Patents by Inventor Mohamed Khalil
Mohamed Khalil has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 8713637Abstract: The invention consists of a new registration and authentication protocol for between a Mobile Node and a Home Agent. The new protocol uses a novel messaging sequence to request registration, authentication and authorization of the Mobile Node when it is located on a foreign network, and the novel protocol will avoid some of the standard registration and authentication protocol messages in order to eliminate the problems associated with re-transmission errors.Type: GrantFiled: August 12, 2008Date of Patent: April 29, 2014Assignee: Apple Inc.Inventors: Mohamed Khalil, Ahmad Muhanna, Haseeb Akhtar
-
Publication number: 20140090048Abstract: The present invention supports a communication protocol for transmission of information packets between a mobile node and a virtual private network. Information packets are encapsulated and decapsulated along the route as the information packet is forwarded among the various networks on its path to the destination address; either the mobile node on a foreign network or a correspondence node on a virtual private network. A home agent on the virtual private network supports transmitting the information packets, and the information packets are transmitted from the virtual private network from the home agent or a virtual private network gateway.Type: ApplicationFiled: November 25, 2013Publication date: March 27, 2014Applicant: Apple Inc.Inventors: Mohamed Khalil, Ahmad Muhanna
-
Publication number: 20140079019Abstract: Various embodiments are described to assist in reducing handoff delays and the blackout period(s) associated with inter AN (access network) hard handoffs. The hard handoff procedure of method disclosed herein establishes or initiates a connection (A10-type connection) between a target AN and a packet data serving node (PDSN), unlike known hard handoff approaches that wait until traffic channel assignment to establish or initiate such connection. The PDSN may optionally bicast data packets to both the source and target ANs since each is communicatively coupled to the PDSN during a given time period. In the event bicasting is unavailable or unused, a communication tunnel between the source and target ANs may be created and used to transmit data packets between them.Type: ApplicationFiled: November 9, 2012Publication date: March 20, 2014Applicant: Microsoft CorporationInventors: Mohamed Khalil, Haseeb Akhtar
-
Publication number: 20140071898Abstract: Various embodiments are described for Point-to-Point Protocol-free (PPP-free) access and service authentication in a wireless network. An HRPD connection/session is established between an access terminal and the access network. Instead of setting up a PPP session and performing access (i.e., device access) authentication and service authentication using PPP, the Extensible Authentication Protocol (EAP) is utilized.Type: ApplicationFiled: November 18, 2013Publication date: March 13, 2014Applicant: Microsoft CorporationInventors: Mohamed Khalil, Haseeb Akhtar
-
Patent number: 8615658Abstract: Utilizing the AAA infrastructure to dynamically allocate the various parameters needed to establish the security association between the Foreign Agent and the Home Agent. The present invention uses the AAA server as a central entity to dynamically generate and distribute the chosen security association parameters needed to support the Foreign Agent and Home Agent security association based on a request from the Foreign Agent. The AAA server can also dynamically assigns a unique SPI value to the Foreign Agent and Home Agent pairs. The various parameters that can be allocated in the present invention include a FA-HA shared secret key or a public/private key pair, an authentication algorithm and mode, a FA-HA secret key lifetime, and security parameter index or security index values. The present invention also can assist in making sure that the Foreign Agent and the Home Agent stay synchronized with respect to their security association.Type: GrantFiled: January 17, 2013Date of Patent: December 24, 2013Assignee: Apple Inc.Inventors: Ahmad Muhanna, Mohamed Khalil
-
Publication number: 20130331088Abstract: The claimed subject matter is directed to defining a framework that enables wireless communicability between base stations for maintenance and configuration purposes, even while disconnected from an operator network, and/or deployed in the field. Embodiments are particularly applicable in the cases of small-cell base transceiver stations deployed in inconvenient, secluded, elevated and/or difficult to reach locations. The small cell base transceiver station is operable to communicate wirelessly to wireless terminals and mobile computing devices by emulating select functionality from dedicated components in an operator network.Type: ApplicationFiled: June 8, 2012Publication date: December 12, 2013Inventors: Mohamed KHALIL, Baoling S. SHEEN, James MATHEW, Chin CHIU
-
Publication number: 20130333001Abstract: Various embodiments describe an authentication protocol for the Home Agent to authenticate and authorize the Mobile Node's Binding Update message. Two new mobility options compatible with RADIUS AAA are used to exchange a shared secret between the Home Agent and the Mobile Node so the Mobile Node can be authenticated. A Mobile Node-AAA authenticator option is added to the Binding Update message. The Home Agent generates the Mobile Node-AAA authenticator as a shared secret that it communicates as authentication data to the RADIUS AAA server on the home network. The RADIUS AAA server authenticates the communication and generates an Access-Accept message with a Mobile Node-Home Agent authenticator option. After receipt at the Home Agent, a Binding Update message with the Mobile Node-Home Agent authenticator option is transmitted from the Home Agent to the Mobile Node to use as an authenticator.Type: ApplicationFiled: August 15, 2013Publication date: December 12, 2013Applicant: Microsoft CorporationInventors: Mohamed Khalil, Haseeb Akhtar, Kuntal Chowdhury
