公开(公告)号：US20100238864A1

公开(公告)日：2010-09-23

申请号：US12740326

申请日：2008-10-29

申请人： Jun Hirano ,  Mohana Jeyatharan ,  Chan Wah Ng ,  Tien Ming Benjamin Koh ,  Chun Keong Benjamin Lim

发明人： Jun Hirano ,  Mohana Jeyatharan ,  Chan Wah Ng ,  Tien Ming Benjamin Koh ,  Chun Keong Benjamin Lim

IPC分类号： H04W4/00

CPC分类号： H04W60/005 ,  H04W36/0011 ,  H04W80/045 ,  H04W88/182

摘要： A technique is disclosed, according to which a race condition between a PMIPv6 binding by a PBU message of PMIPv6 and a CMIPv6 binding by a BU message of CMIPv6 can be resolved. MN 200 has a plurality of radio communication interfaces, and a first interface is connected to MAG 220 of a home PMIPv6 domain 230, for instance. In case the connection of a second interface is changed from MAG 221 of a home PMIPv6 domain to AR 222 of a CMIPv6 domain 231, a BU message 262 is transmitted from the second interface to LMA/HA 250, and identification information of this BU message is notified to MAG from the first interface. By adding time information to this identification information and by transmitting it to LMA/HA, MAG can identify transmission time of the BU message (i.e. relative order with the other messages) from this time information.

摘要翻译： 公开了一种技术，根据该技术，可以解决PMIPv6的PBU消息的PMIPv6绑定与CMIPv6的BU消息的CMIPv6绑定之间的竞争条件。 MN 200具有多个无线电通信接口，并且第一接口连接到家庭PMIPv6域230的MAG 220。 在第二接口的连接从归属PMIPv6域的MAG 221改变为CMIPv6域231的AR 222的情况下，将BU消息262从第二接口发送到LMA / HA 250，并且该BU消息的标识信息 从第一个界面通知MAG。 通过向该标识信息添加时间信息并通过将其发送到LMA / HA，MAG可以从该时间信息识别BU消息的传输时间（即与其他消息的相对顺序）。

公开(公告)号：US08731547B2

公开(公告)日：2014-05-20

申请号：US12678729

申请日：2008-09-19

申请人： Keigo Aso ,  Jun Hirano ,  Chan Wah Ng ,  Pek Yew Tan ,  Chun Keong Benjamin Lim ,  Tien Ming Benjamin Koh

发明人： Keigo Aso ,  Jun Hirano ,  Chan Wah Ng ,  Pek Yew Tan ,  Chun Keong Benjamin Lim ,  Tien Ming Benjamin Koh

IPC分类号： H04W36/34

CPC分类号： H04W36/14 ,  H04L45/22 ,  H04W12/08 ,  H04W28/08 ,  H04W36/0055 ,  H04W36/36 ,  H04W60/005 ,  H04W76/20 ,  H04W88/06 ,  H04W92/02

摘要： A technique is disclosed, according to which a mobile node, having a plurality of interfaces and performing communication according to flow information when an operator is performing communication based on the flow information as defined by a policy, can select an interface suitable for the flow and can perform communication. According to this technique, a mobile node (MN 10) having a plurality of interfaces has a list to indicate domain limited flows to be transmitted only within a specific network (a trusted network), and a list to indicate the trusted networks. When a certain interface performs handover, and in case there is a domain limited flow that uses the interface, it is decided whether the network of handover destination is a trusted network or not, and in case the network of the handover destination is not a trusted network, it is decided whether it is possible or not to transmit and receive the domain limited flow via another interface that is connected to the trusted network.

