Patent application number | Description | Published |
20090054037 | Roaming Wi-Fi Access in Fixed Network Architectures - An apparatus comprising a node comprising an access controller (AC) and an authentication, authorization and accounting (AAA) proxy (AAA-P), wherein the AC is configured to manage authentication for a user equipment (UE), and wherein the AAA-P is configured to exchange authentication information related to the UE with an AAA server. Included is a network component comprising at least one processor configured to implement a method comprising establishing a first tunnel with a home gateway (HG), wherein the HG communicates wirelessly with a UE, and establishing a second tunnel between the UE and a Network Access Server (NAS). Also included is a network component comprising at least one processor configured to implement a method comprising receiving a Pairwise Master Key (PMK) from an AAA mediator (AAA-M), and authenticating a UE using the PMK. | 02-26-2009 |
20090055898 | PANA for Roaming Wi-Fi Access in Fixed Network Architectures - A network component comprising at least one processor configured to implement a method comprising deriving a Master Session Key (MSK) using a secret key and at least one parameter obtained from an Extensible Authentication Protocol (EAP) sequence, deriving a first Pairwise Master Key (PMK) and a second PMK from the MSK, authenticating with a home gateway (HG) using the first PMK, and authenticating with an end point using the second PMK. Included is an apparatus comprising a node comprising an access controller (AC) and a protocol for carrying authentication for network access (PANA) Authentication Agent (PAA), wherein the AC is configured to manage authentication for a UE, and wherein the PAA is configured to implement a PANA to forward authentication information related to the UE. | 02-26-2009 |
20090150665 | Interworking 802.1 AF Devices with 802.1X Authenticator - An apparatus comprising a supplicant proxy port authorization entity (PAE) configured to communicate with a user equipment (UE) and a network, wherein the supplicant proxy PAE causes a communication path to forward or block communications between the UE and the network. Included is a network component comprising at least one processor configured to implement a method comprising authenticating a UE with a network using an Institute of Electrical and Electronics Engineers (IEEE) 802.1X protocol, and exchanging a secure key with the UE using an IEEE 802.1 AF protocol. Also included is a method comprising authenticating a user UE configured for a first authentication protocol with a network configured for a second authentication protocol using a port entity configured for the first authentication protocol and the second authentication protocol, and securing the UE's access to the network by completing a security key agreement using the first authentication protocol. | 06-11-2009 |
20090210542 | SIMPLIFIED PROTOCOL FOR CARRYING AUTHENTICATION FOR NETWORK ACCESS - Methods and system for simplified Protocol for Carrying Authentication for Network Access (sPANA) are disclosed. In the broadband architecture such as Broadband forum or WiMAX forum, a Network Access server (NAS) is one IP hop away from a user. Therefore, it is possible to relax the need in PANA to obtain an IP address prior to authentication. A PANA client (PaC) may use an unspecified IP address (e.g. 0.0.0.0 in TPv4) as a source address for authentication. A PANA Authentication Agent (PAA) may use an IP broadcast address as a network layer destination address (e.g. oxffffffff). The present invention defines PANA Attribute-Value Pairs (AVPs) and procedures that allow a Challenge-Handshake Authentication Protocol (CHAP) exchange to occur in PANA. The PANA CHAP support may facilitate smooth migration from Point-to-Point Protocol (PPP) sessions to IP sessions in a DSL Broadband network environment. The sPANA can be desirably compatible with the PANA. | 08-20-2009 |
20090285215 | Internet Protocol Version Six (IPv6) Addressing and Packet Filtering in Broadband Networks - A method comprising sending a dynamic host configuration protocol (DHCP) message comprising an Identity Association for Prefix Delegation (IA_PD) Prefix option comprising a Internet Protocol version 6 (IPv6) prefix and a length of the IPv6 prefix to a device having a media access control (MAC) address, receiving from the device a packet comprising a source MAC address and a source IPv6 address, and dropping the packet when the MAC address is equal to the source MAC address and the leftmost bits of the source IPv6 address defined by the length are not equal to the IPv6 prefix. | 11-19-2009 |
20100202427 | Apparatus and Method of Flow Movement for Network-Based Mobility Management Protocol - An apparatus comprising a local mobility anchor (LMA) configured to forward a flow to a mobile node (MN) via a first mobile access gateway (MAG) in a first network and via a second MAG in a second network, and to bind the flow to the second MAG from the first MAG, wherein the first MAG is configured to manage the MN mobility in the first network and the second MAG is configured to manage the MN mobility in the second network, wherein the first MAG sends a binding update comprising a flow description information to the LMA, and wherein the LMA replies to the binding update with a binding acknowledgement. | 08-12-2010 |
20100290474 | Multiple Prefix Connections with Translated Virtual Local Area Network - A system comprising an access node (AN) coupled to a plurality of service providers (SPs) and a host and configured to forward a plurality of services between the SPs and the host using a plurality of first connections between the AN and the host and a plurality of second connections between the AN and the SPs, and a router gateway (RG) positioned between the host and the AN and coupled to the AN via an access line that comprises the first connections, wherein the AN translates a plurality of first identifiers for the first connections to a plurality of second identifiers for the second connections to route the services appropriately between the host and the SPs over the first connections and the corresponding second connections. | 11-18-2010 |
20100290478 | Using Internet Protocol Version Six (IPv6) Tunnel for Access Identifier Transport - A method comprising encapsulating a message with a tunnel header comprising an access identifier associated with a network entity. Also included is an apparatus comprising an access node (AN) configured to communicate with a residential gateway (RG) via the access network, wherein the AN is configured to encapsulate a router solicitation (RS) with a header comprising an access identifier associated with the RG, and send the encapsulated RS to an Internet Protocol (IP) edge, wherein the AN is configured to receive a router advertisement (RA), and wherein the AN is configured to forward the RA to the RG associated with the access identifier. | 11-18-2010 |
20110173678 | User and Device Authentication in Broadband Networks - A network component comprising at least one processor configured to implement a method comprising granting a user restricted access at a reduced rate without authenticating the user, attempting to authenticate the user, and granting the user unrestricted access at a full rate if the user authentication is successful. Included is a method comprising authenticating a user device, a user line, or both using a first communication, and authenticating a user using a second communication separate from the first communication. Also included is an apparatus comprising an access node (AN) configured to couple to an access network and communicate with a user equipment (UE) via the access network, wherein the UE is authenticated using either line authentication or device authentication based on the access network. | 07-14-2011 |
20130034108 | System and Method for Communications Network Configuration - A method for operating a first communications device includes transmitting a provisioned network list to an access router, and receiving a logical router interface address for each network in the provisioned network list. The method also includes transmitting a first message to one of the logical router interface addresses corresponding to a first selected network, receiving a first address prefix for a first gateway router of the first selected network, and transmitting a first packet to a second communications device, the first packet including the first address prefix as a source prefix. | 02-07-2013 |
20130272287 | System and Method for ANDSF Enhancement with ANQP Server Capability - System and method embodiments are provided for extending Access Network Discovery and Selection Function (ANDSF) with Access Network Query Protocol (ANQP) server capability. An embodiment method for network discovery and selection (NDS) includes receiving, at an ANQP proxy, query for network discovery information from a user equipment (UE), forwarding the query to an ANDSF including an indication for a service provider associated with a domain of users, receiving information associated with the service provider from the ANDSF, and forwarding the information associated with the service provider to the UE. | 10-17-2013 |
20130308445 | System and Method for Network Detection and Selection - An embodiment method for network detection and selection includes receiving, by a user equipment (UE), a network detection and selection policy including a load threshold element, the UE further receiving load information element from an access network (AN), and applying the network detection and selection policy to the AN. | 11-21-2013 |
20130343304 | System and Method for Configuring Multiple IP Connections - In one embodiment, a method of configuring multiple per user access connections includes receiving, by an access gateway (AG) from an access point (AP), a first extensible authentication protocol (EAP) message including a first capability of a user equipment (UE) and transmitting, by the AG to an authentication, authorization and accounting (AAA) server, a second EAP message including the first capability of the UE and indication second capability of the AG. The method also includes receiving, by the AG from the AAA server, and an AAA message including a negotiated connection capability version and AAA message parameters and transmitting, by AG to the AP, a third EAP message including the negotiated connection capability version. | 12-26-2013 |
20140064285 | Multiple Prefix Connections with Translated Virtual Local Area Network - A system comprising an access node (AN) coupled to a plurality of service providers (SPs) and a host and configured to forward a plurality of services between the SPs and the host using a plurality of first connections between the AN and the host and a plurality of second connections between the AN and the SPs, and a router gateway (RG) positioned between the host and the AN and coupled to the AN via an access line that comprises the first connections, wherein the AN translates a plurality of first identifiers for the first connections to a plurality of second identifiers for the second connections to route the services appropriately between the host and the SPs over the first connections and the corresponding second connections. | 03-06-2014 |
20140078986 | System and Method for a Multiple IP Interface Control Protocol - Embodiments are provided for a mechanism for supporting multiple 3GPP Packet Data Network (PDN) connections over a WLAN. Multiple gateway interfaces, each corresponding to a different PDN, are established over a single connection , via the WLAN, between a UE and an access gateway. A PDN access configuration protocol (PACP) is provided to configure the association between the IP interface on the access gateway and the corresponding 3GPP PDN/APN connection, and exchange the PDN setup between the UE and the access gateway. The PACP mechanisms allow signaling APN information and associating corresponding IP context at the access gateway, setting up and tearing down connection context between the UE and PDN gateway (P-GW), and supporting session continuity when the UE moves to another access gateway. The mechanisms support using Dynamic Host Configuration Protocol (DHCP) for IPv4 and Neighbor Discovery for IPv6. | 03-20-2014 |
20140185603 | Systems and Methods for Accessing a Network - System and method embodiments are provided for accessing a wireless network. The embodiments enable establishing and releasing session resources in a wireless local area network (WLAN) corresponding to packet data network (PDN) connections in a 3 GPP enhanced packet core (EPC). In an embodiment, a method in a network component for establishing a control channel with a user equipment (UE) includes setting up, by the network component, a link layer channel, sending, by the network component, an identifier of the link layer channel to the UE; and communicating, by the network component, with the UE over the link layer channel using a WLAN control protocol (WLCP), wherein the WLAN comprises a trusted WLAN Access Network (TWAN). | 07-03-2014 |
20140348130 | System and Method for Distributed Evolved Packet Core Architecture - An embodiment method for session handling for a connection between an UE and a network includes establishing, at a first distributed EPC, user and IP sessions over the connection through the first distributed EPC. The first distributed EPC includes a first PGW at which the IP session is anchored. The method also includes holding original IP resources and releasing original connection resources for the sessions at the first distributed EPC when the UE moves beyond the first distributed EPC to a second distributed EPC. The method then establishes a tunnel between the first PGW and a second PGW for the second distributed EPC. The tunnel utilizes the original IP resources and new connection resources at the second distributed EPC. The method then routes data from the tunnel, through the first PGW, and to the network. | 11-27-2014 |