WO2004055993A2 - End-to-end location privacy in telecommunications networks - Google Patents
End-to-end location privacy in telecommunications networks Download PDFInfo
- Publication number
- WO2004055993A2 WO2004055993A2 PCT/IB2003/005856 IB0305856W WO2004055993A2 WO 2004055993 A2 WO2004055993 A2 WO 2004055993A2 IB 0305856 W IB0305856 W IB 0305856W WO 2004055993 A2 WO2004055993 A2 WO 2004055993A2
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- address
- host
- message
- home
- receiving
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Ceased
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/2803—Home automation networks
- H04L12/283—Processing of data at an internetworking point of a home automation network
- H04L12/2834—Switching of information between an external network and a home network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/02—Topology update or discovery
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/02—Processing of mobility data, e.g. registration information at HLR [Home Location Register] or VLR [Visitor Location Register]; Transfer of mobility data, e.g. between HLR, VLR or external networks
- H04W8/08—Mobility data transfer
- H04W8/082—Mobility data transfer for traffic bypassing of mobility servers, e.g. location registers, home PLMNs or home agents
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/2803—Home automation networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/2803—Home automation networks
- H04L2012/284—Home automation networks characterised by the type of medium used
- H04L2012/2841—Wireless
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0407—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/12—Messaging; Mailboxes; Announcements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W40/00—Communication routing or communication path finding
- H04W40/34—Modification of an existing route
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/02—Processing of mobility data, e.g. registration information at HLR [Home Location Register] or VLR [Visitor Location Register]; Transfer of mobility data, e.g. between HLR, VLR or external networks
- H04W8/08—Mobility data transfer
- H04W8/16—Mobility data transfer selectively restricting mobility data tracking
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/26—Network addressing or numbering for mobility support
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W80/00—Wireless network protocols or protocol adaptations to wireless operation
- H04W80/04—Network layer protocols, e.g. mobile IP [Internet Protocol]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W88/00—Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
- H04W88/005—Data network PoA devices
Definitions
- the invention relates generally to telecommunications networks. More specifically, the invention provides end-to-end location privacy for hosts commumcating via an Internet Protocol (IP) based telecon--munications network, such that a message interceptor cannot deteraiine the geographic location of the hosts. Further, commumcating hosts cannot determine the geographic location of each other.
- IP Internet Protocol
- IP Internet Protocol
- PSTN Public Switched Telephone Networks
- IP addresses are assigned to users or entities by a centralized source, e.g., in North America, South America, sub-Saharan Africa, and the Caribbean, the American Registry for Internet Numbers (ARTN) assigns IP addresses to various organizations such as enterprises, universities, Internet service providers, wireless network operators etc. Other geographic regions have corresponding assignment entities, for example Asia Pacific Network Information Center (APNIC) for the Asia. Pacific region.
- ARTN American Registry for Internet Numbers
- APNIC Asia Pacific Network Information Center
- a sender/receiver uses an IP address from a pool of IP addresses assigned to the organization from where the user communicates, thus unknowingly revealing the user's geographic location.
- Publicly available tools such as ARIN's WHOIS database (publicly searchable by IP address), trace- route, Ethereal, VisualRoute and similar software aid in resolving an IP address to a specific entity, and further to a specific location.
- These publicly and commercially available software packages can pinpoint the location of a user with reasonable accuracy using only the source and/or destination IP address of IP packets.
- the sender/receiver using an IP address in this range is most likely in Cambridge, Massachusetts. Similar searches, as well as known techniques for monitoring IP address patterns, allow a malicious user to determine a user's general geographic location, which the user may want to keep private.
- Location privacy also includes the ability to mask one's current geographic location from even an authorized recipient of a message. That is, the sender of an IP message might not want the intended recipient of the message to be able to determine the sender's general geographic location, except as desired by the sender.
- IETF Internet Engineering Task Force's
- RFC Request For Comments
- the source address in a packet from a sender host, referred to herein as a mobile node (MN), as received at the correspondent mobile node (CN) is always the MN's home address (i.e., address on the home network).
- MN mobile node
- the MN's packets with source and destination addresses as the MN's Home Address (HoAl) and the CN's home address (HoA2) are encapsulated within a packet sent to the MN's Home Agent (HA1).
- the Home Agent then strips the external headers and forwards the internal packet to the CN's home network.
- the correspondent node's home agent HA2 then encapsulates the packet in yet another packet and directs this second encapsulated packet to the CN's current care of address (CoA2), e.g., if the CN is also roaming in yet another network.
- CoA2 the CN's current care of address
- this scheme provides location privacy to the nodes involved (they see packets as coming from each others' Ho As), the routing performance suffers as the distance of the two communicating Home Agents increases, e.g., in terms of physical distance or IP hops, from either each other or from the MN's and CN's current locations.
- the process might not be economically and/or technologically scalable as the load on each Home Agent may quickly deteriorate the performance of the Home Agent.
- NATs Network Address Translators
- VPN virtual private network
- IP address that appears in the packets when they enter the public Internet is that of the NAT.
- the packets are routed between the NAT and the communicating node over a VPN before they enter the public Internet, and the VPN may span a large geographical area.
- a communicating node using a private address can be in one region, while the NAT can be in another region.
- this approach fails if the VPN does not span a large geographic area. This is the case for smaller or regional organizations.
- packets are usually routed from the communicating node to the nearest NAT, and thus the location information can still be revealed.
- This solution also creates circuitous routes from a mobile node to its correspondent node because all traffic is routed through one or more NATs to translate private addresses to public addresses. Also, the requirement that all traffic must flow through NAT causes overload on NATs and makes them unscalable. This also creates potential single point of failure in the network.
- MAP Hierarchical Mobile IPv6
- HMIPv ⁇ Hierarchical Mobile IPv6
- MAPs Mobile Anchor Points
- a MAP acts as a representative for a collection of access routers.
- the node's care of address is anchored at a MAP and does not disclose as to which access router or access subnet the node is actually attached to.
- a MAP represents access routers that are in the vicinity of it.
