Unlicensed mobile access (UMA) communications using decentralized security gateway
First Claim
1. A method of providing a communication link between a first mobile station and a second mobile station through a customer premises equipment (CPE) device, the method comprising:
- intercepting a call setup request to a first security gateway of an unlicensed mobile access network controller (UNC) and redirecting the call setup request to be received at a second security gateway of the CPE device, wherein;
the call setup request is provided by the first mobile station, andcommunications from the first mobile station are redirected from the first security gateway of the UNC to the second security gateway of the CPE device;
extracting an address from the call setup request, wherein the address is associated with the second mobile station;
comparing the address with a plurality of records maintained by the CPE device, wherein the records identify a plurality of mobile stations registered with the CPE device;
forwarding the call setup request to the second mobile station if the address corresponds to at least one of the records, wherein;
the CPE device routes communications to and from the first mobile station and the second mobile station without requiring the call setup request to pass through the first security gateway, andthe first mobile station and the second mobile station are in communication with the CPE device over a wireless local access network (WLAN) in accordance with an unlicensed mobile communication standard; and
registering the first and second mobile stations with the CPE device prior to the intercepting, wherein;
if the first mobile station attempts to register with the first security gateway of the UNC and the first mobile station is determined to be controlled by the CPE device, then the first mobile station is directed to the second security gateway of the CPE device instead of the first security gateway of the UNC, anda new internet protocol security (IPSec) security tunnel is established for the first mobile station with the second security gateway of the CPE device, making the second security gateway of the CPE device operable to authenticate the first mobile station.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods are provided to facilitate efficient routing of unlicensed mobile access (UMA) communications. In one implementation, a method of providing a communication link between a first mobile station and a second mobile station through a customer premises equipment (CPE) device includes intercepting a call setup request provided by the first mobile station and received at a security gateway of the CPE device. An address associated with the second mobile station may be extracted from the call setup request and the address may be compared with a plurality of records maintained by the CPE device. A call setup request may be forwarded to the second mobile station if the address corresponds to at least one of the records. The first and second mobile stations may be in communication with the CPE device over a wireless local access network (WLAN) in accordance with an unlicensed mobile communication standard.
29 Citations
18 Claims
-
1. A method of providing a communication link between a first mobile station and a second mobile station through a customer premises equipment (CPE) device, the method comprising:
-
intercepting a call setup request to a first security gateway of an unlicensed mobile access network controller (UNC) and redirecting the call setup request to be received at a second security gateway of the CPE device, wherein; the call setup request is provided by the first mobile station, and communications from the first mobile station are redirected from the first security gateway of the UNC to the second security gateway of the CPE device; extracting an address from the call setup request, wherein the address is associated with the second mobile station; comparing the address with a plurality of records maintained by the CPE device, wherein the records identify a plurality of mobile stations registered with the CPE device; forwarding the call setup request to the second mobile station if the address corresponds to at least one of the records, wherein; the CPE device routes communications to and from the first mobile station and the second mobile station without requiring the call setup request to pass through the first security gateway, and the first mobile station and the second mobile station are in communication with the CPE device over a wireless local access network (WLAN) in accordance with an unlicensed mobile communication standard; and registering the first and second mobile stations with the CPE device prior to the intercepting, wherein; if the first mobile station attempts to register with the first security gateway of the UNC and the first mobile station is determined to be controlled by the CPE device, then the first mobile station is directed to the second security gateway of the CPE device instead of the first security gateway of the UNC, and a new internet protocol security (IPSec) security tunnel is established for the first mobile station with the second security gateway of the CPE device, making the second security gateway of the CPE device operable to authenticate the first mobile station. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A communications system comprising:
-
