CN100415034C - Method for realizing self surrogate function for mobile node - Google Patents
Method for realizing self surrogate function for mobile node Download PDFInfo
- Publication number
- CN100415034C CN100415034C CNB2004100731535A CN200410073153A CN100415034C CN 100415034 C CN100415034 C CN 100415034C CN B2004100731535 A CNB2004100731535 A CN B2004100731535A CN 200410073153 A CN200410073153 A CN 200410073153A CN 100415034 C CN100415034 C CN 100415034C
- Authority
- CN
- China
- Prior art keywords
- mobile node
- module
- management entity
- data
- address
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000000034 method Methods 0.000 title claims abstract description 32
- 238000004891 communication Methods 0.000 claims abstract description 13
- 238000005538 encapsulation Methods 0.000 claims description 17
- 238000012545 processing Methods 0.000 claims description 15
- 230000005540 biological transmission Effects 0.000 claims description 10
- 238000012423 maintenance Methods 0.000 claims description 8
- 238000012546 transfer Methods 0.000 claims description 7
- 230000008569 process Effects 0.000 claims description 6
- 230000004044 response Effects 0.000 claims description 3
- 238000012790 confirmation Methods 0.000 claims description 2
- 238000007726 management method Methods 0.000 description 76
- 238000005516 engineering process Methods 0.000 description 7
- 230000005856 abnormality Effects 0.000 description 3
- 238000011084 recovery Methods 0.000 description 3
- 230000003068 static effect Effects 0.000 description 3
- 238000012217 deletion Methods 0.000 description 2
- 230000037430 deletion Effects 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 230000008859 change Effects 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 230000002950 deficient Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 230000007257 malfunction Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000001314 paroxysmal effect Effects 0.000 description 1
- 230000001052 transient effect Effects 0.000 description 1
- 230000005641 tunneling Effects 0.000 description 1
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The present invention relates to a method for causing a mobile node to realize self surrogate, which comprises: after the mobile node roams to an expansion network domain environment, firstly, obtaining a legal configuration transmitting address; then, starting registration directive rules, certifying the registration directive rules to a base domain management entity, and informing the registration directive rules to the acquired configuration transmitting address; obtaining the ARP surrogate to a master machine in the base network domain, automatically responding to the visit request of an upper layer protocol stack, and determining the communication path with the master machine in the base network domain; establishing a background service frame and combining an encrypting and decoding module and a tunnel module into the frame; encapsulating and desterilizing a tunnel of data; carrying out the negotiation of dynamic session key and the encryption and the decryption with actual transmitting data of a user, and carrying out encryption and decryption before sending the data. The present invention solves the technical problems that the mobile node in the background art has unsafe communication in the expansion network domain and high hardware configuration requirement. The present invention can cause the mobile node to safely roam back to the base network domain via the self surrogate function in any expansion network domain environment.
Description
Technical field
When the present invention relates to a kind of mobile node and roaming in the network environment that does not have an extending domain management entity, realize agent functionality, keep and the method for ground field management entity and other mobile node proper communications by self.Relate in particular to a kind of method that makes the mobile node realization from agent functionality.
Background technology
Mobile IP technology provides two kinds of methods for mobile node obtains Care-of Address: the one, obtain foreign agent care-of address from certain Foreign Agent, and the 2nd, directly obtain a co-located care-of address from field network.Co-located care-of address has been represented the legal identity of mobile node at field network.When adopting the co-located care-of address mode to work, mobile node oneself is accomplished to the tunnel operations of home agent services device.
In the mobile IP technology, foreign agent services device of the general fixed placement of field network, this foreign agent services device provides agent functionality for mobile node.The morning that this mode is used,, there are following defective or deficiency though can be security path of the networking of two or more mutual trusts of crossing over the internet:
1. this mode supposes that the field network environment is believable, and the tunnel of safety is based upon between Foreign Agent and the home agent.Transfer of data between mobile node and the Foreign Agent is not taked special safety measure.If there is some malicious attacker on the field network, will cause very big potential safety hazard to the communication of mobile node, the data communication of mobile node may be intercepted and captured, or by illegal wiretapping.
2. because a Foreign Agent need provide agency service for thousands of mobile nodes,, not only involve great expense, and need to safeguard so the hardware configuration requirement is very high.
3. if paroxysmal large-scale data transmission appears in many mobile nodes simultaneously, Foreign Agent becomes " bottleneck " of whole mobile IP system easily, and the disadvantage that this " bottleneck " causes has two:
1). system effectiveness is reduced.Foreign Agent provides tunnel encapsulation and decapsulation functions for all mobile nodes, if the mobile node number of working simultaneously is a lot, the efficient of mobile IP system will be very low.
2). easily form the single fault node.If Foreign Agent breaks down, all mobile nodes of its agency are cisco unity malfunctions all just.
4. be subjected to the restriction of objective condition, not all field network environment all is mounted with Foreign Agent.When if mobile node roams into the network environment of also not setting up Foreign Agent, owing to lack the service support that Foreign Agent provides, it just can't normally enjoy the function of mobile IP system.
Summary of the invention
The object of the present invention is to provide a kind of method that makes the mobile node realization from agent functionality, it is dangerous that it has solved in the background technology communication of mobile node in the extended network territory, the extending domain management entity easily becomes whole system " bottleneck ", hardware configuration requires high, or can't normally enjoy the technical problem of flexible IP network function.
Technical solution of the present invention is:
A kind of method that makes the mobile node realization from agent functionality, its special character is: this method may further comprise the steps
1). after mobile node roams into extended network territory environment, at first obtain legal co-located care-of address from the extended network territory;
2). mobile node starts the registration rules, to the authentication of ground field management entity, and with the own co-located care-of address announcement ground field management entity that is obtained;
3). mobile node obtains the ARP proxy to basic network territory main frame, from the access request of dynamic response upper-layer protocol stack, determines the communication path of main frame in own and the basic network territory by route;
4). mobile node is built the backstage service framework by service framework module 8, and the framework that encrypting and decrypting module 9 and tunnel module 10 are synthesized into to be built; Mobile node oneself carries out the tunnel encapsulation and the unsealing operation of data by tunnel module 10;
5). mobile node carries out the negotiation of dynamic session and the encryption and decryption of user's actual transmissions data by encrypting and decrypting module 9, and carries out the encryption and decryption processing of data before data send.
Above-mentioned co-located care-of address is after mobile node moves to extended network territory environment, and the legitimate ip address in the extended network territory that its maintenance proper network connects is distributed in the extended network territory; Describedly obtain legal co-located care-of address from the extended network territory and finish by PPP, DHCP or manual configuration.
Above-mentioned mobile node starts the registration rules, to the co-located care-of address that the ground field management entity authenticates and announcement is obtained be: this mobile node is after the extended network territory obtains co-located care-of address, start registration process by registration management module 1, carry out authentication to the ground field management entity, inform the co-located care-of address of ground field management entity mobile node simultaneously.
Above-mentioned mobile node oneself carries out the tunnel encapsulation and the unsealing operation of data by tunnel module 10, and the encryption and decryption processing of carrying out data before data send is: mobile node is encrypted the data of own actual transmissions with encryption key with the identity of authenticate key to ground field management entity confirmation oneself.
Above-mentioned tunnel module 10 is meant is used as new load to the packet header of IP packet and data, encapsulates new header again and carries out the method for transfer of data; Described tunnel encapsulation is to increase the new packet header layer of one deck again on the basis of original IP datagram; Described tunnel deblocking is the packet header that is increased when rejecting tunnel encapsulation.
Above-mentioned ground field management entity is meant the network equipment that a port links to each other with mobile node basic network territory link, for the mobile node that roaming takes place provides authentication and proxy ARP; Described extending domain management entity is meant the network equipment that a port links to each other with mobile node extended network territory link, it be mobile node the described mobile node of the default router in extended network territory be meant can with the position of entering the Internet from a link switchover to another link, and still keep the equipment of all ongoing communications with the identity in basic network territory.
The present invention has the following advantages:
1. the present invention can make mobile node in the environment of any extended network territory, by mobile node from agent functionality, roam go back to the basic network territory safely, normally enjoy all services that the flexible IP network technology provides.