摘要翻译： 公开了一种技术，根据该技术，根据该技术，具有多个接口的移动节点并且当运营商基于由策略定义的流信息进行通信时根据流信息执行通信，可以选择适合于流的接口，以及 可以进行通信。 根据该技术，具有多个接口的移动节点（MN 10）具有列表，用于指示仅在特定网络（可信网络）内发送的域限制流，以及用于指示可信网络的列表。 当某个接口执行切换时，在存在使用该接口的域限制流的情况下，确定切换目的地的网络是否为可信网络，并且在切换目的地的网络不是可信任的情况下 网络，决定是否可能通过连接到可信网络的另一接口来发送和接收域限制流。

公开(公告)号：US08539554B2

公开(公告)日：2013-09-17

申请号：US12158968

申请日：2006-12-26

申请人： Jun Hirano ,  Keigo Aso ,  Chun Keong Benjamin Lim ,  Chan Wah Ng ,  Tien Ming Benjamin Koh ,  Pek Yew Tan

发明人： Jun Hirano ,  Keigo Aso ,  Chun Keong Benjamin Lim ,  Chan Wah Ng ,  Tien Ming Benjamin Koh ,  Pek Yew Tan

IPC分类号： G06F7/04

CPC分类号： H04W12/08 ,  H04L12/2818 ,  H04L12/283 ,  H04L12/2898 ,  H04L12/4633 ,  H04L63/0272 ,  H04L63/104 ,  H04L63/20 ,  H04W76/10 ,  H04W80/04 ,  H04W84/005

摘要： Disclosed is a technique capable of proper execution of access control based on various security policies set by a home user with regards to a packet sent from a visitor node. According to the technique, a MR (Mobile Router) 10 which manages a mobile PAN 30 determines whether a sender of a packet from a communication terminal connected to the mobile PAN is a home user's node which is allowed direct access into a home network or a visitor node (VN 31), and forwards the packet from the home user's node to an HA 20 while forwarding the packet from the visitor node to a policy server 36 located in a DMZ 35. This allows the policy server to perform access control on every packet from a visitor node which attempts to gain access into the home network based on a security policy 36a.

摘要翻译： 公开了一种能够基于由用户对由访问者节点发送的分组设置的各种安全策略来适当地执行访问控制的技术。 根据该技术，管理移动PAN30的MR（移动路由器）10确定来自连接到移动PAN的通信终端的分组的发送者是否是被允许直接访问家庭网络的家庭用户节点，或者 访问节点（VN31），并且将分组从归属用户节点转发到HA 20，同时将分组从访问节点转发到位于DMZ 35中的策略服务器36.这允许策略服务器对每个 来自访问节点的分组，其尝试基于安全策略36a来访问归属网络。

公开(公告)号：US08249086B2

公开(公告)日：2012-08-21

申请号：US12302845

申请日：2007-06-14

申请人： Jun Hirano ,  Keigo Aso ,  Chun Keong Benjamin Lim ,  Chan Wah Ng ,  Tien Ming Benjamin Koh ,  Pek Yew Tan

发明人： Jun Hirano ,  Keigo Aso ,  Chun Keong Benjamin Lim ,  Chan Wah Ng ,  Tien Ming Benjamin Koh ,  Pek Yew Tan

IPC分类号： H04L12/56

CPC分类号： H04L47/2491 ,  H04L12/66 ,  H04L29/12226 ,  H04L45/38 ,  H04L61/2015 ,  H04L61/2061 ,  H04W8/26 ,  H04W28/10 ,  H04W60/005 ,  H04W80/04 ,  H04W84/005

摘要： Disclosed is a technique which enables a mobile node (MN) connected to a mobile router (MR) to carry out flow filtering in a mobile network. This technique allows an MN 25 in a mobile network 24 to set a policy needed for the flow filtering in an MR 10 and, in the present invention, an MR inserts an egress characteristic thereof into, for example, a router advertisement message so that the egress characteristic, a node in a mobile network cannot grasp originally, can be advertised to the interior of the mobile network. Thus, the MN can grasp a characteristic of an access network (characteristic of access system 20) even in a case in which it is connected to the MR, which achieves intelligent flow filtering.

