公开(公告)号：US08743879B2

公开(公告)日：2014-06-03

申请号：US13228321

申请日：2011-09-08

申请人： Wassim Haddad ,  Joel Halpern ,  Samita Chakrabarti

发明人： Wassim Haddad ,  Joel Halpern ,  Samita Chakrabarti

IPC分类号： H04L12/28

CPC分类号： H04L61/6072 ,  H04L29/12943 ,  H04L45/04 ,  H04L45/50 ,  H04L45/66 ,  H04L61/6004 ,  H04L61/6022 ,  H04L61/6059 ,  H04L2212/00 ,  H04W8/26

摘要： A network element is described. In one embodiment includes receiving a packet from the host in the first domain at the network element in the first domain, the packet including a destination address to the host in the second domain, the destination address being formed by replacing an Interface Identifier of an IP address by a second domain label and a shortened Media Access Control (MAC) address, the second domain label identifying the second domain. A routing label and the shortened MAC address are attached to the received packet, and the packet is sent on a label switched path indicated by the label to the second domain.

摘要翻译： 描述网络元件。 在一个实施例中包括在第一域中的网元处从第一域中的主机接收分组，该分组包括在第二域中的主机的目的地地址，目的地地址是通过替换IP的接口标识符 地址由第二域标签和缩短的媒体访问控制（MAC）地址，第二域标签标识第二域。 路由标签和缩短的MAC地址被附加到接收到的分组，并且分组在由标签指示的标签交换路径上发送到第二域。

公开(公告)号：US20120287932A1

公开(公告)日：2012-11-15

申请号：US13228321

申请日：2011-09-08

申请人： Wassim Haddad ,  Joel Halpern ,  Samita Chakrabarti

发明人： Wassim Haddad ,  Joel Halpern ,  Samita Chakrabarti

IPC分类号： H04L12/56

CPC分类号： H04L61/6072 ,  H04L29/12943 ,  H04L45/04 ,  H04L45/50 ,  H04L45/66 ,  H04L61/6004 ,  H04L61/6022 ,  H04L61/6059 ,  H04L2212/00 ,  H04W8/26

摘要： A network element is described. In one embodiment includes receiving a packet from the host in the first domain at the network element in the first domain, the packet including a destination address to the host in the second domain, the destination address being formed by replacing an Interface Identifier of an IP address by a second domain label and a shortened Media Access Control (MAC) address, the second domain label identifying the second domain. A routing label and the shortened MAC address are attached to the received packet, and the packet is sent on a label switched path indicated by the label to the second domain.

摘要翻译： 描述网络元件。 在一个实施例中包括在第一域中的网元处从第一域中的主机接收分组，该分组包括在第二域中的主机的目的地地址，目的地地址是通过替换IP的接口标识符 地址由第二域标签和缩短的媒体访问控制（MAC）地址，第二域标签标识第二域。 路由标签和缩短的MAC地址被附加到接收到的分组，并且分组在由标签指示的标签交换路径上发送到第二域。

公开(公告)号：US20120210136A1

公开(公告)日：2012-08-16

申请号：US13112771

申请日：2011-05-20

申请人： Wassim Haddad ,  Samita Chakrabarti

发明人： Wassim Haddad ,  Samita Chakrabarti

IPC分类号： H04L9/32 ,  H04L9/08

CPC分类号： H04L63/065 ,  H04L63/0823

摘要： A method implemented in a network element for controlling access to a set of resources on a per-application basis, the set of resources including subsets of the resources where each subset is accessible to a set of one or more applications through the use of a separate group key, the method comprising the steps of receiving an authentication request from a node communicatively connected to the network element through a first network interface of the network element, the authentication request including a certificate for the node, validating the certificate for the node, determining that the certificate has been authorized for the set of one or more applications through a query of a certificate database, retrieving each group key that corresponds to the set of one or more applications through a query of a group key database, and returning each group key retrieved from the group key database to the node.

