-
1.发明授权公开(公告)号:US08688970B2
公开(公告)日:2014-04-01
申请号:US12665006
申请日:2008-06-12
申请人: Jens Bachmann , Kilian Weniger , Takashi Aramaki , Jon Schuringa , Jun Hirano , Shinkichi Ikeda
发明人: Jens Bachmann , Kilian Weniger , Takashi Aramaki , Jon Schuringa , Jun Hirano , Shinkichi Ikeda
IPC分类号: H04L29/06
CPC分类号: H04L63/164 , H04L63/029 , H04L63/0428 , H04L63/0471 , H04W12/02 , H04W36/0011 , H04W60/00 , H04W80/04 , H04W88/16
摘要: The invention provides a method for trust relationship detection between a core and access network for a user equipment. The gist is that a security tunnel establishment procedure is used so one entity, be it part of the core network or be it the user equipment itself, is provided with information to determine whether the access network is trusted or untrusted. The information may comprise a first IP address/prefix, which is initially assigned to the user equipment, upon attaching to the access network. The necessary information may further comprise a second IP address/prefix, which is an address/prefix that is allocated at a trusted entity of the core network. Depending which entity determines the trust relationship of the access network, it might be necessary to transmit either the first IP address/prefix or the second IP address/prefix or the first and the second IP address/prefix using the security tunnel establishment procedure.
摘要翻译: 本发明提供了一种用于用户设备的核心和接入网络之间的信任关系检测的方法。 要点是使用安全隧道建立过程,因此一个实体(作为核心网络的一部分,或者是用户设备本身)被提供有用于确定接入网络是可信任还是不受信任的信息。 信息可以包括在附接到接入网络时最初分配给用户设备的第一IP地址/前缀。 必要的信息还可以包括第二IP地址/前缀,其是在核心网络的可信实体处分配的地址/前缀。 根据哪个实体确定接入网络的信任关系,可能需要使用安全隧道建立过程来发送第一IP地址/前缀或第二IP地址/前缀或第一和第二IP地址/前缀。
-
2.发明申请Access-Network to Core-Network Trust Relationship Detection for a Mobile Node 有权移动节点的核心网络信任关系检测的接入网络公开(公告)号:US20100199332A1
公开(公告)日:2010-08-05
申请号:US12665006
申请日:2008-06-12
申请人: Jens Bachmann , Kilian Weniger , Takashi Aramaki , Jon Schuringa , Jun Hirano , Shinkichi Ikeda
发明人: Jens Bachmann , Kilian Weniger , Takashi Aramaki , Jon Schuringa , Jun Hirano , Shinkichi Ikeda
CPC分类号: H04L63/164 , H04L63/029 , H04L63/0428 , H04L63/0471 , H04W12/02 , H04W36/0011 , H04W60/00 , H04W80/04 , H04W88/16
摘要: The invention provides a method for trust relationship detection between a core and access network for a user equipment. The gist is that a security tunnel establishment procedure is used so one entity, be it part of the core network or be it the user equipment itself, is provided with information to determine whether the access network is trusted or untrusted. The information may comprise a first IP address/prefix, which is initially assigned to the user equipment, upon attaching to the access network. The necessary information may further comprise a second IP address/prefix, which is an address/prefix that is allocated at a trusted entity of the core network. Depending which entity determines the trust relationship of the access network, it might be necessary to transmit either the first IP address/prefix or the second IP address/prefix or the first and the second IP address/prefix using the security tunnel establishment procedure.
摘要翻译: 本发明提供了一种用于用户设备的核心和接入网络之间的信任关系检测的方法。 要点是使用安全隧道建立过程,因此一个实体(作为核心网络的一部分,或者是用户设备本身)被提供有用于确定接入网络是可信任还是不受信任的信息。 信息可以包括在附接到接入网络时最初分配给用户设备的第一IP地址/前缀。 必要的信息还可以包括第二IP地址/前缀,其是在核心网络的可信实体处分配的地址/前缀。 根据哪个实体确定接入网络的信任关系,可能需要使用安全隧道建立过程来发送第一IP地址/前缀或第二IP地址/前缀或第一和第二IP地址/前缀。
-
公开(公告)号:US20110026435A1
公开(公告)日:2011-02-03
申请号:US12867876
申请日:2009-02-13
申请人: Kilian Weniger , Takashi Aramaki , Jun Hirano , Jens Bachmann , Shinkichi Ikeda
发明人: Kilian Weniger , Takashi Aramaki , Jun Hirano , Jens Bachmann , Shinkichi Ikeda
IPC分类号: H04L12/28
CPC分类号: H04W8/065 , H04L61/2007 , H04L61/6059 , H04L63/0281 , H04L63/029 , H04L63/06 , H04L63/061 , H04L63/08 , H04L63/10 , H04W8/08 , H04W8/26 , H04W80/04 , H04W80/045 , H04W88/182
摘要: The invention relates to a method for discovering a home agent serving a mobile node upon the mobile node changing its mobility management scheme in a packet-switched network and the implementation of such method in a mobile node or home agent. In order to propose a home agent discover scheme that maintains session continuity in a seamless manner upon a mobile node changing its mobility management scheme, a mobile node comprises information on its location prior to changing the mobility management scheme to one of the first signaling messages transmitted upon changing the mobility management scheme (home agent discovery message). The receiving node uses this information to identify the home agent serving the mobile node or to provide a hint to the home agent where the mobile node is registered in a response message to the mobile node. This approach may also be used for path optimization when a mobile node moves from a trusted to an un-trusted access network.
摘要翻译: 本发明涉及一种用于在移动节点在分组交换网络中改变其移动性管理方案时发现为移动节点服务的归属代理的方法,以及在移动节点或归属代理中实现这种方法。 为了提出在移动节点改变其移动性管理方案时以无缝方式保持会话连续性的归属代理发现方案,移动节点在将移动性管理方案改变为发送的第一信令消息之一之前包括关于其位置的信息 在改变移动性管理方案(归属代理发现消息)时。 接收节点使用该信息来识别为移动节点提供服务的归属代理,或者向移动节点在移动节点的响应消息中注册的归属代理提供提示。 当移动节点从受信任的接入网络移动到不可信的接入网络时,该方法也可用于路径优化。
-
公开(公告)号:US08457635B2
公开(公告)日:2013-06-04
申请号:US12812007
申请日:2009-01-08
IPC分类号: H04W36/00
CPC分类号: H04W36/14 , H04W36/0033 , H04W36/0066 , H04W36/32 , H04W60/04
摘要: The invention relates to a method for a handover of a mobile node from a non-3GPP to a 3GPP network, and of a mobile node, which is located in a non-3GPP/3GPP network. The handover is improved by discovering an appropriate MME and registering the mobile node at the discovered MME, in advance. This includes to first determine the location of the mobile node in the non-3GPP network, so as to be able to detect an MME in the vicinity of the mobile node's location. The 3GPP contexts are then transmitted to the new MME before the handover is performed. Moreover, the invention teaches to change the Serving-Gateway in the 3GPP network before performing a handover, thereby accelerating the handover. When a handover gets likely, the mobile node's location is determined and a new Serving-Gateway is selected. The data path is changed to go via the new Serving-Gateway.
摘要翻译: 本发明涉及一种移动节点从非3GPP到3GPP网络以及位于非3GPP / 3GPP网络中的移动节点的切换方法。 提前通过发现适当的MME并在发现的MME处注册移动节点来改善切换。 这包括首先确定非3GPP网络中的移动节点的位置,以便能够检测移动节点位置附近的MME。 然后在执行切换之前将3GPP上下文发送到新的MME。 此外,本发明教导在执行切换之前改变3GPP网络中的服务网关,从而加速切换。 当切换可能时,确定移动节点的位置并选择新的服务网关。 数据路径被更改为通过新的服务网关。
-
公开(公告)号:US20100323700A1
公开(公告)日:2010-12-23
申请号:US12812007
申请日:2009-01-08
IPC分类号: H04W36/12
CPC分类号: H04W36/14 , H04W36/0033 , H04W36/0066 , H04W36/32 , H04W60/04
摘要: The invention relates to a method for a handover of a mobile node from a non-3GPP to a 3GPP network, and of a mobile node, which is located in a non-3GPP/3GPP network. The handover is improved by discovering an appropriate MME and registering the mobile node at the discovered MME, in advance. This includes to first determine the location of the mobile node in the non-3GPP network, so as to be able to detect an MME in the vicinity of the mobile node's location. The 3GPP contexts are then transmitted to the new MME before the handover is performed. Moreover, the invention teaches to change the Serving-Gateway in the 3GPP network before performing a handover, thereby accelerating the handover. When a handover gets likely, the mobile node's location is determined and a new Serving-Gateway is selected. The data path is changed to go via the new Serving-Gateway.
摘要翻译: 本发明涉及一种移动节点从非3GPP到3GPP网络以及位于非3GPP / 3GPP网络中的移动节点的切换方法。 提前通过发现适当的MME并在发现的MME处注册移动节点来改善切换。 这包括首先确定非3GPP网络中的移动节点的位置,以便能够检测移动节点位置附近的MME。 然后在执行切换之前将3GPP上下文发送到新的MME。 此外,本发明教导在执行切换之前改变3GPP网络中的服务网关,从而加速切换。 当切换可能时,确定移动节点的位置并选择新的服务网关。 数据路径被更改为通过新的服务网关。
-
公开(公告)号:US20110238822A1
公开(公告)日:2011-09-29
申请号:US13060013
申请日:2009-07-03
申请人: Kilian Weniger , Shinkichi Ikeda , Jens Bachmann , Genadi Velev
发明人: Kilian Weniger , Shinkichi Ikeda , Jens Bachmann , Genadi Velev
IPC分类号: G06F15/173
CPC分类号: H04W80/045
摘要: The invention relates to a method and mobile node capable of detecting whether or not the network to which the mobile node is attached is using a network-based mobility management function for the mobile node or not. In order to enable a mobile node to detect whether the network is using a network-based mobility function for the mobile node, upon establishment of a PDN connection or IP session, the mobile node sends a probe message to the network destined to itself and determines based on the modifications of the probe message returned to the mobile node whether the network is using a network-based mobility function for the mobile node or not.
摘要翻译: 本发明涉及能够检测移动节点所连接的网络是否正在使用移动节点的基于网络的移动性管理功能的方法和移动节点。 为了使移动节点能够检测网络是否正在使用基于移动节点的基于网络的移动性功能,在建立PDN连接或IP会话时,移动节点向发往自己的网络发送探测消息,并确定 基于返回到移动节点的探测消息的修改,无论网络是否正在为移动节点使用基于网络的移动性功能。
-
7.发明授权Information exchange between gateways for route optimization with network-based mobility management 失效用于路由优化的网关与基于网络的移动性管理之间的信息交换公开(公告)号:US08724528B2
公开(公告)日:2014-05-13
申请号:US12919993
申请日:2009-03-02
申请人: Genadi Velev , Kilian Weniger , Jun Hirano , Shinkichi Ikeda
发明人: Genadi Velev , Kilian Weniger , Jun Hirano , Shinkichi Ikeda
IPC分类号: H04B7/00
CPC分类号: H04W40/20 , H04L45/22 , H04W8/082 , H04W80/04 , H04W80/10 , H04W88/005 , H04W88/182
摘要: The invention relates to a method for informing two access gateways about each other's presence and identity, in order to establish a data path between them, thereby shortening the overall data path of data packets exchanged between two mobile nodes (MN), that are located in different networks. In particular, each access gateway is provided with the other gateway's address and additionally with the other MN's address for forwarding by the access gateway those data packets destined to the other MN to the other access gateway. A combination of Session Initiation Protocol messages (Invite and Ringing) and route optimization messages are used, so as to confer the information on the gateway's ID and MN's address to the gateways.
摘要翻译: 本发明涉及一种用于通知两个接入网关关于彼此的存在和身份的方法,以便在它们之间建立数据路径,从而缩短在两个移动节点(MN)之间交换的数据分组的总体数据路径,该数据分组位于 不同的网络。 特别地,每个接入网关被提供有另一个网关的地址,另外还有另一个MN的地址,用于由接入网关将去往另一个MN的那些数据分组转发到另一个接入网关。 使用会话发起协议消息(邀请和振铃)和路由优化消息的组合,以便将关于网关的ID和MN的地址的信息授予网关。
-
8.发明申请INFORMATION EXCHANGE BETWEEN GATEWAYS FOR ROUTE OPTIMIZATION WITH NETWORK-BASED MOBILITY MANAGEMENT 失效网关优化网络之间的信息交换与基于网络的移动性管理公开(公告)号:US20110122815A1
公开(公告)日:2011-05-26
申请号:US12919993
申请日:2009-03-02
申请人: Genadi Velev , Kilian Weniger , Jun Hirano , Shinkichi Ikeda
发明人: Genadi Velev , Kilian Weniger , Jun Hirano , Shinkichi Ikeda
IPC分类号: H04W4/00
CPC分类号: H04W40/20 , H04L45/22 , H04W8/082 , H04W80/04 , H04W80/10 , H04W88/005 , H04W88/182
摘要: The invention relates to a method for informing two access gateways about each other's presence and identity, in order to establish a data path between them, thereby shortening the overall data path of data packets exchanged between two mobile nodes (MN), that are located in different networks. In particular, each access gateway is provided with the other gateway's address and additionally with the other MN's address for forwarding by the access gateway those data packets destined to the other MN to the other access gateway. A combination of Session Initiation Protocol messages (Invite and Ringing) and route optimization messages are used, so as to confer the information on the gateway's ID and MN's address to the gateways.
