Abstract: A method of performing authentication of a client for wireless communication includes: sending, by the client, a request to an authorization server via a proxy node, to obtain an access token, wherein the request to obtain the access token contains a client signature of the client; authenticating, by the authorization server, the client as a valid recipient of the access token; and authorizing, by the authorization server, the access token to the client after authenticating the client, wherein the authorization is based on at least the client signature contained in the request to obtain the access token.

Abstract: A method of performing validation of an access token under OAuth 2.0 protocol includes: providing, by an authorization server, the access token for service to a client in response to a request for the access token; adding, by the client, a client signature to at least the access token; forwarding, by the client, the access token as part of a service request to a resource server; and validating, by the resource server, whether the client is a valid owner of the access token, wherein the validation is based on at least the client signature of the access token. The validation is based on a hash of a combination of the service request, the access token and a shared secret key common to the client and the resource server, the output of which hash is added to the service request, and the resource server validates the hash.

Abstract: A method and an architecture for the Roaming Hub that can be configured to establish interconnectivity between any visiting Public Line Mobile Network (PLMN) and home PLMN as long as the visiting PLMN and the Home PLMN has a roaming agreement with the Roaming Hub.

Abstract: A method of performing validation of an access token under OAuth 2.0 protocol includes: providing, by an authorization server, the access token for service to a client in response to a request for the access token; adding, by the client, a client signature to at least the access token; forwarding, by the client, the access token as part of a service request to a resource server; and validating, by the resource server, whether the client is a valid owner of the access token, wherein the validation is based on at least the client signature of the access token. The validation is based on a hash of a combination of the service request, the access token and a shared secret key common to the client and the resource server, the output of which hash is added to the service request, and the resource server validates the hash.

Abstract: A method of obtaining addressing information may include establishing a communication path through a network between first and second peer devices with a router coupled between the first peer device and the communication path through the network. A communication may be received at the first peer device from the second peer device through the communication path and the router. Moreover, a payload of the communication received at the first peer device from the second peer device may include a public reachability address used by the second peer device to transmit the communication through the network and the router to the first peer device. Related methods of providing such addressing information and related devices are also discussed.

Abstract: The present invention provides a system and method to selectively negotiate different delivery styles for different types of packets sent from the Mobile Node to the Foreign Agent, which will allow the Mobile Node to negotiate a delivery style that will permit the Foreign Agent to transmit certain selected outbound traffic directly without reverse tunneling that traffic back to the home network. Specifically, the present invention allows the Foreign Agent to distinguish between certain types of BC/MC packets that are designated to be processed and routed to their destinations by the Foreign Network directly, as opposed to reverse tunneling the outbound traffic from the Foreign Agent back to the Home Agent on the home network. By selecting processing by the Foreign Network, the efficiency of the system will improve because the transmission of outbound traffic and inbound responses will not need to be tunneled through the Home Network.

Abstract: The invention consists of a new registration and authentication protocol for between a Mobile Node and a Home Agent. The new protocol uses a novel messaging sequence to request registration, authentication and authorization of the Mobile Node when it is located on a foreign network, and the novel protocol will avoid some of the standard registration and authentication protocol messages in order to eliminate the problems associated with re-transmission errors.

Abstract: The present invention solves communication disruption problems during the hand-off transition period by using a pre-handoff registration of a new foreign agent on behalf of the mobile node The pre-handoff registration message should: (1) identify itself as a pre-hand off registration message, (2) indicate direction of traffic for the pre-handoff registration time period, and (3) specify a lifetime or time period when the pre-handoff registration request will continue to be considered valid The local mobility anchor will accept traffic using the pre-handoff registration care-of address depending on the directionality indicator, but the communication traffic to or from the mobile node will not be disrupted during the transition period. Because the care-of address for the mobile node on the new foreign network can be used to direct communication traffic to or from the mobile node during this transition time period, no disruption of service will be encountered.

Abstract: The invention consists of a new registration and authentication protocol for between a Mobile Node and a Home Agent. The new protocol uses a novel messaging sequence to request registration, authentication and authorization of the Mobile Node when it is located on a foreign network, and the novel protocol will avoid some of the standard registration and authentication protocol messages in order to eliminate the problems associated with re-transmission errors.

Abstract: Upon attachment of a machine to machine (M2M) device to a network, the access network determines which service provider to connect the device to. During an initial attachment process, the device can be configured so that it only will connect to a defined M2M service provider.

Abstract: A method of obtaining addressing information may include establishing a communication path through a network between first and second peer devices with a router coupled between the first peer device and the communication path through the network. A communication may be received at the first peer device from the second peer device through the communication path and the router. Moreover, a payload of the communication received at the first peer device from the second peer device may include a public reachability address used by the second peer device to transmit the communication through the network and the router to the first peer device. Related methods of providing such addressing information and related devices are also discussed.

