Method and apparatus for communication control of mobil computers in communication network systems using private IP addresses

US 6,442,616 B1
Filed: 01/16/1997
Issued: 08/27/2002
Est. Priority Date: 01/16/1997
Status: Expired due to Fees

First Claim

Patent Images

1. A method for controlling communications in a communication network system formed by a plurality of computers, said plurality of computers being capable of communicating data with each other through a plurality of interconnected networks and including at least one mobile computer for communicating data while changing a location in the communication network system, the method comprising the steps of:

(a) when the mobile computer is located within a home network of the mobile computer, carrying out a communication with the mobile computer by transferring communication data using a first location identifier specific to the mobile computer which is uniquely defined within own organization networks of the mobile computer;

(b) when the mobile computer is located within an external own organization network, carrying out a communication with the mobile computer by routing communication data to the external own organization network using a third location identifier indicating a current visited location of the mobile computer in the communication network system which is uniquely defined over all the networks, and addressing the mobile computer within the external own organization network using the first location identifier;

(c) when the mobile computer is located within an external other organization network, carrying out a communication with the mobile computer by routing communication data to the external other organization network using the third location identifier, and addressing the mobile computer within the external other organization network using a second location identifier assigned to the mobile computer at a time of moving outside the own organization networks which is uniquely defined over all the networks; and

(d) managing an address information for the mobile computer within the own organization networks of the mobile computer, the address information containing a corresponding set of the first location identifier, the second location identifier and the third location identifier.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A communication control in a communication network system using a mobile computer, capable of realizing flexible address control and management for the mobile computer. When the mobile computer is located within a home network, a communication with the mobile computer is carried out by transferring data using a home address specific to the mobile computer which is a private address. When the mobile computer is located within an external own organization network, a communication with the mobile computer is carried out by routing data to the external own organization network using a care-of address indicating a current visited location of the mobile computer in the system which is a global address, and addressing the mobile computer within the external own organization network using the home address. When the mobile computer is located within an external other organization network, a communication with the mobile computer is carried out by routing data to the external other organization network using the care-of address, and addressing the mobile computer within the external other organization network using a mobile address assigned to the mobile computer at a time of moving outside the own organization networks which is a global address.

118 Citations

View as Search Results

36 Claims

1. A method for controlling communications in a communication network system formed by a plurality of computers, said plurality of computers being capable of communicating data with each other through a plurality of interconnected networks and including at least one mobile computer for communicating data while changing a location in the communication network system, the method comprising the steps of:
- (a) when the mobile computer is located within a home network of the mobile computer, carrying out a communication with the mobile computer by transferring communication data using a first location identifier specific to the mobile computer which is uniquely defined within own organization networks of the mobile computer;
  
  (b) when the mobile computer is located within an external own organization network, carrying out a communication with the mobile computer by routing communication data to the external own organization network using a third location identifier indicating a current visited location of the mobile computer in the communication network system which is uniquely defined over all the networks, and addressing the mobile computer within the external own organization network using the first location identifier;
  
  (c) when the mobile computer is located within an external other organization network, carrying out a communication with the mobile computer by routing communication data to the external other organization network using the third location identifier, and addressing the mobile computer within the external other organization network using a second location identifier assigned to the mobile computer at a time of moving outside the own organization networks which is uniquely defined over all the networks; and
  
  (d) managing an address information for the mobile computer within the own organization networks of the mobile computer, the address information containing a corresponding set of the first location identifier, the second location identifier and the third location identifier.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
- - 2. The method of claim 1, further comprising the steps of:
3. The method of claim 1, further comprising the steps of:
- transmitting the communication data with the second location identifier of the mobile computer attached thereto from a correspondent computer, when the correspondent computer is located outside the own organization networks of the mobile computer; and
  
