Method and apparatus for preventing counterfeiting of a network-side media access control address

US 8,005,963 B2
Filed: 07/15/2009
Issued: 08/23/2011
Est. Priority Date: 06/08/2007
Status: Active Grant

First Claim

Patent Images

1. A method for preventing counterfeiting of a network-side media access control (MAC) address, comprising:

receiving a message from a user equipment (UE), and parsing the message of the UE to obtain a MAC address of the UE;

learning the MAC address of the UE if the MAC address of the UE is different from a known MAC address of a network-side equipment stored in a storage unit;

learning a MAC address of the network-side equipment when the MAC address of the UE is different from the known MAC address of the network-side equipment stored in the storage unit;

generating a MAC address learning table by utilizing the learned MAC address of the network-side equipment and setting the MAC address learning table to be a static address table, andfiltering messages transmitted by the UE by utilizing the learned MAC address of the network-side equipment, the filtered messages having source MAC addresses identical with the MAC address of the network-side equipment and transmitted from other user-side ports.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus is provided for preventing the counterfeiting of a network-side Media Access Control (MAC) address. The method includes: receiving a message from a user equipment (UE) and resolving the message from the UE in order to obtain a MAC address of the UE; learning the MAC address of the UE if the MAC address of the UE is different from a known MAC address of a network-side equipment; learning the MAC address of the network-side equipment; and generating a MAC address learning table by utilizing the learned MAC address of the network-side equipment and setting the MAC address learning table to be a static address table, and/or filtering messages having source MAC addresses being the MAC address of the network-side equipment and from other user-side ports by utilizing the learned MAC address of the network-side equipment.

12 Citations

14 Claims

1. A method for preventing counterfeiting of a network-side media access control (MAC) address, comprising:
- receiving a message from a user equipment (UE), and parsing the message of the UE to obtain a MAC address of the UE;
  
  learning the MAC address of the UE if the MAC address of the UE is different from a known MAC address of a network-side equipment stored in a storage unit;
  
  learning a MAC address of the network-side equipment when the MAC address of the UE is different from the known MAC address of the network-side equipment stored in the storage unit;
  
  generating a MAC address learning table by utilizing the learned MAC address of the network-side equipment and setting the MAC address learning table to be a static address table, andfiltering messages transmitted by the UE by utilizing the learned MAC address of the network-side equipment, the filtered messages having source MAC addresses identical with the MAC address of the network-side equipment and transmitted from other user-side ports.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method according to claim 1, learning the MAC address of the network-side equipment comprising:
    - acquiring the MAC address of the network-side equipment through one of a routing protocol, an address resolution protocol, and a response message of the network-side equipment.
  - 3. The method according to claim 1, further comprising:
    - discarding the message of the UE if the MAC address of the UE is the same as the known MAC address of the network-side equipment.
  - 4. The method according to claim 1, further comprising:
    - if the MAC address of the UE is different from the known MAC address of the network-side equipment,forwarding the message from the UE;
      
      receiving an acknowledgement message returned by the network-side equipment; and
      
      determining the MAC address of the network-side equipment according to a source MAC address of the acknowledgement message.
  - 5. The method according to claim 1, wherein the messages transmitted from the UE include at least one of a discovery message for requesting the network-side equipment allocate an IP address for a user and a message for requesting a session establishment.
  - 6. The method according to claim 2, wherein the messages transmitted from the UE include at least one of a discovery message for requesting the network-side equipment to allocate an IP address for a user and a message for requesting a session establishment.
  - 7. The method according to claim 4, wherein the messages transmitted from the UE include at least one of a discovery message for requesting the network-side equipment allocate an IP address for a user and a message for requesting a session establishment.

