Packet filtering for emergency service access in a packet data network communication system
First Claim
1. A method for communicating data packets for an anonymous user device in a packet data network communication system, the method comprising:
- receiving an emergency call attach request from the user device) the emergency call attach request including an identity for the user device;
determining whether the identity for the user device is a valid identity for the packet data network communication system;
in the event that the identity for the user device is not a valid identity for the packet data network communication system;
setting a level of service access for the user device to emergency service access only,granting the emergency call attach request,establishing a PDP context for an emergency call,assigning an interim IP address to the user device for emergency service access only, anddetermining at least one authorized IP address that is permitted to send data packets to and receive data packets from the interim IP address while the PDP context for the emergency call is active, wherein the PDP context for the emergency call remains active through a predetermined callback period and wherein the at least one authorized IP address corresponds to at least one device used to provide communication for emergency services in response to the emergency call;
receiving data packets directed to the interim IP address while the PDP context for IP emergency call is active;
determining source IP addresses for the received data packets;
in the event that a received data packet includes a source IP address which corresponds to the at least one authorized IP address, routing the received data packet to the interim IP address;
in the event that a received data packet includes a source IP address which does not correspond to the at least one authorized IP address, redirecting the received data packet to a third party to thereby prohibit communication between the interim IP address and unauthorized source IP addresses while the PDP context for the emergency call is active; and
upon termination of the PDP context for the emergency call, prohibiting communication of data packets to or from the user device in the event that the identity for the user device is not a valid identity for the packet data network communication system.
4 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus method of filtering packet data for an anonymous user device in a packet data network communication system includes a first step of initiating a call from an anonymous user device on a home network. A next step includes assigning an interim identity and interim IP address to the user device. A next step includes determining a level of service access of the data packets from the user device. A next step includes mapping the level of service access of the user device to the IP address. A next step includes defining permissible routing identities per the level of service access. A next step includes routing the data packets of the call along with the associated IP address to only those location addresses from the defining step.
-
Citations
22 Claims
-
1. A method for communicating data packets for an anonymous user device in a packet data network communication system, the method comprising:
-
receiving an emergency call attach request from the user device) the emergency call attach request including an identity for the user device; determining whether the identity for the user device is a valid identity for the packet data network communication system; in the event that the identity for the user device is not a valid identity for the packet data network communication system; setting a level of service access for the user device to emergency service access only, granting the emergency call attach request, establishing a PDP context for an emergency call, assigning an interim IP address to the user device for emergency service access only, and determining at least one authorized IP address that is permitted to send data packets to and receive data packets from the interim IP address while the PDP context for the emergency call is active, wherein the PDP context for the emergency call remains active through a predetermined callback period and wherein the at least one authorized IP address corresponds to at least one device used to provide communication for emergency services in response to the emergency call; receiving data packets directed to the interim IP address while the PDP context for IP emergency call is active; determining source IP addresses for the received data packets; in the event that a received data packet includes a source IP address which corresponds to the at least one authorized IP address, routing the received data packet to the interim IP address; in the event that a received data packet includes a source IP address which does not correspond to the at least one authorized IP address, redirecting the received data packet to a third party to thereby prohibit communication between the interim IP address and unauthorized source IP addresses while the PDP context for the emergency call is active; and upon termination of the PDP context for the emergency call, prohibiting communication of data packets to or from the user device in the event that the identity for the user device is not a valid identity for the packet data network communication system. - View Dependent Claims (2, 3, 5, 6, 7, 8)
-
-
4. A method for communicating data packets for an anonymous user device in a packet data network communication system, the method comprising:
-
