专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08356171B2 System and method for implementing fast reauthentication 有权
标题翻译：实现快速重新认证的系统和方法
公开(公告)号：US08356171B2
公开(公告)日：2013-01-15
申请号：US11411482
申请日：2006-04-26
申请人： Kevin Shatzkamer , Anand K. Oswal , Mark Grayson , Jayaraman Iyer , Navan Narang
发明人： Kevin Shatzkamer , Anand K. Oswal , Mark Grayson , Jayaraman Iyer , Navan Narang
IPC分类号： G06F21/00
CPC分类号： H04L63/0892 , H04L63/08 , H04L63/164 , H04W12/06 , H04W88/16
摘要： A system for efficiently reauthenticating a client of a network. In a specific embodiment, the system includes an authentication server and a Security GateWay (SGW) in communication with the client. The SGW includes reauthentication information associated with the client. In a more specific embodiment, the authentication server includes an Authentication, Authorization, and Accounting (AAA) server. The SGW further includes one or more routines for employing the reauthentication information to reauthenticate the client. The AAA server performs initial authentication of the client to enable client access to the network, which yields the reauthentication information. The reauthentication information includes one or more keys and/or counters, such as an authorization key, an encryption key, and a master key, which is/are predetermined by the AAA server.
摘要翻译：一种用于有效地重新认证网络客户端的系统。在具体实施例中，系统包括与客户端通信的认证服务器和安全门禁（SGW）。 SGW包括与客户端相关联的重新认证信息。在更具体的实施例中，认证服务器包括认证，授权和计费（AAA）服务器。 SGW还包括用于使用重新认证信息重新认证客户端的一个或多个例程。 AAA服务器执行客户端的初始认证，以使客户端能够访问网络，从而产生重新认证信息。重新认证信息包括由AAA服务器预先确定的一个或多个密钥和/或计数器，例如授权密钥，加密密钥和主密钥。

2. 发明申请

US20080235783A1 P-GANC OFFLOAD OF URR DISCOVERY MESSAGES TO A SECURITY GATEWAY 有权
标题翻译： P-GANC将URR发送消息发送到安全网关
公开(公告)号：US20080235783A1
公开(公告)日：2008-09-25
申请号：US11688113
申请日：2007-03-19
申请人： Kevin Shatzkamer , Anand K. Oswal , Jayaraman Iyer , Mark Grayson , Navan Narang
发明人： Kevin Shatzkamer , Anand K. Oswal , Jayaraman Iyer , Mark Grayson , Navan Narang
IPC分类号： G06F17/00
CPC分类号： H04W12/06 , H04L29/12113 , H04L61/1541 , H04L63/0272 , H04L63/0892 , H04L63/164 , H04W12/02
摘要： In one embodiment, a security gateway receives an IPSec Initiation (IPSec INIT) request from a client. The security gateway may communicate with a AAA server to authenticate the client. After authentication, the security gateway intercepts a URR Discovery request from the client. The security gateway determines registration information for a response to the registration request. The registration information may be information on where the client can locate a D-GANC. A response is generated using the determined information and sent to the client. The response to the discovery request is performed without communicating with a P-GANC. Accordingly, a security gateway is used to authenticate the client and also to respond to the discovery request. This does not require that a P-GANC function be deployed in a network. Thus, cost and processing power may be saved.
摘要翻译：在一个实施例中，安全网关从客户端接收IPSec启动（IPSec INIT）请求。安全网关可以与AAA服务器进行通信，以验证客户端。认证后，安全网关从客户端拦截URR发现请求。安全网关确定用于对注册请求的响应的注册信息。注册信息可以是客户端可以在哪里定位D-GANC的信息。使用确定的信息产生响应并发送给客户端。在不与P-GANC通信的情况下执行对发现请求的响应。因此，安全网关用于认证客户端并且还响应于发现请求。这不需要在网络中部署P-GANC功能。因此，可以节省成本和处理能力。

