公开(公告)号：AU2005236770B2

公开(公告)日：2010-04-29

申请号：AU2005236770

申请日：2005-01-19

Applicant: CISCO TECH INC

Inventor： LINDERT DAVID P ,  MONTINI LAURENT ,  GRAYSON MARK ,  SONTI JAGDISH V

IPC: H04J3/26 ,  H04L29/08

Abstract: Providing a multicast service includes maintaining multicast service information at an application server. The multicast service information describes a multicast service having an associated subscriber, and the multicast service is operable to deliver multicast content from a multicast source. A cell supporting a user device associated with the subscriber is determined, and creation of a bearer path for the multicast service is initiated. Delivery of the multicast content to the user device is enabled using the bearer path.

公开(公告)号：CA2575824A1

公开(公告)日：2006-02-23

申请号：CA2575824

申请日：2005-07-25

Applicant: CISCO TECH INC

Inventor： GRAYSON MARK

IPC: H04L12/28

Abstract: An apparatus for signaling information in a network environment is provided that includes an access gateway operable to establish one or more packet data protocol (PDP) links on behalf of an end user. The access gateway is operable to communicate a message associated with a change in quality of service, locale, or policy enforcement relating to a selected one of the PDP links to a client services packet gateway (CSPG). The CSPG responds to the message by providing an accounting command for the selected PDP link such that synchronization is achieved between accounting information and a state associated with the selected PDP link.

公开(公告)号：WO2007127035A3

公开(公告)日：2008-12-11

申请号：PCT/US2007008632

申请日：2007-04-04

Applicant: CISCO TECH INC ,  SHATZKAMER KEVIN ,  OSWAL ANAND K ,  GRAYSON MARK ,  IYER JAYARAMAN ,  NARANG NAVAN

Inventor： SHATZKAMER KEVIN ,  OSWAL ANAND K ,  GRAYSON MARK ,  IYER JAYARAMAN ,  NARANG NAVAN

IPC: G06F15/16

CPC classification number: H04L63/0892 ,  H04L63/08 ,  H04L63/164 ,  H04W12/06 ,  H04W88/16

Abstract: A system for efficiently reauthenticating a client of a network. In a specific embodiment, the system includes an authentication server and a Security GateWay (SGW) in communication with the client. The SGW includes reauthentication information associated with the client. In a more specific embodiment, the authentication server includes an Authentication, Authorization, and Accounting (AAA) server. The SGW further includes one or more routines for employing the reauthentication information to reauthenticate the client. The AAA server performs initial authentication of the client to enable client access to the network, which yields the reauthentication information. The reauthentication information includes one or more keys and/or counters, such as an authorization key, an encryption key, and a master key, which is/are predetermined by the AAA server.

Abstract translation: 一种用于有效地重新认证网络客户端的系统。 在具体实施例中，系统包括与客户端通信的认证服务器和安全门禁（SGW）。 SGW包括与客户端相关联的重新认证信息。 在更具体的实施例中，认证服务器包括认证，授权和计费（AAA）服务器。 SGW还包括用于使用重新认证信息重新认证客户端的一个或多个例程。 AAA服务器执行客户端的初始认证，以使客户端能够访问网络，从而产生重新认证信息。 重新认证信息包括由AAA服务器预先确定的一个或多个密钥和/或计数器，例如授权密钥，加密密钥和主密钥。

公开(公告)号：CA2558611C

公开(公告)日：2011-07-19

申请号：CA2558611

申请日：2005-01-19

Applicant: CISCO TECH INC

Inventor： GRAYSON MARK ,  SONTI JAGDISH V ,  LINDERT DAVID P ,  MONTINI LAURENT

IPC: H04L12/66 ,  H04J3/26 ,  H04L29/08

Abstract: Providing a multicast service includes maintaining multicast service information at an application server (50). The multicast service information describes a multicast service having an associated subscriber, and the multicast service is operable to deliver multicast content from a multicast source (12). A cell supporting a user device (20) associated with the subscriber is determined, and creation of a bearer path for the multicast service is initiated. Delivery of the multicast content to the user device is enabled using the bearer path.

公开(公告)号：WO2007092078A3

公开(公告)日：2008-04-17

申请号：PCT/US2006047051

申请日：2006-12-08

Applicant: CISCO TECH INC ,  JAGADEESAN RAMANATHAN T ,  CHUNG ANDREW C ,  DONOVAN STEVEN R ,  GRAYSON MARK ,  NGUYEN BICH T ,  PEARCE CHRISTOPHER E

Inventor： JAGADEESAN RAMANATHAN T ,  CHUNG ANDREW C ,  DONOVAN STEVEN R ,  GRAYSON MARK ,  NGUYEN BICH T ,  PEARCE CHRISTOPHER E

IPC: H04L12/66 ,  H04W36/12 ,  H04W36/14 ,  H04W48/16 ,  H04W48/18

CPC classification number: H04W48/18 ,  H04W36/14 ,  H04W48/16 ,  H04W76/041 ,  H04W88/06

Abstract: Anchoring a communication session for a target mobile phone includes identifying a current access node operable to provide the target mobile phone access to a first network of a first network type. Potential access nodes operable to provide a mobile phone access to a second network of a second network type are identified. Whether the communication session can be handed off to a potential access node of the one or more potential access nodes is established. Anchoring of the communication session is initiated in the second network only if the communication session can be handed off to a potential access node of the one or more potential access nodes.

Abstract translation: 锚定目标移动电话的通信会话包括识别当前接入节点，该当前接入节点可操作以提供目标移动电话接入第一网络类型的第一网络。 识别可操作以提供对第二网络类型的第二网络的移动电话接入的潜在接入节点。 建立通信会话是否可以切换到一个或多个潜在接入节点的潜在接入节点。 只有在可以将通信会话切换到一个或多个潜在接入节点的潜在接入节点时，才在第二网络中启动通信会话的锚定。

公开(公告)号：WO2007139641A3

公开(公告)日：2008-04-10

申请号：PCT/US2007010034

申请日：2007-04-26

Applicant: CISCO TECH INC ,  GRAYSON MARK ,  IYER JAYARAMAN ,  SHATZKAMER KEVIN ,  FORSTER RICHARD KYLE ,  OSWAL ANAND K

Inventor： GRAYSON MARK ,  IYER JAYARAMAN ,  SHATZKAMER KEVIN ,  FORSTER RICHARD KYLE ,  OSWAL ANAND K

IPC: G06F15/173 ,  H04W88/12 ,  H04W88/16 ,  H04W92/02

CPC classification number: H04W92/02 ,  H04W88/12 ,  H04W88/16

Abstract: An Unlicensed Mobile Access (UMA) network architecture. In a specific embodiment, the network architecture includes a mobile station and an access point in communication with the mobile station. A UMA Controller (UNC) communicates with the access point. A Service GateWay (SGW) communicates with the UMA controller. The SGW includes functionality to route user-plane packets in the UMA. In a more specific embodiment, the functionality includes UNC user-plane functionality offloaded from the UNC to the SGW; Serving GPRS Support Node (SGSN) user-plane functionality; access-authentication functionality sufficient to enable the SGW to enable the SGW to bypass a legacy SGSN control plane; and/or Radio Network Controller (RNC) user-plane functionality sufficient to enable communications between the SGW and the RNC.

Abstract translation: 无牌移动接入（UMA）网络架构。 在具体实施例中，网络架构包括与移动站通信的移动站和接入点。 UMA控制器（UNC）与接入点进行通信。 服务网关（SGW）与UMA控制器进行通信。 SGW包括在UMA中路由用户平面数据包的功能。 在更具体的实施例中，功能包括从UNC卸载到SGW的UNC用户平面功能; 服务GPRS支持节点（SGSN）用户平面功能; 访问认证功能足以使SGW能够使SGW绕过传统的SGSN控制平面; 和/或无线电网络控制器（RNC）用户平面功能，足以实现SGW与RNC之间的通信。

公开(公告)号：WO2008112482A3

公开(公告)日：2009-01-22

申请号：PCT/US2008056000

申请日：2008-03-06

Applicant: CISCO TECH INC ,  SHATZKAMER KEVIN ,  OSWAL ANAND K ,  YOON CASEY ,  GRAYSON MARK

Inventor： SHATZKAMER KEVIN ,  OSWAL ANAND K ,  YOON CASEY ,  GRAYSON MARK

IPC: H04L29/06

CPC classification number: H04W8/06 ,  H04L63/101 ,  H04W12/08 ,  H04W12/12 ,  H04W88/14

Abstract: In one embodiment, while bei.ng connected, to the network (110), a security issue may be detected and associated with a device (104). The device may be placed on a blacklist for the security issue. The blacklist is a list that is used to deny service for the device when it attempts to connect. Thus, the device is disconnected from the. network. Identification information for the device is added to the blacklist at the authentication server (102). If the device attempts to reconnect to the network, the request is received at the authentication server. The authentication server can then check the blacklist and deny the request for access to the network if the identification information is on the blacklist. This denial is determined without sending the request to the HLR (108). Accordingly, the HLR is protected in that requests from a device that may be considered a security issue are not sent to the HLR.

Abstract translation: 在一个实施例中，当连接到网络（110）时，可以检测安全问题并与设备（104）相关联。 为了安全问题，设备可能被放置在黑名单上。 黑名单是用于在尝试连接时拒绝该设备的服务的列表。 因此，设备与该设备断开连接。 网络。 设备的识别信息被添加到认证服务器的黑名单（102）。 如果设备尝试重新连接到网络，则在认证服务器处接收到请求。 然后，如果识别信息在黑名单上，认证服务器可以检查黑名单并拒绝接入网络的请求。 确定该拒绝，而不向HLR发送请求（108）。 因此，HLR受到保护，因为来自可能被认为是安全问题的设备的请求不被发送到HLR。

公开(公告)号：WO2009045825A3

公开(公告)日：2009-05-28

申请号：PCT/US2008077607

申请日：2008-09-25

Applicant: CISCO TECH INC ,  GRAYSON MARK ,  VUCETIC VOJISLAV

Inventor： GRAYSON MARK ,  VUCETIC VOJISLAV

IPC: H04W12/02 ,  H04L29/06

CPC classification number: H04L63/0485 ,  H04L63/061 ,  H04L63/162 ,  H04L2463/061 ,  H04W12/02 ,  H04W84/042

Abstract: Systems and/or methods of selectively terminating security in mobile networks are presented. User equipment (UE) can specify cipher termination location capabilities for encryping/decrypting data packets to a base station in a mobile network. The mobile network can subsequently determine at which node in the network to terminate the cipher in part according to the capabilities provided and deliver the determined location to the UE. The determined cipher termination location can be provided in response to a request to initiate communications, the initial request can specify the capabilities. The UE can utilize the location to support disparate types of networks and to intelligently deal with hand-offs and other functions of the mobile network.

Abstract translation: 提出了选择性地终止移动网络中的安全性的系统和/或方法。 用户设备（UE）可以指定用于将数据分组加密/解密的密码终端位置能力到移动网络中的基站。 移动网络随后可以确定网络中的哪个节点部分地根据所提供的能力终止密码，并将确定的位置传递给UE。 可以响应于发起通信的请求来提供确定的密码终止位置，初始请求可以指定能力。 UE可以利用该位置来支持不同类型的网络，并智能地处理移动网络的切换和其他功能。

公开(公告)号：WO2008002599A3

公开(公告)日：2008-10-09

申请号：PCT/US2007014894

申请日：2007-06-26

Applicant: CISCO TECH INC ,  GRAYSON MARK ,  IYER JAYARAMAN

Inventor： GRAYSON MARK ,  IYER JAYARAMAN

IPC: G06F15/16 ,  G06F15/173

CPC classification number: H04L63/164 ,  H04L67/1002 ,  H04L67/101 ,  H04L67/1034 ,  H04L67/1038 ,  H04L69/40

Abstract: In one embodiment, a network application may offload stateful operations to a user-plane application. In one embodiment, the network application receives state information for a user device. The network application then sends the state information to a user-plane application, which can maintain the state information. The network application may then offload a stateful operation to the user-plane application. For example, the network application may have the user-plane application perform stateful operations. Also, the network application may use the state information maintained at the user-plane application for error recovery after the network application fails. For example, the network application may recover the state information from the user-plane application after failure.

Abstract translation: 在一个实施例中，网络应用可以将有状态操作卸载到用户平面应用。 在一个实施例中，网络应用接收用户设备的状态信息。 然后网络应用程序将状态信息发送给用户平面应用程序，用户平面应用程序可以维护状态信息。 网络应用程序然后可以将有状态操作卸载到用户平面应用程序。 例如，网络应用程序可以让用户平面应用程序执行有状态操作。 此外，在网络应用程序失败后，网络应用程序可以使用用户平面应用程序中维护的状态信息进行错误恢复。 例如，网络应用程序可以在故障后从用户平面应用程序恢复状态信息。

公开(公告)号：WO2007130290A3

公开(公告)日：2008-10-02

申请号：PCT/US2007009945

申请日：2007-04-25

Applicant: CISCO TECH INC ,  MA WEIMIN ,  CHANDWADKAR ASHISH ,  O'ROURKE CHRIS ,  BATZ ROBERT ,  SHATZKAMER KEVIN ,  OSWAL ANAND K ,  GRAYSON MARK ,  IYER JAYARAMAN

Inventor： MA WEIMIN ,  CHANDWADKAR ASHISH ,  O'ROURKE CHRIS ,  BATZ ROBERT ,  SHATZKAMER KEVIN ,  OSWAL ANAND K ,  GRAYSON MARK ,  IYER JAYARAMAN

IPC: H04W28/08 ,  H04W88/14

CPC classification number: H04W28/08 ,  H04L67/1002 ,  H04L67/1008 ,  H04L67/1014 ,  H04L67/1036 ,  H04W74/004 ,  H04W88/14

Abstract: Techniques and systems for server farm load balancing and resource allocation are disclosed. In one embodiment, a method of load balancing can include: arranging servers into service groups; receiving an access request with information related to a differentiation between the service groups; selecting one of the service groups based on a mapping comparison to the information; and selecting one of the servers within the selected service group based on a hardware utilization comparison. The servers can include GPRS (General Packet Radio Service) Gateway Support Node (GGSN) or Remote Authentication Dial In User Service (RADIUS) servers, for example. The information can include an Access Point Name (APN) or Calling Station ID, for example.

Abstract translation: 披露了用于服务器场负载平衡和资源分配的技术和系统。 在一个实施例中，负载平衡的方法可以包括：将服务器排列成服务组; 接收具有与服务组之间的区别相关的信息的访问请求; 基于与信息的映射比较来选择服务组之一; 以及基于硬件利用率比较来选择所选服务组内的一个服务器。 服务器可以包括例如GPRS（通用分组无线电业务）网关支持节点（GGSN）或远程认证拨入用户服务（RADIUS）服务器。 该信息可以包括例如接入点名称（APN）或呼叫站ID。