LAN-based UMA network controller with aggregated transport

US 8,750,827 B2
Filed: 06/14/2012
Issued: 06/10/2014
Est. Priority Date: 05/10/2005
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, at a first device, from a second device, first keying information that the second device uses at least to encrypt packets destined for a third device;

receiving, at the first device, from the third device, second keying information that the third device uses at least to encrypt packets destined for the second device;

intercepting a first encrypted packet at the first device;

decrypting the first encrypted packet at the first device using the first keying information or the second keying information;

processing, at the first device, data resulting from the decrypting;

encrypting, at the first device, using the first keying information or the second keying information, data resulting from the processing;

sending, from the first device, toward a destination specified for the first encrypted packet, a second packet containing data resulting from the encrypting;

intercepting, at the first device, an Extensible Authentication Protocol (EAP) response message that the third device sent toward the second device;

storing, at the first device, a value of a parameter that is indicated in the EAP response message; and

forwarding the EAP response message from the first device to the second device.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for managing UMA communications within a local area network and a network controller includes establishing a first connection between a first UMA device and a LAN-based UMA network controller (LAN-UNC) and establishing a second connection between a second UMA device and the LAN-UNC. The first and second connections are carried over the local area network. The first and second UMA devices are connected to the same local area network. The method provides establishing a third connection between the LAN-UNC and a UMA network controller (UNC). The UNC is connected to an external network and the third connection extends over the external network. The method includes transporting packets received using the first and second connections to the UNC using the third connection. Packets received using the third connection are transported to the first UMA device using the first connection and to the second UMA device using the second connection.

Citations

15 Claims

1. A method comprising:
- receiving, at a first device, from a second device, first keying information that the second device uses at least to encrypt packets destined for a third device;
  
  receiving, at the first device, from the third device, second keying information that the third device uses at least to encrypt packets destined for the second device;
  
  intercepting a first encrypted packet at the first device;
  
  decrypting the first encrypted packet at the first device using the first keying information or the second keying information;
  
  processing, at the first device, data resulting from the decrypting;
  
  encrypting, at the first device, using the first keying information or the second keying information, data resulting from the processing;
  
  sending, from the first device, toward a destination specified for the first encrypted packet, a second packet containing data resulting from the encrypting;
  
  intercepting, at the first device, an Extensible Authentication Protocol (EAP) response message that the third device sent toward the second device;
  
  storing, at the first device, a value of a parameter that is indicated in the EAP response message; and
  
  forwarding the EAP response message from the first device to the second device.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, further comprising:
    - sending, from the first device to the second device, a first request for the first keying information;
      
      sending, from the first device to the third device, a second request for the second keying information;
      
      wherein the first keying information is received at the first device in response to the first request; and
      
      wherein the second keying information is received at the first device in response to the second request.
  - 3. The method of claim 1, wherein the first device is an Unlicensed Mobile Access (UMA) network controller that resides in a local area network in which the second device is contained but in which the third device is not contained.
  - 4. The method of claim 1, wherein receiving the first keying information comprises receiving the first keying information at the first device via the Internet from another device, said another device interfacing to both (a) the Internet and (b) a cellular network;
    - and wherein receiving the second keying information comprises receiving the second keying information at the first device via a local area network excluding the Internet.
  - 5. The method of claim 1, further comprising:
    - sending, from the first device to another device, said another device interfacing to both (a) the Internet and (b) a cellular network, authentication credentials of the first device.

6. A network device comprising:
- means for receiving, from a second device, first keying information that the second device uses at least to encrypt packets destined for a third device;
  
  means for receiving, from the third device, second keying information that the third device uses at least to encrypt packets destined for the second device;
  
  means for intercepting a first encrypted packet;
  
  means for decrypting the first encrypted packet using the first keying information or the second keying information;
  
  means for processing data resulting from the decrypting;
  
  means for encrypting, using the first keying information or the second keying information, data resulting from the processing;
  
  means for sending, toward a destination specified for the first encrypted packet, a second packet containing data resulting from the encrypting;
  
  means for intercepting an Extensible Authentication Protocol (EAP) response message that the third device sent toward the second device;
  
  means for storing a value of a parameter that is indicated in the EAP response message; and
  
  means for forwarding the EAP response message to the second device.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The network device of claim 6, further comprising:
    - means for sending, to the second device, a first request for the first keying information;
      
