operation being receiving an analysis result for the detected data from the security apparatus and controlling the traffic based on the analysis result, and the second operation being controlling, prior to the first operation, the traffic based on a rule set in advance.

摘要翻译： 提供了一种用于协同防御分布式拒绝服务（DDoS）攻击的方法和装置。 由网络装置执行的方法包括通过监视转发到服务服务器的流量来检测疑似被用于DDoS攻击中的数据，通知安全设备所检测到的数据被怀疑在DDoS攻击中被使用，以及执行至少一个 在第一操作和第二操作中，第一操作是从安全装置接收检测到的数据的分析结果，并且基于分析结果来控制流量，第二操作在第一操作之前控制流量 基于事先设定的规则。

公开(公告)号：US07561524B2

公开(公告)日：2009-07-14

申请号：US11510405

申请日：2006-08-25

申请人： Kyung Gyu Chun ,  Soon Seok Lee

发明人： Kyung Gyu Chun ,  Soon Seok Lee

IPC分类号： H04L12/26

CPC分类号： H04L69/40 ,  H04L43/00 ,  H04L43/0823 ,  H04L69/22

摘要： Provided is a method for measuring performance of a multi-protocol label switching label switched path (MPLS LSP), using a fast failure detection (FFD) packet among MPLS operation and management (OAM) packets recommended by International Telecommunication Union-Telecommunication standardization sector (ITU-T) Y.1711 to detect a packet error generated in the MPLS LSP and newly defining bytes not used in the FFD frame to use the bytes for parity check.An ingress node performs the steps of: calculating a parity value of an MPLS packet as byte interleaved parity (BIP)-8 before transmitting the MPLS packet; storing the calculated parity value of the MPLS packet in an MPLS OAM packet of an FFD structure; and transmitting the MPLS OAM packet whenever transmitting the MPLS packet. And an egress node performs the steps of: calculating a parity value of a received MPLS packet; comparing a parity value of an MPLS packet stored in the MPLS OAM packet with the parity value of the received MPLS packet; and when the two parity values are not identical, determining that an error has occurred in the MPLS packet and discarding the MPLS packet.

摘要翻译： 提供了一种使用国际电信联盟电信标准化部门推荐的MPLS操作和管理（OAM）分组中的快速故障检测（FFD）分组来测量多协议标签交换标签交换路径（MPLS LSP）的性能的方法（ ITU-T）Y.1711检测在MPLS LSP中生成的分组错误，并且新定义FFD帧中未使用的字节，以使用字节进行奇偶校验。 入口节点执行以下步骤：在发送MPLS分组之前，计算MPLS分组的奇偶校验值作为字节交织奇偶校验（BIP）-8; 将所计算的所述MPLS分组的奇偶校验值存储在FFD结构的MPLS OAM分组中; 并在发送MPLS报文时发送MPLS OAM报文。 并且出口节点执行以下步骤：计算接收的MPLS分组的奇偶校验值; 将存储在MPLS OAM分组中的MPLS分组的奇偶校验值与接收的MPLS分组的奇偶校验值进行比较; 并且当两个奇偶校验值不相同时，确定在MPLS分组中已经发生错误并丢弃MPLS分组。