8. An apparatus for preventing counterfeiting of a network-side media access control (MAC) address, comprising:
- a storage unit configured to store an acquired MAC address of a network-side equipment;
  
  an acquisition unit, configured to receive a message from a user equipment (UE) and parse the message from the UE to obtain a MAC address of the UE;
  
  a judgment unit, configured to judge whether the MAC address of the UE acquired by the acquisition unit is the acquired MAC address stored in the storage unit;
  
  a learning unit, configured to learn the MAC address of the UE and a MAC address of the network-side equipment when the judgment unit determines that the MAC address of the UE is not the acquired MAC address stored in the storage unit;
  
  an address table generation unit configured to generate a MAC address learning table based on the learned MAC address of the network-side equipment, the MAC address learning table being a static address table; and
  
  a filter unit configured to filter messages by utilizing the learned MAC address of the network-side equipment, the filtered messages having source MAC addresses identical with the MAC address of the network-side equipment and transmitted from other user-side ports.
- View Dependent Claims (9, 10, 11)
- - 9. The apparatus according to claim 8, the learning unit further configured to:
    - obtain the MAC address of the network-side equipment through one of a routing protocol, an address protocol, anda response message of the network-side equipment.
  - 10. The apparatus according to claim 8, wherein the message transmitted from the UE include at least one of a discovery message for requesting the network-side equipment to allocate an IP address for a user and a message for requesting a session establishment.
  - 11. The apparatus according to claim 8, further comprising:
    - a setting unit, configured to set the MAC address learning table generated by the address table generation unit to be the static MAC address table and configured to configure the learned MAC address of the network-side equipment into the filter unit.

12. An access equipment for providing a user with an access to a network to obtain network services, the access equipment comprising:
- a storage unit configured to store an acquired MAC address of a network-side equipment;
  
  an acquisition unit, configured to receive a message from a user equipment (UE) and resolve the message from the UE to obtain a media access control (MAC) address of the UE;
  
  a judgment unit, configured to judge whether the MAC address of the UE acquired by the acquisition unit is the acquired MAC address stored in the storage unit;
  
  a learning unit, configured to learn the MAC address of the UE and learn a MAC address of the network-side equipment to generate a MAC address learning table comprising the MAC address of the network-side equipment when the judgment unit determines that the MAC address of the UE is not the acquired MAC address stored in the storage unit;
  
  an address table generation unit configured to generate the MAC address learning table based on the learned MAC address of the network-side equipment, the MAC address learning table being set to be a static MAC address table; and
  
  a filter unit configured to filter messages by utilizing the learned MAC address of the network-side equipment, the filtered messages having source MAC addresses identical with the MAC address of the network-side equipment and transmitted from other user-side ports.
- View Dependent Claims (13, 14)
- - 13. The access equipment according to claim 12, the learning unit further comprising:
    - acquiring the MAC address of the network-side equipment through one of a routing protocol, an address resolution protocol (ARP), and a response message of the network-side equipment.
  - 14. The access equipment according to claim 12, wherein the messages transmitted from the UE include at least one of a discovery message for requesting the network-side equipment allocate an IP address for a user and a message requesting a session establishment.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Huawei Technologies Co., Ltd. (Huawei Investment & Holding Co., Ltd.)
Original Assignee
Huawei Technologies Co., Ltd. (Huawei Investment & Holding Co., Ltd.)
Inventors
Ke, Bo, Zhang, Qun
Primary Examiner(s)
Joo; Joshua

Application Number

US12/503,427
Publication Number

US 20090282152A1
Time in Patent Office

769 Days
Field of Search

709223-229, 726 1- 3, 726 22- 23
US Class Current

709/227
CPC Class Codes

H04L 12/66   Arrangements for connecting...

H04L 2101/622   Layer-2 addresses, e.g. med...

H04L 61/103   across network layers, e.g....

H04L 63/0227   Filtering policies mail mes...

H04L 63/0876   based on the identity of th...

H04L 63/102   Entity profiles

Method and apparatus for preventing counterfeiting of a network-side media access control address

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

12 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for preventing counterfeiting of a network-side media access control address

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

12 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links