摘要翻译： 一种在网络元件中实现的用于在每个应用程序的基础上控制对一组资源的访问的方法，该资源集合包括资源的子集，其中每个子集可通过使用单独的一个或多个应用来访问一个或多个应用的​​集合 组密钥，所述方法包括以下步骤：通过所述网元的第一网络接口从通信地连接到所述网元的节点接收认证请求，所述认证请求包括所述节点的证书，验证所述节点的证书，确定 证书已通过证书数据库的查询授权给一组或多个应用程序集，通过组密钥数据库的查询检索与一组或多个应用程序集相对应的每个组密钥，并返回每个组密钥 从组密钥数据库检索到节点。

公开(公告)号：US08495377B2

公开(公告)日：2013-07-23

申请号：US13112771

申请日：2011-05-20

申请人： Wassim Haddad ,  Samita Chakrabarti

发明人： Wassim Haddad ,  Samita Chakrabarti

IPC分类号： H04L9/32

CPC分类号： H04L63/065 ,  H04L63/0823

摘要： A method implemented in a network element for controlling access to a set of resources on a per-application basis, the set of resources including subsets of the resources where each subset is accessible to a set of one or more applications through the use of a separate group key, the method comprising the steps of receiving an authentication request from a node communicatively connected to the network element through a first network interface of the network element, the authentication request including a certificate for the node, validating the certificate for the node, determining that the certificate has been authorized for the set of one or more applications through a query of a certificate database, retrieving each group key that corresponds to the set of one or more applications through a query of a group key database, and returning each group key retrieved from the group key database to the node.

摘要翻译： 一种在网络元件中实现的用于在每个应用程序的基础上控制对一组资源的访问的方法，该资源集合包括资源的子集，其中每个子集可通过使用单独的一个或多个应用来访问一个或多个应用的​​集合 组密钥，所述方法包括以下步骤：通过所述网元的第一网络接口从通信地连接到所述网元的节点接收认证请求，所述认证请求包括所述节点的证书，验证所述节点的证书，确定 证书已通过证书数据库的查询授权给一组或多个应用程序集，通过组密钥数据库的查询检索与一组或多个应用程序集相对应的每个组密钥，并返回每个组密钥 从组密钥数据库检索到节点。

公开(公告)号：US20130091279A1

公开(公告)日：2013-04-11

申请号：US13271056

申请日：2011-10-11

申请人： Wassim Haddad ,  Joel Halpern

发明人： Wassim Haddad ,  Joel Halpern

IPC分类号： G06F15/173

CPC分类号： H04L41/0816 ,  H04L12/2807 ,  H04L12/2832 ,  H04L12/2834 ,  H04L63/08 ,  H04L2012/5618 ,  H04W12/06 ,  H04W84/12

摘要： A method implemented by a network element of an Internet service provider to provide network access through a visited network associated with a visited network owner to a device of a visiting user connecting to the visited networker. The visited network owner is a customer of the Internet service provider. The network element configures the visited network to provide access to resources of a remote home network to the device of the visiting user. The remote home network is in communication with the visited network over a wide area network. Connecting to a virtual gateway controller of the remote home network to obtain configuration information to establish a connection between the device and the remote home network. Establishing a connection between the device of the visiting user and a second access point. Providing access to the resource of the remote home network through the second access point.

摘要翻译： 由互联网服务提供商的网络元件实现的方法，通过与访问网络所有者相关联的访问网络向访问用户连接的访问​​用户的设备提供网络访问。 受访网络所有者是互联网服务提供商的客户。 网络元件配置访问网络以向远程归属网络的资源提供对访问用户的设备的访问。 远程家庭网络通过广域网与被访问的网络进行通信。 连接到远程家庭网络的虚拟网关控制器，以获取配置信息，以在设备和远程家庭网络之间建立连接。 在访问用户的设备和第二接入点之间建立连接。 通过第二接入点提供对远程家庭网络的资源的访问。

公开(公告)号：US08503416B2

公开(公告)日：2013-08-06

申请号：US12969151

申请日：2010-12-15

申请人： Wassim Haddad ,  Joel Halpern

发明人： Wassim Haddad ,  Joel Halpern

IPC分类号： H04W40/36 ,  H04W36/00 ,  H04W60/00

CPC分类号： H04W8/065 ,  H04W8/085

摘要： A method performed by a network element for providing micro-mobility in a network to a mobile node including the steps of receiving a registration request message at the mobility anchor point from an access router that is currently coupled to the mobile node, wherein the registration request message includes an endpoint identifier of the mobile node and a local care-of address of the mobile node, establishing a label switch path (LSP) between the mobility anchor point and the access router, storing the endpoint identifier in a binding entry along with the local care-of address, a regional care-of address, the label switch path and an egress interface, advertising the endpoint identifier with associated regional or local care-of address of the mobile node, and forwarding data packets, received at the mobility anchor point from a corresponding node that have the regional or local care-of address, to the mobile node using the LSP.

