Patents by Inventor Miika KOMU
Miika KOMU has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11652693Abstract: The present disclosure relates to a method for anchoring an edge cloud to a central cloud, the method being performed in a cloud environment comprising a central cloud and an edge cloud, the method comprising obtaining (S238, S310), by a connectivity controller of an edge cloud, an address of an anchoring registry of a central cloud; sending (S240, S312), by the connectivity controller, to the anchoring registry, information about networking configuration of the edge cloud; setting up (S246, S314), by an orchestrator of the central cloud, a virtual private network, VPN, service in the central cloud; requesting (S248, S316), by the orchestrator of the central cloud, edge VPN configuration information from the central VPN service, based on the information about networking configuration of the edge cloud; sending (S252, S318), by the anchoring registry, the edge VPN configuration information, to an orchestrator of the edge cloud; creating (S258, S320), by an orchestrator of the edge cloud, an edge VPN service, bType: GrantFiled: September 4, 2019Date of Patent: May 16, 2023Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)Inventors: Miljenko Opsenica, Tero Kauppinen, Miika Komu, Timo Simanainen
-
Patent number: 11502944Abstract: It is presented a method for configuring a network path. The method is performed in a routing control device of a software defined network and comprises the steps of: receiving a first node packet originating from a first node of the software defined network, the first node packet forming part of an ARP exchange between an ARP requester and an ARP responder, the first node packet comprising a request for network properties encoded in a first address; determining a network path through the software defined network; changing a source address of a packet to the ARP requester to be a second address; configuring all switches forming part of the network path, to route packets in accordance with the network path; and configuring an edge switch to replace, for all packets having a destination address being equal to the second address, the destination address with an address of the ARP responder.Type: GrantFiled: June 7, 2018Date of Patent: November 15, 2022Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)Inventors: Alireza Ranjbar, Patrik Salmela, Miika Komu
-
Publication number: 20220294698Abstract: The present disclosure relates to a method for anchoring an edge cloud to a central cloud, the method being performed in a cloud environment comprising a central cloud and an edge cloud, the method comprising obtaining (S238, S310), by a connectivity controller of an edge cloud, an address of an anchoring registry of a central cloud; sending (S240, S312), by the connectivity controller, to the anchoring registry, information about networking configuration of the edge cloud; setting up (S246, S314), by an orchestrator of the central cloud, a virtual private network, VPN, service in the central cloud; requesting (S248, S316), by the orchestrator of the central cloud, edge VPN configuration information from the central VPN service, based on the information about networking configuration of the edge cloud; sending (S252, S318), by the anchoring registry, the edge VPN configuration information, to an orchestrator of the edge cloud; creating (S258, S320), by an orchestrator of the edge cloud, an edge VPN service, bType: ApplicationFiled: September 4, 2019Publication date: September 15, 2022Inventors: Miljenko Opsenica, Tero Kauppinen, Miika Komu, Timo Simanainen
-
Publication number: 20220210160Abstract: A method for operating a system hosted on a mobile entity is disclosed, wherein the system is operable to connect to a communication network. The method, performed by a controller of the system, comprises seeking to establish a trust relationship with a cooperating system hosted on a mobile entity, and, if a trust relationship with the cooperating system is established, performing at least one of: initiating use of a resource provided by the cooperating system, or initiating provision of a resource for use by the cooperating system. Also disclosed is a method for operating a function comprising a digital representative of a system hosted on a mobile entity, wherein the system is operable to connect to a communication network.Type: ApplicationFiled: April 30, 2019Publication date: June 30, 2022Applicant: Telefonaktiebolaget LM Ericsson (publ)Inventors: Miljenko OPSENICA, Patrik SALMELA, Roberto MORABITO, Edgar RAMOS, Tero KAUPPINEN, Miika KOMU
-