receiving an emergency call attach request from the user device, the emergency call attach request including an identity for the user device; determining whether the identity for the user device is a valid identity for the packet data network communication system; in the event that the identity for the user device is not a valid identity for the packet data network communication system; setting a level of service access for the user device to emergency service access only, granting the emergency call attach request, establishing a PDP context for an emergency call, assigning an interim IP address to the user device for emergency service access only, and determining at least one authorized IP address that is permitted to send data packets to and receive data packets from the interim IP address while the PDP context for the emergency call is active, wherein the PDP context for The emergency call remains active through a predetermined callback period and wherein the at least one authorized IP address corresponds to at least one device used to provide communication for emergency services in response to the emergency call; receiving data packets from the user device while the PDP context for the emergency call is active; determining destination IP addresses for the received data packets; in the event that a received data packet includes a destination IP address which corresponds to the at least one authorized IP address, routing the received data packet to the destination IP address; in the event that a received data packet includes a destination IP address which does not correspond to the at least one authorized IP address, blocking the received data packet from being delivered to the destination IP address to thereby prohibit communication between the interim IP address and unauthorized destination IP addresses while the PDP context for the emergency call is active; and upon termination of the PDP context for the emergency call, prohibiting communication of data packets to or from the user device in the event that the identity for the user device is not a valid identity for the packet data network communication system. - View Dependent Claims (9)
-
-
10. A method for communicating data packets for an anonymous user device in a packet data network communication system, the method comprising:
-
receiving an emergency call attach request from the user device, the emergency call attach request including an identity for the user device; determining whether the identity for the user device is a valid identity for the packet data network communication system; in the event that the identity for the user device is not a valid identity for the packet data network communication system; setting a level of service access for the user device to emergency service access only, granting the emergency call attach request, establishing a PDP context for an emergency call, assigning an interim IP address to the user device for emergency service access only, and determining at least one authorized IP address that is permitted to send data packets to and receive data packets from the interim IP address while the PDP context for the emergency call is active, wherein the PDP context for the emergency call remains active through a predetermined callback period and wherein the at least one authorized IP address corresponds to at least one device used to provide communication for emergency services in response to the emergency call; receiving data packets from the user device while the PDP context for the emergency call is active; determining destination IP addresses for the received data packets; in the event that a received data packet includes a destination IP address which corresponds to the at least one authorized IP address, routing the received data packet to the destination IP address; in the event that a received data packet includes a destination IP address which does not correspond to the at least one authorized IP address, redirecting to a third party the received data packet to thereby prohibit communication between the interim IP address and unauthorized destination IP addresses while the PDP context for the emergency call is active; and upon termination of the PDP context for the emergency call, prohibiting communication of data packets to or from the user device in the event that The identity (hr the user device is not a valid identity for the packet data network communication system.
-
-
11. A method for communicating data packets for an anonymous user device in a packet data network communication system, the method comprising:
-
receiving an emergency call attach request from the user device, the emergency call attach request including an identity for the user device; determining whether the identity for the user device is a valid identity for the packet data network communication system; in the event that the identity for the user device is not a valid identity for the packet data network communication system; setting a level of service access for the user device to emergency service access only, granting the emergency call attach request, establishing a PDP context for an emergency call, assigning an interim IP address to the user device for emergency service access only, and determining at least one authorized IP address that is permitted to send data packets to and receive data packets from the interim IP address while the PDP context for the emergency call is active, wherein the PDP context for the emergency call remains active through a predetermined callback period and wherein the at least one authorized IP address corresponds to at least one device used to provide communication for emergency services in response to the emergency call; receiving data packets directed to the interim IP address while the PDP context for the emergency call is active; determining source IP addresses for the received data packets; in the event that a received data packet includes a source IP address which corresponds to the at least one authorized IP address, routing the received data packet to the interim IP address; in the event that a received data packet includes a source IP address which does not correspond to the at least one authorized IP address, blocking the received data packet from being delivered to the interim IP address to thereby prohibit communication between the interim IP address and unauthorized source IP addresses while the PDP context for the emergency call is active; and upon termination of the PDP context for the emergency call, prohibiting communication of data packets to or from the user device in the event that the identity for the user device is not a valid identity for the packet data network communication system.
