Packet filtering for emergency access in a packet data network communication system

US 7,447,765 B2
Filed: 05/14/2003
Issued: 11/04/2008
Est. Priority Date: 03/31/2003
Status: Active Grant

First Claim

Patent Images

1. A method for processing an emergency call from an anonymous user device in a packet data network communication system, the user device having an identity that is not valid for non-emergency use of the packet data network communication system, the method comprising:

receiving an attach request message and an activate packet data protocol (PDP) context request message from an anonymous user device, the attach request message including at least an identity for the user device and the activate PDP context request message including at least a protocol configuration options information element;

determining whether the identity for the user device is valid for non-emergency packet data communications in the packet data network communication system;

determining whether the protocol configuration options information element indicates an emergency context;

in the event that the protocol configuration options information element indicates an emergency context and the identity for the user device is not valid for non-emergency packet data communications in the packet data network communication system;

determining that the activate PDP context request message is a request to establish an emergency context for an emergency call,determining an interim identify for the user device,establishing a PDP context for the emergency call, wherein the PDP context for the emergency call remains active through a predetermined callback period,assigning an interim internet protocol (IP) address to the user device for use during the PDP context for the emergency call only and associating the interim IP address to the interim identity for the user device, anddetermining at least one authorized IP address that is permitted to send data packets to and receive data packets from the interim IP address while the PDP context for the emergency call is active, wherein the at least one authorized IP address corresponds to at least one device used to provide communication for emergency services in response to the emergency call;

receiving data packets while the PDP context for the emergency call is active;

determining whether the received data packets include the interim IP address and the at least one authorized IP address;

in the event that the received data packets include the interim IP address and the at least one authorized IP address, routing the received data packets between the interim IP address and the at least one authorized IP address; and

in the event that the received data packets include the interim IP address but not the at least one authorized IP address, blocking the received data packets from being routed in the packet data network communication system to thereby prohibit communication between the interim IP address and unauthorized IP addresses while the PDP context for the emergency call is active.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus method of filtering packet data for an anonymous user device in a packet data network communication system includes a first step of defining a special context information element containing special context information. A next step includes sending the special context information element in an activate packet data protocol (PDP) context request to a network to initiate a call from an anonymous user device. A next step includes receiving the activate PDP context request and the special context information element. A next step includes configuring the data packets so that only the special context is allowed. A next step includes assigning an interim identity and interim IP address to the user device. A next step includes mapping the data packets of the configuring step to the interim IP address of the user device. A next step includes defining permissible routing identities per the special context. A next step includes routing the data packets between only those permissible routing identities from the defining step.

77 Citations

View as Search Results

16 Claims

1. A method for processing an emergency call from an anonymous user device in a packet data network communication system, the user device having an identity that is not valid for non-emergency use of the packet data network communication system, the method comprising:
- receiving an attach request message and an activate packet data protocol (PDP) context request message from an anonymous user device, the attach request message including at least an identity for the user device and the activate PDP context request message including at least a protocol configuration options information element;
  
  determining whether the identity for the user device is valid for non-emergency packet data communications in the packet data network communication system;
  
  determining whether the protocol configuration options information element indicates an emergency context;
  
  in the event that the protocol configuration options information element indicates an emergency context and the identity for the user device is not valid for non-emergency packet data communications in the packet data network communication system;
  
  determining that the activate PDP context request message is a request to establish an emergency context for an emergency call,determining an interim identify for the user device,establishing a PDP context for the emergency call, wherein the PDP context for the emergency call remains active through a predetermined callback period,assigning an interim internet protocol (IP) address to the user device for use during the PDP context for the emergency call only and associating the interim IP address to the interim identity for the user device, anddetermining at least one authorized IP address that is permitted to send data packets to and receive data packets from the interim IP address while the PDP context for the emergency call is active, wherein the at least one authorized IP address corresponds to at least one device used to provide communication for emergency services in response to the emergency call;
  