3. 发明授权

US08018948B2 P-GANC offload of URR discovery messages to a security gateway 有权
标题翻译： P-GANC将URR发现消息卸载到安全网关
公开(公告)号：US08018948B2
公开(公告)日：2011-09-13
申请号：US11688113
申请日：2007-03-19
申请人： Kevin Shatzkamer , Anand K. Oswal , Jayaraman Iyer , Mark Grayson , Navan Narang
发明人： Kevin Shatzkamer , Anand K. Oswal , Jayaraman Iyer , Mark Grayson , Navan Narang
IPC分类号： H04L12/28 , H04L12/56 , H04J3/16 , H04J3/22 , G06F9/00 , G06F15/16 , G06F17/00
CPC分类号： H04W12/06 , H04L29/12113 , H04L61/1541 , H04L63/0272 , H04L63/0892 , H04L63/164 , H04W12/02
摘要： In one embodiment, a security gateway receives an IPSec Initiation (IPSec INIT) request from a client. The security gateway may communicate with a AAA server to authenticate the client. After authentication, the security gateway intercepts a URR Discovery request from the client. The security gateway determines registration information for a response to the registration request. The registration information may be information on where the client can locate a D-GANC. A response is generated using the determined information and sent to the client. The response to the discovery request is performed without communicating with a P-GANC. Accordingly, a security gateway is used to authenticate the client and also to respond to the discovery request. This does not require that a P-GANC function be deployed in a network. Thus, cost and processing power may be saved.
摘要翻译：在一个实施例中，安全网关从客户端接收IPSec启动（IPSec INIT）请求。安全网关可以与AAA服务器进行通信，以验证客户端。认证后，安全网关从客户端拦截URR发现请求。安全网关确定用于对注册请求的响应的注册信息。注册信息可以是客户端可以在哪里定位D-GANC的信息。使用确定的信息生成响应并发送给客户端。在不与P-GANC通信的情况下执行对发现请求的响应。因此，安全网关用于认证客户端并且还响应于发现请求。这不需要在网络中部署P-GANC功能。因此，可以节省成本和处理能力。

4. 发明授权

US08315246B2 System and method employing strategic communications between a network controller and a security gateway 有权
标题翻译：采用网络控制器和安全网关之间的战略通信的系统和方法
公开(公告)号：US08315246B2
公开(公告)日：2012-11-20
申请号：US11437058
申请日：2006-05-18
申请人： Kevin Shatzkamer , Anand K. Oswal , Navan Narang , Jayaraman Iyer , Richard Kyle Forster
发明人： Kevin Shatzkamer , Anand K. Oswal , Navan Narang , Jayaraman Iyer , Richard Kyle Forster
IPC分类号： H04L12/66
CPC分类号： H04L63/08 , H04L63/0272 , H04L63/0892 , H04L63/164 , H04W12/02 , H04W12/06 , H04W92/04
摘要： A system for enhancing functionality of a network. In a specific embodiment, the system employs strategic communications between a network controller and a security gateway. The strategic communications occur via a feedback communications channel between the network controller and the security gateway. The feedback communications channel facilitates transferring security information, such as International Mobile Subscriber Identity (IMSI) and other information, between the network controller and the security gateway. The security information may facilitate enabling the SGW to make intelligent decisions as to how to treat a client communications session. In the specific embodiment, the feedback communications channel includes an intervening Authentication, Authorization, and Accounting (AAA) server that is coupled between the UMA and the network controller.
摘要翻译：一种用于增强网络功能的系统。在具体实施例中，系统采用网络控制器和安全网关之间的战略通信。战略通信通过网络控制器和安全网关之间的反馈通信信道进行。反馈通信信道有助于在网络控制器和安全网关之间传送诸如国际移动用户标识（IMSI）等安全信息。安全信息可能有助于SGW做出关于如何处理客户端通信会话的智能决定。在具体实施例中，反馈通信信道包括耦合在UMA和网络控制器之间的中间认证，授权和计费（AAA）服务器。

5. 发明申请

US20070268888A1 System and method employing strategic communications between a network controller and a security gateway 有权
标题翻译：采用网络控制器和安全网关之间的战略通信的系统和方法
公开(公告)号：US20070268888A1
公开(公告)日：2007-11-22
申请号：US11437058
申请日：2006-05-18
申请人： Kevin Shatzkamer , Anand K. Oswal , Navan Narang , Jayaraman Iyer , Richard Kyle Forster
发明人： Kevin Shatzkamer , Anand K. Oswal , Navan Narang , Jayaraman Iyer , Richard Kyle Forster
IPC分类号： H04L12/66
CPC分类号： H04L63/08 , H04L63/0272 , H04L63/0892 , H04L63/164 , H04W12/02 , H04W12/06 , H04W92/04
摘要： A system for enhancing functionality of a network. In a specific embodiment, the system employs strategic communications between a network controller and a security gateway. The strategic communications occur via a feedback communications channel between the network controller and the security gateway. The feedback communications channel facilitates transferring security information, such as International Mobile Subscriber Identity (IMSI) and other information, between the network controller and the security gateway. The security information may facilitate enabling the SGW to make intelligent decisions as to how to treat a client communications session. In the specific embodiment, the feedback communications channel includes an intervening Authentication, Authorization, and Accounting (AAA) server that is coupled between the UMA and the network controller.
摘要翻译：一种用于增强网络功能的系统。在具体实施例中，系统采用网络控制器和安全网关之间的战略通信。战略通信通过网络控制器和安全网关之间的反馈通信信道进行。反馈通信信道有助于在网络控制器和安全网关之间传送诸如国际移动用户标识（IMSI）等安全信息。安全信息可能有助于SGW做出关于如何处理客户端通信会话的智能决定。在具体实施例中，反馈通信信道包括耦合在UMA和网络控制器之间的中间认证，授权和计费（AAA）服务器。

6. 发明申请

US20070268855A1 Enhanced unlicensed mobile access network architecture 有权
标题翻译：增强的无执照移动接入网架构
公开(公告)号：US20070268855A1
公开(公告)日：2007-11-22
申请号：US11439010
申请日：2006-05-22
申请人： Mark Grayson , Jayaraman Iyer , Kevin Shatzkamer , Richard Kyle Forster , Anand K. Oswal
发明人： Mark Grayson , Jayaraman Iyer , Kevin Shatzkamer , Richard Kyle Forster , Anand K. Oswal
IPC分类号： H04Q7/00
CPC分类号： H04W92/02 , H04W88/12 , H04W88/16
摘要： An Unlicensed Mobile Access (UMA) network architecture. In a specific embodiment, the network architecture includes a mobile station and an access point in communication with the mobile station. A UMA Controller (UNC) communicates with the access point. A Service GateWay (SGW) communicates with the UMA controller. The SGW includes functionality to route user-plane packets in the UMA. In a more specific embodiment, the functionality includes UNC user-plane functionality offloaded from the UNC to the SGW; Serving GPRS Support Node (SGSN) user-plane functionality; access-authentication functionality sufficient to enable the SGW to enable the SGW to bypass a legacy SGSN control plane; and/or Radio Network Controller (RNC) user-plane functionality sufficient to enable communications between the SGW and the RNC.
摘要翻译：无牌移动接入（UMA）网络架构。在具体实施例中，网络架构包括与移动站通信的移动站和接入点。 UMA控制器（UNC）与接入点进行通信。服务网关（SGW）与UMA控制器进行通信。 SGW包括在UMA中路由用户平面数据包的功能。在更具体的实施例中，功能包括从UNC卸载到SGW的UNC用户平面功能; 服务GPRS支持节点（SGSN）用户平面功能; 访问认证功能足以使SGW能够使SGW绕过传统的SGSN控制平面; 和/或无线电网络控制器（RNC）用户平面功能，足以实现SGW与RNC之间的通信。