  obtaining the third location identifier corresponding to the second location identifier attached to the communication data according to the address information at a data packet processing device provided in the home network of the mobile computer, and transferring the communication data by attaching the obtained third location identifier from the data packet processing device to the current visited location of the mobile computer, when the mobile computer is located within the external own organization network or the external other organization network.
4. The method of claim 1, wherein the managing step manages the address information in a relay device provided in the home network of the mobile computer.
5. The method of claim 1, wherein the managing step manages the address information in a data packet processing device provided in the home network of the mobile computer.
6. The method of claim 1, wherein the managing step manages the address information in an external relay device provided outside the home network of the mobile computer, by updating the address information at a time of a location registration processing for the mobile computer at the external relay device.
7. The method of claim 1, wherein the managing step manages the address information in a database provided within the own organization networks, which stores the address information for computers belonging to the own organization networks and returns a requested address information in response to a request.
8. The method of claim 1, wherein the managing step updates the address information when the mobile computer obtains the second location identifier at a time of moving outside the own organization networks.
9. The method of claim 1, wherein the managing step manages the address information in correspondence to a version number, and updates the version number when the address information is updated as a result of moving of the mobile computer.
10. The method of claim 1, wherein the managing step manages the address information in correspondence to a valid period of the address information, and invalidates the address information when the valid period elapsed.
11. The method of claim 10, wherein the managing step initializes the valid period of the address information when a message requesting a re-registration of the mobile computer is received from the mobile computer.
12. The method of claim 1, wherein the managing step rewrites the third location identifier of the address information, when a message requesting a registration of a new third location identifier is received from the mobile computer which moved to a new visited location and the mobile computer is successfully authenticated according to a signature information contained in the message.
13. The method of claim 1, wherein the managing step invalidates the address information when a message requesting a deregistration of the mobile computer is received from the mobile computer, and notifies an invalidation of the address information to the mobile computer.
14. The method of claim 1, wherein the third location identifier is a location identifier obtained by the mobile computer at a visited network, which is uniquely defined over all the networks.
15. The method of claim 1, wherein the third location identifier is a location identifier indicating an external relay device for directly managing the mobile computer moved outside the home network and relaying the communication data between the mobile computer and a correspondent computer, which is uniquely defined over all the networks.
16. The method of claim 15, wherein the external relay device receives the communication data transferred according to the third location identifier attached thereto from the correspondent computer, and sends the received communication data to the mobile computer according to the first location identifier or the second location identifier attached to the communication data.
17. The method of claim 1, wherein the second location identifier is assigned to the mobile computer at a time of moving out to the external other organization network from a plurality of location identifiers reserved by a relay device provided in the home network of the mobile computer.
18. The method of claim 1, wherein the second location identifier is assigned to the mobile computer at a time of moving out to the external other organization network from a plurality of location identifiers reserved by a data packet processing device provided in the home network of the mobile computer.
19. The method of claim 1, wherein the second location identifier is assigned to the mobile computer when the mobile computer moved outside the own organization networks from a plurality of location identifiers reserved by an external relay device provided outside the home network of the mobile computer.
20. The method of claim 1, wherein at the step (b), when the communication data has a destination specified by the first location identifier, the communication data including the first location identifier is encapsulated using the third location identifier corresponding to the first location identifier and then transferred to the external own organization network.
21. The method of claim 20, wherein the communication data is encapsulated by an encapsulation without encryption.
22. The method of claim 1, wherein at the steps (b) and (c), when the communication data has a destination specified by the second location identifier, the communication data including the second location identifier is encapsulated using the third location identifier corresponding to the second location identifier and then transferred to the external own organization network or the external other organization network.
23. The method of claim 22, wherein the communication data is encapsulated by an encapsulation without encryption.
24. The method of claim 1, wherein at the step (c), when the communication data has a destination specified by the first location identifier, a relay device provided in the home network of the mobile computer encapsulates the communication data using the third location identifier corresponding to the first location identifier and then transmits the communication data, and a data packet processing device provided in the home network of the mobile computer receives the communication data transmitted from the relay device, then decapsulates the communication data using the third location identifier, then encapsulates the communication data using the second location identifier corresponding to the third location identifier, then encapsulates the communication data using the third location identifier, and then transmits the communication data to the external other organization network.
25. The method of claim 24, wherein at the step (c), an external relay device provided outside the home network of the mobile computer receives the communication data, then decapsulates the communication data using the third location identifier, and then transfers the communication data to the mobile computer using the second location identifier contained in the communication data.
26. The method of claim 1, wherein at the step (c), when the communication data has a destination specified by the first location identifier, a relay device provided in the home network of the mobile computer replaces the first location identifier contained in the communication data by the second location identifier corresponding to the first location identifier, then encapsulates the communication data using the third location identifier corresponding to the first location identifier, and then transmits the communication data to the external other organization network.
27. The method of claim 26, wherein at the step (c), an external relay device provided outside the home network of the mobile computer receives the communication data, then decapsulates the communication data using the third location identifier, and then transfers the communication data to the mobile computer using the second location identifier contained in the communication data.
28. The method of claim 1, further comprising the steps of:
- transmitting the communication data with the first location identifier of the mobile computer attached thereto from a correspondent computer, when the correspondent computer is located within the own organization networks of the mobile computer; and
  
  transmitting the communication data with the second location identifier of the mobile computer attached thereto from the correspondent computer, when the correspondent computer is located outside the own organization networks of the mobile computer.
29. The method of claim 1, further comprising the steps of:
- transmitting the communication data with the first location identifier of the mobile computer as a source address from the mobile computer, when the mobile computer is located within the own organization networks of the mobile computer; and
  
  transmitting the communication data with the second location identifier of the mobile computer as a source address from the mobile computer, when the mobile computer is located outside the own organization networks of the mobile computer.
30. The method of claim 1, further comprising the steps of:
- transmitting the communication data with the first location identifier of the mobile computer as a source address from the mobile computer, when a correspondent computer is located outside the own organization networks of the mobile computer while the mobile computer is located within the own organization networks of the mobile computer; and
  
  receiving the communication data transmitted from the mobile computer at a data packet processing device provided in the home network of the mobile computer, then changing the source address of the communication data by replacing the first location identifier by the second location identifier corresponding to the first location identifier at the data packet processing device, and then transmitting the communication data from the data packet processing device to the correspondent computer.
31. The method of claim 1, further comprising the steps of:
- creating the communication data with the first location identifier as the source address at the mobile computer, encapsulating the communication data using the second location identifier corresponding to the first location identifier at the mobile computer, and then transmitting the communication data from the mobile computer, when a correspondent computer is located within the own organization networks of the mobile computer while the mobile computer is located outside the own organization networks of the mobile computer; and
  
  receiving the communication data transmitted from the mobile computer at a data packet processing device provided in the home network of the mobile computer, then decapsulating the communication data to remove the second location identifier at the data packet processing device, and then transmitting the communication data from the data packet processing device to the correspondent computer.

32. A data packet processing device for processing communication data in a communication network system formed by a plurality of computers, said plurality of computers being capable of communicating data with each other through a plurality of interconnected networks and including at least one mobile computer for communicating data while changing a location in the communication network system, the data packet processing device being provided in a home network of the mobile computer and comprising:
- management means for managing an address information for the mobile computer within own organization networks of the mobile computer, the address information containing a corresponding set of a first location identifier, a second location identifier and a third location identifier, the first location identifier being a location identifier specific to the mobile computer which is uniquely defined within the own organization networks, the second location identifier being a location identifier reserved for the mobile computer which is uniquely defined over all the networks, and the third location identifier being a location identifier indicating a current visited location of the mobile computer in the communication network system which is uniquely defined over all the networks;
  
  processing means for receiving communication data transmitted from a relay device provided in the home network of the mobile computer which is encapsulated using the third location identifier corresponding to the first location identifier, then decapsulating the communication data using the third location identifier;
  
  then encapsulating the communication data using the second location identifier corresponding to the third location identifier, then encapsulating the communication data using the third location identifier, and then transmitting the communication data to an external other organization network, when the mobile computer is located within the external other organization network and the communication data has a destination specified by the first location identifier; and
  
  means for managing a plurality of location identifiers reserved for mobile computers belonging to the own organization networks, and assigning one of said plurality of location identifiers as the second location identifier to each mobile computer which is moving out to an external other organization network.
- View Dependent Claims (33, 34, 35, 36)
- - 33. The data packet processing device of claim 32, wherein the processing means also carries out encryption/decryption processing on the communication data.
  - 34. The data packet processing device of claim 32, wherein when the mobile computer is located within an external own organization network or the external other organization network and the communication data has a destination specified by the second location identifier, the processing means encapsulates the communication data including the second location identifier using the third location identifier corresponding to the second location identifier and then transfers the communication data to the external own organization network or the external other organization network.
  - 35. The data packet processing device of claim 32, wherein when a correspondent computer is located outside the own organization networks of the mobile computer while the mobile computer is located within the own organization networks of the mobile computer, the processing means receives the communication data with the first location identifier of the mobile computer as a source address which is transmitted from the mobile computer, then formats the communication data to set the second location identifier corresponding to the first location identifier as the source address, and then transmits the communication data to the correspondent computer.
  - 36. The data packet processing device of claim 32, wherein when a correspondent computer is located within the own organization networks of the mobile computer while the mobile computer is located outside the own organization networks of the mobile computer, the processing means receives the communication data transmitted from the mobile computer, which was obtained by creating the communication data with the first location identifier as the source address and encapsulating the communication data using the second location identifier corresponding to the first location identifier at the mobile computer, then decapsulates the communication data to remove the second location identifier, and then transmits the communication data to the correspondent computer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Kabushiki Kaisha Toshiba (Toshiba Corporation)
Original Assignee
Kabushiki Kaisha Toshiba (Toshiba Corporation)
Inventors
Ishiyama, Masahiro, Shimbo, Atsushi, Inoue, Atsushi, Moriya, Osamu, Okamoto, Toshio
Primary Examiner(s)
Rinehart, Mark H.
Assistant Examiner(s)
Vaughn, Jr., William C.

Application Number

US08/784,309
Time in Patent Office

2,049 Days
Field of Search

709/245, 709/249, 709/236, 709/223, 709/228, 709/224, 709/237, 455/432, 455/433, 455/435, 455/436, 455/439, 455/422, 455/449, 455/434, 455/437, 455/442, 455/443, 455/444, 380/247, 380/248, 380/270, 380/271, 380/272, 370/475, 370/254, 370/328
US Class Current

709/245
CPC Class Codes

H04L 61/5084   Providing for device mobili...

H04L 63/02   for separating internal fro...

H04L 63/04   for providing a confidentia...

H04L 63/0428   wherein the data content is...

H04L 63/0823   using certificates cryptogr...

H04W 8/26   Network addressing or numbe...

H04W 80/04   Network layer protocols, e....

H04W 88/005   Data network PoA devices

Method and apparatus for communication control of mobil computers in communication network systems using private IP addresses

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

118 Citations

36 Claims

Specification

Use Cases

Quick Links

Others

Method and apparatus for communication control of mobil computers in communication network systems using private IP addresses

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

118 Citations

36 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others