Patents by Inventor John Nasielski
John Nasielski has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11729619Abstract: Aspects of the present disclosure provide for a security model for enabling multiple connectivity and service contexts while sharing a single connectivity context to establish a network connection. A context (e.g., connectivity context, service context, security context) is a set of information describing the connectivity, service, or security established between two or more entities. The connectivity context and service context may be established at different network nodes or entities. In one aspect of the disclosure, a connectivity context includes an Evolved Packet System (EPS) Mobility Management (EMM) context or both an EMM context and an EPS Session Management (ESM) context.Type: GrantFiled: January 3, 2022Date of Patent: August 15, 2023Assignee: QUALCOMM IncorporatedInventors: Soo Bum Lee, Stefano Faccin, Gavin Bernard Horn, John Nasielski, Lenaig Genevieve Chaponniere
-
Efficient policy enforcement for downlink traffic using network access tokens—control-plane approach
Patent number: 11290382Abstract: A gateway device detects a trigger associated with a device and, in response, identifies an application service associated with the device, obtains a traffic network policy associated with the application service, and obtains a network access token based on the traffic network policy. The network access token facilitates validating and/or mapping a downlink data packet obtained at the gateway device in user-plane traffic that is destined for the device. The network access token is sent to an entity in control-plane signaling. Subsequently, the gateway device obtains a downlink data packet including the network access token. The gateway device verifies the network access token and/or maps the downlink data packet to the device using data obtained from the network access token. The network access token may be removed from the downlink data packet before the downlink data packet is sent to the device according to the mapping.Type: GrantFiled: May 16, 2019Date of Patent: March 29, 2022Assignee: QUALCOMM IncorporatedInventors: Soo Bum Lee, Gavin Bernard Horn, John Nasielski, Stefano Faccin -
Patent number: 11265712Abstract: One aspect relates to initiating, by a device, a connection with an application server associated with one or more application services. A gateway derives an uplink network token and/or a downlink network token. The tokens are provisioned to the device and/or an application server over the user-plane. The tokens are included with uplink and/or downlink packets, respectively. Another aspect relates to receiving a data packet at a gateway. The gateway determines a requirement for a network token from the packet. The gateway derives the network token based on a device subscription profile maintained by a network. The network token may be sent with the packet to a destination address associated with the packet. A packet including a network token may be received at a gateway. The gateway may verify the network token and send the data packet to an application server or a device if the verifying is successful.Type: GrantFiled: July 23, 2019Date of Patent: March 1, 2022Assignee: QUALCOMM IncorporatedInventors: Soo Bum Lee, Gavin Bernard Horn, John Nasielski, Stefano Faccin
-
Patent number: 11234126Abstract: Aspects of the present disclosure provide for a security model for enabling multiple connectivity and service contexts while sharing a single connectivity context to establish a network connection. A context (e.g., connectivity context, service context, security context) is a set of information describing the connectivity, service, or security established between two or more entities. The connectivity context and service context may be established at different network nodes or entities. In one aspect of the disclosure, a connectivity context includes an Evolved Packet System (EPS) Mobility Management (EMM) context or both an EMM context and an EPS Session Management (ESM) context.Type: GrantFiled: February 19, 2016Date of Patent: January 25, 2022Assignee: QUALCOMM IncorporatedInventors: Soo Bum Lee, Stefano Faccin, Gavin Bernard Horn, John Nasielski, Lenaig Genevieve Chaponniere
-
Patent number: 11006274Abstract: Systems and techniques enable an improved network selection procedure. Providers maintain preferred networks lists provisioned to UEs. The preferred networks lists include WLAN RATs, and for each entry coverage area and type of supported services. UEs include multiple credentials for connectivity via providers and potentially multiple transceivers supporting multiple active services. A UE triggers a network selection procedure whenever a new service is initiated. A credential is selected. The UE builds a list of network/RAT combinations from preferred networks lists and filters this list, removing entries that do not support the new service. The UE takes the context of the UE into consideration, further filtering the list. The remaining entries are scanned and a network/RAT combination selected. The UE determines whether registering with the selected network/RAT combination causes an interruption to an ongoing service. If not, the UE registers on the selection.Type: GrantFiled: November 23, 2016Date of Patent: May 11, 2021Assignee: Qualcomm IncorporatedInventors: Lenaig Genevieve Chaponniere, Gavin Bernard Horn, Stefano Faccin, John Nasielski, Soo Bum Lee