摘要翻译: 本发明涉及一种用于通知两个接入网关关于彼此的存在和身份的方法,以便在它们之间建立数据路径,从而缩短在两个移动节点(MN)之间交换的数据分组的总体数据路径,该数据分组位于 不同的网络。 特别地,每个接入网关被提供有另一个网关的地址,另外还有另一个MN的地址,用于由接入网关将去往另一个MN的那些数据分组转发到另一个接入网关。 使用会话发起协议消息(邀请和振铃)和路由优化消息的组合,以便将关于网关的ID和MN的地址的信息授予网关。
-
9.发明授权公开(公告)号:US08792453B2
公开(公告)日:2014-07-29
申请号:US13126924
申请日:2009-10-28
申请人: Jens Bachmann , Shinkichi Ikeda , Takashi Aramaki
发明人: Jens Bachmann , Shinkichi Ikeda , Takashi Aramaki
CPC分类号: H04L63/029 , H04L63/0272 , H04L63/164 , H04W12/02 , H04W36/0038 , H04W76/12 , H04W80/04
摘要: The invention relates to a method, mobile node and computer-readable medium for establishing (or pre-establishing) a secure tunnel to an ePDG to prepare for a mobile node attachment or handover to another access network. To reduce the delay of a handover or upon attachment of a mobile node to an access network implied by mechanisms to discover a ePDG, the mobile node maintains a reachability list that can be consulted to identify an ePDG or ePDGs that are reachable in the target access network, i.e. to which the mobile node may establish a secure tunnel. If the mobile node can identify a reachable ePDG for a given access network from the reachability list, the mobile node (pre-)establishes a secure tunnel to the ePDG upon attaching to the given access network. In alternative solutions DNS, DHCP or other mechanism can be used to provide the mobile node with information on ePDGs in its vicinity.
摘要翻译: 本发明涉及一种方法,移动节点和计算机可读介质,用于建立(或预先建立)到ePDG的安全隧道以准备移动节点附接或切换到另一个接入网络。 为了减少切换的延迟或者在将移动节点附着到由发现ePDG的机制所暗示的接入网络上时,移动节点维护可被查询的可达性列表,以识别在目标接入中可达到的ePDG或ePDG 网络,即移动节点可以建立安全隧道。 如果移动节点可以从可达性列表中识别给定接入网络的可达ePDG,则移动节点(pre)在附着到给定接入网络时建立到ePDG的安全隧道。 在替代解决方案中,DNS,DHCP或其他机制可用于向移动节点提供其附近的ePDG的信息。
-
10.发明申请公开(公告)号:US20110261787A1
公开(公告)日:2011-10-27
申请号:US13126924
申请日:2009-10-28
申请人: Jens Bachmann , Shinkichi Ikeda , Takashi Aramaki
发明人: Jens Bachmann , Shinkichi Ikeda , Takashi Aramaki
IPC分类号: H04W36/00
CPC分类号: H04L63/029 , H04L63/0272 , H04L63/164 , H04W12/02 , H04W36/0038 , H04W76/12 , H04W80/04
摘要: The invention relates to a method, mobile node and computer-readable medium for establishing (or pre-establishing) a secure tunnel to an ePDG to prepare for a mobile node attachment or handover to another access network. To reduce the delay of a handover or upon attachment of a mobile node to an access network implied by mechanisms to discover a ePDG, the mobile node maintains a reachability list that can be consulted to identify an ePDG or ePDGs that are reachable in the target access network, i.e. to which the mobile node may establish a secure tunnel. If the mobile node can identify a reachable ePDG for a given access network from the reachability list, the mobile node (pre-)establishes a secure tunnel to the ePDG upon attaching to the given access network. In alternative solutions DNS, DHCP or other mechanism can be used to provide the mobile node with information on ePDGs in its vicinity.
摘要翻译: 本发明涉及一种方法,移动节点和计算机可读介质,用于建立(或预先建立)到ePDG的安全隧道以准备移动节点附接或切换到另一个接入网络。 为了减少切换的延迟或者在将移动节点附着到由发现ePDG的机制所暗示的接入网络上时,移动节点维护可被查询的可达性列表,以识别在目标接入中可达到的ePDG或ePDG 网络,即移动节点可以建立安全隧道。 如果移动节点可以从可达性列表中识别给定接入网络的可达ePDG,则移动节点(pre)在附着到给定接入网络时建立到ePDG的安全隧道。 在替代解决方案中,DNS,DHCP或其他机制可用于向移动节点提供其附近的ePDG的信息。
-
-
-
-
-
-
-
-
-
搜索结果
118 条记录 (耗时 0.03 秒)
