公开(公告)号：ES2449574T3

公开(公告)日：2014-03-20

申请号：ES07820435

申请日：2007-09-20

Applicant: ERICSSON TELEFON AB L M ,  ERICSSON TELEFON AB L M

Inventor： SUGIMOTO SHINTA ,  ODA TOSHIKANE ,  KATO RYOJI

IPC: H04W8/06 ,  H04L29/06 ,  H04W8/12 ,  H04W12/06 ,  H04W80/04

Abstract: Un método de gestionar itinerancia de un Nodo Móvil en una red Visitada, estando el Nodo Móvil asociado a unared Local, estando el método caracterizado por: en un servidor de Autenticación, Autorización y Contabilización dispuesto en la red Visitada, seleccionar (706) unnodo de Puerta de Enlace en base a criterios de selección, estando el nodo de Puerta de Enlace dispuesto entre lared Local y la red Visitada; en el servidor de Autenticación Autorización y Contabilización, enviar (709) un mensaje a un nodo de acceso de lared Visitada al que está unido el Nodo Móvil, cuyo mensaje identifica el nodo de Puerta de Enlace seleccionado.

公开(公告)号：EP2494814A4

公开(公告)日：2014-07-09

申请号：EP09850934

申请日：2009-10-27

Applicant: ERICSSON TELEFON AB L M

Inventor： SUGIMOTO SHINTA ,  ODA TOSHIKANE ,  KATO RYOJI

IPC: H04W36/00 ,  H04L12/46 ,  H04W12/00 ,  H04W88/06 ,  H04W88/16

CPC classification number: H04L12/4633 ,  H04L63/08 ,  H04L63/164 ,  H04W12/02 ,  H04W12/06 ,  H04W36/0038 ,  H04W36/14 ,  H04W48/16 ,  H04W76/041 ,  H04W88/06 ,  H04W88/16

Abstract: The present invention concern a methods and an apparatus for exchanging data between a user equipment and a core network via a security gateway. The invention concerns the establishment of an inactive pair of tunnel mode security associations between the UE and the security gateway, as well as the application of the pair of security associations when the UE detects attachment to or need to attach to an untrusted access network.

公开(公告)号：EP2636232A4

公开(公告)日：2016-04-20

申请号：EP10859275

申请日：2010-11-01

Applicant: ERICSSON TELEFON AB L M

Inventor： SUGIMOTO SHINTA ,  KATO RYOJI

IPC: H04W8/26 ,  H04L12/66 ,  H04W4/00 ,  H04W8/24 ,  H04W60/04 ,  H04W88/16

CPC classification number: H04W60/04 ,  H04L12/66 ,  H04W4/005 ,  H04W8/245 ,  H04W8/265 ,  H04W88/16

Abstract: A gateway apparatus comprises a registration unit for registering a network address, a temporary address and a flag, a receiving unit for receiving data destined to a destination communication device with the network address of the destination communication device from a source communication device, a determination unit for determining whether the destination communication device is provided with the MCIM or not, based on a registered value of the flag, and transmitting unit for transmitting a bootstrap message for requesting initiation of provisioning of a predetermined identifier to the destination communication device, to a provision server, when it is determined that the destination communication device is not provided with the MCIM, wherein the transmitting unit transmits the data to the destination communication device using the assigned temporary address, when the destination communication device is provided with the MCIM.

公开(公告)号：EP2537099A4

公开(公告)日：2013-08-21

申请号：EP10845760

申请日：2010-02-15

Applicant: ERICSSON TELEFON AB L M

Inventor： YASUKAWA KENTA ,  SUGIMOTO SHINTA ,  GERDES MARTIN

IPC: H04L12/28 ,  H04L29/08

CPC classification number: H04W8/005 ,  H04L12/2809 ,  H04L67/16

公开(公告)号：WO2009070061A8

公开(公告)日：2010-05-20

申请号：PCT/SE2007001040

申请日：2007-11-30

Applicant: ERICSSON TELEFON AB L M ,  KATO RYOJI ,  ODA TOSHIKANE ,  SUGIMOTO SHINTA

Inventor： KATO RYOJI ,  ODA TOSHIKANE ,  SUGIMOTO SHINTA

IPC: H04L29/12

CPC classification number: H04W8/082 ,  H04W40/36 ,  H04W80/045

Abstract: The present invention concerns a method of handling a Local Break Out (LBO) session taking place in a first network between a user equipment and a corresponding node (CN). The invention addresses the problems that arise when using only one IP address in the user equipment and the user equipment moves to a second network. This is, for the downlink packets, solved by the steps of: converting, in a node in the first or the second network, the IP address of the downlink packets from an LHoA to a Global Home Address (GHoA) and routing, from the first node, directly or indirectly to a second node in the second network, any downlink packets being sent from the corresponding node, so that the downlink packets will arrive at the user equipment having a GHoA. For the uplink packets the problem is solved by converting, in a node in the first or the second network, the IP address of the uplink packets from a GHoA to an LHoA and routing, from the second node, directly or indirectly to the first node, any uplink packets being sent from the user equipment; so that the uplink packets will arrive at the corresponding node with a source address that is an LHoA. The invention also concerns nodes for handling an LBO session.