  receiving data packets while the PDP context for the emergency call is active;
  
  determining whether the received data packets include the interim IP address and the at least one authorized IP address;
  
  in the event that the received data packets include the interim IP address and the at least one authorized IP address, routing the received data packets between the interim IP address and the at least one authorized IP address; and
  
  in the event that the received data packets include the interim IP address but not the at least one authorized IP address, blocking the received data packets from being routed in the packet data network communication system to thereby prohibit communication between the interim IP address and unauthorized IP addresses while the PDP context for the emergency call is active.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the protocol configuration options information element includes an emergency traffic flag to indicate the emergency context.
  - 3. The method of claim 1, wherein the step of establishing the PDP context for the emergency call is at least partially performed by a Gateway GPRS Support Node (GGSN) of the packet data network communication system.
  - 4. The method of claim 2, wherein the protocol configuration options information element includes an additional parameters list, wherein the additional parameters list includes a plurality of container identifiers, and wherein a container identifier of the plurality of container identifiers identifies the emergency traffic flag.
  - 5. The method of claim 4, wherein wherein when a container identifier identifies the emergency flag, a length of a contents field of the container identifier is set to zero.
  - 6. The method of claim 1, wherein the authorized IP addresses correspond to IP addresses of emergency call centers only.
  - 7. The method of claim 1, wherein a list of interim IP addresses for assigning to anonymous user devices is controlled by an emergency packet data network of the packet data network communication system.

8. A method of emergency packet data communications involving an anonymous user device in a packet data network communication system, the user device having an identity that is not valid for non-emergency use of the packet data network communication system, the method comprising the steps of:
- generating, by the user device, an attach request message and an activate packet data protocol (PDP) context request message for an emergency call, the attach request message including at least the identity of the user device and the activate PDP context request message including at least a protocol configuration options information element, the protocol configuration options information element indicating an emergency context for the emergency call;
  
  sending, by the user device, the attach request message and the activate PDP context request message to a home packet data network of the packet data network communication system to request an emergency packet data connection for the emergency call;
  
  receiving, at the home packet data network, the attach request message and the activate PDP context request message for the emergency call;
  
  determining, by the home packet data network, whether the identity of the user device is valid for packet data communications in the packet data network communication system;
  
  determining, by the home packet data network, whether the protocol configuration options information element includes an emergency traffic flag;
  
  in the event that the protocol configuration options information element includes an emergency traffic flag and the identity of the user device is not valid for packet data communications in the packet data network communication system;
  
  determining, by the home packet data network, that the activate PDP context request message is a request to establish a PDP context for an emergency call,establishing, by the home packet data network, the PDP context for the emergency call, wherein the PDP context for the emergency call remains active through a predetermined callback period, anddetermining, by the home packet data network, an interim identity for the user device for use during the PDP context for the emergency call only;
  
  assigning, by an emergency packet data network coupled to the home packet data network, an interim internet protocol (IP) address to the user device for use during the PDP context for the emergency call only and associating the interim identity for the user device to the interim IP address;
  
  determining, by the emergency packet data network, an IP address for an emergency calling center that is authorized to send data packets to and receive data packets from the interim IP address while the PDP context for the emergency call is active;
  
  receiving, by the emergency packet data network, data packets while the PDP context for the emergency call is active;
  
  in the event that the received data packets include the interim IP address and the IP address of the emergency calling center, routing, by the emergency packet data network, the received data packets between the interim IP address and the IP address of the emergency calling center; and
  
  in the event that the received data packets include the interim IP address but not the IP address of the emergency calling center, restricting, by the emergency packet data network, access to the received data packets to thereby prohibit communication between the interim IP address and unauthorized IP addresses while the PDP context for the emergency call is active.
- View Dependent Claims (9, 10, 11, 12)
- - 9. The method of claim 8, wherein the restricting step comprises one or more of the group of:
    - redirecting the received data packets to a third party for review, and blocking access to the received data packets.
  - 10. The method of claim 8, wherein the protocol configuration options information element includes an additional parameters list and wherein the additional parameters list includes the emergency traffic flag.
  - 11. The method of claim 10, wherein the additional parameters list includes a plurality of container identifiers and wherein a container identifier of the plurality of container identifiers identifies the emergency traffic flag.
  - 12. The method of claim 8, wherein a list of interim IP addresses for assigning to anonymous user devices is controlled by the emergency packet data network.