a customer premises equipment (CPE) device; a first security gateway maintained by the CPE device; a plurality of records maintained by the CPE device, wherein the records identify a plurality of mobile stations registered with the CPE device; a processor of the CPE device in communication with the first security gateway and the records; and a memory of the CPE device in communication with the processor, the memory comprising a machine-readable medium having executable instructions that, when executed, instruct the processor to perform a method of providing a communication link between a first mobile station and a second mobile station through the CPE device, the method comprising; intercepting a call setup request to a second security gateway of an unlicensed mobile access network controller (UNC) and redirecting the call setup request to be received at the first security gateway of the CPE device, wherein; the call setup request is provided by the first mobile station, and communications from the first mobile station are redirected from the second security gateway of the UNC to the first security gateway of the CPE device, extracting an address from the call setup request, wherein the address is associated with the second mobile station, comparing the address with the records, forwarding the call setup request to the second mobile station if the address corresponds to at least one of the records, wherein; the CPE device routes communications to and from the first mobile station and the second mobile station without requiring the call setup request pass through the second security gateway, and the first mobile station and the second mobile station are in communication with the CPE device over a wireless local access network (WLAN) in accordance with an unlicensed mobile communication standard; and registering the first and second mobile stations with the CPE device prior to the intercepting, wherein; if the first mobile station attempts to register with the first security gateway of the UNC and the first mobile station is determined to be controlled by the CPE device, then the first mobile station is directed to the second security gateway of the CPE device instead of the first security gateway of the UNC, and a new internet protocol security (IPSec) security tunnel is established for the first mobile station with the second security gateway of the CPE device, making the second security gateway of the CPE device operable to authenticate the first mobile station. - View Dependent Claims (8, 9, 10)
-
-
11. A customer premises equipment device comprising
means for providing a wireless local access network (WLAN) in accordance with an unlicensed mobile communication standard; -
means for providing a first security gateway at a customer premises and in communication with the WLAN; means for registering a plurality of mobile stations in communication with the WLAN; a plurality of records identifying the mobile stations registered by the registering means; means for intercepting a call setup request to a second security gateway of an unlicensed mobile access network controller (UNC) and redirecting the call setup request to be received at the first security gateway of the CPE device, wherein; the call setup request is provided by a first mobile station, and communications from the first mobile station are redirected from the second security gateway of the UNC to the first security gateway of the CPE device; means for extracting an address from the call setup request, wherein the address is associated with a second mobile station; means for comparing the address with the records; and means for forwarding the call setup request to the second mobile station if the address corresponds to at least one of the records; means for routing communications to and from the first mobile station and the second mobile station without requiring the call setup request to pass through the second security gateway; and means for registering the first and second mobile stations with the CPE device prior to the intercepting means intercepting the call setup request, wherein; if the first mobile station attempts to register with the first security gateway of the UNC and the first mobile station is determined to be controlled by the CPE device, then the first mobile station is directed to the second security gateway of the CPE device instead of the first security gateway of the UNC, and a new internet protocol security (IPSec) security tunnel is established for the first mobile station with the second security gateway of the CPE device, making the second security gateway of the CPE device operable to authenticate the first mobile station. - View Dependent Claims (12)
-
-
13. A method of providing a communication link between a mobile station and a data network through a customer premises equipment (CPE) device, the method comprising:
-
intercepting a session management message to a first security gateway of an unlicensed mobile access network controller (UNC) and redirecting the session management message to be received at a second security gateway of the CPE device, wherein; the session management message is provided by the mobile station and communications from the first mobile station are redirected from the first security gateway of the UINC to the second security gateway of the CPE device; extracting a domain from the session management message, wherein the domain is accessible through the data network; comparing the domain with a plurality of records maintained by the CPE device, wherein the records identify a plurality of domains accessible by the mobile station; forwarding the session management message to the domain through the data network if the domain corresponds to at least one of the records, wherein; the CPE device routes communications to and from the mobile station and the domain without requiring the session management message to pass through the first security gateway, and the mobile station is in communication with the CPE device over a wireless local access network (WLAN) in accordance with an unlicensed mobile communication standard; and registering the first and second mobile stations with the CPE device prior to the intercepting, wherein; if the first mobile station attempts to register with the first security gateway of the UNC and the first mobile station is determined to be controlled by the CPE device, then the first mobile station is directed to the second security gateway of the CPE device instead of the first security gateway of the UNC, and a new internet protocol security (IPSec) security tunnel is established for the first mobile station with the second security gateway of the CPE device, making the second security gateway of the CPE device operable to authenticate the first mobile station. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification