ATE417438T1 - Filterung von datenpaketen an einem netzwerk- gateway, das als policy enforcement point für dienstbasierte richtlinien (sblp) arbeitet - Google Patents

Filterung von datenpaketen an einem netzwerk- gateway, das als policy enforcement point für dienstbasierte richtlinien (sblp) arbeitet

Info

Publication number
ATE417438T1
ATE417438T1 AT03811018T AT03811018T ATE417438T1 AT E417438 T1 ATE417438 T1 AT E417438T1 AT 03811018 T AT03811018 T AT 03811018T AT 03811018 T AT03811018 T AT 03811018T AT E417438 T1 ATE417438 T1 AT E417438T1
Authority
AT
Austria
Prior art keywords
network gateway
address
policy
sblp
data packet
Prior art date
Application number
AT03811018T
Other languages
English (en)
Inventor
Xiaobao Chen
Original Assignee
Orange Sa
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Orange Sa filed Critical Orange Sa
Application granted granted Critical
Publication of ATE417438T1 publication Critical patent/ATE417438T1/de

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0236Filtering by address, protocol, port number or service, e.g. IP-address or URL
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0263Rule management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0272Virtual private networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/16Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
    • H04L69/161Implementation details of TCP/IP or UDP/IP stack architecture; Specification of modified or new header fields
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/16Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
    • H04L69/167Adaptation for transition between two IP versions, e.g. between IPv4 and IPv6
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/22Parsing or analysis of headers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/037Protecting confidentiality, e.g. by encryption of the control plane, e.g. signalling traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/16Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W28/00Network traffic management; Network resource management
    • H04W28/02Traffic management, e.g. flow control or congestion control
    • H04W28/06Optimizing the usage of the radio link, e.g. header compression, information sizing, discarding information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/26Network addressing or numbering for mobility support
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W80/00Wireless network protocols or protocol adaptations to wireless operation
    • H04W80/04Network layer protocols, e.g. mobile IP [Internet Protocol]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/16Gateway arrangements

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • General Business, Economics & Management (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Mobile Radio Communication Systems (AREA)
AT03811018T 2002-11-11 2003-11-07 Filterung von datenpaketen an einem netzwerk- gateway, das als policy enforcement point für dienstbasierte richtlinien (sblp) arbeitet ATE417438T1 (de)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GBGB0226289.7A GB0226289D0 (en) 2002-11-11 2002-11-11 Telecommunications

Publications (1)

Publication Number Publication Date
ATE417438T1 true ATE417438T1 (de) 2008-12-15

Family

ID=9947613

Family Applications (1)

Application Number Title Priority Date Filing Date
AT03811018T ATE417438T1 (de) 2002-11-11 2003-11-07 Filterung von datenpaketen an einem netzwerk- gateway, das als policy enforcement point für dienstbasierte richtlinien (sblp) arbeitet

Country Status (10)

Country Link
US (1) US7554949B2 (de)
EP (2) EP1561316B1 (de)
JP (1) JP4690045B2 (de)
CN (1) CN100454886C (de)
AT (1) ATE417438T1 (de)
AU (1) AU2003276482A1 (de)
DE (1) DE60325264D1 (de)
ES (1) ES2316869T3 (de)
GB (1) GB0226289D0 (de)
WO (1) WO2004045159A2 (de)

Families Citing this family (37)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE10120772A1 (de) * 2001-04-24 2002-11-07 Siemens Ag Heterogenes Mobilfunksystem
GB0328756D0 (en) * 2003-12-11 2004-01-14 Nokia Corp Controlling transportation of data packets
JP4298530B2 (ja) * 2004-01-30 2009-07-22 キヤノン株式会社 通信装置
JP2005217976A (ja) * 2004-01-30 2005-08-11 Canon Inc 電子機器及びその制御方法
US7385946B2 (en) 2004-06-03 2008-06-10 Nokia Corporation Service based bearer control and traffic flow template operation with mobile IP
US7512085B2 (en) * 2004-06-24 2009-03-31 International Business Machines Corporation Method for multicast tunneling for mobile devices
US8042170B2 (en) 2004-07-15 2011-10-18 Qualcomm Incorporated Bearer control of encrypted data flows in packet data communications
US8265060B2 (en) 2004-07-15 2012-09-11 Qualcomm, Incorporated Packet data filtering
JP4405360B2 (ja) * 2004-10-12 2010-01-27 パナソニック株式会社 ファイアウォールシステム及びファイアウォール制御方法
US8166547B2 (en) * 2005-09-06 2012-04-24 Fortinet, Inc. Method, apparatus, signals, and medium for managing a transfer of data in a data network
WO2007038445A2 (en) 2005-09-26 2007-04-05 Advanced Cluster Systems, Llc Clustered computer system
CN1870631B (zh) * 2005-11-11 2010-04-14 华为技术有限公司 媒体网关的门控方法
ATE434890T1 (de) * 2005-12-23 2009-07-15 Ericsson Telefon Ab L M Verfahren und vorrichtung zur routenoptimierung in einem telekommunikationsnetz
CN100442778C (zh) * 2006-01-12 2008-12-10 华为技术有限公司 对数据流进行防攻击过滤的方法、系统及其重定向设备
CN100512300C (zh) * 2006-01-13 2009-07-08 华为技术有限公司 一种在传输实时流时业务切换的方法
US8082289B2 (en) 2006-06-13 2011-12-20 Advanced Cluster Systems, Inc. Cluster computing support for application programs
CN101005496B (zh) * 2006-06-27 2011-09-14 华为技术有限公司 媒体网关分组过滤方法及媒体网关
CN1997010B (zh) * 2006-06-28 2010-08-18 华为技术有限公司 一种包过滤的实现方法
JP4791285B2 (ja) * 2006-08-04 2011-10-12 富士通株式会社 ネットワーク装置およびフィルタリングプログラム
US8446874B2 (en) * 2006-08-21 2013-05-21 Samsung Electronics Co., Ltd Apparatus and method for filtering packet in a network system using mobile IP
KR100922939B1 (ko) * 2006-08-22 2009-10-22 삼성전자주식회사 모바일 아이피를 사용하는 네트워크 시스템에서 패킷필터링 장치 및 방법
CN101141386B (zh) * 2006-09-08 2011-04-13 华为技术有限公司 路由优化管理方法及其装置
KR100842289B1 (ko) * 2006-12-08 2008-06-30 한국전자통신연구원 IPv6에서의 효율적인 대역폭 사용을 위한 통신 방법
US8984620B2 (en) * 2007-07-06 2015-03-17 Cyberoam Technologies Pvt. Ltd. Identity and policy-based network security and management system and method
US7844728B2 (en) * 2007-07-31 2010-11-30 Alcatel-Lucent Usa Inc. Packet filtering/classification and/or policy control support from both visited and home networks
US9043862B2 (en) * 2008-02-06 2015-05-26 Qualcomm Incorporated Policy control for encapsulated data flows
SE535689C2 (sv) 2009-04-01 2012-11-13 Synapse Int Sa Ett system och förfarande för att möjliggöra kortaste kopplingsväg för ett mobilt organ
SE535670C2 (sv) * 2009-04-01 2012-11-06 Synapse Int Sa Ett system och förfarande för att möjliggöra kortaste kopplingsväg för ett mobilt organ
US8570944B2 (en) * 2009-05-11 2013-10-29 Zte (Usa) Inc. Internetworking techniques for wireless networks
US9179499B1 (en) 2009-07-08 2015-11-03 Zte (Usa) Inc. Network selection at a wireless communication device in wireless communications based on two or more radio access technologies
GB2493508B (en) * 2011-07-27 2014-06-18 Samsung Electronics Co Ltd Controlling data transmission between a user equipment and a acket data network
JP5657840B2 (ja) 2011-08-02 2015-01-21 カビウム・インコーポレーテッド ルックアップ・フロントエンド・パケット出力プロセッサ
FR3004037A1 (fr) * 2013-04-02 2014-10-03 France Telecom Procede de transport d'information de localisation au travers d'une authentification
CN103581189B (zh) * 2013-11-06 2017-01-04 东软集团股份有限公司 应用策略的匹配方法及系统
US9544402B2 (en) * 2013-12-31 2017-01-10 Cavium, Inc. Multi-rule approach to encoding a group of rules
CN106257880B (zh) * 2015-06-17 2019-06-28 北京网御星云信息技术有限公司 一种电磁屏蔽环境下的防火墙控制方法和系统
US10382208B2 (en) * 2016-04-29 2019-08-13 Olympus Sky Technologies, S.A. Secure communications using organically derived synchronized processes

Family Cites Families (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH06112944A (ja) * 1992-09-30 1994-04-22 Sharp Corp 情報通信装置
JPH11234333A (ja) 1998-02-13 1999-08-27 Chokosoku Network Computer Gijutsu Kenkyusho:Kk ゲートウェイ装置
US6636498B1 (en) * 1999-01-08 2003-10-21 Cisco Technology, Inc. Mobile IP mobile router
ES2243032T3 (es) * 1999-02-26 2005-11-16 Lucent Technologies Inc. Ip para moviles sin encapsulacion.
US6915325B1 (en) * 2000-03-13 2005-07-05 Nortel Networks Ltd Method and program code for communicating with a mobile node through tunnels
CA2308697A1 (en) 2000-05-15 2001-11-15 Nortel Networks Limited Exclusion routes in border gateway protocol (bgp) routers
US6621793B2 (en) * 2000-05-22 2003-09-16 Telefonaktiebolaget Lm Ericsson (Publ) Application influenced policy
FR2812783A1 (fr) 2000-08-03 2002-02-08 Cit Alcatel Procede de transmission d'informations par paquets avec allocation de ressources et reseau mettant en oeuvre ce procede
GB2366480A (en) * 2000-08-21 2002-03-06 Lucent Technologies Inc Method of operating a third generation mobile communication system
GB2366482A (en) 2000-08-21 2002-03-06 Lucent Technologies Inc Method of operating third generation communication systems
JP4491980B2 (ja) * 2001-03-05 2010-06-30 ソニー株式会社 通信処理システム、通信処理方法、および通信端末装置、並びにプログラム
CN2485724Y (zh) * 2001-03-16 2002-04-10 联想(北京)有限公司 网关级计算机网络病毒防范的装置
JP2002290444A (ja) * 2001-03-23 2002-10-04 Mitsubishi Electric Corp 移動体通信システム、通信方法およびパケットフィルタリング制御方法
GB0113901D0 (en) 2001-06-07 2001-08-01 Nokia Corp Security in area networks
US7123599B2 (en) * 2001-07-13 2006-10-17 Hitachi, Ltd. Mobile communication system
JPWO2003015356A1 (ja) * 2001-08-08 2004-12-02 富士通株式会社 サーバ、移動通信端末、無線装置および通信システムにおける通信方法並びに通信システム
JP2003209890A (ja) * 2001-11-07 2003-07-25 Matsushita Electric Ind Co Ltd 移動通信方法および移動通信システム
US6973086B2 (en) * 2002-01-28 2005-12-06 Nokia Corporation Method and system for securing mobile IPv6 home address option using ingress filtering
US7272148B2 (en) * 2002-06-27 2007-09-18 Hewlett-Packard Development Company, L.P. Non-ALG approach for application layer session traversal of IPv6/IPv4 NAT-PT gateway
US7436804B2 (en) * 2002-09-18 2008-10-14 Qualcomm Incorporated Methods and apparatus for using a Care of Address option
US7466680B2 (en) * 2002-10-11 2008-12-16 Spyder Navigations L.L.C. Transport efficiency optimization for Mobile IPv6

Also Published As

Publication number Publication date
JP2006506007A (ja) 2006-02-16
EP1561316A2 (de) 2005-08-10
JP4690045B2 (ja) 2011-06-01
US7554949B2 (en) 2009-06-30
CN100454886C (zh) 2009-01-21
US20060104284A1 (en) 2006-05-18
EP1561316B1 (de) 2008-12-10
GB0226289D0 (en) 2002-12-18
WO2004045159A2 (en) 2004-05-27
AU2003276482A8 (en) 2004-06-03
WO2004045159A3 (en) 2004-09-16
EP1860834A1 (de) 2007-11-28
CN1711728A (zh) 2005-12-21
DE60325264D1 (de) 2009-01-22
ES2316869T3 (es) 2009-04-16
AU2003276482A1 (en) 2004-06-03

Similar Documents

Publication Publication Date Title
ATE417438T1 (de) Filterung von datenpaketen an einem netzwerk- gateway, das als policy enforcement point für dienstbasierte richtlinien (sblp) arbeitet
US10582411B2 (en) Techniques for handling network traffic
US7782834B2 (en) Routing header based routing in internet protocol (IP)-cellular networks
CA2486878C (en) Flow-based selective reverse tunneling in wireless local area network (wlan)-cellular systems
EP1156686B1 (de) System und Verfahren zur Realzeitdatenübertragung
AU2003303163A1 (en) Data flow handover in communication using mobile internet
EP1206098A3 (de) Mobiles Netz und IP-Paketübergangsverfahren
GB2386508A (en) Reordering traffic flow templates
US20040057424A1 (en) Communications system
CN101420369A (zh) 通用分组无线业务隧道协议报文传输方法、系统及设备
CN101406078B (zh) 用于在移动节点从归属网络漫游到拜访网络时支持互联网数据分组的传送的系统和方法
ZA200402264B (en) Method and device for mapping network headers onto mpls headers in bearer architectures
JP3715934B2 (ja) 輻輳制御方法、エッジ型パケット転送装置及びネットワーク
EP1282962A1 (de) Kommunikationssystem und verfahren zum klassifizieren und markieren von an ein netz zu sendenden informationselementen
EP1705866A1 (de) Datenstrombasiertes selektives Reverse Tunneling in WLAN - Zellularsystemen
ATE374504T1 (de) Verfahren zum senden von paketen über leitungsvermittelte netzwerke
CN100387024C (zh) 一种无线通信系统网络侧处理所接收数据包的方法
KR100608912B1 (ko) Wcdma 이동통신 망에서 napt 기능 제공 방법
Molnar et al. Application Programming Interface offering classification services to end-user applications

Legal Events

Date Code Title Description
RER Ceased as to paragraph 5 lit. 3 law introducing patent treaties