Patent number: 11356376Abstract: Embodiments herein relate to a method performed by a network controller node (130) in a data processing network (100) for enabling routing of data flows to or from a service (150) in the data processing network (100). The network controller node (130) receives information indicating network requirements on the data processing network (100) by a service (150) to be initiated in the data processing network (100). Also, the network controller node (130) determines a network identifier for the service (150) in the data processing network (100) based on the obtained network requirements. Embodiments herein also relate to a method performed by a resource controller node (140) in a data processing network (100) for enabling routing of data flows to or from a service (150) in the data processing network (100). The resource controller node (140) obtains information indicating network requirements on the data processing network (100) by a service (150) to be initiated in the data processing network (100).Type: GrantFiled: March 12, 2018Date of Patent: June 7, 2022Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)Inventors: Miika Komu, Alireza Ranjbar, Patrik Salmela
-
Patent number: 11329988Abstract: There is provided mechanisms for handling access to a service in a network. A method is performed by a network controller. The method comprises obtaining an indication of the service is accessible in the network. The indication is received from a network switch operatively connecting a server of the service to the network. The indication causes a timer to start. The method comprises obtaining an indication of a client requesting to access the service. The indication is received from the network switch. The method comprises recording, only when the timer has not yet expired, identity information of the client in an access control list. The method comprises providing the access control list at least to the network switch upon expiration of the timer.Type: GrantFiled: June 28, 2017Date of Patent: May 10, 2022Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)Inventors: Miika Komu, Alireza Ranjbar, Patrik Salmela
-
Patent number: 11303636Abstract: Using an authentication server to program network elements, such as a network node, in accordance with software-defined networking techniques in order to establish a traffic flow rule for a communication device or user of the communication device. After successfully authenticating a communication device or user, the authentication server and/or network node may use an identifier received at the authentication server in connection with the authentication procedure in order to obtain a traffic flow rule for the communication device. The traffic flow rule may be established at the network node or forwarded to a second network node configured to receive network packets from the communication device. The first identifier may be any one of a user identifier identifying a user, an application identifier identifying an application, and a device identifier unique to the communication device.Type: GrantFiled: August 28, 2015Date of Patent: April 12, 2022Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)Inventors: Heidi-Maria Back, Jari Arkko, Tero Kauppinen, Jimmy Kjällman, Miika Komu, Tomas Mecklin, Patrik Salmela, Mohit Sethi, Le Wang
-
Patent number: 11296878Abstract: There is provided mechanisms for updating a private key of a host entity. The private key is based on parameters negotiated between the host entity and a key issuer. The host entity further has a group public key that is generated by the key issuer and associated with the private key. A method is performed by the host entity. The method comprises obtaining a need to acquire a new private key. The method comprises, in response thereto, performing a private key update procedure with the key issuer using the public key and the current private key, wherein parameters for the new private key are negotiated with the key issuer. The method comprises generating the new private key using the negotiated parameters.Type: GrantFiled: February 8, 2017Date of Patent: April 5, 2022Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)Inventors: Patrik Salmela, Miika Komu, Alireza Ranjbar
-
Publication number: 20210328993Abstract: There is provided mechanisms for handling access to a service in a network. A method is performed by a network controller. The method comprises obtaining an indication of the service is accessible in the network. The indication is received from a network switch operatively connecting a server of the service to the network. The indication causes a timer to start. The method comprises obtaining an indication of a client requesting to access the service. The indication is received from the network switch. The method comprises recording, only when the timer has not yet expired, identity information of the client in an access control list. The method comprises providing the access control list at least to the network switch upon expiration of the timer.Type: ApplicationFiled: June 28, 2017Publication date: October 21, 2021Applicant: Telefonaktiebolaget LM Ericsson (publ)Inventors: Miika KOMU, Alireza RANJBAR, Patrik SALMELA
-