摘要翻译： 一种由网络元件执行的用于向移动节点提供网络中的微移动性的方法，包括以下步骤：从当前耦合到所述移动节点的接入路由器在所述移动性锚点处接收注册请求消息，其中所述注册请求 消息包括移动节点的端点标识符和移动节点的本地转交地址，在移动性锚点和接入路由器之间建立标签交换路径（LSP），将端点标识符与绑定条目一起存储在绑定条目中 通过本地转交地址，区域转交地址，标签交换路径和出口接口，将端点标识符与移动节点的相关区域或本地转交地址进行通告，以及转发在移动锚点处接收的数据分组 从具有区域或本地转交地址的对应节点指向使用LSP的移动节点。

公开(公告)号：US20120182936A1

公开(公告)日：2012-07-19

申请号：US13178153

申请日：2011-07-07

申请人： Wassim Haddad ,  Joel Halpern

发明人： Wassim Haddad ,  Joel Halpern

IPC分类号： H04W8/02

CPC分类号： H04W40/36 ,  H04L45/50 ,  H04W8/085 ,  H04W8/087 ,  H04W80/04 ,  H04W84/005

摘要： In response to a Mobile Access Router (MAR) initially attaching to a Multi-Protocol Label Switching (MPLS) domain through a first Access Router (AR) in the domain, a Mobility Anchor Point (MAP) in the MPLS domain establishes a plurality of Label Switched Paths (LSPs) for the MAR. For example, the MAP establishes an active LSP to the MAR through the AR to which the MAR has initially attached, and further establishes an inactive LSP for the MAR to each of one or more other ARs in the MPLS domain. An inactive LSP established at a given AR for a given MAR is activated when/if that MAR attaches to the AR. Correspondingly, the present invention includes method and apparatus teachings related to the MAP, ARs and the MAR, as regards establishing inactive LSPs, activating inactive LSPs, and extending an activated LSP to the MAR.

摘要翻译： 响应于最初通过域中的第一接入路由器（AR）附加到多协议标签交换（MPLS）域的移动接入路由器（MAR），MPLS域中的移动锚点（MAP）建立多个 标签交换路径（LSP）为MAR。 例如，MAP通过MAR最初附加的AR建立到MAR的活动LSP，并且进一步为MPLS域中的一个或多个其他AR中的每一个建立MAR的不活动LSP。 当给定的MAR附加到AR时，在给定的AR处建立的对于给定的MAR建立的不活动的LSP被激活。 相应地，本发明包括与MAP，AR和MAR有关的方法和装置教导，关于建立非活动LSP，激活非活动LSP，并将激活的LSP扩展到MAR。

公开(公告)号：US20120155442A1

公开(公告)日：2012-06-21

申请号：US12969151

申请日：2010-12-15

申请人： Wassim Haddad ,  Joel Halpern

发明人： Wassim Haddad ,  Joel Halpern

IPC分类号： H04L12/56 ,  H04W4/00

CPC分类号： H04W8/065 ,  H04W8/085

摘要： A method performed by a network element for providing micro-mobility in a network to a mobile node including the steps of receiving a registration request message at the mobility anchor point from an access router that is currently coupled to the mobile node, wherein the registration request message includes an endpoint identifier of the mobile node and a local care-of address of the mobile node, establishing a label switch path (LSP) between the mobility anchor point and the access router, storing the endpoint identifier in a binding entry along with the local care-of address, a regional care-of address, the label switch path and an egress interface, advertising the endpoint identifier with associated regional or local care-of address of the mobile node, and forwarding data packets, received at the mobility anchor point from a corresponding node that have the regional or local care-of address, to the mobile node using the LSP.

