Security of a communication system
First Claim
1. A method, comprising:
- entering state information associated with a packet data protocol connection in a record maintained in a firewall, the packet data protocol connection being established between a user equipment and a node via a gateway node, and the firewall being configured to control transportation of packet data protocol data based on the record, and the gateway node being configured to, when deactivation of the packet data protocol connection for the user equipment is detected, send information to the firewall that the user equipment cannot be reached;
receiving in the firewall the information that the user equipment cannot be reached;
in response to receiving said information, deleting the state information from the record; and
dropping any remaining packet data protocol data associated with said address comprising freezing use of an address associated with the packet data protocol connection from use by other data transportation connections for a predetermined period of time after detecting that the packet data protocol connection is deactivated.
2 Assignments
0 Petitions
Accused Products
Abstract
Communications systems and methods for controlling transportation of data. The methods commonly include entering state information associated with a data transportation connection in a state information record maintained in a data processing entity. The data transportation connection is normally established between user equipment and a node, commonly via a gateway node, and the data processing entity is typically configured to control transportation of data based on the state information table. The methods also usually include, detecting that the data transportation connection is deactivated for the user equipment, sending information from the gateway node that the user equipment cannot be reached, and, in response to the information, deleting the state information from the state information record. The systems generally allow for implementation of the methods.
19 Citations
11 Claims
-
1. A method, comprising:
-
entering state information associated with a packet data protocol connection in a record maintained in a firewall, the packet data protocol connection being established between a user equipment and a node via a gateway node, and the firewall being configured to control transportation of packet data protocol data based on the record, and the gateway node being configured to, when deactivation of the packet data protocol connection for the user equipment is detected, send information to the firewall that the user equipment cannot be reached; receiving in the firewall the information that the user equipment cannot be reached; in response to receiving said information, deleting the state information from the record; and dropping any remaining packet data protocol data associated with said address comprising freezing use of an address associated with the packet data protocol connection from use by other data transportation connections for a predetermined period of time after detecting that the packet data protocol connection is deactivated. - View Dependent Claims (2, 3)
-
-
4. A method, comprising:
-
detecting, by a gateway node, that an address associated with a packet data protocol connection established between a user equipment and a node via the gateway node becomes available for use by other user equipment, wherein state information associated with a packet data protocol connection is entered in a record maintained in a firewall, said state information comprising said address, the firewall being configured to control transportation of packet data protocol data based on the record; sending information to the firewall that the user equipment cannot be reached; and abstaining from reassigning the address for another user equipment for a predefined period of time wherein any remaining packet data protocol data associated with said address are dropped. - View Dependent Claims (5)
-
-
6. A gateway node comprising a first processor configured to handle packet data protocol connections established between user equipment configured to communicate via an access system and nodes connected to a data network, the gateway node being configured to detect that a packet data protocol connection for a user equipment is deactivated and to send information to the firewall that the user equipment cannot be reached;
- and
a data processing node comprising a second processor configured to maintain state information associated with respective packet data protocol connections established between the user equipment and the nodes via the gateway node and to control transportation of data based on the state information, the data processing node being configured to delete state information associated with a user equipment in response to information from the gateway node that the user equipment cannot be reached.
- and
-
7. An apparatus, comprising:
-
a processor; and a memory and the computer program code, the memory and the computer program code configured to, with the processor, cause the apparatus at least to; detect that an address associated with a packet data protocol connection established between a user equipment and a node via a gateway node becomes available for use by other user equipment, wherein state information associated with a packet data protocol connection is entered in a record maintained in a firewall, said state information comprising said address, the firewall being configured to control transportation of packet data protocol data based on the record, send information to the firewall that the user equipment cannot be reached, and abstain from reassigning the address for another user equipment for a predefined period of time following said detection that said address becomes available for use by said other user equipment, wherein any remaining packet data protocol data associated with said address are dropped. - View Dependent Claims (8)
-
-
9. An apparatus, comprising:
-
a processor; and a memory including computer program code, the memory and the computer program code configured to, with the processor, cause the apparatus at least to enter state information associated with a packet data protocol connection in a record maintained in a firewall, the packet data protocol connection being established between a user equipment and a node via a gateway node, and the firewall being configured to control transportation of data based on the record; receive information from the gateway node that the user equipment cannot be reached when the packet data protocol connection is deactivated for the user equipment; and in response to said information, delete the state information from the record and to drop any remaining packet data protocol data associated with an address comprising freezing use of the address associated with the packet data protocol connection from use by other data transportation connections for a predetermined period of time after detecting that the packet data protocol connection is deactivated.
-
-
10. A computer-readable storage medium encoded with instructions configured to control a processor to perform a process, the process, comprising:
-
entering state information associated with a packet data protocol connection in a record maintained in a firewall, the packet data protocol connection being established between a user equipment and a node via a gateway node, and the firewall being configured to control transportation of data based on the record, and the gateway node being configured to, when deactivation of the packet data protocol connection for the user equipment is detected, send information that the user equipment cannot be reached; receiving in the firewall the information that the user equipment cannot be reached; and in response to receiving said information, deleting the state information from the record, and dropping any remaining packet data protocol data associated with an address comprising freezing use of the address associated with the packet data protocol connection from use by other data transportation connections for a predetermined period of time after detecting that the packet data protocol connection is deactivated.
-
-
11. A computer-readable storage medium encoded with instructions configured to control a processor to perform a process, the process, comprising:
-
detecting, by a gateway node, that an address associated with a packet data protocol connection established between a user equipment and a node via the gateway node becomes available for use by other user equipment, wherein state information associated with a packet data protocol connection is entered in a record maintained in a firewall, said state information comprising the address, the firewall being configured to control transportation of packet data protocol data based on the state information record; sending information that the user equipment cannot be reached; and abstaining from reassigning the address for another user equipment for a predefined period of time, wherein any remaining packet data protocol data associated with said address are dropped.
-
Specification