Abstract: The present invention relates to a Domain Name System (DNS) server and a method for resolving DNS queries from a number of clients. The DNS server comprises multiple virtual DNS server instances servicing different clients. The DNS server further comprises a shared cache for caching records which indicate answers to resolved DNS queries. The shared cache is shared between a set of virtual DNS server instances. The virtual DNS server instances that share the shared cache are able to cache DNS query results in the shared cache as well as resolve a DNS query by retrieving a cached record corresponding to the DNS query from the shared cache. Thus it is possible for a virtual DNS server instance to make use of DNS query results obtained by other virtual DNS server instances.

Abstract: A mechanism for use by a subscription control node, one or more NAT64 nodes and/or DNS64 nodes to interact in a communications network with multiple user equipments (UEs) to control the UE usage of the NAT64 and/or DNS64 communications resources. The subscription control node includes subscription information for one or more of the UE(s), the subscription information for each UE including translation state usage information associated with one or more of the NAT64 nodes servicing the UE. The subscription control node collects translation state usage information from each NAT64 node, and identifies a set of one or more UE(s) exceeding a maximum translation state usage allocated to each of the multiple UEs based on the corresponding subscription information and the collected translation state usage information. The subscription information for the identified UEs is adjusted so the identified set of UE(s) meet the maximum translation state usage for each UE.

Abstract: A method of configuring a plurality of rendezvous servers to provide a Host Identity Protocol, HIP, based mobility service to HIP nodes, where the servers are arranged in a hierarchical branching structure. For each HIP node, a Host Identity Tag, HIT,-and contact address mapping is registered with a rendezvous server (101). That server then identifies itself and the HIT to each higher level server within the same branch, without explicitly identifying the contact address to those higher level servers (103) wherein, in use, when a first rendezvous server receives a HIP contact message addressed to a given HIT (201), if that first server is unaware of the destination HIT, it forwards the message to a higher level server within the same branch (204), and if the first server is not the server at which the HIT is registered but is aware of the HIT, it forwards the contact message to the neighbouring rendezvous server corresponding to the HIT (203).

Abstract: A method of configuring a plurality of rendezvous servers to provide a Host Identity Protocol, HIP, based mobility service to HIP nodes, where the servers are arranged in a hierarchical branching structure. For each HIP node, a Host Identity Tag, HIT, and contact address mapping is registered with a rendezvous server. That server then identifies itself and the HIT to each higher level server within the same branch, without explicitly identifying the contact address to those higher level servers wherein, in use, when a first rendezvous server receives a HIP contact message addressed to a given HIT, if that first server is unaware of the destination HIT, it forwards the message to a higher level server within the same branch and if the first server is not the server at which the HIT is registered but is aware of the HIT, it forwards the contact message to the neighbouring rendezvous server corresponding to the HIT.

Abstract: A method of handling mobility-related signalling in a communications system comprising a mobile node, a mobile router, and a peer node. The method comprises providing the mobile router with a delegation certificate that is cryptographically signed by or on behalf of the mobile node. At the mobile router, a mobility-related signalling exchange is initiated with the peer node on behalf of the mobile node, the mobile router providing to the peer node within this exchange, said delegation certificate or an identification of the certificate, and a sequence number associated with the certificate. At the peer node, the received sequence number is compared with a sequence number maintained by the peer node in respect of the delegation certificate, and the exchange authorised in dependence upon the result of the comparison.

Abstract: The invention provides for a method and a node for integrating the devices (20a-20g) of a meshed multi-hop network (20) in a mobile communication network (10). The method comprises the following steps: attaching at least one device of said meshed multi-hop network to said mobile communication network, retrieving, in at least one node of said mobile communication network, from at least one base station of said mobile communication network, information about the devices of said meshed multi-hop network that may be accessed through said base station, and storing, in said node (11) for each device, said information such that said node knows, for each device, through which base stations (23) it may be accessed. Thereby, the meshed multi-hop network is integrated in the mobile communication network.

Abstract: In one aspect, there is provided a method for issuing a ticket to a customer to a queue of a service function. In some embodiment the method includes: providing a queue ticket terminal in a predetermined space associated with said service function; and enabling a customer to be allocated a queue ticket from said terminal. The method further comprising: detecting, in a mobile device associated with said customer, whether said queue ticket terminal is in the vicinity of said mobile device; transmitting a queue ticket request from said mobile device to said queue ticket terminal; and, receiving, in said mobile device and in response to said queue ticket request, a queue position message comprising information relating to the customer's position in said queue.

Abstract: The invention relates to a method for authenticating a device, comprising a network communication unit and tagging circuit, in a mobile communication network, using a mobile entity comprising a tagging circuit and being authenticated to the mobile communication network. The method comprises the following steps; the mobile entity establishing a connection with the device, using said tagging circuit, exchanging authentication data between the mobile entity and the device using the tagging circuit and authenticating the device to the mobile communication network by submission of exchanged authentication data in the mobile communication network. Thereby, the permissions of a mobile entity may be shared with another device by tagging. The invention also relates to a corresponding mobile entity, device, node and computer program product.

Abstract: The disclosure relates to a method of managing aggregated devices being attached to a mobile communication network via at least one aggregating device; said aggregating device being attached directly to a radio base station of said mobile communication network. The method comprises retrieving, information regarding at least one aggregated device attached to a respective aggregating device, storing said information in said node, such that the node comprises information about aggregated devices attached to said mobile communication network and providing, said information for managing said aggregated devices. The disclosure also relates to a network node, an aggregating device and an aggregated device.