- the location of a MAP can be determined from the IP address the node is using for communication.
- this solution provides better location privacy than traditional Mobile IPv6, it still does not solve the problem completely.
- this solution suffers from drawbacks such as overload on MAPs and potential single point of network failure at a MAP, due to its centralized approach.
- IP networks or IP backbones
- IP backbones will carry a large number of communication sessions between mobile users, e.g., two users co-mnunicating via mobile terminals over a wireless telecommunications network.
- location privacy mechanism to mask a user's general geographic location from others who seek to exploit a location-indicative address associated with the user, where the location privacy mechanism is not limited by the above-mentioned drawbacks and limitations.
- the present invention provides flexible and efficient location privacy to communicating nodes in a telecommunications network by combining aspects of route optimization and reverse tunneling.
- a first aspect of the invention uses encapsulation caches to provide route optimization while mamtaining location privacy by storing the encapsulation caches, containing care-of- address to home-address binding information at access routers other than the respective home agents of communicating nodes. Subsequent routing is then based on the binding information stored in the encapsulation caches instead of routing all messages through the home agents.
- a second aspect of the invention provides methods and systems for routing by an access router of a sending node while mamtaining location privacy.
- the access router receives a first packet having a destination address indicating the address of the home agent for the sending node, and sends the first packet to the home agent of the sending node as in reverse tunneling. However, in response, the access router receives home address to care-of address binding information corresponding to the receiving host.
- the access router routes this packet based on the received binding information instead of sending the packet to the home network of the sending host
- Another aspect of the invention provides methods and systems for routing packets to a receiving host by an access router corresponding to the receiving host.
- the access router receives a packet having a source address of a sending host or the access router of the sending host and a destination address corresponding to the receiving host or the access router of the receiving host, the access router performs certain header stripping and address swapping functions based on the received information (now stored in an encapsulation cache), and sends the packet to the receiving host.
- Figure 1 illustrates a network architecture that may be used with one or more illustrative embodiments of the invention.
- Figure 2 illustrates a method of providing end-to-end privacy according to an illustrative embodiment of the invention.
- Figure 3 illustrates data stored in an encapsulation cache according to an illustrative embodiment of the invention.
- Figure 4 illustrates the architecture of Figure 1 overlaid with message indicators described by Figure 2.
- Route optimization refers to routing of IP packets between a sender and a receiver over a "direct path" between their current associated access routers, rather than inefficient routing (often called “dog-legged routing” or “triangle routing") through their respective home agents as in known reverse tunneling methodologies. Nonetheless, using the present invention, regardless of a user's actual location, packets can appear as if they originated from the respective user's home address or location, so that the recipient can never be certain of the user's actual location.
- encapsulation cache can be maintained at each node's corresponding access router (AR) to enable route optimization while not compromising user's location privacy.
- Route optimization provides a significant performance improvement over standard reverse tunneling methodologies.
- FIG. 1 illustrates a network architecture that may be used in accordance with one or more illustrative embodiments of the invention.
- a telecommunications network 101 has a corresponding router 103.
- the network 101 is the home network of the mobile terminal 105.
- the router 103 is the home agent (HA) for the mobile terminal 105.
- the home agent generally, is a router with special functionality, acting as a representative for a MN when the MN moves away from its home network .
- the HA intercepts any packets arriving for the MN at the MN's home address and re-routes them to the MN's current location.
- a mobile terminal 105 whose home network is telecommunications network 101 may be roaming on a second telecommunications network 107.
- Network 107 has a corresponding access router (AR) 109.
- the AR 109 is a router where mobile terminal 105 currently connects to the network 107 on IP level.
- Network 101 and network 107 may each be connected to a wide area network (WAN) 111, such as the Internet, through which they can communicate with each other and other networks.
- WAN wide area network
- a third telecommunications network 113 has corresponding HA 115 for a mobile terminal 117
- fourth telecommunications network 119 has corresponding access router 121 for the mobile terminal 117.
- the mobile terminal 117 whose home network is telecommunications network 113 may be roaming on network 119.
- Network 113 and network 119 may each be connected to wide area network (WAN) 111, through which they can communicate with each other and other networks.
- WAN wide area network
- network 113 and network 119 may also have a direct connection, as is illustrated in Figure 1.
- Each telecommunications network may be any type of telecommunications network, e.g., a wireless telecommunications network (GPRS, UMTS, cdma2000, lxRTT, lxEvDV etc.) including one or more base stations (not shown) through which wireless mobile terminals communicate with the wireless telecommunications network, or a wireless local area network (IEEE 802.11, IEEE 802.15, HiperLAN etc.), or a wired local area network such as Ethernet, or a mesh network covering wide area such as an Internet service provider network.
- GPRS wireless telecommunications network
- UMTS wireless telecommunications network
- cdma2000 e.g., UMTS, cdma2000, lxRTT, lxEvDV etc.
- base stations not shown
- IEEE 802.11, IEEE 802.15, HiperLAN etc. a wireless local area network
- wired local area network such as Ethernet
- a mesh network covering wide area such as an Internet service provider network
- Each mobile te ⁇ ninal may be any mobile wireless device, e.g., device 105 or device 117, capable of coinmunicating with one or more of networks 101, 107, 113, and 119.
- mobile te ⁇ ninals may include mobile telephones, wireless personal digital assistants (PDAs), laptop or notebook computers, tablet-based computers, vehicles with integrated wireless communications capabilities, and the like.
- PDAs wireless personal digital assistants
- mobile teiminals 105 and 117 desire to communicate with each other while roaming on networks 107 and 119, respectively, while mamtaining location privacy.
- mobile terminal 105 referred to as the originating mobile node (MM)
- MM mobile terminal
- CN correspondent mobile node
- each mobile terminal may have two addresses with which it is associated: a home address on the mobile terminal's respective home network, and a care-of address on the mobile terminal's respective roaming network. These addresses are usually taken from pools of addresses assigned to respective networks by the respective address assignment authorities.
- the home address of MN mobile terminal 105 is referred to herein as Home Address 1 (HoAl); the current care-of address of MN mobile te ⁇ ninal 105 is referred to herein as Care-of- Address 1 (CoAl); the home address of CN mobile te ⁇ riinal 117 is referred to herein as Home Address 2 (HoA2); and the current care-of address of CN mobile terminal 117 is referred to herein as Care-of- Address 2 (CoA2).
- HoAl Home Address 1
- CoAl the home address of CN mobile te ⁇ riinal 117
- CoA2 Care-of- Address 2
- the address of the router 103 on the home network 101 of mobile terminal 105 is referred to herein as Home Agent Address 1 (HAA1)
- the address of router 115 on the home network 113 of mobile te ⁇ ninal 117 is referred to herein as Home Agent Address 2 (HAA2)
- the address of AR 109 in network 107 is referred to as Access Router Address 1 (ARA1)
- that of the AR 121 in network 119 is referred to as Access Router Address 2 (ARA2).
- Each address is an IP address.
- the HA router 103 on the home network 101 of mobile te ⁇ ninal 105 is refe ⁇ ed to herein as Home Agent 1 (HA1).
- the HA router 115 on the home network 113 of mobile terminal 117 is referred to herein as Home Agent 2 (HA2).
- a trust relationship refers to each network that is a party to the trust relationship being able to trust the data sent from or control mformation provided by the other party to the trust relationship.
- Such a trust relationship also allows a trusted node (e.g., AR 109) to adopt some functionality on behalf of another trusted node (e.g., HA1).
- This trust relationship allows the home agents to transfer some of the home agent functionality pertaining to the mobile nodes 105 and 117, to the access routers for a particular period of time.
- Such a trust relationship could be established either through Service Level Agreements (SLAs), roaniing agreements or through third party authentication, AAA (Authentication, Authorization and Accounting) brokers, using certificates issued by a certificate authority, or any other mechanism known in the art.
- SLAs Service Level Agreements
- AAA Authentication, Authorization and Accounting
- the form PKT(X:Y) is used herein to indicate a packet with an address header indicating X as the source address and Y as the destination address.
- the form PKT(X:Y,A:B) indicates that a packet with an address header indicating A as the source address and B as the destination address is encapsulated within another packet with address header indicating X as the source address and Y as the destination address.
- MN 105 sends a packet PKT(CoAl:HAAl,HoAl:HoA2), e.g., a voice packet, application data, etc., to AR 109 for delivery ultimately to CN 117, using known reverse tunneling techniques.
- PKT CoAl:HAAl,HoAl:HoA2
- AR 109 for delivery ultimately to CN 117, using known reverse tunneling techniques.
- This packet is routed by the network to HA1 (i.e., router 103).
- HA1 strips the packet of the outer header and sends data packet PKT(HoAl:HoA2) into the network.
- the HA1 sends a control message in another PKT(HAAl:HoA2) requesting an indication if CN 117 is away from the home network, and if so, requesting the CoA2 information. If CN 117 is away from the home network (as shown in Figure 1), both of these packets are intercepted by HA2 115.
- the data packet PKT(HoAl:HoA2) is forwarded by HA2 115 to the CN 117 as PKT(HAA2:CoA2,HoAl:HoA2), in step 205.
- the HA2 sends message to HA1 in PKT(HAA2:HAA1), informing the latter the address of HA2, i.e., HAA2 as well as CoA2/HoA2 binding information for CN 117.
- HA2 also includes the address of AR 121, i.e., ARA2 in this message to HA1.
- HA1 then sends to HA2 the CoAl/HoAl binding information for MN 105 and address of AR 109, i.e. ARAL
- HA1 and HA2 forward the CoA/HoA binding information for both the mobile te ⁇ ninal 117, i.e., CN, and the mobile terminal 105, i.e., MN, to each of the access router 109 and access router 121.
- HA1 may also forward the address ARA2 to AR 109 and HA2 may forward the address ARAl to AR 121.
- each access router stores the binding and remote access router address information in a special cache, termed an encapsulation cache, to which it can refer for delivery of subsequent messages in step 217.
- a preferred embodiment for sending messages in steps 207, 209, 211 and 213 is the use of ICMP (Internet Control Message Protocol) messages with well-defined and standardized message types. It is also preferable that these messages are authenticated and/or encrypted.
- the authentication prevents against unauthorized nodes spoofing the messages and the encryption prevents against unauthorized nodes snooping on these messages during transit.
- the authentication and/or encryption may be based on the security associations (SAs) derived from the trust relationships between the various networks.
- SAs security associations
- the messages in steps 207, 209 and 211 can be protected using the SA between the home network 101 of MN 105 and the home network 113 of CN 117. This SA may be created from or based on the existing trust relationship between networks 101 and 113.
- message from HAl to AR 109 in step 213 can be protected using the SA between the home network 101 of MN 105 and the foreign network 107, and the message from HA2 to AR 121 can be protected using SA between the home network 113 of MN 117 and the foreign network 119.
- step 205 might not be required.
- the packet sent in step 207 must be intercepted by a router in network 113 that ultimately forwards the packet to the CN.
- the said router can identify such packets using an ICMP type value in their header.
- this said router sends a message to HAl informing the HAl about the CoA2 (which is the same as HoA2) of CN as well as providing the HAl with its own address.
- HAl forwards CoAl/HoAl and ARAl information to this said router.
- This is the router which will also maintain the encapsulation cache on the CN side.
- the said router rather than communicating directly with HAl, takes assistance of some network entity in network 113 for the above message transaction. This would have the advantage of maintaining inter-network SA information only in some special network entities.
- the encapsulation cache 301 includes entries (illustrated by rows in Figure 3) that may have a Care-of-Address 303 and its corresponding Home- Address 305.
- the encapsulation cache may optionally also include the address of the Home Agent 309 corresponding to the Home- Address 305 and the address 311 of the access router (AR) corresponding to the Care-of-Address 303.
- the entire encapsulation cache, or alternatively each CoA/HoA binding in the encapsulation cache, may have co ⁇ esponding expiration information 307.