7. 发明授权

US08817696B2 Enhanced unlicensed mobile access network architecture 有权
标题翻译：增强的无执照移动接入网架构
公开(公告)号：US08817696B2
公开(公告)日：2014-08-26
申请号：US11439010
申请日：2006-05-22
申请人： Mark Grayson , Jayaraman Iyer , Kevin Shatzkamer , Richard Kyle Forster , Anand K. Oswal
发明人： Mark Grayson , Jayaraman Iyer , Kevin Shatzkamer , Richard Kyle Forster , Anand K. Oswal
IPC分类号： H04L12/66 , H04W92/02 , H04W88/12 , H04W88/16
CPC分类号： H04W92/02 , H04W88/12 , H04W88/16
摘要： An Unlicensed Mobile Access (UMA) network architecture. In a specific embodiment, the network architecture includes a mobile station and an access point in communication with the mobile station. A UMA Controller (UNC) communicates with the access point. A Service GateWay (SGW) communicates with the UMA controller. The SGW includes functionality to route user-plane packets in the UMA. In a more specific embodiment, the functionality includes UNC user-plane functionality offloaded from the UNC to the SGW; Serving GPRS Support Node (SGSN) user-plane functionality; access-authentication functionality sufficient to enable the SGW to enable the SGW to bypass a legacy SGSN control plane; and/or Radio Network Controller (RNC) user-plane functionality sufficient to enable communications between the SGW and the RNC.
摘要翻译：无牌移动接入（UMA）网络架构。在具体实施例中，网络架构包括与移动站通信的移动站和接入点。 UMA控制器（UNC）与接入点进行通信。服务网关（SGW）与UMA控制器进行通信。 SGW包括在UMA中路由用户平面数据包的功能。在更具体的实施例中，功能包括从UNC卸载到SGW的UNC用户平面功能; 服务GPRS支持节点（SGSN）用户平面功能; 访问认证功能足以使SGW能够使SGW绕过传统的SGSN控制平面; 和/或无线电网络控制器（RNC）用户平面功能，足以实现SGW与RNC之间的通信。

8. 发明授权

US08555350B1 System and method for ensuring persistent communications between a client and an authentication server 有权
标题翻译：确保客户端和认证服务器之间持久通信的系统和方法
公开(公告)号：US08555350B1
公开(公告)日：2013-10-08
申请号：US11473767
申请日：2006-06-23
申请人： Kevin Shatzkamer , Anand K. Oswal , Chris O'Rourke , Mark Grayson , Jayaraman Iyer
发明人： Kevin Shatzkamer , Anand K. Oswal , Chris O'Rourke , Mark Grayson , Jayaraman Iyer
IPC分类号： G06F7/00
CPC分类号： H04L67/1027 , H04L63/0428 , H04L63/0853 , H04L63/0892
摘要： A system for facilitating persistent communications between entities in a network. In a specific embodiment, the system is adapted to facilitate fast reauthentication of a client performed by a server, such as an Authentication, Authorization, and Accounting (AAA) server, that is coupled to the client via a load balancer. The system includes a first message to be exchanged between the server and the client, wherein the first message includes a field identifying the server and/or the client. A matching module communicates with or is otherwise incorporated within the load balancer. The matching module includes one or more routines for employing the field to selectively route the first message to the client and/or server. In a more specific embodiment, the server a fast reauthentication module adapted to append the field in the message. The field includes sub-realm information identifying the server.
摘要翻译：用于促进网络中的实体之间的持久通信的系统。在特定实施例中，该系统适于促进由诸如认证，授权和计费（AAA）服务器的服务器执行的客户端的快速重新认证，所述服务器经由负载平衡器耦合到客户端。该系统包括要在服务器和客户端之间交换的第一消息，其中第一消息包括标识服务器和/或客户端的字段。匹配模块与负载均衡器通信或以其他方式并入其中。匹配模块包括用于使用该字段选择性地将第一消息路由到客户端和/或服务器的一个或多个例程。在更具体的实施例中，服务器是适于将字段附加到消息中的快速重新认证模块。该字段包括标识服务器的子域信息。