Abstract translation: 本发明涉及处理在用户设备和对应节点（CN）之间的第一网络中发生的本地中断（LBO）会话的方法。 本发明解决了在用户设备中仅使用一个IP地址并且用户设备移动到第二网络时出现的问题。 对于下行链路分组，这是通过以下步骤来解决的：在第一或第二网络中的节点中将从LHoA到全球归属地址（GHoA）的下行链路分组的IP地址转换为 第一节点直接或间接地连接到第二网络中的第二节点，从对应节点发送的任何下行链路分组，使得下行链路分组将到达具有GHoA的用户设备。 对于上行链路分组，通过将第一或第二网络中的节点中的上行链路分组的IP地址从GHoA转换到LHoA并且从第二节点直接或间接地路由到第一节点来解决问题 ，从用户设备发送的任何上行链路分组; 使得上行链路分组将以具有LHoA的源地址到达相应的节点。 本发明还涉及用于处理LBO会话的节点。

公开(公告)号：WO2009049985A3

公开(公告)日：2009-08-20

申请号：PCT/EP2008062461

申请日：2008-09-18

Applicant: ERICSSON TELEFON AB L M ,  VOGT CHRISTIAN ,  SUGIMOTO SHINTA

Inventor： VOGT CHRISTIAN ,  SUGIMOTO SHINTA

IPC: H04L29/06

CPC classification number: H04W12/06 ,  H04L29/12311 ,  H04L29/12783 ,  H04L61/2084 ,  H04L61/35 ,  H04L63/0823 ,  H04W8/082 ,  H04W8/26 ,  H04W80/04 ,  H04W88/182

Abstract: A method and apparatus for use in a Proxy Mobile IP communications network. An anchor point function serves at least one mobile host. The anchor point function generates an IP address for use by the mobile host, the address being generated using cryptographic materials owned by the anchor point function. The anchor point function can then perform signalling on behalfof the mobile host, using the IP address generated for the mobile host and at least part of the cryptographic materials used to generate the IP address.

Abstract translation: 一种用于代理移动IP通信网络的方法和装置。 锚点功能为至少一个移动主机提供服务。 锚点函数生成一个IP地址供移动主机使用，该地址是使用锚点函数所拥有的加密材料生成的。 锚定点功能可以代表移动主机使用为移动主机生成的IP地址和用于生成IP地址的密码材料的至少一部分来执行信令。

公开(公告)号：WO2010043254A8

公开(公告)日：2010-06-10

申请号：PCT/EP2008063890

申请日：2008-10-15

Applicant: ERICSSON TELEFON AB L M ,  KATO RYOJI ,  ODA TOSHIKANE ,  SUGIMOTO SHINTA

Inventor： KATO RYOJI ,  ODA TOSHIKANE ,  SUGIMOTO SHINTA

IPC: H04L29/06 ,  H04L12/22 ,  H04L12/46 ,  H04L29/12

CPC classification number: H04L63/0272 ,  H04L12/2859 ,  H04L12/4633 ,  H04L61/2015 ,  H04L63/0428 ,  H04L63/164

Abstract: A method of providing secure access to a remote communication network via a local communication network for a terminal device. A gateway node located outside the local communication network allocates an IP address to the terminal device. The gateway node subsequently receives a request to establish a secure tunnel between the gateway node and the terminal device. It identifies the terminal device as the same terminal device to which an IP address is allocated, and allocates the same IP address for use by the terminal device as both an inner IP address and an outer IP address for packets sent via the secure tunnel. This ensures that there are no issues as described above in selecting the IP address for use in the secure tunnel, and reduces the risk of a successful man-in-the-middle attack.

Abstract translation: 一种通过用于终端设备的本地通信网络向远程通信网络提供安全访问的方法。 位于本地通信网络外部的网关节点向终端设备分配IP地址。 网关节点随后接收到在网关节点和终端设备之间建立安全通道的请求。 它将终端设备识别为与其分配IP地址相同的终端设备，并为终端设备分配相同的IP地址作为通过安全隧道发送的分组的内部IP地址和外部IP地址。 这确保了在选择安全隧道中使用的IP地址时没有上述问题，并降低了成功的中间人攻击的风险。

公开(公告)号：EP2737680A4

公开(公告)日：2015-07-01

申请号：EP11869918

申请日：2011-07-27

Applicant: ERICSSON TELEFON AB L M

Inventor： HJELM JOHAN ,  MURAKAMI SHINGO ,  SUGIMOTO SHINTA ,  ODA TOSHIKANE ,  KATO RYOJI

IPC: H04L29/06 ,  H04L29/08 ,  H04W4/00 ,  H04W8/20 ,  H04W12/04 ,  H04W48/18 ,  H04W92/08

CPC classification number: H04L63/08 ,  H04L67/02 ,  H04W4/005 ,  H04W8/20 ,  H04W12/04

Abstract: There is provided a mediation server. The mediation server comprises, among other things, a device identity receiving unit configured to receive, from a communication device, a device identity which enables the communication device to connect to a network operated by a network operator associated with the mediation server, a login request sending unit configured to send, to the communication device, a login request for requesting login credentials for one of at least one user identity associated with the device identity, and a login credentials receiving unit configured to receive the login credentials from the communication device. The mediation server also comprises a subscription information relaying unit configured to obtain subscription information for use by the communication device from a selected network, and forward the obtained subscription information to the communication device.

公开(公告)号：EP2245799A4

公开(公告)日：2013-09-11

申请号：EP08705330

申请日：2008-01-18

Applicant: ERICSSON TELEFON AB L M

Inventor： VOGT CHRISTIAN ,  SUGIMOTO SHINTA

IPC: H04W8/08 ,  H04L29/06 ,  H04W12/10 ,  H04W80/04 ,  H04W88/18

CPC classification number: H04W8/082 ,  H04L63/126 ,  H04W12/10 ,  H04W80/04 ,  H04W88/182

公开(公告)号：EP2213081A4

公开(公告)日：2013-08-21

申请号：EP07852060

申请日：2007-11-30

Applicant: ERICSSON TELEFON AB L M

Inventor： KATO RYOJI ,  ODA TOSHIKANE ,  SUGIMOTO SHINTA

IPC: H04W8/08 ,  H04W40/36 ,  H04W80/04

CPC classification number: H04W8/082 ,  H04W40/36 ,  H04W80/045