- the association information 313 about the commumcating end points may also be optionally included.
- the expiration info ⁇ nation can be derived from (or be the same as) the lifetime of the associated binding caches at the respective HAs of MN 105 and CN 117. After the expiration time has elapsed, the encapsulation cache entry for the associated node is deleted or otherwise made unusable, and steps 201-211 may be repeated as applicable to recreate the binding. Association info ⁇ nation 313 may be used to store data about the MN/CN relationship.
- an access router handles privacy as described herein for multiple simultaneous communication sessions (e.g., MN1 to CN1, MN2 to CN2, MN3 to CN3, etc.)
- the access router can maintain, using the encapsulation cache, a record of which MN is communicating with which CN (i.e., the access router can determine that MN1 is communicating with CN1, not CN2).
- association information 313 may store one or more of the home address, care-of address, home agent address, and access router address corresponding to an other node with which the node handled by the access router is communicating, or vice versa.
- the expiration time may be expressed in any form that allows a router to positively determine when the binding expires.
- the expiration time may be expressed in milliseconds (Row 1), a date on which the binding information expires (Row 2), a number of messages after which the binding expires (Row 3), or after a specified number of days from the binding's creation (Row 4).
- the encapsulation cache may include another field in which the date of creation of each binding is stored (not shown).
- the encapsulation cache at AR 109 contains Co A/Ho A binding for mobile te ⁇ ninal 117 and its associated AR router 121. It also contains CoA/HoA binding information for mobile terminal 105.
- the encapsulation cache at AR 121 contains CoA/HoA bindings for mobile terminals 105 and its associated AR router 109, and also for mobile terminal 117.
- step 217 the MN 105 desiring to send a subsequent packet PKT(CoAl:HAAl,HoAl:HoA2) to CN 117 using reverse tunneling, forwards the packet to AR 109 for delivery.
- AR 109 deteimines that HoA2 co ⁇ esponds to CoA2.
- AR 109 converts this packet into one of the following alternatives: (a) PKT(CoAl:CoA2,HoAl:HoA2), (b) PKT(ARAl:CoA2,HoAl:HoA2), (c) PKT(CoAl:ARA2,HoAl:HoA2) or (d) PKT (ARAl:ARA2,HoAl:HoA2), and sends it into the network for subsequent delivery to CN 117.
- This packet follows a direct path (i.e., route optimized path) from AR 109 to AR 121.
- AR 121 upon receiving the packet, performs the following: For cases (a) and (b) it checks its encapsulation cache, and concludes that the destination address CoA2 has a cache entry. The AR 121 then strips the outer header and sends PKT(HoAl:HoA2) to the CN 117. For cases (c) and (d), since the outer packet header is addressed to AR 121, the AR 121 examines the packet. The AR 121 strips the outer header and finds out from the encapsulation cache that HoA2 in the inner header is associated with CoA2. The AR 121 then sends PKT(HoAl:HoA2) to the CN 117.
- AR 121 may also perform an additional check on the packet source addresses to confirm the session identity before performing the actions described above. Subsequent packets may be sent in similar fashion, bypassing the need to route every packet through HAl and/or HA2 as long as the encapsulation cache or the applicable entry in the encapsulation cache has not expired.
- AR 121 may convert the arriving packet to PKT(AAR2:CoA2,HoAl:HoA2) orPKT(HAA2:CoA2,HoAl:HoA2), and send it to CN 117.
- step 217 the CN 117 desiring to send a subsequent packet PKT (CoA2:HAA2,HoA2:HoAl) to MN 105, forwards the packet to AR 121 for delivery.
- AR 121 based on the presence of an unexpired binding in the encapsulation cache, deteirr-ines that HoAl co ⁇ esponds to CoAl.
- AR 121 converts the received packet into PKT(CoA2:CoAl,HoA2:HoAl) and sends it into the network for subsequent delivery to MN 105.
- both MN 105 and CN 117 are only able to dete ⁇ nine the home address of the other node. That is, CN 117 cannot dete ⁇ nine that messages from MN 105 originated anywhere other than the home network address of MN mobile terminal 105. Likewise, MN 105 cannot determine that messages from CN 117 originated anywhere other than the home network address of CN mobile te ⁇ ninal 117.
- each mobile terminal delivers packets to the other mobile terminal knowing only the other mobile terminal's home address, and not an actual address when the other mobile terminal is roaming on another network.
- PKT(CoAl:ARA2,HoAl:CoA2) or PKT(ARAl:ARA2,HoAl:CoA2) and sends it into the network.
- This packet reaches AR 121 over route-optimized path, and AR 121 forwards PKT(HoAl:CoA2) or PKT(ARA2:CoA2,HoAl:CoA2) or PKT(HAA2:CoA2,HoAl:CoA2) to CN 117.
- CN 117 sends PKT(CoA2:HoAl)
- AR 121 converts this packet to PKT(CoA2:CoAl,CoA2:HoAl) or PKT(ARA2:CoAl,CoA2:HoAl) or PKT(ARA2:ARAl,CoA2:HoAl) or PKT(CoA2:ARAl,CoA2:HoAl).
- AR 109 forwards the packet PKT(CoA2:HoAl) or PKT(ARAl:CoAl,CoA2:HoAl) or PKT(HAAl:CoAl,CoA2:HoAl) to MN 105.
- MN 105 and CN 117 may communicate using simple IP.
- MN 105 acquires a care-of IP address (CoAl) from a pool of IP addresses assigned to network 107, using procedures such as DHCP (Dynamic Host Configuration Protocol) or GPRS and UMTS PDP (Packet Data Protocol) or using PPP (Point to Point Protocol).
- CN 117 can acquire a care-of IP address (CoA2) from a pool of addresses assigned to network 119.
- MN 105 and CN 117 need not have home agents in their respective home networks. However, they should have home IP addresses (HoAs) assigned from pools of addresses in their respective home networks.
- HoAs home IP addresses assigned from pools of addresses in their respective home networks.
- the establishment of one or more encapsulation caches in this case can be done via other signaling schemes.
- MN 105 sends a PKT(HoAl:HoA2) to AR 109 over the access link.
- the AR 109 checks the encapsulation cache and converts this packet to one of the following alternatives: (a) PKT(CoAl:CoA2,HoAl:HoA2) or (b) PKT(ARAl:CoA2,HoAl:HoA2) or (c) PKT(CoAl:ARA2,HoAl:HoA2) or (d) PKT(ARAl:ARA2,HoAl:HoA2), and sends it into the network.
- This packet gets routed toward network 119 over route-optimized path.
- AR 121 When AR 121 receives this packet, it converts the packet into PKT(HoAl:HoA2) or PKT(ARA2:CoA2,HoAl:HoA2) or PKT(HAA2:CoA2,HoAl:HoA2) for delivery to CN 117.
- the MN may be made aware that its privacy will be protected by AR 109 and that MN does not need to attempt to use reverse tunneling.
- AR 109 replaces HoAl with CoAl and HoA2 with CoA2, and send the packet PKT(CoAl:CoA2) into the network.
- the AR 121 upon receiving this packet, replaces CoAl with HoAl and CoA2 with HoA2 and delivers the packet to the CN.
- CoA/HoA binding information can be derived from packets as they propagate on path between the access routers.
- a route-optimized packet from MN 105 to CN 117 travels as PKT(CoAl:CoA2,HoAl:HoA2) between AR 109 and AR 121. If some untrusted network entity on this path snoops on this packet, it can derive CoA/HoA binding information for MN and CN form the headers of this packet, and hence, their current geographic location will be revealed to this entity, which in turn may use it for undesirable purposes.
- AR 109 replaces HoAl and HoA2 in the inner header with other values such as random numbers, all zero bits, all one bits, constant number etc.
- the AR 121 then replaces those values with HoAl and HoA2 before forwarding the packet to CN.
- the numbers) used to replace the co ⁇ esponding HoA field value(s) needs to be prenegotiated. Prenegotiation can happen during the procedure for creation of the encapsulation cache, depicted in Figure 2. For this, the access router proposes a number that is locally unique for use by the remote access router for replacing a specific HoA filed value.
- the AR 109 replaces HoAl with the prenegotiated number x and HoA2 with prenegotiated number y, and sends packet PKT(ARA1 :ARA2,x:y) into the network.
- the AR 121 upon receiving this packet, consults its encapsulation cache to dete ⁇ nined HoAs that numbers x and y co ⁇ espond to and replaces x and y with respective HoAs. Note that numbers x and y should be at least locally unique at AR 121.
- the encapsulation cache may be-established at the ARs from which the MN and CN get their Internet or network connectivity, this may not always be possible. For example, a trust relationship might only exist between the home agent router 103 and a router upstream in the path from router 103 to AR 109. In this case, the encapsulation cache may be stored in a location upstream in the network towards the home network of the mobile terminal where a trust relationship can be found. In the worst-case scenario when no trust relationship can be found in the path between the AR and the HA, the scheme falls back to traditional reverse tunneling.
- both AR 109 and AR 121 are not in the MN and CN's immediate sub-nets, respectively, then additional signaling may be required to inform the routers storing the encapsulation caches about each other's identity. For example, prefixes may be used to try to find another network with a close prefix. Network tools such as or similar to trace route can be used to find out the route the packet takes from the HA to the AR, and then determine whether a trusted AR is found.
- Another embodiment for the location of the encapsulation caches is the HA or other routers in the home network of a mobile node.
- the encapsulation caches will be located, using te ⁇ ninology from Figure 1, at router 109 and HA 115 (or other routers in the home network 113 of CN 117).
- This embodiment is also applicable for use in which a mobile node is accessing a "static" Internet node, a web-server, for example. In this case, only the MN (node 105) needs privacy and the CN (web server) does not.
- location privacy is only provided upon request of the user or owner of the mobile terminal. That is, if a user does not request, and optionally pay, for location privacy, messages sent from that user's mobile te ⁇ ninal may appear to originate from the care-of-address (CoA) of the mobile terminal while roaming instead of the home address (HoA).
- CoA care-of-address
- HoA home address
- the mobile node may use a security association (SA) that the MN has with its home agent (e.g., HAl) to send packets to the home agent.
- SA security association
- HAl may send an appropriate encryption decryption key (e.g., public key, session key, etc.) that can be used to decrypt MN's packets at the AR serving the MN.
- the key information may be stored as part of the MN's information in the encapsulation cache (not shown) in order to help the AR decrypt the packets sent from the MN and apply the optimized routing schemes described above.
- communicating nodes can maintain location privacy while roaming on other telecommunications networks.
- the method can be repeated to establish new encapsulation caches and update existing encapsulation caches on the access routers, as applicable.
- Another embodiment is using existing techniques such as context transfer to transfer the encapsulation cache to the new AR as part of the node's context.
- the system may revert to using standard reverse tunneling techniques.
- One or more aspects of the invention may be embodied in computer-executable instructions, such as in one or more program modules, executed by one or more computers, mobile terminals, access routers, or other devices.
- program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types when executed by a processor in a computer or other device.
- the computer executable instructions may be stored on a computer readable medium such as a hard disk, optical disk, removable storage media, solid state memory, RAM, etc.
- the functionality of the program modules may be combined or distributed as desired in various embodiments.