-
Patent number: 8594024Abstract: The present invention supports a communication protocol for transmission of information packets between a mobile node and a virtual private network. Information packets are encapsulated and decapsulated along the route as the information packet is forwarded among the various networks on its path to the destination address; either the mobile node on a foreign network or a correspondence node on a virtual private network. A home agent on the virtual private network supports transmitting the information packets, and the information packets are transmitted from the virtual private network from the home agent or a virtual private network gateway.Type: GrantFiled: March 21, 2012Date of Patent: November 26, 2013Assignee: Apple Inc.Inventors: Mohamed Khalil, Ahmad Muhanna
-
Publication number: 20130308538Abstract: Embodiments provide techniques for mobile route optimization authentication protocols. Embodiments allow for system control over whether route optimization is allowed or not allowed. A conditional allowance of route optimization solves several billing and security issues by allowing the system to impose appropriate charges for the route optimization feature or prevent route optimization where message flow using care-of addressing can be monitored.Type: ApplicationFiled: July 29, 2013Publication date: November 21, 2013Applicant: Microsoft CorporationInventors: Ahmad Muhanna, Mohamed Khalil
-
Patent number: 8588741Abstract: Various embodiments are described for Point-to-Point Protocol-free (PPP-free) access and service authentication in a wireless network. An HRPD connection/session is established between an access terminal and the access network. Instead of setting up a PPP session and performing access (i.e., device access) authentication and service authentication using PPP, the Extensible Authentication Protocol (EAP) is utilized.Type: GrantFiled: September 29, 2006Date of Patent: November 19, 2013Assignee: Microsoft CorporationInventors: Mohamed Khalil, Haseeb Akhtar
-
Patent number: 8582534Abstract: The present invention solves the problems with a new proxy binding update request and proxy binding acknowledgement messages having new indicators and identification information. Namely, the home agent/local mobility anchor will exchange proxy binding update messages and proxy binding acknowledge messages that include information such as mobile node identification (MN-ID), home network prefix (HNP), but can also include selective information fields such as, access type, handover indicator (HO), and interface identification (interface ID). By including new access type, indicator, and identification information, the local mobility anchor can respond to a binding update request message with a better understanding of the new connectivity request from the mobile node.Type: GrantFiled: September 14, 2012Date of Patent: November 12, 2013Assignee: BlackBerry LimitedInventors: Ahmad Muhanna, Mohamed Khalil, Khosrow Saboorian
-
Patent number: 8576796Abstract: The present invention solves these problems with a new proxy binding update request and proxy binding acknowledgment messages having new indicators and identification information. Namely, the home agent/local mobility anchor will exchange proxy binding update messages and proxy binding acknowledge messages that include information such as mobile node identification (MN-ID), home network prefix (HNP), but can also include selective information fields such as, access type, handover indicator (HO), and interface identification (interface ID) By including new access type, indicator, and identification information, the local mobility anchor can respond to a binding update request message with a better understanding of the new connectivity request from the mobile node.Type: GrantFiled: October 9, 2008Date of Patent: November 5, 2013Assignee: BlackBerry LimitedInventors: Ahmad Muhanna, Mohamed Khalil, Khosrow Saboorian
-
Publication number: 20130290721Abstract: Provided is a method of providing secure communication between an initiator and a responder in a communication network. The method includes providing an encryption key for securing communications between an initiator and a responder in a communications network that includes the initiator generating an initiator Diffie-Hellman computed value, the initiator transmitting the initiator Diffie-Hellman computed value to the responder, the responder generating the encryption key and a responder Diffie-Hellman computed value, the responder transmitting the responder Diffie-Hellman computed value to the initiator, and the initiator generating the encryption key.Type: ApplicationFiled: June 28, 2013Publication date: October 31, 2013Inventors: Mohamed Khalil, Raja P. Narayanan, Haseeb Akhtar, Emad A. Qaddoura
-
Patent number: 8514851Abstract: The invention consists of an authentication protocol for the Home Agent to authenticate and authorize the Mobile Node's Binding Update message. Two new mobility options compatible with RADIUS AAA are used to exchange a shared secret between the Home Agent and the Mobile Node so the Mobile Node can be authenticated. A Mobile Node-AAA authenticator option is added to the Binding Update message. The Home Agent generates the Mobile Node-AAA authenticator as a shared secret that it communicates as authentication data to the RADIUS AAA server on the home network. The RADIUS AAA server authenticates the communication and generates an Access-Accept message with a Mobile Node-Home Agent authenticator option. After receipt at the Home Agent, a Binding Update message with the Mobile Node-Home Agent authenticator option is transmitted from the Home Agent to the Mobile Node to use as an authenticator.Type: GrantFiled: January 24, 2012Date of Patent: August 20, 2013Assignee: Microsoft CorporationInventors: Mohamed Khalil, Haseeb Akhtar, Kuntal Chowdhury
