会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 1. 发明申请
    • AAA SUPPORT FOR DHCP
    • AAA支持DHCP
    • WO2005104500A1
    • 2005-11-03
    • PCT/SE2004/001856
    • 2004-12-10
    • TELEFONAKTIEBOLAGET LM ERICSSON (publ)OYAMA, JohnsonKATO, Ryoji
    • OYAMA, JohnsonKATO, Ryoji
    • H04L29/12
    • H04L61/2015H04L63/06H04L63/08H04W8/065H04W80/04
    • A basic idea is to use the AAA infrastructure to assign (S3) an appropriate DHCP server to DHCP client for the DHCP service, and transferring DHCP-related information over the AAA infrastructure for authenticating (S1) and authorizing (S4) the DHCP client for DHCP service with the assigned DHCP server. Instead of the more complex DHCP server discovery process known from the prior art, the AAA infrastructure, and more particularly a suitable AAA server or equivalent AAA component, is used for assigning an appropriate DHCP server to the DHCP client. Consequently, there is no longer any mandatory dependency on the DHCP discovery-related messages. The invention preferably provides AAA protocol support for facilitating assignment of appropriate DHCP servers and providing an out-of-band key agreement protocol for DHCP clients and servers by carrying DHCP related informaion facilitating the bootstrapping of DHCP authentication extension (RFC3118).
    • 一个基本思想是使用AAA基础设施为DHCP服务器为DHCP客户端分配(S3)适当的DHCP服务器,并通过AAA基础设施传输与DHCP相关的信息,以认证(S1)并授权(S4)DHCP客户端 DHCP服务与分配的DHCP服务器。 使用现有技术已知的更复杂的DHCP服务器发现过程,而不是使用AAA基础设施,更具体地,合适的AAA服务器或等效的AAA组件来为DHCP客户端分配合适的DHCP服务器。 因此,不再需要依赖于与DHCP发现相关的消息。 本发明优选地提供AAA协议支持,以便于分配适当的DHCP服务器,并通过携带DHCP相关信息为DHCP客户端和服务器提供带外密钥协商协议,以便于DHCP认证扩展(RFC3118)的引导。
    • 2. 发明申请
    • METHOD, SYSTEM AND APPARATUS TO SUPPORT MOBILE IP VERSION 6 SERVICES IN CDMA SYSTEMS
    • CDMA系统中支持移动IP第6版服务的方法,系统和设备
    • WO2004112349A1
    • 2004-12-23
    • PCT/SE2004/000950
    • 2004-06-15
    • TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)OYAMA, JohnsonKATO, RyojiRUNE, JohanLARSSON, Tony
    • OYAMA, JohnsonKATO, RyojiRUNE, JohanLARSSON, Tony
    • H04L29/06
    • H04L63/08H04W12/06H04W80/04
    • The invention provides authentication and authorization support for MIPv6 in a CDMA framework by transferring MIPv6-related information in an, preferably extended, authentication protocol in an end-to-end procedure between a mobile node (10) in a visited network and the home network of the mobile node over an AAA infrastructure. Preferably, the end-to-end procedure is executed between the mobile node and an AAA server (34) of the home network. In the visited network, after lower-layer setup, point-to-point communication is established between the mobile node and an internetworking access server (22). The access server then communicates with the AAA home server for MIPv6 authentication and authorization of the mobile node. A preferred embodiment uses EAP as basis for the extended authentication protocol. EAP extensions are then used for MIPv6 initiation and re-authentication, while CHAP can be beneficial for MIPv6 hand-in.
