Internet protocol traffic filter for a mobile radio network

US 6,226,523 B1
Filed: 12/19/1997
Issued: 05/01/2001
Est. Priority Date: 12/19/1997
Status: Expired due to Term

First Claim

Patent Images

1. An IP traffic filter for a mobile radio network that provides both voice and data services for one or more mobile stations when present in said mobile radio network, comprising:

a database for storing access privileges of said mobile stations for accessing one or more remote hosts, and access privileges of said remote hosts for accessing said mobile stations, said database including a plurality of entries respectively associated with mobile stations present in the network, each said entry indicative of an access privilege associated with the corresponding mobile station, said database including a plurality of data storage locations coupled to one another and distributed across the network to permit each said entry to travel through the network with the corresponding mobile station; and

a processor for routing data to and from said mobile stations from and to said remote hosts, the processor further for accessing said database to determine access privileges, and for denying or allowing access in response to a determined access privilege and wherein said database can be altered both from said mobile stations and from said remote hosts.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An Internet Protocol traffic filter is provided for a mobile radio network. A database stores access privileges of the mobile station for accessing a remote host, and access privileges of the remote host for accessing the mobile station. A processor receives data from the mobile station addressed to a remote host. The processor accesses the database to determine whether the mobile station is allowed to access the remote host, and denies access if access is unauthorized. Otherwise, the processor sends the data to the remote host if access is authorized. The processor also receives data from a remote host, and determines whether the remote host is allowed to access the mobile station. The processor denies access to the mobile station if the remote host is unauthorized. Otherwise, the processor connects the remote host to the mobile station if access is authorized.

43 Citations

View as Search Results

25 Claims

1. An IP traffic filter for a mobile radio network that provides both voice and data services for one or more mobile stations when present in said mobile radio network, comprising:
- a database for storing access privileges of said mobile stations for accessing one or more remote hosts, and access privileges of said remote hosts for accessing said mobile stations, said database including a plurality of entries respectively associated with mobile stations present in the network, each said entry indicative of an access privilege associated with the corresponding mobile station, said database including a plurality of data storage locations coupled to one another and distributed across the network to permit each said entry to travel through the network with the corresponding mobile station; and
  
  a processor for routing data to and from said mobile stations from and to said remote hosts, the processor further for accessing said database to determine access privileges, and for denying or allowing access in response to a determined access privilege and wherein said database can be altered both from said mobile stations and from said remote hosts.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The IP traffic filter recited in claim 1, wherein said processor comprises a PMSC in said mobile radio network.
  - 3. The IP filter of claim 1, further comprising a HLR for maintaining said database.
  - 4. The Ip traffic filter recited in claim 3, wherein said processor comprises one of a plurality of PMSCs in said mobile radio network, each of said PMSCs coupled to a respective portion of said database, and wherein, for eack of said mobil stations registered with said one PMSC, said one PMSC stores in its associated database portion a copy of the corresponding access privileges maintained in said HLR.
  - 5. The IP filter recited in claim 1, further comprising a router for connecting said mobile radio network to an Internet.
  - 6. The IP filter recited in claim 1, further comprising a means for entering and modifying entries in said database.
  - 7. The IP filter recited in claim 6, wherein said means for entering and modifying comprises an Internet web server.
  - 8. The IP traffic filter recited in claim 6, wherein said means for modifying said entries includes one of said remote hosts.
  - 9. The IP traffic filter recited in claim 1, wherein said one or more mobile stations and said one or more remote hosts are organized into one or more virtual networks in accordance with said access privileges.