摘要翻译： 一种由网络元件执行的用于向移动节点提供网络中的微移动性的方法，包括以下步骤：从当前耦合到所述移动节点的接入路由器在所述移动性锚点处接收注册请求消息，其中所述注册请求 消息包括移动节点的端点标识符和移动节点的本地转交地址，在移动性锚点和接入路由器之间建立标签交换路径（LSP），将端点标识符与绑定条目一起存储在绑定条目中 通过本地转交地址，区域转交地址，标签交换路径和出口接口，将端点标识符与移动节点的相关区域或本地转交地址进行通告，以及转发在移动锚点处接收的数据分组 从具有区域或本地转交地址的对应节点指向使用LSP的移动节点。

公开(公告)号：US09025439B2

公开(公告)日：2015-05-05

申请号：US13533457

申请日：2012-06-26

申请人： Wassim Haddad ,  Joel Halpern

发明人： Wassim Haddad ,  Joel Halpern

IPC分类号： H04L12/703 ,  H04L12/24

CPC分类号： H04L41/50 ,  H04L12/5692 ,  H04W88/10

摘要： A method implemented by a Broadband Network Gateway (BNG) of an Internet service provider to provide accessibility to a wide area network for a Residential Gateway (RG) upon a failure of a wireline connectivity between the BNG and the RG, the method including receiving a failure detect message indicating a connectivity failure at the BNG from the RG, deciding whether to re-route traffic by the BNG, sending a failure acknowledge message by the BNG to the RG notifying the RG that re-routing has been initiated, sending a traffic re-route request message by the BNG to a Packet Data Network Gateway (PDN GW) of a Long-Term Evolution (LTE) network requesting the PDN GW to re-route traffic, receiving a traffic re-route acknowledgement by the BNG from the PDN GW, and re-routing traffic between the RG and the BNG through the PDN GW by the BNG.

摘要翻译： 一种由互联网服务提供商的宽带网络网关（BNG）实现的方法，用于在BNG和RG之间的有线连接失败时向住宅网关（RG）的广域网提供可访问性，所述方法包括： 指示来自RG的BNG处的连接失败的故障检测消息，决定是否由BNG重新路由业务，由BNG向RG发送故障确认消息，通知RG已经发起重新路由，发送流量 通过BNG将请求消息重新路由到长期演进（LTE）网络的分组数据网络网关（PDN GW），请求PDN GW重新路由业务，接收来自BNG的业务重新路由确认 PDN GW，并且通过BNG通过PDN GW重新路由RG与BNG之间的业务。

公开(公告)号：US08995337B2

公开(公告)日：2015-03-31

申请号：US13178153

申请日：2011-07-07

申请人： Wassim Haddad ,  Joel Halpern

发明人： Wassim Haddad ,  Joel Halpern

IPC分类号： H04W4/00 ,  H04W40/36 ,  H04L12/723 ,  H04W8/08 ,  H04W80/04 ,  H04W84/00

CPC分类号： H04W40/36 ,  H04L45/50 ,  H04W8/085 ,  H04W8/087 ,  H04W80/04 ,  H04W84/005

摘要： In response to a Mobile Access Router (MAR) initially attaching to a Multi-Protocol Label Switching (MPLS) domain through a first Access Router (AR) in the domain, a Mobility Anchor Point (MAP) in the MPLS domain establishes a plurality of Label Switched Paths (LSPs) for the MAR. For example, the MAP establishes an active LSP to the MAR through the AR to which the MAR has initially attached, and further establishes an inactive LSP for the MAR to each of one or more other ARs in the MPLS domain. An inactive LSP established at a given AR for a given MAR is activated when/if that MAR attaches to the AR. Correspondingly, the present invention includes method and apparatus teachings related to the MAP, ARs and the MAR, as regards establishing inactive LSPs, activating inactive LSPs, and extending an activated LSP to the MAR.

摘要翻译： 响应于最初通过域中的第一接入路由器（AR）附加到多协议标签交换（MPLS）域的移动接入路由器（MAR），MPLS域中的移动锚点（MAP）建立多个 标签交换路径（LSP）为MAR。 例如，MAP通过MAR最初附加的AR建立到MAR的活动LSP，并且进一步为MPLS域中的一个或多个其他AR中的每一个建立MAR的不活动LSP。 当给定的MAR附加到AR时，在给定的AR处建立的对于给定的MAR建立的不活动的LSP被激活。 相应地，本发明包括与MAP，AR和MAR有关的方法和装置教导，关于建立非活动LSP，激活非活动LSP，并将激活的LSP扩展到MAR。