摘要翻译： 公开了一种使与移动路由器（MR）连接的移动节点（MN）能够在移动网络中进行流量过滤的技术。 该技术允许移动网络24中的MN 25设置MR 10中的流量过滤所需的策略，并且在本发明中，MR将其出口特性插入到例如路由器通告消息中，使得 出口特性，移动网络中的一个节点最初无法掌握，可以通告给移动网络的内部。 因此，即使在连接到MR的情况下，MN也可以掌握接入网络的特性（接入系统20的特性），从而实现智能流量过滤。

公开(公告)号：US20100268804A1

公开(公告)日：2010-10-21

申请号：US12742631

申请日：2008-11-18

申请人： Keigo Aso ,  Jun Hirano ,  Chun Keong Benjamin Lim ,  Mohana Dhamayanthi Jeyatharan ,  Chan Wah Ng ,  Tien Ming Benjamin Koh ,  Pek Yew Tan

发明人： Keigo Aso ,  Jun Hirano ,  Chun Keong Benjamin Lim ,  Mohana Dhamayanthi Jeyatharan ,  Chan Wah Ng ,  Tien Ming Benjamin Koh ,  Pek Yew Tan

IPC分类号： G06F15/177

CPC分类号： H04L61/2007 ,  H04L29/12216 ,  H04L29/12952 ,  H04L61/6077 ,  H04W8/26 ,  H04W60/005 ,  H04W80/04

摘要： Disclosed is a technique for switching a forwarding address of a packet destined for a mobile node in a local mobility domain when the mobile node has a plurality of interfaces so that the packet will be forwarded to the mobile node. According to the technique, an MN 101 receives network information 40 including a domain ID 402 from a network through two or more IFs 1010 and 1011. Based on the domain ID 402 in the network information received, when determining that the IFs 1010 and 1011 are attached to the same domain, the MN 101 decides to allocate the same address to the IFs 1010 and 1011, and requests MAGs 111 and 112 connected to the IFs 1010 and 1011, respectively, to bind the same address to each of link identifiers of the IFs 1010 and 1011. Based on the request, the MAGs 111 and 112 perform binding to forward, to the MN 101, packets destined to the same address of the MN 101.

摘要翻译： 公开了一种用于在移动节点具有多个接口时切换目的地为本地移动性域中的移动节点的分组的转发地址的技术，使得分组将被转发到移动节点。 根据该技术，MN 101通过两个以上的IF 1010和1011从网络接收包括域ID 402的网络信息40.根据接收的网络信息中的域ID 402，当确定IF1010和1011是 MN 101决定向IF1010和1011分配相同的地址，并且分别请求连接到IF1010和1011的MAG111和112将相同的地址绑定到每个链路标识符 IF1010和1011.根据该请求，MAG 111和112向MN 101执行绑定以转发到MN101的相同地址的分组。

公开(公告)号：US20100067381A1

公开(公告)日：2010-03-18

申请号：US12531861

申请日：2008-03-13

申请人： Jun Hirano ,  Tien Ming Benjamin Koh ,  Chun Keong Benjamin Lim ,  Chan Wah Ng ,  Pek Yew Tan

发明人： Jun Hirano ,  Tien Ming Benjamin Koh ,  Chun Keong Benjamin Lim ,  Chan Wah Ng ,  Pek Yew Tan

IPC分类号： H04L12/24 ,  H04W72/04

CPC分类号： H04W8/12 ,  H04W60/005 ,  H04W76/15 ,  H04W80/04

摘要： A technology is disclosed for appropriately providing a certain service desired by a mobile node, even in an environment including overlay network nodes providing different functions. In the technology, a mobile node (MN) 110 implements Monami6 protocol and transmits a binding update message requesting a service based on the Monami6 protocol. On the other hand, an overlay network is present on a network, the overlay network in which a home agent (MCHA) implementing the Monami6 protocol and a home agent (MSHA) not implementing the Monami6 protocol cooperate to provide functions of an HA. In this instance, for example, an MSHA 150 that receives a message from the mobile node via a path 112 sends the request to an MCHA implementing the Monami6 protocol (such as an MCHA 130) and makes the MCHA process the request.

摘要翻译： 公开了一种用于适当地提供移动节点期望的特定服务的技术，即使在包括提供不同功能的覆盖网络节点的环境中也是如此。 在该技术中，移动节点（MN）110实现Monami6协议，并且基于Monami6协议传送请求服务的绑定更新消息。 另一方面，在网络上存在覆盖网络，其中实现Monami6协议的归属代理（MCHA）和不实现Monami6协议的归属代理（MSHA）协作以提供HA的功能的覆盖网络。 在这种情况下，例如，经由路径112从移动节点接收消息的MSHA 150将请求发送到实施Monami6协议（例如MCHA 130）的MCHA，并使得MCHA处理请求。

公开(公告)号：US20090285103A1

公开(公告)日：2009-11-19

申请号：US12307559

申请日：2007-07-06

申请人： Jun Hirano ,  Chan Wah Ng ,  Pek Yew Tan ,  Tien Ming Benjamin Koh ,  Chun Keong Benjamin Lim

发明人： Jun Hirano ,  Chan Wah Ng ,  Pek Yew Tan ,  Tien Ming Benjamin Koh ,  Chun Keong Benjamin Lim

IPC分类号： H04L12/26

CPC分类号： H04L12/4633 ,  H04L45/00 ,  H04L45/18 ,  H04L2212/00

摘要： Disclosed is a technique whereby a packet transferring apparatus (particularly, a tunnel entry point made to carry out packet encapsulation) becomes capable of detecting a tunneling loop signifying that a packet loops along the same route while undergoing encapsulation. With this technique, at packet transfer, a loop detection module of a router according to the present invention stores a TEL value (value of tunnel encapsulation limit for limiting the number of times of duplication of tunnel) set in an encapsulation header of this packet or stores a TEL value set in an encapsulation header of a packet sent back as an ICMP error In addition, the loop detection module analyzes an increase/decrease variation pattern of the stored TEL value relative to time and, in a case in which the pattern agrees with a unique pattern (sawtooth-like pattern) appearing at the occurrence of a tunneling loop, estimates that a tunneling loop has occurred.

摘要翻译： 公开了一种技术，其中分组传送装置（特别是用于执行分组封装的隧道入口点）变得能够检测表示分组在进行封装时沿着相同路线循环的隧道循环。 利用这种技术，在分组传送中，根据本发明的路由器的环路检测模块存储设置在该分组的封装头部中的TEL值（用于限制隧道复制次数的隧道封装限制值） 存储在作为ICMP错误发回的分组的封装头部中设置的TEL值。此外，循环检测模块分析存储的TEL值相对于时间的增加/减少变化模式，并且在模式一致的情况下 在出现隧道循环时出现了独特的模式（锯齿状模式），估计已经发生了隧道循环。

公开(公告)号：US08385263B2

公开(公告)日：2013-02-26

申请号：US12521519

申请日：2007-12-19

申请人： Jun Hirano ,  Takashi Aramaki ,  Chun Keong Benjamin Lim ,  Chan Wah Ng ,  Tien Ming Benjamin Koh ,  Pek Yew Tan

发明人： Jun Hirano ,  Takashi Aramaki ,  Chun Keong Benjamin Lim ,  Chan Wah Ng ,  Tien Ming Benjamin Koh ,  Pek Yew Tan

IPC分类号： H04W4/00

CPC分类号： H04W8/087 ,  H04W80/04

摘要： A technique disclosed enables a node having a plurality of interfaces to conduct connection of the plurality of interfaces simultaneously in a communication network domain. A mobile node having a plurality of interfaces connects one of the interfaces with a MAG (mobile access gateway) 11a to take part in a NetLMM domain 18 using a NetLMM protocol, and a LMA (local mobility anchor) 13 includes association information with the MAG 11a registered therein. When the mobile node connects another interface with another MAG 11b, the LMA receives a registration request for association information of this mobile node with the MAG 11b, and makes an inquiry to the already registered MAG 11a as to whether link with the mobile node is still valid or not. If the link is valid, the LMA keeps association information of the mobile node with both of the MAGs 11a and 11b.

摘要翻译： 所公开的技术使得具有多个接口的节点能够在通信网络域中同时进行多个接口的连接。 具有多个接口的移动节点将接口之一与MAG（移动接入网关）11a连接，以使用NetLMM协议参与NetLMM域18，并且LMA（本地移动锚）13包括与MAG的关联信息 11a登记。 当移动节点与另一个MAG 11b连接另一个接口时，LMA向MAG 11b接收该移动节点的关联信息的注册请求，并且向已登记的MAG 11a询问关于与移动节点的链路是否仍然存在 是否有效。 如果链路有效，则LMA保持移动节点与MAG 11a和11b两者的关联信息。

公开(公告)号：US08363620B2

公开(公告)日：2013-01-29

申请号：US12740625

申请日：2008-10-29

申请人： Jun Hirano ,  Tien Ming Benjamin Koh ,  Chan Wah Ng ,  Chun Keong Benjamin Lim ,  Mohana Dhamayanthi Jeyatharan

发明人： Jun Hirano ,  Tien Ming Benjamin Koh ,  Chan Wah Ng ,  Chun Keong Benjamin Lim ,  Mohana Dhamayanthi Jeyatharan

IPC分类号： H04W4/00 ,  H04L12/26 ,  H04L12/44 ,  H04L12/56

CPC分类号： H04W76/20

摘要： A technology is disclosed for providing a connection status notifying method and the like that can infer that a new connection will become usable shortly based on a predetermined action, and give notification thereof. The technology includes a step at which a mobile node 1000 receives information stating that connection will be broken from a base station that is a current connection destination, a step at which the mobile node starts a predetermined process with a base station that is a new connection destination, and a step at which the mobile node generates a predetermined notification message and transmits the generated predetermined notification message when the predetermined process is judged to be completed, the predetermined notification message being used to give notification to a predetermined component part within the mobile node or to another communication node that a connected state is established with the base station of the new connection destination at an early stage.

摘要翻译： 公开了一种用于提供连接状态通知方法等的技术，该连接状态通知方法等可以基于预定的动作推断出新的连接将很快变得可用，并给出通知。 该技术包括一个步骤，移动节点1000接收关于连接将从作为当前连接目的地的基站断开的信息的步骤，移动节点以基站为新连接开始预定过程的步骤 目的地和移动节点生成预定通知消息的步骤，并且当预定处理被判断为完成时发送所生成的预定通知消息，该预定通知消息用于向移动节点内的预定组件部分通知 或者与早期的新连接目的地的基站建立连接状态的另一通信节点。

公开(公告)号：US20100275253A1

公开(公告)日：2010-10-28

申请号：US12743805

申请日：2008-11-18

申请人： Jun Hirano ,  Chan Wah Ng ,  Mohana Dhamayanthi Jeyatharan ,  Tien Ming Benjamin Koh ,  Chun Keong Benjamin Lim ,  Pek Yew Tan

发明人： Jun Hirano ,  Chan Wah Ng ,  Mohana Dhamayanthi Jeyatharan ,  Tien Ming Benjamin Koh ,  Chun Keong Benjamin Lim ,  Pek Yew Tan

IPC分类号： H04L9/32 ,  G06F21/00

CPC分类号： H04L9/3234 ,  H04L9/3226 ,  H04L67/02 ,  H04L2209/80 ,  H04W12/06 ,  H04W60/005 ,  H04W80/04

摘要： There is provided a technique for reducing the number of messages handled in a Return Routability (RR) procedure for performing authentication between a mobile node (MN) and a peer communication node (CN). According to the technique, an MN 1 pairs two or more care-of addresses assigned respectively to one or more interfaces, and sends a CN 3 one or more first messages including a second care-of address by setting a first care-of address in each pair of care-of addresses as a source address. The CN 3 receives the one or more first messages, generates signature tokens for the first and second care-of addresses, and sends one or more second messages including the generated signature tokens to the second care-of address of the MN 2.

摘要翻译： 提供了一种用于减少在用于在移动节点（MN）和对等通信节点（CN）之间执行认证的返回可路由性（RR）过程中处理的消息的数量的技术。 根据该技术，MN 1对分别分配给一个或多个接口的两个或更多转交地址，并且通过将第一转交地址设置在第一转交地址中来发送CN 3一个或多个包括第二转交地址的第一消息 每对转交地址作为源地址。 CN 3接收一个或多个第一消息，为第一转交地址和第二转交地址生成签名令牌，并将包括所生成的签名令牌的一个或多个第二消息发送到MN 2的第二转交地址。