10. A method for filtering IP traffic originating from one or more mobile stations when present in a mobile radio network, wherein said mobile network handles both voice and data, comprising the steps of:
- maintaining a database comprising access rights of said mobile stations for accessing one or more remote hosts, said database including a plurality of entries respectively associated with mobile stations present in the network, each said entry indicative of an access right associated with the corresponding mobile station;
  
  the database entries traveling through the network and residing in a plurality of locations in the database as their associated mobile stations travel through the network;
  
  receiving data sent from one of said mobile stations to one of said remote hosts;
  
  using the database to determine access rights of said one mobile station to access said one remote host;
  
  denying access to said one remote host if said access is unauthorized;
  
  forwarding said data to said one remote host if said access is authorized; and
  
  providing a means by which said database can be altered both from said mobile stations and from said remote hosts.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. The method of claim 10, wherein the step of receiving data addressed to said remote host comprises the steps of:
12. The method of claim 11, wherein the step of receiving said identity of said one mobile station comprises receiving an IMSI number associated with said one mobile station.
13. The method of claim 11, wherein said using step comprises comparing the IP address of said one remote host against a list of allowed destination hosts provided in one of said database entries associated with said one mobile station.
14. The method of claim 11, wherein said using step comprises comparing said IP address of said one remote host against a list of disallowed destination hosts provided in one of said database entries associated with said one mobile station.
15. The method of claim 11, wherein said using step comprises comparing said identity of said one mobile station against a group of said database entries indicative of mobile station membership in a virtual network.
16. The method of claim 10, wherein said maintaining step comprises creating as part of said database a local copy of said access rights associated with each of said mobile stations present in said mobile radio network.
17. The method of claim 16, wherein said using step includes using said local copy of said access rights.

18. A method for filtering IP traffic directed to one or more mobile stations when present in a mobile radio network capable of transmitting both voice and data from one or more remote hosts, comprising the steps of:
- maintaining a database comprising access rights of said remote hosts for accessing said mobile stations, said database including a plurality of entries respectively associated with mobile stations present in the network, each said entry indicative of an access right of a remote host to access the corresponding mobile station;
  
  the database entries traveling through the network and residing in a plurality of locations in the database as their associated mobile stations travel through the network;
  
  receiving from one of said remote hosts data addressed to one of said mobile stations;
  
  using the database to determine access rights of said one remote host to access said one mobile station;
  
  denying access to said one mobile station if access to said one mobile station by said one remote host is unauthorized;
  
  otherwise sending the data from said one remote host to said one mobile station if said access to said one mobile station by said one remote host is authorized; and
  
  providing a means by which said database can be altered both from said mobile stations and from said remote hosts.
- View Dependent Claims (19, 20, 21, 22, 23, 24, 25)
- - 19. The method of claim 18, wherein said using step comprises comparing an IP address of said one remote host against a list of allowed originating remote hosts provided in one of said database entries associated with said one mobile station.
  - 20. The method of claim 18, wherein said using step comprises comparing an IP address of said one remote host against a list of disallowed originating remote hosts provided in one of said database entries associated with said one mobile station.
  - 21. The method of claim 18, wherein said using step comprises comparing an identity of said one mobile station against a group of said database entries indicative of mobile station membership in a virtual network.
  - 22. The method of claim 18, wherein the step of denying access to said one mobile station comprises transmitting a denial message to said remote host.
  - 23. The method of claim 18, wherein said using step further comprises converting an IP address of said one mobile station to an associated mobile station ISDN number.
  - 24. The method of claim 18, wherein said maintaining step comprises creating as part of said database a local copy of said access rights associated with each of said mobile stations present in said mobile radio network.
  - 25. The method of claim 24, wherein said using step includes using said local copy of said access rights.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Telefonaktiebolaget LM Ericsson
Original Assignee
Telefonaktiebolaget LM Ericsson
Inventors
Karlsson, Torgny, Herlitz, Anders
Primary Examiner(s)
Trost, William G.
Assistant Examiner(s)
Persino, Raymond B.

Application Number

US08/995,170
Time in Patent Office

1,229 Days
Field of Search

455/433, 455/405, 455/406, 455/414, 455/445, 455/466, 455/560, 455/352, 455/461, 455/519, 370/338, 370/230, 370/420, 709/225, 709/226
US Class Current

455/466
CPC Class Codes

H04L 61/106   across networks, e.g. mappi...

H04L 63/0236   Filtering by address, proto...

H04L 63/102   Entity profiles

H04W 80/04   Network layer protocols, e....

H04W 80/06   Transport layer protocols, ...

H04W 92/02   Inter-networking arrangements

Internet protocol traffic filter for a mobile radio network

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

43 Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Internet protocol traffic filter for a mobile radio network

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

43 Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links