13. A packet data network communication system capable of providing emergency packet data communications for anonymous user devices having identities that are not valid for non-emergency use of the packet data network communication system, the packet data network communication system comprising:
- a public packet data network operable to at least;
  
  receive an attach request message and an activate packet data protocol (PDP) context request message for an emergency call from an anonymous user device, the attach request message including at least the identity of the user device and the activate PDP context request message including at least a protocol configuration options information element,determine whether the identity of the user device is valid for packet data communications in the packet data network communication system,determine whether the protocol configuration options information element indicates an emergency context,in the event that the protocol configuration options information element indicates an emergency context and the identity of the user device is not valid for packet data communications in the packet data network communication system;
  
  determine that the activate PDP context request message is a request to establish a PDP context for an emergency call,establish the PDP context for the emergency call, wherein the PDP context for the emergency call remains active through a predetermined callback period, anddetermine an interim identity for the user device to use during the PDP context for the emergency call only;
  
  an emergency packet data network coupled to the public packet data network, the emergency packet data network being operable to at least;
  
  receive the interim identity for the user device from the public packet data network,assign an interim IP address to the user device for use during the PDP context for the emergency call only and associate the interim IP address with the interim identity for the user device,determine at least one authorized IP address that is authorized to send data packets to and receive data packets from the interim IP address while the PDP context for the emergency call is active,receive data packets while the PDP context for the emergency call is active,in the event that the received data packets include the interim IP address and the at least one authorized IP address, route the received data packets between the interim IP address and the at least one authorized IP address, andin the event that the received data packets include the interim IP address but not the at least one authorized P address, restrict access to the received data packets to thereby prohibit communication between the interim IP address and unauthorized IP addresses while the PDP context for the emergency call is active.
- View Dependent Claims (14, 15, 16)
- - 14. The packet data network communication system of claim 13, wherein the protocol configuration options information element includes an emergency traffic flag to indicate the emergency context and wherein the at least one authorized IP address is an IP address of an emergency calling center.
  - 15. The packet data network system of claim 13, wherein the public packet data network includes a Gateway GPRS Support Node (GGSN) and wherein the emergency packet data network is contained within the GGSN.
  - 16. The packet data network communication system of claim 13, further comprising the user device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google Technology Holdings LLC (Alphabet Inc.)
Original Assignee
Motorola, Inc. (Motorola Solutions, Inc.)
Inventors
Willis, Lawrence A., Pecen, Mark E., Aerrabotu, Naveen, Zhao, Yilin
Primary Examiner(s)
Dinh; Khanh

Application Number

US10/437,667
Publication Number

US 20040199914A1
Time in Patent Office

2,001 Days
Field of Search

709/224, 709/238, 709/227, 709/229, 455/404.1, 455/414, 455/404, 370/401, 370/238, 726/3
US Class Current

709/224
CPC Class Codes

H04L 61/00   Network arrangements, proto...

H04L 61/35   involving non-standard use ...

H04L 61/50   Address allocation

H04L 63/0227   Filtering policies mail mes...

H04L 63/0421   Anonymous communication, i....

H04L 63/0853   using an additional device,...

H04W 4/90   Services for handling of em...

H04W 76/50   for emergency connections

H04W 8/26   Network addressing or numbe...

H04W 80/00   Wireless network protocols ...

Packet filtering for emergency access in a packet data network communication system

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

77 Citations

16 Claims

Specification

Use Cases

Quick Links

Others

Packet filtering for emergency access in a packet data network communication system

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

77 Citations

16 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others