Publication number: 20210184964Abstract: It is presented a method for configuring a network path. The method is performed in a routing control device of a software defined network and comprises the steps of: receiving a first node packet originating from a first node of the software defined network, the first node packet forming part of an ARP exchange between an ARP requester and an ARP responder, the first node packet comprising a request for network properties encoded in a first address; determining a network path through the software defined network; changing a source address of a packet to the ARP requester to be a second address; configuring all switches forming part of the network path, to route packets in accordance with the network path; and configuring an edge switch to replace, for all packets having a destination address being equal to the second address, the destination address with an address of the ARP responder.Type: ApplicationFiled: June 7, 2018Publication date: June 17, 2021Inventors: Alireza Ranjbar, Patrik Salmela, Miika Komu
-
Publication number: 20210135864Abstract: There is provided mechanisms for updating a private key of a host entity. The private key is based on parameters negotiated between the host entity and a key issuer. The host entity further has a group public key that is generated by the key issuer and associated with the private key. A method is performed by the host entity. The method comprises obtaining a need to acquire a new private key. The method comprises, in response thereto, performing a private key update procedure with the key issuer using the public key and the current private key, wherein parameters for the new private key are negotiated with the key issuer. The method comprises generating the new private key using the negotiated parameters.Type: ApplicationFiled: February 8, 2017Publication date: May 6, 2021Applicant: Telefonaktiebolaget LM Ericsson (publ)Inventors: Patrik SALMELA, Miika KOMU, Alireza RANJBAR
-
Patent number: 10931654Abstract: A method in a network node of a communication network configured to manage command messages from at least one Machine Type Communication, MTC, device manager intended for an MTC device, comprises receiving command messages from the at least one MTC device manager, step (201). One or more command messages are merged into an MTC device message that comprises at least one command message, step (203). Originator information is associated with each command message in the MTC device message, step (205). The MTC device message is sent to an MTC device. The network node may further perform the steps of receiving an MTC device message from an MTC device, the MTC device message comprising at least one response message, step (301).Type: GrantFiled: December 19, 2014Date of Patent: February 23, 2021Assignee: Telefonaktiebolaget LM Ericsson (Publ)Inventors: Patrik Salmela, Nicklas Beijar, Domenico D'Ambrosio, Jaime Jiménez, Miika Komu, Oscar Novo Diaz, Mert Ocak
-
Publication number: 20210044532Abstract: Embodiments herein relate to a method performed by a network controller node (130) in a data processing network (100) for enabling routing of data flows to or from a service (150) in the data processing network (100). The network controller node (130) receives information indicating network requirements on the data processing network (100) by a service (150) to be initiated in the data processing network (100). Also, the network controller node (130) determines a network identifier for the service (150) in the data processing network (100) based on the obtained network requirements. Embodiments herein also relate to a method performed by a resource controller node (140) in a data processing network (100) for enabling routing of data flows to or from a service (150) in the data processing network (100). The resource controller node (140) obtains information indicating network requirements on the data processing network (100) by a service (150) to be initiated in the data processing network (100).Type: ApplicationFiled: March 12, 2018Publication date: February 11, 2021Inventors: Miika Komu, Alireza Ranjbar, Patrik Salmela
-
Patent number: 10869172Abstract: A method performed by a machine-to-machine, M2M, server for managing communication with a M2M device is disclosed. The method comprising configuring the M2M device with a finite number of predetermined states and predetermined transitions for moving the M2M device into one of its predetermined states, and sending a message to the M2M device for executing at least one of the predetermined transitions.Type: GrantFiled: September 18, 2015Date of Patent: December 15, 2020Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)Inventors: Oscar Novo Diaz, Nicklas Beijar, Jaime Jiménez, Tero Kauppinen, Jimmy Kjällman, Miika Komu, Petri Jokela, Jan Melén, Roberto Morabito, Mert Ocak, Maria Ines Robles, Mohit Sethi
-
Patent number: 10623504Abstract: A relay module (30) for use in a lightweight machine to machine (LWM2M) communication network comprises a first interface module (31) for interfacing with one or more server devices, and a second interface module (33) for interfacing with a plurality of client devices. A processing unit (35) is adapted to establish at least one group object instance, wherein each group object instance is used to control communication between a server device and a group of client devices.Type: GrantFiled: October 22, 2014Date of Patent: April 14, 2020Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)Inventors: Oscar Novo Diaz, Nicklas Beijar, Domenico D'Ambrosio, Jaime Jiménez, Miika Komu, Mert Ocak, Patrik Salmela
-