    • 本发明通过在访问网络中的移动节点(10)和家庭网络之间以端到端过程在最优选地扩展的认证协议中传送MIPv6相关信息来提供CDMA框架中的MIPv6的认证和授权支持 的移动节点。 优选地,在移动节点和家庭网络的AAA服务器(34)之间执行端对端过程。 在访问网络中,在较低层设置之后,在移动节点与互联网络接入服务器(22)之间建立点对点通信。 然后,接入服务器与AAA家庭服务器进行通信,用于移动节点的MIPv6认证和授权。 优选实施例使用EAP作为扩展认证协议的基础。 然后,EAP扩展用于MIPv6启动和重新认证,而CHAP可以有益于MIPv6手动。
    • 4. 发明申请
    • NETWORK MOBILITY SUPPORT AND ACCESS CONTROL FOR MOVABLE NETWORKS
    • 网络移动性支持和可移动网络的访问控制
    • WO2005094037A1
    • 2005-10-06
    • PCT/SE2004/001735
    • 2004-11-24
    • TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)OYAMA, JohnsonKATO, Ryoji
    • OYAMA, JohnsonKATO, Ryoji
    • H04L29/06
    • H04W28/06H04L63/0227H04L63/0236H04L63/10H04W8/085H04W8/18H04W12/08H04W40/02H04W74/00H04W80/04H04W84/005H04W88/14
    • The invention relates to access control for a movable network (15) managed by a mobile router (10), wherein said mobile route is interconnected through a bi-directional link (40) with a mobility anchoring agent (20) that anchors the network mobility for the mobile router. According to the invention, access control enforcement points (11, 21) are located at both the mobile router (10) and the mobility anchoring agent (20). Access control is exercised at the mobility agent (20) to filter downlink packets to the mobile router (10) and access control is exercised at the mobile router (10) to filter uplink packets to the mobility anchoring agent (20). In this way, unauthorized packets, both uplink and downlink, do not have to cross the air interface before being filtered away, thereby preventing waste of valuable radio resources. The access control modules are typically provisioned with access control filter information, preferably by means of a hierarchical provisioning structure.
    • 本发明涉及由移动路由器(10)管理的可移动网络(15)的访问控制,其中所述移动路由通过具有锚定网络移动性的移动性锚定代理(20)的双向链路(40)互连。 为移动路由器。 根据本发明,访问控制执行点(11,21)位于移动路由器(10)和移动锚定代理(20)两者处。 移动代理(20)对移动代理(20)进行访问控制,以便向移动路由器(10)过滤下行链路分组,并且在移动路由器(10)处执行访问控制,以过滤上行分组到移动性锚定代理(20)。 以这种方式,上行链路和下行链路的未授权分组在被过滤之前不必跨越空中接口,从而防止浪费有价值的无线电资源。 访问控制模块通常被提供有访问控制过滤器信息,优选地通过分层供应结构。
    • 5. 发明申请
    • METHOD, SYSTEM AND APPARATUS TO SUPPORT MOBILE IP VERSION 6 SERVICES
    • 支持移动IP版本6服务的方法,系统和设备
    • WO2004112348A1
    • 2004-12-23
    • PCT/SE2004/000949
    • 2004-06-15
    • TELEFONAKTIEBOLAGET LM ERICSSON (publ)OYAMA, JohnsonKATO, RyojiRUNE, JohanLARSSON, Tony
    • OYAMA, JohnsonKATO, RyojiRUNE, JohanLARSSON, Tony
    • H04L29/06
    • H04L63/08H04L63/0892H04L63/164H04W8/04H04W12/06H04W80/04H04W84/00
    • For establishing a MIPv6 security association between the mobile node (10) roaming in a foreign network (20) and a home agent (36) and for simplifying MIPv6-related configuration, MIPv6-related information is transferred in an end-to-end procedure over an AAA infrastructure by means of an, preferably extended, authentication protocol. A preferred embodiment uses EAP as basis for the extended authentication protocol, creating EAP extensions by incorporating the MIPv6-related information as additional data in the EAP protocol stack, for example as EAP attributes in the EAP method layer of the EAP protocol stack or transferred in a generic container attribute on the EAP layer or the EAP method layer. A major advantage of the proposed MIPv6 authentication/authorization mechanism lies in the fact that it is transparent to the visited domain (20), allowing AAA client (22) and AAAv (24) to act as mere pass-through agents during the procedure.
    • 为了在外部网络(20)和归属代理(36)之间漫游的移动节点(10)之间建立MIPv6安全关联,并且为了简化MIPv6相关配置,MIPv6相关信息以端对端的过程 通过优选扩展的认证协议通过AAA基础设施。 优选实施例使用EAP作为扩展认证协议的基础,通过将作为附加数据的MIPv6相关信息合并到EAP协议栈中来创建EAP扩展,例如作为EAP协议栈的EAP方法层中的EAP属性或者转移到 EAP层或EAP方法层上的通用容器属性。 所提出的MIPv6认证/授权机制的主要优点在于它对访问域(20)是透明的,允许AAA客户端(22)和AAAv(24)在过程期间仅作为直通代理。