摘要:
A General Packet Radio Service (GPRS) Accessed Extended Mobile Internet Protocol (EMIP) [G-EMIP] network is provided for wireless mobile device access to external packet data networks. Domains are defined to incorporate a subnet of standard GPRS and EMIP network entities accessed through a Domain Router. Packet access at the radio interface is provided using the base station portion of a GPRS network. Wireless link specific processing is relegated to this potion of the G-EMIP network. EMIP is utilized as a backbone network to provide mobility and service management and interconnection to external networks. A GPRS-IP Interworking entity (GII) interworks IP and GPRS protocols between GPRS and IP addressable network entities (i.e., translates messages of each protocol to corresponding messages of the other protocol). Mobility-related functionality is handled at the IP (network) layer. Mobile IP is used to support the macro-mobility and Handoff-Aware Wireless Access Internet Infrastructure (HAWAII) is used to support micro-mobility and paging. The Domain Router provides packet service management and interacts with a Home Location Register/Authentication Center, which provides GRPS registration, authentication and encryption.
摘要:
Portable and/or mobile IP hosts desiring to connect to the Internet can dynamically acquire a home address and other configuration information through DHCP when powering up in a foreign network. A two-stage configuration procedure is used. First, the mobile host uses the M-IP protocol to establish contact with an addressing element, referred to as a bootstrapping agent, that is usually co-located with a M-IP Home Agent, and that allocates a temporary home address for the mobile host. The temporary address is used to create a temporary tunnel. Second, this temporary tunnel is used as the communication vehicle over which standard DHCP transactions take place. The present invention is thus arranged to use a) M-IP as the signaling mechanism for reaching the home network and dynamically allocating a temporary home address for the mobile host; and b) DHCP to allocate a permanent home address and any other configuration state for the mobile host.
摘要:
A gateway for mobile access includes a foreign agent that receives user profile data and session state data from a home authentication, authorization and accounting (AAA) system of a mobile node, and a dynamic packet filter that performs multi-layer filtering based on the user profile data. The foreign agent transfers a session from a first network to a second network without session interruption, using the session state data, when the mobile node moves from the first network to the second network. The packet filter permits Internet access by the mobile node without passing Internet data requested by the mobile node through the first network.
摘要:
A mobile node comprises: a plurality of network interfaces, each with a respective device driver; a network layer; a multi-interface driver capable of communication with each network interface by way of the respective device driver for that network interface, the multi-interface driver handling communications from the network layer to any of the network interfaces; the multi-interface driver switching from a first one of the network interfaces to a second one of the network interfaces by changing the one of the plurality of network interfaces with which the multi-interface driver communicates, while hiding the switching from the network layer.
摘要:
A scheme for authentication, dynamic key generation and exchange provides means for authentication of mobile nodes (22) and generation of per session, per node, encryption keys for encrypting/decrypting communications between a mobile node (22) and an access point (24) in wireless local area networks (50). The scheme utilizes the same infrastructure and authentication information for both data link layers (layer 2) and network layers (layer 3). This scheme is particularly applicable to networks adhering to the IEEE 802 LAN family of standards.
摘要:
A gateway for mobile access includes a foreign agent that receives user profile data and session state data from a home authentication, authorization and accounting (AAA) system of a mobile node, and a dynamic packet filter that performs multi-layer filtering based on the user profile data. The foreign agent transfers a session from a first network to a second network without session interruption, using the session state data, when the mobile node moves from the first network to the second network. The packet filter permits Internet access by the mobile node without passing Internet data requested by the mobile node through the first network.
摘要:
A method to determine if an encrypted flow of packets (F) belongs to a predefined class of flows (ωt), comprises the steps of giving probability density functions (p(xi|ωt)) of the values of two measurable variables in a plurality of encrypted flows of packets (Fj) belonging to the predefined class of flows (ωt), measuring the values (si,Δt1) of the two measurable variables, apply the measured values (si,Δt1) to the probability density functions (p(xi|ωt)) to generate a sequence of values of probability density (p({right arrow over (x)}|ωt)), process the sequence of values of probability density (p({right arrow over (x)}|ωt)) to generate a reference value (S({right arrow over (x)}|ωt)), and compare such reference value (S({right arrow over (x)}|ωt)) to a threshold value (T) to determine whether the encrypted flow of packets (F) belongs to the predefined class of flows.
摘要:
A gateway for mobile communications comprises a cache for storing network data recently downloaded from a network, a foreign agent, and a packet filter that directs requests for the network data from a mobile node to the cache. The packet filter directs the requested network data from the cache to the mobile node by way of the foreign agent, without forwarding the requested network data to a home agent of the mobile node.
摘要:
A mobile node comprises: a plurality of network interfaces, each with a respective device driver; a network layer; a multi-interface driver capable of communication with each network interface by way of the respective device driver for that network interface, the multi-interface driver handling communications from the network layer to any of the network interfaces; the multi-interface driver switching from a first one of the network interfaces to a second one of the network interfaces by changing the one of the plurality of network interfaces with which the multi-interface driver communicates, while hiding the switching from the network layer.
摘要:
A gateway for mobile access includes a foreign agent that receives user profile data and session state data from a home authentication, authorization and accounting (AAA) system of a mobile node, and a dynamic packet filter that performs multi-layer filtering based on the user profile data. The foreign agent transfers a session from a first network to a second network without session interruption, using the session state data, when the mobile node moves from the first network to the second network. The packet filter permits Internet access by the mobile node without passing Internet data requested by the mobile node through the first network.