Patent number: 10313397Abstract: The disclosure relates to a method for access control of a data flow in a software defined networking system. The method includes receiving a first packet associated with a first data flow between a client node and a server node, verifying authentication of the first packet, repeating the receiving and verifying for a number of subsequent packets of the first data flow, wherein the number of subsequent packets is set based on type of protocol used for the first data flow and/or a policy set in the controller device, and sending, to an intermediate node along a path of the first data flow, a respective verification message for each successfully verified authentication of the first packet and any subsequent packets, allowing the first packet and any subsequent packets of the first data flow for forwarding.Type: GrantFiled: April 10, 2015Date of Patent: June 4, 2019Assignee: Telefonaktiebolaget LM Ericsson (PUBL)Inventors: Miika Komu, Tero Kauppinen, Alireza Ranjbar, Patrik Salmela
-
Publication number: 20190028475Abstract: Embodiments are directed to using an authentication server (140) to program and reprogram network elements, such as a network node (150), in accordance with software-defined networking techniques in order to establish a traffic flow rule for a communication device (110) or user of the communication device (110). After successfully authenticating a communication device (110) or user, the authentication server (140) and/or network node (150) may use an identifier received at the authentication server (140) in connection with the authentication procedure in order to obtain a traffic flow rule for the communication device (110). The traffic flow rule may be established at the network node (140) or forwarded to a second network node configured to receive network packets from the communication device (110). The first identifier may be any one of a user identifier identifying a user, an application identifier identifying an application, and a device identifier unique to the communication device (110).Type: ApplicationFiled: August 28, 2015Publication date: January 24, 2019Applicant: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)Inventors: Heidi-Maria BACK, Jari ARKKO, Tero KAUPPINEN, Jimmy KJÄLLMAN, Miika KOMU, Tomas MECKLIN, Patrik SALMELA, Mohit SETHI, Le WANG
-
Publication number: 20180279099Abstract: A method performed by a machine-to-machine, M2M, server for managing communication with a M2M device is disclosed. The method comprising configuring the M2M device with a finite number of predetermined states and predetermined transitions for moving the M2M device into one of its predetermined states, and sending a message to the M2M device for executing at least one of the predetermined transitions.Type: ApplicationFiled: September 18, 2015Publication date: September 27, 2018Applicant: Telefonaktiebolaget LM Ericsson (Publ)Inventors: Oscar NOVO DIAZ, Nicklas BEIJAR, Jaime JIMÉNEZ, Tero KAUPPINEN, Jimmy KJÄLLMAN, Miika KOMU, Petri JOKELA, Jan MELÉN, Roberto MORABITO, Mert OCAK, Maria Ines ROBLES, Mohit SETHI
-
Publication number: 20180091557Abstract: The disclosure relates to a method for access control of a data flow in a software defined networking system. The method includes is performed in a controller device and comprises: receiving a first packet associated with a first data flow between a client node and a server node, verifying, based on flow attributes authentication of the first packet, repeating the receiving and verifying for a number of subsequent packets of the first data flow, wherein the number of subsequent packets is set based on type of protocol used for the first data flow and/or a policy set in the controller device, and sending, to an intermediate node along a path of the first data flow, a respective verification message for each successfully verified authentication of the first packet and any subsequent packets, allowing the first packet and any subsequent packets of the first data flow for forwarding.Type: ApplicationFiled: April 10, 2015Publication date: March 29, 2018Inventors: Miika KOMU, Tero KAUPPINEN, Alireza RANJBAR,, Patrik SALMELA,
-
Publication number: 20170324741Abstract: A method in a network node of a communication network configured to manage command messages from at least one Machine Type Communication, MTC, device manager intended for an MTC device, comprises receiving command messages from the at least one MTC device manager, step (201). One or more command messages are merged into an MTC device message that comprises at least one command message, step (203). Originator information is associated with each command message in the MTC device message, step (205). The MTC device message is sent to an MTC device. The network node may further perform the steps of receiving an MTC device message from an MTC device, the MTC device message comprising at least one response message, step (301).Type: ApplicationFiled: December 19, 2014Publication date: November 9, 2017Applicant: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)Inventors: Patrik SALMELA, Nicklas BEIJAR, Domenico D'AMBROSIO, Jaime JIMÉNEZ, Miika KOMU, Oscar NOVO DIAZ, Mert OCAK