-
Patent number: 10736028Abstract: Techniques are described using network slice information to negotiate and select network services by determining a set of desired required network provided functionalities; identifying a set of network slices providing one or more of the functionalities in the set of required functionalities; and communicating, to a network, a slice identifier for each slice in the set of the identified network slices.Type: GrantFiled: March 15, 2018Date of Patent: August 4, 2020Assignee: QUALCOMM IncorporatedInventors: Miguel Griot, Gavin Bernard Horn, John Nasielski, Santosh Abraham
-
Patent number: 10505850Abstract: One aspect relates to initiating, by a device, a connection with an application server associated with one or more application services. A gateway derives an uplink network token and/or a downlink network token. The tokens are provisioned to the device and/or an application server over the user-plane. The tokens are included with uplink and/or downlink packets, respectively. Another aspect relates to receiving a data packet at a gateway. The gateway determines a requirement for a network token from the packet. The gateway derives the network token based on a device subscription profile maintained by a network. The network token may be sent with the packet to a destination address associated with the packet. A packet including a network token may be received at a gateway. The gateway may verify the network token and send the data packet to an application server or a device if the verifying is successful.Type: GrantFiled: September 25, 2015Date of Patent: December 10, 2019Assignee: QUALCOMM IncorporatedInventors: Soo Bum Lee, Gavin Bernard Horn, John Nasielski, Stefano Faccin
-
Publication number: 20190349306Abstract: One aspect relates to initiating, by a device, a connection with an application server associated with one or more application services. A gateway derives an uplink network token and/or a downlink network token. The tokens are provisioned to the device and/or an application server over the user-plane. The tokens are included with uplink and/or downlink packets, respectively. Another aspect relates to receiving a data packet at a gateway. The gateway determines a requirement for a network token from the packet. The gateway derives the network token based on a device subscription profile maintained by a network. The network token may be sent with the packet to a destination address associated with the packet. A packet including a network token may be received at a gateway. The gateway may verify the network token and send the data packet to an application server or a device if the verifying is successful.Type: ApplicationFiled: July 23, 2019Publication date: November 14, 2019Inventors: Soo Bum LEE, Gavin Bernard HORN, John NASIELSKI, Stefano FACCIN
-
Publication number: 20190273688Abstract: A gateway device detects a trigger associated with a device and, in response, identifies an application service associated with the device, obtains a traffic network policy associated with the application service, and obtains a network access token based on the traffic network policy. The network access token facilitates validating and/or mapping a downlink data packet obtained at the gateway device in user-plane traffic that is destined for the device. The network access token is sent to an entity in control-plane signaling. Subsequently, the gateway device obtains a downlink data packet including the network access token. The gateway device verifies the network access token and/or maps the downlink data packet to the device using data obtained from the network access token. The network access token may be removed from the downlink data packet before the downlink data packet is sent to the device according to the mapping.Type: ApplicationFiled: May 16, 2019Publication date: September 5, 2019Inventors: Soo Bum LEE, Gavin Bernard HORN, John NASIELSKI, Stefano FACCIN
-
Patent number: 10251114Abstract: Local IP access is provided in a wireless network to facilitate access to one or more local services. In some implementations, different IP interfaces are used for accessing different services (e.g., local services and operator network services). A list that maps packet destinations to IP interfaces may be employed to determine which IP interface is to be used for sending a given packet. In some implementations an access point provides a proxy function (e.g., a proxy ARP function) for an access terminal. In some implementations an access point provides an agent function (e.g., a DHCP function) for an access terminal. NAT operations may be performed at an access point to enable the access terminal to access local services. In some aspects, an access point may determine whether to send a packet from an access terminal via a protocol tunnel based on the destination of the packet.Type: GrantFiled: August 25, 2014Date of Patent: April 2, 2019Assignee: QUALCOMM IncorporatedInventors: Peerapol Tinnakornsrisuphap, Fatih Ulupinar, John Nasielski, Jun Wang, Parag Agashe, Rajarshi Gupta, Ramin Rezaiifar
-
Publication number: 20180270744Abstract: Techniques are described using network slice information to negotiate and select network services by determining a set of desired required network provided functionalities; identifying a set of network slices providing one or more of the functionalities in the set of required functionalities; and communicating, to a network, a slice identifier for each slice in the set of the identified network slices.Type: ApplicationFiled: March 15, 2018Publication date: September 20, 2018Inventors: Miguel GRIOT, Gavin Bernard HORN, John NASIELSKI, Santosh ABRAHAM
-
Patent number: 9839061Abstract: The disclosure relates in some aspects to the establishment, discovery, and creation of virtual wireless communication networks. A device can create a virtual wireless communication network with a serving mobile network operator (MNO), e.g., via a service provider, and provide information regarding connectivity to the virtual wireless communication network. Provided information can include, without limitation, restricted access to content and uploaded specific content. The disclosure also relates in some aspects to enabling a network to configure access and policing entities to support a virtual wireless communication network.Type: GrantFiled: February 20, 2015Date of Patent: December 5, 2017Inventors: Stefano Faccin, Gavin Horn, John Nasielski
-
Publication number: 20170171752Abstract: A method, operational at a radio access network (RAN) node, is provided for establishing a secure interface with a service network node. A service registration request is received from a client device. A service network associated with the connectivity network is determined or ascertained, wherein the service network node operates within the service network. The service registration request is forwarded to a connectivity network node within the connectivity network. A secure connection is then established with a service network node via the connectivity network node. Communications between the radio access network node and the client device may then be secured based on the key.Type: ApplicationFiled: September 23, 2016Publication date: June 15, 2017Inventors: Soo Bum Lee, Stefano Faccin, Gavin Bernard Horn, John Nasielski, Lenaig Chaponniere
-
Publication number: 20170156174Abstract: Systems and techniques enable an improved network selection procedure. Providers maintain preferred networks lists provisioned to UEs. The preferred networks lists include WLAN RATs, and for each entry coverage area and type of supported services. UEs include multiple credentials for connectivity via providers and potentially multiple transceivers supporting multiple active services. A UE triggers a network selection procedure whenever a new service is initiated. A credential is selected. The UE builds a list of network/RAT combinations from preferred networks lists and filters this list, removing entries that do not support the new service. The UE takes the context of the UE into consideration, further filtering the list. The remaining entries are scanned and a network/RAT combination selected. The UE determines whether registering with the selected network/RAT combination causes an interruption to an ongoing service. If not, the UE registers on the selection.Type: ApplicationFiled: November 23, 2016Publication date: June 1, 2017Inventors: LENAIG CHAPONNIERE, GAVIN BERNARD HORN, STEFANO FACCIN, JOHN NASIELSKI, SOO BUM LEE
-
Publication number: 20170142587Abstract: Aspects of the present disclosure provide for a security model for enabling multiple connectivity and service contexts while sharing a single connectivity context to establish a network connection. A context (e.g., connectivity context, service context, security context) is a set of information describing the connectivity, service, or security established between two or more entities. The connectivity context and service context may be established at different network nodes or entities. In one aspect of the disclosure, a connectivity context includes an Evolved Packet System (EPS) Mobility Management (EMM) context or both an EMM context and an EPS Session Management (ESM) context.Type: ApplicationFiled: February 19, 2016Publication date: May 18, 2017Inventors: Soo Bum Lee, Stefano Faccin, Gavin Bernard Horn, John Nasielski, Lenaig Genevieve Chaponniere
-
Publication number: 20170111755Abstract: Systems and methods for control and triggering of machine to machine (M2M) devices (e.g., smart meters). More specifically how to allow an M2M service provider (e.g., utility company) to use an operator's network to communicate with the M2M device connected with a UE/GW associated with the operator's network. The M2M service provider may receive identification of the UE/GW, but not for the M2M device. By transmitting an identifier for the M2M device along with an identifier for the UE/GW, the network operator may define establish and maintain a communication path specific to M2M devices. Similar techniques may be incorporated to allow the M2M service provider to locate and trigger the M2M device.Type: ApplicationFiled: October 28, 2016Publication date: April 20, 2017Inventors: GEORGE CHERIAN, Jun Wang, Anand Palanigounder, John Nasielski
-
Publication number: 20160248682Abstract: One aspect relates to initiating, by a device, a connection with an application server associated with one or more application services. A gateway derives an uplink network token and/or a downlink network token. The tokens are provisioned to the device and/or an application server over the user-plane. The tokens are included with uplink and/or downlink packets, respectively. Another aspect relates to receiving a data packet at a gateway. The gateway determines a requirement for a network token from the packet. The gateway derives the network token based on a device subscription profile maintained by a network. The network token may be sent with the packet to a destination address associated with the packet. A packet including a network token may be received at a gateway. The gateway may verify the network token and send the data packet to an application server or a device if the verifying is successful.Type: ApplicationFiled: September 25, 2015Publication date: August 25, 2016Inventors: Soo Bum Lee, Gavin Bernard Horn, John Nasielski, Stefano Faccin
-
Publication number: 20160073441Abstract: The disclosure relates in some aspects to the establishment, discovery, and creation of virtual wireless communication networks. A device can create a virtual wireless communication network with a serving mobile network operator (MNO), e.g., via a service provider, and provide information regarding connectivity to the virtual wireless communication network. Provided information can include, without limitation, restricted access to content and uploaded specific content. The disclosure also relates in some aspects to enabling a network to configure access and policing entities to support a virtual wireless communication network.Type: ApplicationFiled: February 20, 2015Publication date: March 10, 2016Inventors: Stefano Faccin, Gavin Horn, John Nasielski
-
Publication number: 20140362773Abstract: Local IP access is provided in a wireless network to facilitate access to one or more local services. In some implementations, different IP interfaces are used for accessing different services (e.g., local services and operator network services). A list that maps packet destinations to IP interfaces may be employed to determine which IP interface is to be used for sending a given packet. In some implementations an access point provides a proxy function (e.g., a proxy ARP function) for an access terminal. In some implementations an access point provides an agent function (e.g., a DHCP function) for an access terminal. NAT operations may be performed at an access point to enable the access terminal to access local services. In some aspects, an access point may determine whether to send a packet from an access terminal via a protocol tunnel based on the destination of the packet.Type: ApplicationFiled: August 25, 2014Publication date: December 11, 2014Inventors: Peerapol Tinnakornsrisuphap, Fatih Ulupinar, John Nasielski, Jun Wang, Parag Agashe, Rajarshi Gupta, Ramin Rezaiifar
-
Publication number: 20080008157Abstract: Techniques for performing registration in parallel with call establishment to reduce delay are described. A user equipment (UE) performs registration with a communication network, e.g., in response to a user placing an emergency call. The UE establishes the call in parallel with performing registration. The UE updates the call with information (e.g., verified UE identity and/or call back information) obtained from the registration by sending the information to a called entity/party such as a Public Safety Answering Point (PSAP) selected for the emergency call. The UE sends a first message to initiate registration, a second message to initiate establishment of the call, and a third message to update the call with the information obtained from the registration. The established call may be associated with the registration based on a common source IP address in the first, second and third messages and common dialogue information in the second and third messages.Type: ApplicationFiled: July 5, 2007Publication date: January 10, 2008Inventors: Stephen Edge, Arungundram Mahendran, John Nasielski, Kirk Burroughs