      means for sending, the third device, a second request for the second keying information;
      
      wherein the means for receiving the first keying information are means for receiving the first keying information in response to the first request; and
      
      wherein the means for receiving the second keying information are means for receiving the second keying information in response to the second request.
  - 8. The network device of claim 6, wherein the network device is an Unlicensed Mobile Access (UMA) network controller that resides in a local area network in which the second device is contained but in which the third device is not contained.
  - 9. The network device of claim 6, wherein the means for receiving the first keying information comprise means for receiving the first keying information via the Internet from another device, said another device interfacing to both (a) the Internet and (b) a cellular network;
    - and wherein the means for receiving the second keying information comprise means for receiving the second keying information via a local area network excluding the Internet.
  - 10. The network device of claim 6, further comprising:
    - means for sending, to another device, said another device interfacing to both (a) the Internet and (b) a cellular network, authentication credentials of the network device.

11. A non-transitory computer-readable medium storing instructions which, when executed by one or more processors, cause the one or more processors to perform steps comprising:
- receiving, at a first device, from a second device, first keying information that the second device uses at least to encrypt packets destined for a third device;
  
  receiving, at the first device, from the third device, second keying information that the third device uses at least to encrypt packets destined for the second device;
  
  intercepting a first encrypted packet at the first device;
  
  decrypting the first encrypted packet at the first device using the first keying information or the second keying information;
  
  processing, at the first device, data resulting from the decrypting;
  
  encrypting, at the first device, using the first keying information or the second keying information, data resulting from the processing;
  
  sending, from the first device, toward a destination specified for the first encrypted packet, a second packet containing data resulting from the encrypting;
  
  intercepting, at the first device, an Extensible Authentication Protocol (EAP) response message that the third device sent toward the second device;
  
  storing, at the first device, a value of a parameter that is indicated in the EAP response message; and
  
  forwarding the EAP response message from the first device to the second device.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The non-transitory computer-readable medium of claim 11, wherein the steps further comprise:
    - sending, from the first device to the second device, a first request for the first keying information;
      
      sending, from the first device to the third device, a second request for the second keying information;
      
      wherein the first keying information is received at the first device in response to the first request; and
      
      wherein the second keying information is received at the first device in response to the second request.
  - 13. The non-transitory computer-readable medium of claim 11, wherein the first device is an Unlicensed Mobile Access (UMA) network controller that resides in a local area network in which the second device is contained but in which the third device is not contained.
  - 14. The non-transitory computer-readable medium of claim 11, wherein receiving the first keying information comprises receiving the first keying information at the first device via the Internet from another device, said another device interfacing to both (a) the Internet and (b) a cellular network;
    - and wherein receiving the second keying information comprises receiving the second keying information at the first device via a local area network excluding the Internet.
  - 15. The non-transitory computer-readable medium of claim 11, wherein the steps further comprise:
    - sending, from the first device to another device, said another device interfacing to both (a) the Internet and (b) a cellular network, authentication credentials of the first device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ribbon Communications Operating Company, Inc. (Ribbon Communications, Inc.)
Original Assignee
Network Equipment Technologies Incorporated (Ribbon Communications, Inc.)
Inventors
Pummill, Troy T., Isacks, Kevin, Hardie, Terry, Harty, Talbot
Primary Examiner(s)
MEHRA, INDER P

Application Number

US13/523,660
Publication Number

US 20130064369A1
Time in Patent Office

726 Days
Field of Search

455/410, 713/150, 713/156, 712/150, 712/156
US Class Current

455/410
CPC Class Codes

H04L 63/0281   Proxies

H04L 63/061   for key exchange, e.g. in p...

H04L 63/0853   using an additional device,...

H04L 63/0869   for achieving mutual authen...

H04L 63/101   Access control lists [ACL]

H04L 63/123   received data contents, e.g...

H04W 12/069   using certificates or pre-s...

H04W 40/00   Communication routing or co...

H04W 76/00   Connection management

H04W 76/10   Connection setup

H04W 76/12   Setup of transport tunnels

H04W 8/02   Processing of mobility data...

H04W 80/10   adapted for application ses...

H04W 84/12   WLAN [Wireless Local Area N...

H04W 92/02   Inter-networking arrangements

H04W 92/14   between access point contro...

LAN-based UMA network controller with aggregated transport

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

LAN-based UMA network controller with aggregated transport

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links