- the functionality may be embodied in whole or in part in firmware or hardware equivalents such as integrated circuits, field programmable gate arrays (FPGA), and the like.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Automation & Control Theory (AREA)
- Computing Systems (AREA)
- Databases & Information Systems (AREA)
- Mobile Radio Communication Systems (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Description
Claims
Priority Applications (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| AU2003286322A AU2003286322A1 (en) | 2002-12-17 | 2003-12-09 | End-to-end location privacy in telecommunications networks |
| EP03777065A EP1573929B1 (en) | 2002-12-17 | 2003-12-09 | End-to-end location privacy in telecommunications networks |
| DE60320846T DE60320846D1 (en) | 2002-12-17 | 2003-12-09 | END-TO-END LOCATION PRIVACY IN TELECOMMUNICATIONS NETWORKS |
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US10/320,637 US6999437B2 (en) | 2002-12-17 | 2002-12-17 | End-to-end location privacy in telecommunications networks |
| US10/320,637 | 2002-12-17 |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| WO2004055993A2 true WO2004055993A2 (en) | 2004-07-01 |
| WO2004055993A3 WO2004055993A3 (en) | 2005-06-23 |
Family
ID=32506911
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| PCT/IB2003/005856 Ceased WO2004055993A2 (en) | 2002-12-17 | 2003-12-09 | End-to-end location privacy in telecommunications networks |
Country Status (5)
| Country | Link |
|---|---|
| US (1) | US6999437B2 (en) |
| EP (1) | EP1573929B1 (en) |
| AU (1) | AU2003286322A1 (en) |
| DE (1) | DE60320846D1 (en) |
| WO (1) | WO2004055993A2 (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2007003240A1 (en) | 2005-06-30 | 2007-01-11 | Matsushita Electric Industrial Co., Ltd. | Optimized reverse tunnelling for packet switched mobile communication systems |
| WO2007079628A1 (en) * | 2006-01-09 | 2007-07-19 | Huawei Technologies Co., Ltd. | A COMMUNICATION METHOD FOR MIPv6 MOBILE NODES |
| WO2007095054A3 (en) * | 2006-02-14 | 2007-11-22 | Lucent Technologies Inc | Route optimization at a packet data switch node |
| EP2262293A2 (en) | 2005-10-21 | 2010-12-15 | Panasonic Corporation | Dynamic discovery of home agent with specific binding |
| US8230076B2 (en) | 2006-05-29 | 2012-07-24 | Panasonic Corporation | Method and apparatus for simultaneous location privacy and route optimization for communication sessions |
| US8259649B2 (en) | 2006-02-28 | 2012-09-04 | Panasonic Corporation | Route optimization with location privacy support |
Families Citing this family (59)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| ES2283428T3 (en) * | 2001-08-16 | 2007-11-01 | Nokia Corporation | DEVICE, METHOD AND SYSTEM FOR IMPROVED ROADING IN MOBILE IP NETWORKS. |
| FI114190B (en) * | 2002-01-11 | 2004-08-31 | Radionet Oy | Procedure for supporting mobility in a wireless network |
| AU2003217301A1 (en) * | 2002-02-04 | 2003-09-02 | Flarion Technologies, Inc. | A method for extending mobile ip and aaa to enable integrated support for local access and roaming access connectivity |
| US7564824B2 (en) * | 2002-02-04 | 2009-07-21 | Qualcomm Incorporated | Methods and apparatus for aggregating MIP and AAA messages |
| US8649352B2 (en) | 2002-02-04 | 2014-02-11 | Qualcomm Incorporated | Packet forwarding methods for use in handoffs |
| US20030193952A1 (en) * | 2002-02-04 | 2003-10-16 | O'neill Alan | Mobile node handoff methods and apparatus |
| US20040022217A1 (en) * | 2002-04-29 | 2004-02-05 | Sari Korpela | Method and apparatus for soft handover area detection using inter-band measurements |
| KR100724908B1 (en) * | 2002-08-06 | 2007-06-04 | 삼성전자주식회사 | Method and system for providing mobility of mobile node using local anchor point in next generation internet network |
| US20060182083A1 (en) * | 2002-10-17 | 2006-08-17 | Junya Nakata | Secured virtual private network with mobile nodes |
| US7475241B2 (en) * | 2002-11-22 | 2009-01-06 | Cisco Technology, Inc. | Methods and apparatus for dynamic session key generation and rekeying in mobile IP |
| US7870389B1 (en) | 2002-12-24 | 2011-01-11 | Cisco Technology, Inc. | Methods and apparatus for authenticating mobility entities using kerberos |
| GB2399476B (en) * | 2003-03-14 | 2006-08-16 | Matsushita Electric Industrial Co Ltd | Fast handover in mobile communications networks |
| US7535878B2 (en) * | 2003-03-28 | 2009-05-19 | Intel Corporation | Method, apparatus and system for ensuring reliable access to a roaming mobile node |
| US7328256B2 (en) * | 2003-06-02 | 2008-02-05 | Apple Inc. | Method and apparatus for distributing computer files across a network to multiple clients |
| JP3880549B2 (en) * | 2003-06-16 | 2007-02-14 | 松下電器産業株式会社 | Mobile terminal device and handoff method thereof |
| US7580396B2 (en) | 2003-11-05 | 2009-08-25 | Intel Corporation | Method, apparatus and system for obtaining and retaining a mobile node home address |
| US8839417B1 (en) | 2003-11-17 | 2014-09-16 | Mcafee, Inc. | Device, system and method for defending a computer network |
| US20050111454A1 (en) * | 2003-11-25 | 2005-05-26 | Narjala Ranjit S. | Method, apparatus and system for intelligently and dynamically routing mobile internet protocol packets |
| US20050113109A1 (en) * | 2003-11-25 | 2005-05-26 | Farid Adrangi | Method, apparatus and system for context-based registrations based on intelligent location detection |
| US20050136924A1 (en) * | 2003-12-04 | 2005-06-23 | Farid Adrangi | Method, apparatus and system for enabling roaming mobile nodes to utilize private home IP addresses |
| US20060031510A1 (en) * | 2004-01-26 | 2006-02-09 | Forte Internet Software, Inc. | Methods and apparatus for enabling a dynamic network of interactors according to personal trust levels between interactors |
| US7725600B2 (en) * | 2004-02-03 | 2010-05-25 | Nokia Corporation | Method and apparatus providing address management in a flat structure mobile network |
| US7873036B2 (en) * | 2004-02-03 | 2011-01-18 | Nokia Siemens Networks Oy | Method and apparatus to provide group management of multiple link identifiers for collective mobility |
| KR100612447B1 (en) * | 2004-02-16 | 2006-08-16 | 삼성전자주식회사 | Network Information Management Method of Access Router and Its Access Router |
| TWI239173B (en) * | 2004-04-09 | 2005-09-01 | Ind Tech Res Inst | NAT system supporting mobile IP in private networks and its method |
| US7616613B2 (en) * | 2004-05-05 | 2009-11-10 | Cisco Technology, Inc. | Internet protocol authentication in layer-3 multipoint tunneling for wireless access points |
| US7840217B2 (en) * | 2004-07-23 | 2010-11-23 | Cisco Technology, Inc. | Methods and apparatus for achieving route optimization and location privacy in an IPV6 network |
| US7639802B2 (en) * | 2004-09-27 | 2009-12-29 | Cisco Technology, Inc. | Methods and apparatus for bootstrapping Mobile-Foreign and Foreign-Home authentication keys in Mobile IP |
| US7502331B2 (en) * | 2004-11-17 | 2009-03-10 | Cisco Technology, Inc. | Infrastructure-less bootstrapping: trustless bootstrapping to enable mobility for mobile devices |
| JP4451325B2 (en) * | 2005-02-01 | 2010-04-14 | 株式会社エヌ・ティ・ティ・ドコモ | Mobile node, base station, router, and packet communication system |
| JP4470770B2 (en) * | 2005-03-17 | 2010-06-02 | 日本電気株式会社 | Mobile communication control method, mobile communication system, routing apparatus, and program |
| CN100571196C (en) * | 2005-03-22 | 2009-12-16 | 华为技术有限公司 | Realization method of moving IPv6 message through firewall |
| US7916692B2 (en) * | 2005-03-25 | 2011-03-29 | Nec Corporation | Mobile communication system, edge router, and transfer control method, program and recording medium used therefor |
| US7881468B2 (en) * | 2005-04-08 | 2011-02-01 | Telefonaktiebolaget L M Ericsson (Publ) | Secret authentication key setup in mobile IPv6 |
| US20060274695A1 (en) * | 2005-06-03 | 2006-12-07 | Nokia Corporation | System and method for effectuating a connection to a network |
| US8630298B2 (en) * | 2005-06-11 | 2014-01-14 | Sandwave Ip, Llc | Dispersed high level devices in a network environment |
| KR20080032114A (en) * | 2005-06-23 | 2008-04-14 | 엑스디에스, 인코포레이티드 | Method and apparatus for changing network address of mobile device |
| CN1917508B (en) * | 2005-08-19 | 2011-01-26 | 鸿富锦精密工业(深圳)有限公司 | Wireless Local Area Network Device and Its Frame Sequence Numbering Method |
| US7626963B2 (en) * | 2005-10-25 | 2009-12-01 | Cisco Technology, Inc. | EAP/SIM authentication for mobile IP to leverage GSM/SIM authentication infrastructure |
| CN100512300C (en) * | 2006-01-13 | 2009-07-08 | 华为技术有限公司 | Method for switching service while transmitting realtime stream |
| US20070195791A1 (en) * | 2006-02-17 | 2007-08-23 | Peter Bosch | Route optimization for proxy mobile internet protocol |
| WO2008018153A1 (en) * | 2006-08-09 | 2008-02-14 | Telefonaktiebolaget Lm Ericsson (Publ) | A method and apparatus for routing a packet in mobile ip system |
| EP1912400A1 (en) * | 2006-10-10 | 2008-04-16 | Matsushita Electric Industrial Co., Ltd. | Method and apparatus for mobile IP route optimization |
| US8171120B1 (en) | 2006-11-22 | 2012-05-01 | Rockstar Bidco Lp | Mobile IPv6 route optimization authorization |
| KR100811893B1 (en) * | 2006-12-04 | 2008-03-10 | 한국전자통신연구원 | Mobility Support Method for Hand Vertical Over of Mobile Terminal |
| EP1986392B1 (en) * | 2007-04-26 | 2012-10-03 | Motorola Solutions, Inc. | Method for route optimization between mobile entities |
| JP4794520B2 (en) * | 2007-05-16 | 2011-10-19 | Kddi株式会社 | System, access gateway, home agent, and program for optimizing communication path in network-driven mobility management protocol |
| US8315388B2 (en) | 2008-05-02 | 2012-11-20 | International Business Machines Corporation | System and method of decoupling and exposing computing device originated location information |
| CN101651604B (en) * | 2008-08-15 | 2013-10-02 | 华为技术有限公司 | Method and system for route optimization |
| KR101172887B1 (en) * | 2008-12-22 | 2012-08-10 | 한국전자통신연구원 | Quality of Service provide system and Method for providing Quality of Service in the system |
| KR101454841B1 (en) | 2010-06-10 | 2014-10-28 | 지티이 코포레이션 | Method, system, mapping forward server and access router for mobile communication controlling |
| US20130332992A1 (en) * | 2012-06-12 | 2013-12-12 | Xerox Corporation | Methods and systems for identifying a trustable workflow based on a comprehensive trust model |
| US9317718B1 (en) | 2013-03-29 | 2016-04-19 | Secturion Systems, Inc. | Security device with programmable systolic-matrix cryptographic module and programmable input/output interface |
| US9355279B1 (en) * | 2013-03-29 | 2016-05-31 | Secturion Systems, Inc. | Multi-tenancy architecture |
| CN105282025A (en) * | 2014-07-11 | 2016-01-27 | 中兴通讯股份有限公司 | Method of determining end-to-end routing and apparatus thereof |
| US10424034B1 (en) * | 2014-09-08 | 2019-09-24 | Google Llc | Systems and methods for protecting user identity within online content providing environments |
| US11283774B2 (en) | 2015-09-17 | 2022-03-22 | Secturion Systems, Inc. | Cloud storage using encryption gateway with certificate authority identification |
| CN107911799B (en) * | 2017-05-18 | 2021-03-23 | 北京聚通达科技股份有限公司 | Method for utilizing intelligent route |
| US11337177B2 (en) | 2020-09-23 | 2022-05-17 | Glowstik, Inc. | System and method for generating amorphous dynamic display icons |
Family Cites Families (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JPH10178421A (en) * | 1996-10-18 | 1998-06-30 | Toshiba Corp | Packet processing device, mobile computer device, packet transfer method and packet processing method |
| US6625135B1 (en) * | 1998-05-11 | 2003-09-23 | Cargenie Mellon University | Method and apparatus for incorporating environmental information for mobile communications |
| US6407988B1 (en) * | 1998-10-06 | 2002-06-18 | At&T Corp. | Mobility support services using mobility aware access networks |
| US6621810B1 (en) * | 1999-05-27 | 2003-09-16 | Cisco Technology, Inc. | Mobile IP intra-agent mobility |
| US6947401B2 (en) * | 2000-03-08 | 2005-09-20 | Telefonaktiebolaget Lm Ericsson (Publ) | Hierarchical mobility management for wireless networks |
| US6915325B1 (en) * | 2000-03-13 | 2005-07-05 | Nortel Networks Ltd | Method and program code for communicating with a mobile node through tunnels |
| JP3636637B2 (en) * | 2000-05-30 | 2005-04-06 | 三菱電機株式会社 | Route optimization method |
| KR100369807B1 (en) * | 2000-08-05 | 2003-01-30 | 삼성전자 주식회사 | Packets transmission method for mobile internet |
| US7349377B2 (en) * | 2001-11-09 | 2008-03-25 | Nokia Corporation | Method, system and system entities for providing location privacy in communication networks |
-
2002
- 2002-12-17 US US10/320,637 patent/US6999437B2/en not_active Expired - Lifetime
-
2003
- 2003-12-09 AU AU2003286322A patent/AU2003286322A1/en not_active Abandoned
- 2003-12-09 EP EP03777065A patent/EP1573929B1/en not_active Expired - Lifetime
- 2003-12-09 DE DE60320846T patent/DE60320846D1/en not_active Expired - Lifetime
- 2003-12-09 WO PCT/IB2003/005856 patent/WO2004055993A2/en not_active Ceased
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2007003240A1 (en) | 2005-06-30 | 2007-01-11 | Matsushita Electric Industrial Co., Ltd. | Optimized reverse tunnelling for packet switched mobile communication systems |
| EP2262293A2 (en) | 2005-10-21 | 2010-12-15 | Panasonic Corporation | Dynamic discovery of home agent with specific binding |
| WO2007079628A1 (en) * | 2006-01-09 | 2007-07-19 | Huawei Technologies Co., Ltd. | A COMMUNICATION METHOD FOR MIPv6 MOBILE NODES |
| WO2007095054A3 (en) * | 2006-02-14 | 2007-11-22 | Lucent Technologies Inc | Route optimization at a packet data switch node |
| US9161205B2 (en) | 2006-02-14 | 2015-10-13 | Alcatel Lucent | Route optimization at a packet data switch node |
| US8259649B2 (en) | 2006-02-28 | 2012-09-04 | Panasonic Corporation | Route optimization with location privacy support |
| US8724553B2 (en) | 2006-02-28 | 2014-05-13 | Panasonic Corporation | Route optimization with location privacy support |
| US8230076B2 (en) | 2006-05-29 | 2012-07-24 | Panasonic Corporation | Method and apparatus for simultaneous location privacy and route optimization for communication sessions |
Also Published As
| Publication number | Publication date |
|---|---|
| EP1573929A4 (en) | 2007-01-24 |
| EP1573929B1 (en) | 2008-05-07 |
| US6999437B2 (en) | 2006-02-14 |
| EP1573929A2 (en) | 2005-09-14 |
| AU2003286322A8 (en) | 2004-07-09 |
| WO2004055993A3 (en) | 2005-06-23 |
| AU2003286322A1 (en) | 2004-07-09 |
| US20040114558A1 (en) | 2004-06-17 |
| DE60320846D1 (en) | 2008-06-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US6999437B2 (en) | End-to-end location privacy in telecommunications networks | |
| Kempf | Goals for network-based localized mobility management (NETLMM) | |
| US9635539B2 (en) | Home agent discovery upon changing the mobility management scheme | |
| US20060111113A1 (en) | Virtual private network with mobile nodes | |
| US7751379B2 (en) | IP mobility mechanism for a packet radio network | |
| US8117454B2 (en) | Fast update message authentication with key derivation in mobile IP systems | |
| US9088938B2 (en) | Information exchange between gateways for route optimization with network-based mobility management | |
| EP1986392B1 (en) | Method for route optimization between mobile entities | |
| JP5087012B2 (en) | Route optimization to support location privacy | |
| EP1953991A1 (en) | Race condition resolution in mixed network- and host-based mobility mangement scenarios | |
| US8185935B2 (en) | Method and apparatus for dynamic home address assignment by home agent in multiple network interworking | |
| EP1540902B1 (en) | Method for updating a routing entry | |
| EP2095595A1 (en) | Mobile ip proxy | |
| CN1905519A (en) | Home agent apparatus and communication system | |
| Kempf | RFC 4831: goals for network-based localized mobility management (NetLMM) | |
| Krishnamurthi et al. | Providing end-to-end location privacy in ip-based mobile communication | |
| Kim et al. | Secure and low latency handoff scheme for proxy mobile ipv6 | |
| Hazarika et al. | Survey on Design and Analysis of Mobile IP | |
| Saxena et al. | Mobility management in IP based networks |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| AK | Designated states |
Kind code of ref document: A2 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW |
|
| AL | Designated countries for regional patents |
Kind code of ref document: A2 Designated state(s): BW GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
| 121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
| WWE | Wipo information: entry into national phase |
Ref document number: 2003777065 Country of ref document: EP |
|
| WWP | Wipo information: published in national office |
Ref document number: 2003777065 Country of ref document: EP |
|
| NENP | Non-entry into the national phase |
Ref country code: JP |
|
| WWW | Wipo information: withdrawn in national office |
Country of ref document: JP |
|
| WWG | Wipo information: grant in national office |
Ref document number: 2003777065 Country of ref document: EP |