2. encryption tunnel of the present invention is based upon between mobile node and the ground field management entity, safe and reliable, the possibility of both having avoided mobile node to be eavesdropped and attack at extended network territory environment, the roaming service that mobile node is enjoyed is not subjected to the constraint of extending domain management entity, realizes arbitrary roaming.
3. the present invention is designed to the encryption of the encapsulation in comparatively time-consuming tunnel, unsealing operation and data, decryption oprerations a backstage service of computer operating system, and be that service is provided with higher priority, both improved the treatment effeciency of data, overall system efficiency is improved, make global design simplification, clear layer again, be convenient to realize, and have stronger autgmentability.
4. the present invention makes full use of the current mechanism of operating system, can adapt to the mobile node that concrete configuration has nothing in common with each other.
5. the versatility of backstage service is good.For different application, the requirement of foreground registration management may be different, only need to revise or the corresponding module of expansion foreground registration management, and the backstage service then need not to change.
6. hardware configuration is simple, and cost is low, Maintenance free.
Description of drawings
The schematic diagram that accompanying drawing is formed for system module of the present invention.
Drawing reference numeral explanation: 1-registration management module, 2-key management module, 3-routing management module, 4-network segment conflict management module, 5-multisegment administration module, 6-abnormality processing module, 7-fault detect and recovery processing module, 8-service framework module, 9-encrypting and decrypting module, 10-tunnel module.
Embodiment
What the present invention adopted is flexible IP network technology system, promptly be meant by the ground field management entity, the extending domain management entity, the access-in management entity, mobile node constitutes, make mobile node in the local area network (LAN) can be in the Global Internet scope arbitrarily roaming, and guarantee that mobile node can realize interactive access with its ground field at any time.
Foreground registration management that the present invention is made of disparate modules and backstage are served the two large divisions and are formed.The module that constitutes the foreground registration management comprises that registration management module 1, key management module 2, routing management module 3, network segment conflict management module 4, multisegment administration module 5, abnormality processing module 6 and fault detect recover processing module 7, and the module that constitutes the backstage service comprises service framework module 8, encrypting and decrypting module 9 and tunnel module 10.
Referring to accompanying drawing, implementation method of the present invention is as follows:
1. after mobile node roams into extended network territory environment, at first obtain legal co-located care-of address from the extended network territory.
Mobile node obtains legal configuration from the extended network territory Care-of Address is meant that mobile node passes through key management module 2 and obtains authenticate key and the encryption key message relevant with own identity from the extended network territory.After co-located care-of address was meant that mobile node moves to extended network territory environment, the legitimate ip address in the extended network territory that its maintenance proper network connects was distributed in the extended network territory.Obtaining legal co-located care-of address from the extended network territory is to finish by PPP, DHCP or manual configuration.
2. mobile node starts the registration rules, to the authentication of ground field management entity, and with the own co-located care-of address announcement ground field management entity that is obtained.
Mobile node starts the registration rules, be meant that to the co-located care-of address that the ground field management entity authenticates and announcement is obtained this mobile node is after the extended network territory obtains co-located care-of address, start registration process by registration management module 1, carry out authentication to the ground field management entity, inform the co-located care-of address of ground field management entity mobile node simultaneously.
3. mobile node obtains the ARP proxy to basic network territory main frame, from the access request of dynamic response upper-layer protocol stack, determines communication path own and basic network territory main frame by route.
4. mobile node oneself carries out the tunnel encapsulation and the unsealing operation of data by tunnel module 10, and carries out the encryption and decryption processing of data before data send.
Mobile node oneself carries out the tunnel encapsulation and the unsealing operation of data by tunnel module 10, and the encryption and decryption processing of carrying out data before data send is meant: mobile node confirms the identity of oneself to the ground field management entity with authenticate key, with encryption key the data of own actual transmissions are encrypted, obtain, the maintenance key relevant information; After roaming finished, this mobile node oneself sent logout message to the ground field management entity, makes the ground field management entity stop to provide roaming service for this mobile node.