Abstract: The invention consists of a new registration and authentication protocol for between a Mobile Node and a Home Agent. The new protocol uses a novel messaging sequence to request registration, authentication and authorization of the Mobile Node when it is located on a foreign network, and the novel protocol will avoid some of the standard registration and authentication protocol messages in order to eliminate the problems associated with re-transmission errors.

Abstract: A method of obtaining addressing information may include establishing a communication path through a network between first and second peer devices with a router coupled between the first peer device and the communication path through the network. A communication may be received at the first peer device from the second peer device through the communication path and the router. Moreover, a payload of the communication received at the first peer device from the second peer device may include a public reachability address used by the second peer device to transmit the communication through the network and the router to the first peer device. Related methods of providing such addressing information and related devices are also discussed.

Abstract: A first node receives information associated with a mobile station to allow for establishment of a session for the mobile station that is attached to a first wireless access network in a first service domain. In response to the received information, the first node sends messaging to a home agent in a second service domain that is of a different type than the first service domain. The first node receives, from the home agent, an Internet Protocol (IP) address allocated to the mobile station in the second service domain, where the IP address is allocated in response to the messaging, and where services provided to the mobile station are anchored in the second service domain.

Abstract: A Machine-to-Machine (M2M) services enablement architecture (95) for a cellular Access Network (AN) (84) that allows the cellular AN operator to not only deploy its M2M Services Capabilities (SC) as an M2M SC Server (141) within its network domain, but to also use its M2M SC to work as an M2M SC Proxy (100) when communicating with an M2M Service Provider (SP) network (82) that also deploys an M2M SC Server (102). The M2M SC Proxy in the cellular AN relays all signaling plane communications between an M2M device's/gateway's SC (165) and the SP's M2M SC Server. The M2M SC Proxy provides the cellular AN with an access to all of the Across-Layers (Transport and Service Layers) information needed for the M2M services enablement in the cellular AN. This proxy-based solution allows the cellular AN to serve all types of M2M SPs, and relieves the M2M SP from the need to support different cellular AN interworking interfaces.

Abstract: Embodiments provide techniques for mobile route optimization authentication protocols. Embodiments allow for system control over whether route optimization is allowed or not allowed. A conditional allowance of route optimization solves several billing and security issues by allowing the system to impose appropriate charges for the route optimization feature or prevent route optimization where message flow using care-of addressing can be monitored.

Abstract: The present invention supports a communication protocol for transmission of information packets between a mobile node and a virtual private network. Information packets are encapsulated and decapsulated along the route as the information packet is forwarded among the various networks on its path to the destination address; either the mobile node on a foreign network or a correspondence node on a virtual private network. A home agent on the virtual private network supports transmitting the information packets, and the information packets are transmitted from the virtual private network from the home agent or a virtual private network gateway.

Abstract: The present invention provides a system and method to selectively negotiate different delivery styles for different types of packets sent from the Mobile Node to the Foreign Agent, which will allow the Mobile Node to negotiate a delivery style that will permit the Foreign Agent to transmit certain selected outbound traffic directly without reverse tunneling that traffic back to the home network. Specifically, the present invention allows the Foreign Agent to distinguish between certain types of BC/MC packets that are designated to be processed and routed to their destinations by the Foreign Network directly, as opposed to reverse tunneling the outbound traffic from the Foreign Agent back to the Home Agent on the home network. By selecting processing by the Foreign Network, the efficiency of the system will improve because the transmission of outbound traffic and inbound responses will not need to be tunneled through the Home Network.

Abstract: The present invention provides a system and method to selectively negotiate different delivery styles for different types of packets sent from the Mobile Node to the Foreign Agent, which will allow the Mobile Node to negotiate a delivery style that will permit the Foreign Agent to transmit certain selected outbound traffic directly without reverse tunneling that traffic back to the home network. Specifically, the present invention allows the Foreign Agent to distinguish between certain types of BC/MC packets that are designated to be processed and routed to their destinations by the Foreign Network directly, as opposed to reverse tunneling the outbound traffic from the Foreign Agent back to the Home Agent on the home network. By selecting processing by the Foreign Network, the efficiency of the system will improve because the transmission of outbound traffic and inbound responses will not need to be tunneled through the Home Network.

Abstract: A Machine-to-Machine (M2M) services enablement architecture for a cellular Access Network (AN) that allows the cellular AN operator to not only deploy its M2M Services Capabilities (SC) as an M2M SC Server within its network domain, but to also use its M2M SC to work as an M2M SC Proxy when communicating with an M2M Service Provider (SP) network that also deploys an M2M SC Server. The M2M SC Proxy in the cellular AN relays all signaling plane communications between an M2M device's/gateway's SC and the SP's M2M SC Server. The M2M SC Proxy provides the cellular AN with an access to all of the Across-Layers (Transport and Service Layers) information needed for the M2M services enablement in the cellular AN. This proxy-based solution allows the cellular AN to serve all types of M2M SPs, and relieves the M2M SP from the need to support different cellular AN interworking interfaces.