Abstract: Provided is a method of providing secure communication between an initiator and a responder in a communication network. The method includes providing an encryption key for securing communications between an initiator and a responder in a communications network that includes the initiator generating an initiator Diffie-Hellman computed value, the initiator transmitting the initiator Diffie-Hellman computed value to the responder, the responder generating the encryption key and a responder Diffie-Hellman computed value, the responder transmitting the responder Diffie-Hellman computed value to the initiator, and the initiator generating the encryption key.

Abstract: Provided is a method of providing secure communication between an initiator and a responder in a communication network. The method includes providing an encryption key for securing communications between an initiator and a responder in a communications network that includes the initiator generating an initiator Diffie-Hellman computed value, the initiator transmitting the initiator Diffie-Hellman computed value to the responder, the responder generating the encryption key and a responder Diffie-Hellman computed value, the responder transmitting the responder Diffie-Hellman computed value to the initiator, and the initiator generating the encryption key.

Abstract: Provided is a method of providing secure communication between an initiator and a responder in a communication network. The method includes presenting a registration request with one or more proposals for dynamically establishing a security association between the initiator and the responder, and receiving a registration response indicating whether any of the one or more proposals have been accepted for the security association.

Abstract: Provided is a method of providing secure communication between an initiator and a responder in a communication network. The method includes presenting a registration request with one or more proposals for dynamically establishing a security association between the initiator and the responder, and receiving a registration response indicating whether any of the one or more proposals have been accepted for the security association.

Abstract: A key exchange for a network architecture. A mobile node that roams over a foreign domain transmits a registration request to a home domain using the foreign domain. The identity of the mobile node within the registration request is encrypted. The home domain receives the registration request and decrypts the mobile node identity. The home domain generates a registration reply that includes encryption keys for encrypting information to be transmitted between and among the home domain, the foreign domain, and the mobile node.

Abstract: The present invention supports a generalized link-layer address extension for an information packet transmission on an IP mobility system. In the invention, a link-layer address for a node can be communicated in any information packet rather than confined to a specialized message format. The link-layer address can be used in link-layer routing protocols to simplify mobile IP hand-offs and routing, reducing overhead data traffic and allowing more efficient use of network resources.

Abstract: Disclosed is a buffer management method for a mobile node in a mobile IP telecommunication network. The buffer management method supports a handoff of the mobile node from a first agent of a first network to a second agent of a second network. The method begins upon initiation of the handoff. A first message is sent to the first agent requesting the first agent to buffer any packets being sent to the mobile node. While the buffering is being performed, the handoff may be completed to the second agent. Once the handoff is complete, a second message can be sent to the first agent requesting the first agent to forward the buffered packets to the second agent.

Abstract: A method and apparatus for allowing a plurality of mobile nodes to access a network with one or more Network Access Identifiers (NAIs), This allows a user to access a network with multiple mobile nodes using a single NAI. The method and apparatus is achieved by the addition of a Session/Device Extension, a Host Identification Extension, a Host Identification NAI Extension, and/or a Lease Time Extension.

Abstract: The invention provides for an improved method and system of registration and hand-off procedures for a mobile node in a packet-based communication network. The present invention obtains expanded addresses over past systems. The invention can also use serving mobility managers to obtain a care-of address to route data-packets while on the foreign sub-network. The invention improves efficiency and reduces message overhead during registration and hand-off.

Abstract: A system and method is provided for seamlessly switching between different network access technologies without interrupting active network applications or sessions. A Network Access Arbitrator (NAA), which contains a virtual network adapter driver, resides between a Data Link Layer and a Network Layer of the standard OSI-7 Layer Protocol Stack for controlling necessary switching between different network access technologies. Since all network applications are controlled by layers residing on or above the Network Layer, all applications using network services provided by the Network Layer will continue their active network sessions or applications without disruption, as the NAA switches between different network access technologies.

Abstract: An improved wireless mobile IP system including an apparatus and method for managing transmission of information. Agent advertisements are used to detect movement of the mobile node and derive care-of addressing information for the Home Agent. Foreign Agents and Home Agents currently periodically broadcast an agent advertisement on the data channel. The claimed system reduces the need for agent advertisements by detecting movement of a mobile user into a new network using either the mobile node or a routine on a low-level protocol layer. After detection of movement, an agent solicitation message is transmitted from the mobile node or from the cell-site transmitter. The mobility agent then transmits a single agent advertisement in response. Derived care-of addressing information will then be registered with the Home Agent to support “tunneling” of communications to the mobile node through the foreign network.