Tunnel module 10 is meant is used as new load to the packet header of IP packet and data, encapsulates new header again and carries out the method for transfer of data.Tunnel encapsulation is to increase the new packet header layer of one deck again on the basis of original IP datagram; Described tunnel deblocking is the packet header that is increased when rejecting tunnel encapsulation.
If network segment conflict or multisegment are arranged, can adjust the interface of the routing table of routing management module 3.
If the network planning in the network planning in extended network territory and basic network territory is overlapping, can adjust by network segment conflict management module 4.
When if the basic network territory comprises a plurality of network segment that can visit mutually, mobile node needs to adjust accordingly by the routing table of 5 pairs of mobile nodes of multisegment administration module after roaming into the extended network territory with the identity in its basic network territory; Not, then multisegment administration module 5 is not worked.
If the basic network territory comprises a plurality of network segments that can visit mutually, after mobile node roams into the extended network territory with the identity in its basic network territory, need to adjust accordingly by the routing table of 5 pairs of mobile nodes of multisegment administration module.
Occur that authentication registration, key obtain, when key updating, routing operations, encrypting and decrypting, tunnel operations etc. are unusual, adjust by abnormality processing module 6.
Entity break down or network environment temporary transient when congested, mobile node recovers the operation that processing module 7 comprises that the ground field management entity is restarted or nat port changes by fault detect, and carries out self-recovery.
Build the backstage service framework by service framework module 8, and the framework that encrypting and decrypting module 9 and tunnel module 10 are synthesized into to be built.Encrypting and decrypting module 9 is finished the negotiation of dynamic session and the encryption and decryption of user's actual transmissions data.Tunnel module 10 is carried out the encapsulation and the unsealing operation in establishment, deletion, maintenance and the tunnel in tunnel.Comprise that service starts, stops and the status poll function; The event loop control of whole system.
Ground field management entity of the present invention is meant the network equipment that a port links to each other with mobile node basic network territory link, for the mobile node that roaming takes place provides authentication and proxy ARP.The extending domain management entity is meant the network equipment that a port links to each other with mobile node extended network territory link, and it is the default router of mobile node in the extended network territory.Mobile node be meant can with the position of entering the Internet from a link switchover to another link, and still keep the equipment of all ongoing communications with the identity in basic network territory.
Foreground registration management module declaration
Registration management module 1: under extending domain management entity Care-of Address working method, the registration of mobile node and transfer of data by the extending domain management entity on behalf of transmitting, need from agency's broadcasting that the extending domain management entity sends, the be expanded IP address of territory management entity of mobile node.Under the factorage mode, the registration and the transfer of data of mobile node are finished by self, and it need not to send broadcast again.Mobile node initiates self registration process and carries out authentication to the ground field management entity after the extended network territory obtains co-located care-of address, informs the Care-of Address of ground field management entity mobile node simultaneously; After roaming finished, mobile node oneself sent logout message to the ground field management entity, so that the ground field management entity stops to provide roaming service for mobile node;
Key management module 2: under extending domain management entity Care-of Address working method, encryption tunnel is based upon between extending domain management entity and the ground field management entity, there is not safety measure between mobile node and the extending domain management entity, so mobile node does not need maintenance key information.In order to realize from agent functionality, relevant authenticate key and the encryption key message of the identity of mobile node therewith that mobile node need obtain from the network manager.Authenticate key is used for confirming to the ground field management entity identity of mobile node, and encryption key is used to encrypt the data of mobile node actual transmissions.The function of key management module 2 promptly is to finish obtaining and safeguarding of cipher key related information.
Routing management module 3: if the situation of network segment conflict and multisegment, need suitably to adjust routing table, this module provides the interface of unified adjustment routing table for network segment conflict management module 4 and multisegment module operation routing table;
Network segment conflict management module 4: under extending domain management entity Care-of Address working method, all data of mobile node are all transmitted by the extending domain management entity, and mobile node need not to handle network segment conflict.Under the factorage mode, when the network planning generation network segment in the network planning meeting in extended network territory and basic network territory is overlapping, this module is finished corresponding adjustment function, with resource or other mobile nodes that guarantees that mobile node can normally be visited the basic network territory.
Multisegment administration module 5: under extending domain management entity Care-of Address working method, all data of mobile node are all transmitted by the extending domain management entity, and mobile node need not to handle the multisegment situation.Mobile node is under the factorage mode, when if the basic network territory comprises a plurality of network segment that can visit mutually, after mobile node roams into the extended network territory with the identity in its basic network territory, if do not carry out special adjustment, it can't visit the main frame of other network segments except that the network segment of place, basic network territory.This module adjusts accordingly by the routing table to mobile node, makes mobile node can visit other network segments in basic network territory.
Abnormality processing module 6: this module is mainly finished and unusual relevant processing, as authentication registration is unusual, key obtains with update anomalies, routing operations is unusual, encrypting and decrypting is unusual, tunnel operations is unusual etc.; Routing operations comprises that unusually unusual the and multisegment adjustment of network segment conflict adjustment is unusual etc.
Fault detect recovers processing module 7: flexible IP network technology system relates to the co-ordination that a plurality of functional entitys are crossed over the internet, if some entities break down, perhaps network environment is temporarily congested, all can cause whole system can't continue to provide the related service of flexible IP network system.At this moment, mobile node should be able to tracing trouble, as the ground field management entity restart, nat port variation etc., and give the mobile subscriber, and attempt carrying out self-recovery Trouble Report.
Backstage service module explanation
Service framework module 8: with respect to extending domain management entity working method, it is from the distinctive Design Mode of factorage mode that the AM/BAM function is separated.Building of this module complete operation system backstage service framework, and the framework that encrypting and decrypting module 9 and tunnel module 10 are synthesized into to be built.Specifically, comprise that service starts, stops and the status poll function; The event loop control of whole system.
Encrypting and decrypting module 9: finish the negotiation of dynamic session and the encryption and decryption function of user's actual transmissions data.In general, relevant with mobile node transfer of data key has three: initial static key, dynamic encryption key and dynamic resolution decryption key.The initial static key is the privacy key shared with the ground field management entity that mobile node obtains from the network manager.Key agreement is responsible for consulting dynamic encryption key and dynamic resolution decryption key, if consult not success, with initial static secret key encryption data decryption.
Tunnel module 10: finish the function such as establishment, deletion, maintenance in tunnel and the encapsulation and the unsealing operation in tunnel.
Relevant technical terms explanation of the present invention:
The ground field management entity: the network equipment that has a port to link to each other with the basic network territory at mobile node place, for the mobile node that roaming takes place provides purview certification and identity agency.
The extending domain management entity: the network equipment on the extended network territory of mobile node, for mobile node is transmitted authentication message and packet.
The access-in management entity: having can be at the network equipment of the IP address of internet route, and it authenticates and transmit the trunking of mobile node packet to the mobile node identity between ground field management entity and extending domain management entity.
The basic network territory: mobile node is roamed the network at preceding place.
Extended network territory: the network that mobile node roaming back is arrived.
IP tunnel: be meant that an IP-based packet is encapsulated in the path of process when transmitting in the net load of another IP packet.
Tunneling technique: refer to comprise data encapsulation, the overall process in wrapping in is conciliate in transmission.
Mobile node: can with the position of entering the Internet from a link switchover to another link, and still keep all ongoing communications, and only use the equipment of original fixed ip address.
Claims (6)
1. one kind makes mobile node realize method from agent functionality, and it is characterized in that: this method may further comprise the steps
1). after mobile node roams into extended network territory environment, at first obtain legal co-located care-of address from the extended network territory;
2). mobile node starts the registration rules, to the authentication of ground field management entity, and with the own co-located care-of address announcement ground field management entity that is obtained;
3). mobile node obtains the ARP proxy to basic network territory main frame, from the access request of dynamic response upper-layer protocol stack, determines the communication path of main frame in own and the basic network territory by route;
4). mobile node is built the backstage service framework by service framework module (8), and the framework that encrypting and decrypting module (9) and tunnel module (10) are synthesized into to be built; Mobile node oneself carries out the tunnel encapsulation and the unsealing operation of data by tunnel module (10);
5). mobile node carries out the negotiation of dynamic session and the encryption and decryption of user's actual transmissions data by encrypting and decrypting module (9), and carries out the encryption and decryption processing of data before data send.
2. a kind of method that makes the mobile node realization from agent functionality according to claim 1, it is characterized in that: described co-located care-of address is after mobile node moves to extended network territory environment, and the legitimate ip address in the extended network territory that its maintenance proper network connects is distributed in the extended network territory; Describedly obtain legal co-located care-of address from the extended network territory and finish by PPP, DHCP or manual configuration.
3. a kind of method that makes the mobile node realization from agent functionality according to claim 1 and 2, it is characterized in that: described mobile node starts the registration rules, to the co-located care-of address that the ground field management entity authenticates and announcement is obtained be: this mobile node is after the extended network territory obtains co-located care-of address, start registration process by registration management module (1), carry out authentication to the ground field management entity, inform the co-located care-of address of ground field management entity mobile node simultaneously.
4. a kind of method that makes the mobile node realization from agent functionality according to claim 3, it is characterized in that: described mobile node oneself carries out the tunnel encapsulation and the unsealing operation of data by tunnel module (10), and the encryption and decryption processing of carrying out data before data send is: mobile node is encrypted the data of own actual transmissions with encryption key with the identity of authenticate key to ground field management entity confirmation oneself.
5. a kind of method that makes the mobile node realization from agent functionality according to claim 4, it is characterized in that: described tunnel module (10) is meant is used as new load to the packet header of IP packet and data, encapsulates new header again and carries out the method for transfer of data; Described tunnel encapsulation is to increase the new packet header layer of one deck again on the basis of original IP datagram; Described tunnel deblocking is the packet header that is increased when rejecting tunnel encapsulation.
6. a kind of method that makes the mobile node realization from agent functionality according to claim 5, it is characterized in that: described ground field management entity is meant the network equipment that a port links to each other with mobile node basic network territory link, for the mobile node that roaming takes place provides authentication and proxy ARP; Described mobile node be meant can with the position of entering the Internet from a link switchover to another link, and still keep the equipment of all ongoing communications with the identity in basic network territory.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2004100731535A CN100415034C (en) | 2004-09-30 | 2004-09-30 | Method for realizing self surrogate function for mobile node |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2004100731535A CN100415034C (en) | 2004-09-30 | 2004-09-30 | Method for realizing self surrogate function for mobile node |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1589060A CN1589060A (en) | 2005-03-02 |
| CN100415034C true CN100415034C (en) | 2008-08-27 |
Family
ID=34604734
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2004100731535A Expired - Fee Related CN100415034C (en) | 2004-09-30 | 2004-09-30 | Method for realizing self surrogate function for mobile node |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100415034C (en) |
Families Citing this family (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8060626B2 (en) * | 2008-09-22 | 2011-11-15 | Sony Computer Entertainment America Llc. | Method for host selection based on discovered NAT type |
| US8195807B2 (en) * | 2005-06-21 | 2012-06-05 | Motorola Mobility, Inc. | System and method for providing a distributed virtual mobility agent |
| CN100466599C (en) * | 2005-07-22 | 2009-03-04 | 上海贝尔阿尔卡特股份有限公司 | Safety access method for special local area net and device used for said method |
| BRPI0710388A2 (en) * | 2006-04-25 | 2011-08-09 | Interdigital Tech Corp | high-throughput channel operation on an interlaced wireless local area network |
| US8948395B2 (en) * | 2006-08-24 | 2015-02-03 | Qualcomm Incorporated | Systems and methods for key management for wireless communications systems |
| CN101378591B (en) | 2007-08-31 | 2010-10-27 | 华为技术有限公司 | Method, system and device for negotiating safety capability when terminal is moving |
| CN101399767B (en) * | 2007-09-29 | 2011-04-20 | 华为技术有限公司 | Method, system and apparatus for security capability negotiation during terminal moving |
| CN101715179B (en) * | 2009-11-06 | 2012-08-22 | 江苏科技大学 | Method for constructing safety system and safety mechanism for mobile IP |
| CN102868615B (en) * | 2012-09-17 | 2016-04-20 | 瑞斯康达科技发展股份有限公司 | The method and system of message transmission between a kind of local area network (LAN) |
| CN113489647B (en) | 2018-12-25 | 2022-09-16 | 华为技术有限公司 | Network connection path judgment method, equipment and communication system |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1353559A (en) * | 2001-11-13 | 2002-06-12 | 西安西电捷通无线网络通信有限公司 | Cross-IP internet roaming method for mobile terminal |
| CN1478232A (en) * | 2000-11-13 | 2004-02-25 | Ecutel公司 | System and method for secure network mobility |
| CN1498484A (en) * | 2001-03-13 | 2004-05-19 | �ձ�������ʽ���� | System for managing mobile node in mobile network |
-
2004
- 2004-09-30 CN CNB2004100731535A patent/CN100415034C/en not_active Expired - Fee Related
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1478232A (en) * | 2000-11-13 | 2004-02-25 | Ecutel公司 | System and method for secure network mobility |
| CN1498484A (en) * | 2001-03-13 | 2004-05-19 | �ձ�������ʽ���� | System for managing mobile node in mobile network |
| CN1353559A (en) * | 2001-11-13 | 2002-06-12 | 西安西电捷通无线网络通信有限公司 | Cross-IP internet roaming method for mobile terminal |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1589060A (en) | 2005-03-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8688041B2 (en) | Methods and apparatus for secure, portable, wireless and multi-hop data networking | |
| EP3432523B1 (en) | Method and system for connecting a terminal to a virtual private network | |
| DE60318244T2 (en) | 802.11 STANDARD USE OF A COMPRESSED REASSOCTION EXCHANGE FOR FAST OVERRIDE | |
| JP4715239B2 (en) | Wireless access device, wireless access method, and wireless network | |
| US8630275B2 (en) | Apparatus, method, and medium for self-organizing multi-hop wireless access networks | |
| CN100507895C (en) | Serving network selection and multihoming using IP access network | |
| US8982862B2 (en) | Mobile gateway for fixed mobile convergence of data service over an enterprise WLAN | |
| CN101218796B (en) | Method, system and apparatus for load balancing of wireless switches to support layer 3 roaming in wireless local area networks | |
| US20070105549A1 (en) | Mobile communication system using private network, relay node, and radio network controller | |
| JP3955025B2 (en) | Mobile radio terminal device, virtual private network relay device, and connection authentication server | |
| US20050223111A1 (en) | Secure, standards-based communications across a wide-area network | |
| US20130239181A1 (en) | Secure tunneling platform system and method | |
| CN101515859B (en) | Method for multicast transport in Internet protocol secure tunnel and device | |
| JP2004343448A (en) | Authentication system for wireless lan access | |
| US20090059837A1 (en) | System and method for management and administration of repeaters and antenna systems | |
| JP2004533749A (en) | Hybrid network | |
| CN100415034C (en) | Method for realizing self surrogate function for mobile node | |
| US20110002272A1 (en) | Communication apparatus and communication method | |
| US8982861B2 (en) | Mobile access controller for fixed mobile convergence of data service over an enterprise WLAN | |
| JP2004312257A (en) | Base station, repeating device and communication system | |
| CN111934925A (en) | Two-layer Ethernet circuit simulation service system based on IP/MPLS public network | |
| CN102857918A (en) | Vehicle-mounted communication system | |
| CN106797560A (en) | Method, server, base station and communication system for configuring security parameter | |
| JP2004266516A (en) | Network management server, communication terminal, edge switch device, program for communication, and network system | |
| Dedecker et al. | Network virtualization as an integrated solution for emergency communication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C56 | Change in the name or address of the patentee |
Owner name: XI'AN IWNCOMM CO., LTD. Free format text: FORMER NAME: XIDIAN JIETONG WIRELESS NETWORK COMMUNICATION CO LTD, XI'AN |
|
| CP01 | Change in the name or title of a patent holder |
Address after: 710075 4F.C building, No. 12, No. two, hi tech Road, Shaanxi, Xi'an Patentee after: CHINA IWNCOMM Co.,Ltd. Address before: 710075 4F.C building, No. 12, No. two, hi tech Road, Shaanxi, Xi'an Patentee before: CHINA IWNCOMM Co.,Ltd. |
|
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20080827 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |