Abstract: An apparatus, system, and method for gateway onboarding for the Internet of Things providing for securely controlling access to a network by a gateway through a self-service registration web portal. The method steps include entering serial number and gateway information into a self-service registration web portal by a user; submitting the registration request to network controller; attempting to connect to network by gateway by presenting the serial number; verifying, by the administrator, the serial number and user validity; if verified, approving gateway for access to network; allowing gateway on network; and issuing configuration parameters.

Abstract: A singular federated Low Power Wide Area Virtual Network (LVN) computing system and method provides a controlling interface between Radio Access Network (RAN) Provider participants and participating Application Provider End-Devices. The system leverages the advantages of each RAN Provider participant. It allows Application Providers to use a variety of RANs, and RAN Providers to offer services to Application Providers without the need for direct relationships. Steps include an End-Device transmitting a message, receiving the End-Device transmission at one or more gateways, determining if the End-Device is a LVN member, if no, discard the transmission message, if yes, test the validity of the received end device transmission message at a network controller, if not valid, discard the transmission message, if valid, weight the message by the receiving gateway's class, fractionalize the message, and attribute value to the RAN provider and the Application Provider.

Abstract: A system and method for a software defined Internet of Things (IoT) Network Controller/Server including Network Controller Instances, a Network Controller Cluster, Application Controller Instances, Northbound and Southbound APIs, Uplink and Downlink Processor instances, and a Network Database. The invention leverages web-oriented technologies for a large horizontally scalable and highly available system. Horizontal scaling is accomplished by Network Controller instances which dynamically increases throughput for uplink and downlink processing. The event-driven architecture is coordinated through a distributed cache. Only Critical events are persisted as part of event processing; all others are stored in a cache and scheduled for persistence.

Abstract: Controlling a user's usage of network resources, after the user has been authenticated, without using any network resources beyond the user's entry point to the network. A plurality of users may be connected to an entry point of a network of a network device by a shared transmission medium. Each users' usage of network resources is controlled, after such user has been authenticated, without using any network resources beyond such user's entry point to the network. For each one or more users, packet rules may be provisioned to the user's entry point to the network, where such entry point may be shared with other users. The packet rules may be applied to each packet received from the user before any network resources beyond the entry point are used. These packet rules may be associated with an identity of the user and then provisioned to the user's entry point in response to the user being authenticated.

Abstract: A user's usage of network resources is controlled, after the user has been authenticated, without using any network resources beyond the user's entry point to the network. Packet rules may be provisioned to the user's entry point to the network, and the packet rules may be applied to each packet received from the user before any network resources beyond the entry point are used. These packet rules may be associated with an identity of the user and then provisioned to the user's entry point in response to the user being authenticated. Usage of network resources of a communications network by a user beyond a network device of the communications network that serves as the user's entry point to the communications network is controlled. The port module of the network device is configured with one or more packet rules corresponding to an identity of the user.

Abstract: Controlling a user's usage of network resources, after the user has been authenticated, without using any network resources beyond the user's entry point to the network. A plurality of users may be connected to an entry point of a network of a network device by a shared transmission medium. Each users' usage of network resources is controlled, after such user has been authenticated, without using any network resources beyond such user's entry point to the network. For each one or more users, packet rules may be provisioned to the user's entry point to the network, where such entry point may be shared with other users. The packet rules may be applied to each packet received from the user before any network resources beyond the entry point are used. These packet rules may be associated with an identity of the user and then provisioned to the user's entry point in response to the user being authenticated.

Abstract: A user's usage of network resources is controlled, after the user has been authenticated, without using any network resources beyond the user's entry point to the network. Packet rules may be provisioned to the user's entry point to the network, and the packet rules may be applied to each packet received from the user before any network resources beyond the entry point are used. These packet rules may be associated with an identity of the user and then provisioned to the user's entry point in response to the user being authenticated. Usage of network resources of a communications network by a user beyond a network device of the communications network that serves as the user's entry point to the communications network is controlled. The port module of the network device is configured with one or more packet rules corresponding to an identity of the user.