9. 发明授权

US07640023B2 System and method for server farm resource allocation 有权
标题翻译：服务器场资源分配的系统和方法
公开(公告)号：US07640023B2
公开(公告)日：2009-12-29
申请号：US11417960
申请日：2006-05-03
申请人： Weimin Ma , Ashish Chandwadkar , Chris O'Rourke , Robert Batz , Kevin Shatzkamer , Anand K. Oswal , Mark Grayson , Jayaraman Iyer
发明人： Weimin Ma , Ashish Chandwadkar , Chris O'Rourke , Robert Batz , Kevin Shatzkamer , Anand K. Oswal , Mark Grayson , Jayaraman Iyer
IPC分类号： H04W72/00
CPC分类号： H04W28/08 , H04L67/1002 , H04L67/1008 , H04L67/1014 , H04L67/1036 , H04W74/004 , H04W88/14
摘要： Techniques and systems for server farm load balancing and resource allocation are disclosed. In one embodiment, a method of load balancing can include: arranging servers into service groups; receiving an access request with information related to a differentiation between the service groups; selecting one of the service groups based on a mapping comparison to the information; and selecting one of the servers within the selected service group based on a hardware utilization comparison. The servers can include GPRS (General Packet Radio Service) Gateway Support Node (GGSN) or Remote Authentication Dial In User Service (RADIUS) servers, for example. The information can include an Access Point Name (APN) or Calling Station ID, for example.
摘要翻译：披露了用于服务器场负载平衡和资源分配的技术和系统。在一个实施例中，负载平衡的方法可以包括：将服务器排列成服务组; 接收具有与服务组之间的区别相关的信息的访问请求; 基于与信息的映射比较来选择服务组之一; 以及基于硬件利用率比较来选择所选服务组内的一个服务器。服务器可以包括例如GPRS（通用分组无线电业务）网关支持节点（GGSN）或远程认证拨入用户服务（RADIUS）服务器。该信息可以包括例如接入点名称（APN）或呼叫站ID。

10. 发明申请

US20080220740A1 Blacklisting of unlicensed mobile access (UMA) users via AAA policy database 有权
标题翻译：通过AAA策略数据库将未经授权的移动接入（UMA）用户列入黑名单
公开(公告)号：US20080220740A1
公开(公告)日：2008-09-11
申请号：US11716267
申请日：2007-03-09
申请人： Kevin Shatzkamer , Anand K. Oswal , Casey Yoon , Mark Grayson
发明人： Kevin Shatzkamer , Anand K. Oswal , Casey Yoon , Mark Grayson
IPC分类号： H04M1/66
CPC分类号： H04W8/06 , H04L63/101 , H04W12/08 , H04W12/12 , H04W88/14
摘要： In one embodiment, while being connected to the network, a security issue may be detected and associated with the device. The device may be placed on a blacklist for the security issue. The blacklist is a list that is used to deny service for the device when it attempts to connect. Thus, the device is disconnected from the network. Identification information for the device is added to the blacklist at the authentication server. If the device attempts to reconnect to the network, the request is received at the authentication server. The authentication server can then check the blacklist and deny the request for access to the network if the identification information is on the blacklist. This denial is determined without sending the request to the HLR. Accordingly, the HLR is protected in that requests from a device that may be considered a security issue are not sent to the HLR.
摘要翻译：在一个实施例中，当连接到网络时，可以检测安全问题并与设备相关联。为了安全问题，设备可能被放置在黑名单上。黑名单是用于在尝试连接时拒绝该设备的服务的列表。因此，设备与网络断开连接。设备的识别信息被添加到认证服务器的黑名单。如果设备尝试重新连接到网络，则在认证服务器处接收到请求。然后，如果识别信息在黑名单上，认证服务器可以检查黑名单并拒绝接入网络的请求。确定此拒绝，而不向HLR发送请求。因此，HLR受到保护，因为来自可能被认为是安全问题的设备的请求不被发送到HLR。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式