Abstract: A method of handling mobility-related signaling in a communications system comprising a mobile node, a mobile router, and a peer node. The method comprises providing the mobile router with a delegation certificate that is cryptographically signed by or on behalf of the mobile node. At the mobile router, a mobility-related signaling exchange is initiated with the peer node on behalf of the mobile node, the mobile router providing to the peer node within this exchange, said delegation certificate or an identification of the certificate, and a sequence number associated with the certificate. At the peer node, the received sequence number is compared with a sequence number maintained by the peer node in respect of the delegation certificate, and the exchange authorized in dependence upon the result of the comparison.

Abstract: A method and apparatus of at least partially securing communications between first and second hosts using the Host Identity Protocol (HIP) is provided. The first host is not HIP enabled and the second host is HIP enabled. A persistent HIP identity is associated with the first host and maintained at a remote server. A public part of the persistent HIP identity is obtained from the remote server together with a certificate authorizing a gateway node between the first and second hosts to use a temporary HIP identity associated with the first host. A secure HIP identity is negotiated between the gateway node and the second host using at least part of each of the persistent HIP identity, the temporary HIP identity, and the certificate.

Abstract: Facilitating access to a Host Identity Protocol security procedure by a legacy host 100 connected to a moving network 101. The method comprises registering a local IP address or temporary Host Identity Tag of the legacy host 100 with a rendezvous server 111 together with an IP address of a Host Identity Protocol proxy 102 within the moving network, and using the registered IP address or temporary Host Identity Tag at the rendezvous server to forward received I1 packets to the Host Identity Protocol proxy.

Abstract: A method of facilitating access to a Host Identity Protocol security procedure by a host connected to a moving network, where the moving network comprises a Host Identity Protocol server responsible for allocating local IP addresses to attached hosts. The method comprises registering at a rendezvous server an IP address prefix for use by said Host Identity Protocol server in allocating said local addresses, together with an externally reachable IP address of the Host Identity Protocol server. The registered IP address prefix is used at the rendezvous server to forward received I1 messages to the Host Identity Protocol server. The rendezvous server controls the allocation and registration of address prefixes to Host Identity Protocol servers in order to prevent collision of local IP addresses.

Abstract: A method of establishing a Host Identity Protocol session between first and second Host Identity Protocol enabled hosts, where at least said second host is located behind a reverse-proxy. The method comprises providing the reverse-proxy with Diffie-Hellman public keying material of the second host, sending said Diffie-Hellman public keying material from the reverse-proxy to the first host as part of the Host Identity Protocol base exchange procedure, this material being bound to the Host Identity of the reverse-proxy for the purpose of the Host Identity Protocol session, and, at the first host, using the Host Identity of the reverse-proxy as the correspondent Host Identity for the Host Identity Protocol session, and, at the second host, using the Host Identity of the reverse-proxy as the originating Host Identity for the Host Identity Protocol session.

Abstract: A method of facilitating location update signalling within a communication network between a mobile node and an end host includes establishing a trust relationship between one or more end hosts (1) and a proxy (3). When a mobile node (2) is handed-off, a location update is performed between the mobile node (2) and the proxy (3), and a location update message is sent from the proxy to the end host(s) having the trust relationship with the proxy. Multiple end hosts may authorise the same proxy to perform location update signalling on their behalf. The number of signalling messages required to perform the location update may be reduced, compared to a legacy method in which the mobile node is required to perform location update signalling with each end host.

Abstract: A method of configuring a plurality of rendezvous servers to provide a Host Identity Protocol, HIP, based mobility service to HIP nodes, where the servers are arranged in a hierarchical branching structure. For each HIP node, a Host Identity Tag, HIT, and contact address mapping is registered with a rendezvous server. That server then identifies itself and the HIT to each higher level server within the same branch, without explicitly identifying the contact address to those higher level servers wherein, in use, when a first rendezvous server receives a HIP contact message addressed to a given HIT, if that first server is unaware of the destination HIT, it forwards the message to a higher level server within the same branch and if the first server is not the server at which the HIT is registered but is aware of the HIT, it forwards the contact message to the neighbouring rendezvous server corresponding to the HIT.

Abstract: A method of delivering an IP multicast stream from a source node to a destination node. The method comprises establishing a Host Identity Protocol association between a multicast router and at least one further network node upstream of the multicast router, both of which are present in the multicast path, and using said association(s) to transport multicast packets.

Abstract: A method of facilitating access to a Host Identity Protocol security procedure by a legacy host (100) connected to a moving network (101). The method comprises registering a local IP address or temporary Host Identity Tag of the legacy host (100) with a rendezvous server (111) together with an IP address of a Host Identity Protocol proxy (102) within said moving network, and using the registered IP address or temporary Host Identity Tag at the rendezvous server to forward received I1 packets to the Host Identity Protocol proxy.

Abstract: In order to delegate location update signaling responsibility from a Mobile Node to a Mobile Router, the Mobile Router is provided with a second symmetric key generated by a Mobile Node using a first symmetric key shared between the Mobile Node and a Peer Node. The Mobile Router is additionally provided with a “certificate” authenticating the second symmetric key using the first symmetric key. In this way, the mobile router can sign location update related messages sent to the Peer Node with the second symmetric key, and can provide the Peer Node with the certificate in order to allow the Peer Node to authenticate the right of the Mobile Router to act on behalf of the Mobile Node.

Abstract: A method of handling mobility-related signaling in a communications system comprising a mobile node, a mobile router, and a peer node. The method comprises providing the mobile router with a delegation certificate that is cryptographically signed by or on behalf of the mobile node. At the mobile router, a mobility-related signaling exchange is initiated with the peer node on behalf of the mobile node, the mobile router providing to the peer node within this exchange, said delegation certificate or an identification of the certificate, and a sequence number associated with the certificate. At the peer node, the received sequence number is compared with a sequence number maintained by the peer node in respect of the delegation certificate, and the exchange authorised in dependence upon the result of the comparison.