Abstract: In an IP-based mobile communications system, the Mobile Node changes its point of attachment to the network while maintaining network connectivity. Security concerns arise in the mobile system because authorized users are subject to the following forms of attack: (1) session stealing where a hostile node hijacks session from mobile node by redirecting packets, (2) spoofing where the identity of an authorized user is utilized in an unauthorized manner to obtain access to the network, and (3) eavesdropping and stealing of data during session with authorized user. No separate secure network exists in the IP-based mobility communications system, and therefore, it is necessary to protect information transmitted in the mobile system from the above-identified security attacks.

Abstract: The present invention supports a virtual private network identifier for an information packet transmission on an IP mobility system. By identifying a virtual private network in this manner, the Foreign Agent will be able to properly route data packets even if two or more Mobile Nodes are associated with virtual private networks on the same home network.

Abstract: An accounting framework is provided for a communications system having a plurality of service providers, including cellular service providers and/or data network service providers, e.g., Internet service providers. Accounting units containing accounting information are exchanged between service providers to allow the service providers to charge for usage of services. The accounting units have a predetermined format to allow them to be exchanged between different service providers. Each accounting unit includes a plurality of fields, including a service type field, a usage of radio interface field, a usage of a visited or external network field, a usage of mobility management field, a quality of service field, a usage of a packet data protocol field, and other fields. Users may be charged for services based on these fields.

Abstract: A communications architecture for enabling IP-based mobile communications includes a Local Service Function (LSF) component configured to serve as an IP-based serving area network for a set of x-Access Networks, and a Network Service Function (NSF) component configured to serve as an IP-based home network by managing a MN's subscription and associated profile so that the MN is authorized to use the resources of the LSF. An x-Access Network (xAN) is interconnected to the LSF and NSF for providing heterogeneous Layer 2 access for MNs irrespective of access technology.

Abstract: A new extensions structure for mobile IP control message extensions is employed to conserve the type field. Certain types of extensions, such as network access identifiers, are initially aggregated and subtypes are employed to identify the precise content of the extension (e.g., mobile node network access identifier, home agent network access identifier, foreign agent network access identifier, etc.). Long and short formats for the new extension structure are defined, with the long format applicable to nonskippable extensions carrying more than 256 bytes and the short format backwards compatible with currently defined skippable extensions with less than 256 bytes of data. This will greatly reduce usage of the type field.

Abstract: A method and apparatus in a communications system for processing control messages for a session in a packet-based network within the communications system. A first indicator is set in a control message for handling a session within the communications system through the packet-based network. The control message is sent to a destination within the packet-based network. The control message is provided priority processing within the packet-based network based on the presence of the first indicator. A second indicator is set in a header of a packet used to transport the control message, such that nodes within the packet based network, which do not examine the control message, provide priority processing of the packet in sending the packet through the packet-based network to the destination.

Abstract: A communications architecture for enabling IP-based mobile communications includes a Local Service Function (LSF) component configured to serve as an IP-based serving area network for a set of x-Access Networks, and a Network Service Function (NSF) component configured to serve as an IP-based home network by managing a MN's subscription and associated profile so that the MN is authorized to use the resources of the LSF. An x-Access Network (xAN) is interconnected to the LSF and NSF for providing heterogeneous Layer 2 access for MNs irrespective of access technology.

Abstract: An efficient and improved dynamic home agent discovery algorithm and system to be used in a protocol for network communications. The present invention encapsulates and integrates communications of the home agents into a single home agent communication. Communication between a mobile node and the home agents is simplified to a single home agent communication. Dynamic home agent discovery processes are performed, based on the single home agent communication. Encapsulation is achieved by having each of the home agents maintain a home agent list that contains information about each of the home agents coupled to the home link. A designated home agent receives and processes home agent discovery requests from the mobile node on behalf of home agents coupled to the home link, and a designated home agent sends home agent advertisements to and communicates with the mobile node.

Abstract: The invention provides for an improved method and system of registration and hand-off procedures for a mobile node in a packet-based communication network. The present invention obtains expanded addresses over past systems. The invention can also use serving mobility managers to obtain a care-of address to route data-packets while on the foreign sub-network. The invention improves efficiency and reduces message overhead during registration and hand-off.