-
-
12. A method of communicating data packets for an anonymous user device in a packet data network communication system, the method comprising:
-
receiving an emergency call attach request from the user device, the emergency call attach request including an identity for the user device; determining whether the identity for the user device is a valid identity for the packet data network communication system; in the event that the identity for the user device is not a valid identity for the packet data network communication system; granting the emergency call after each request, requesting and receiving an interim identity from the user device, the interim identity having been generated by the user device, establishing a PDP context for an emergency call, setting a level of service access for the user device to emergency service access only, assigning an interim IP address to the user device for emergency service access only, associating the interim IP address with the interim identity generated by the user device, mapping the level of service access of the user device to the interim IP address, and determining at least one authorized IP address that is permitted to send data packets to and receive data packets from the interim IP address while the PDP context for the emergency call is active, wherein the PDP context for the emergency call remains active through a predetermined callback period and wherein the at least one authorized IP address corresponds to at least one emergency calling center; receiving data packets directed to the interim IP address while the PDP context for the emergency call is active; determining source IP addresses for the received data packets; in the event that a received data packet includes a source IP address which corresponds to an IP address of an emergency calling center, routing the received data packets to the interim IP address; in the event that a received data packet includes a source IP address which does not correspond to an IP address of an emergency calling center, restricting delivery of the received data packets to the interim IP address to thereby prohibit communication between the interim IP address and unauthorized source IP addresses while the PDP context for the emergency call is active; receiving additional data packets from the user device while the PDP context for the emergency call is active; determining destination IP addresses for the additional received data packets; in the event that an additional received data packet includes a destination IP address which corresponds to an IP address of an emergency calling center, routing the additional received data packets to the destination IP address; in the event that an additional received data packet includes a destination IP address which does not correspond to an IP address of an emergency calling center, restricting delivery of the additional received data packets to the destination IP address to thereby prohibit communication between the interim IP address and unauthorized destination IP addresses while the PDP context for the emergency call is active; and upon termination of the PDP context for the emergency call, prohibiting communication of data packets to or from the user device in the event that the identity for the user device is not a valid identity for the packet data network communication system. - View Dependent Claims (13, 14, 15, 16)
-
-
17. A packet data communication system that facilitates emergency communications by an anonymous user device, the communication system comprising:
-
a home packet data network operable to; receive an emergency call attach request from the user device, determine whether the emergency call attach request includes a valid identity of the user device for use on the home packet data network, request and receive an interim identity from the user device and set a level of service access for the user device to emergency service access only in the event that the emergency call attach request does not include a valid identity for use on the home packet data network, establish a PDP context for an emergency call responsive to the emergency call attach request wherein the PDP context for the emergency call remains active through a predetermined callback period, and prohibit communication of data packets to or from the user device upon termination of the PDP context for the emergency call in the event that the emergency call attach request does not include a valid identity for use on the home packet data network; an emergency packet data network coupled to the home packet data network, the emergency packet data network being operable to; assign an interim IP address to the user device for emergency service access only and associate the interim IP address with the interim identity of the user device, determine at least one authorized IP address that is permitted to send data packets to and receive data packets from the interim IP address while the PDP context for the emergency call is active, route to the at least one authorized IP address data packets that include the interim IP address and are received while the PDP context for the emergency call is active; and route to the interim IP address data packets that include the at least one authorized IP address and are received while the PDP context for the emergency call is active; and a packet filter coupled to at least one of the home packet data network and the emergency packet data network, the packet filter operable while the PDP context for the emergency call is active to pass only those data packets that include both the interim IP address and the at least one authorized IP address and to at least block all data packets that include the interim IP address but not the at least one authorized IP address to thereby prohibit communication between the interim IP address and unauthorized IP addresses while the PDP context for the emergency call is active. - View Dependent Claims (18, 19, 20, 21)
-
-
22. A packet data communication system that facilitates emergency communications, the communication system comprising:
-
an anonymous user device; a home packet data network operable to; receive an emergency call attach request from the user device, determine whether the emergency call attach request includes a valid identity of the user device for use on the home packet data network, request and receive an interim identity from the user device and set a level of service access for the user device to emergency service access only in the event that the emergency call attach request does not include a valid identity for use on the home packet data network, establish a PDP context for an emergency call responsive to the emergency call attach request, wherein the PDP context for the emergency call remains active through a predetermined callback period, and prohibit communication of data packets to or from the user device upon termination of the PDP context for the emergency call in the event that the emergency call attach request does not include a valid identity for use on the home packet data network; an emergency packet data network coupled to the home packet data network, the emergency packet data network being operable to; assign an interim IP address to the user device for emergency service access only and associate the interim IP address with the interim identity of the user device, determine at least one authorized IP address that is permitted to send data packets to and receive data packets from the interim IP address while the PDP context for the emergency call is active, route to the at least one authorized IP address data packets that include the interim IP address and are received while the PDP context for the emergency call is active, and route to the interim IP address data packets that include the at least one authorized IP address and are received while the PDP context for the emergency call is active; and a packet filter coupled to at least one of the home packet data network and the emergency packet data network, the packet filter operable while the PDP context for the emergency call is active to pass only those data packets that include both the interim IP address and the at least one authorized IP address and to at least block all data packets that include the interim IP address but not the at least one authorized IP address to thereby prohibit communication between the interim IP address and unauthorized IP addresses while the PDP context for the emergency call is active.
-
Specification