-
Patent number: 8505088Abstract: Provided is a method of providing secure communication between an initiator and a responder in a communication network. The method includes presenting a registration request with one or more proposals for dynamically establishing a security association between the initiator and the responder, and receiving a registration response indicating whether any of the one or more proposals have been accepted for the security association.Type: GrantFiled: August 24, 2009Date of Patent: August 6, 2013Assignee: Microsoft CorporationInventors: Mohamed Khalil, Raja P. Narayanan, Haseeb Akhtar, Emad A. Qaddoura
-
Patent number: 8499097Abstract: The invention consists of the invention consists of a new route optimization authentication protocol. The current Mobile IPv6 protocols do not allow for optional control over the use of route optimization. The present invention allows for system control over whether route optimization is allowed or not allowed. The conditional allowance of route optimization solves several billing and security issues by allowing the system to impose appropriate charges for the route optimization feature or prevent route optimization where message flow using care-of addressing can be monitored.Type: GrantFiled: February 28, 2012Date of Patent: July 30, 2013Assignee: Microsoft CorporationInventors: Ahmad Muhanna, Mohamed Khalil
-
Patent number: 8477729Abstract: The present invention solves these problems with a new proxy binding update request and proxy binding acknowledgement messages having new indicators and identification information. Namely, the home agent/local mobility anchor will exchange proxy binding update messages and proxy binding acknowledge messages that include information such as mobile node identification (MN-ID), home network prefix (HNP), but can also include selective information fields such as, access type, handover indicator (HO), and interface identification (interface ID). By including new access type, indicator, and identification information, the local mobility anchor can respond to a binding update request message with a better understanding of the new connectivity request from the mobile node. The invention also includes a binding revocation message with expanded trigger field information sent from the local mobility anchor to the mobile access gateways.Type: GrantFiled: March 19, 2009Date of Patent: July 2, 2013Assignee: Research In Motion LimitedInventors: Ahmad Muhanna, Barnaba Barnowski, Mohamed Khalil
-
Patent number: 8411858Abstract: The present invention utilizes the AAA infrastructure to dynamically allocate the various parameters needed to establish the security association between the Foreign Agent and the Home Agent. The present invention uses the AAA server as a central entity to dynamically generate and distribute the chosen security association parameters needed to support the Foreign Agent and Home Agent security association based on a request from the Foreign Agent. The AAA server can also dynamically assigns a unique SPI value to the Foreign Agent and Home Agent pairs. The various parameters that can be allocated in the present invention include a FA-HA shared secret key or a public/private key pair, an authentication algorithm and mode, a FA-HA secret key lifetime, and security parameter index or security index values. The present invention also can assist in making sure that the Foreign Agent and the Home Agent stay synchronized with respect to their security association.Type: GrantFiled: March 27, 2008Date of Patent: April 2, 2013Assignee: Apple Inc.Inventors: Ahmad Muhanna, Mohamed Khalil
-
Publication number: 20130070769Abstract: The present invention provides a method and system for identification of the different packet gateways that support different types of services on their packet data networks. The method and system provides identification and addressing information to user equipment for one or more packet gateways that support different types of services, sometimes called QoS services. The identification and addressing information for the one or more packet gateways is provided in the present invention by and through a DNS server or an AAA server depending on the network architecture and the IP version supporting the communications with the mobile node.Type: ApplicationFiled: September 14, 2012Publication date: March 21, 2013Inventors: Mohamed Khalil, Ahmad Muhanna, Haseeb Akhtar
-
Publication number: 20130064223Abstract: The present invention solves the problems with a new proxy binding update request and proxy binding acknowledgement messages having new indicators and identification information. Namely, the home agent/local mobility anchor will exchange proxy binding update messages and proxy binding acknowledge messages that include information such as mobile node identification (MN-ID), home network prefix (HNP), but can also include selective information fields such as, access type, handover indicator (HO), and interface identification (interface ID). By including new access type, indicator, and identification information, the local mobility anchor can respond to a binding update request message with a better understanding of the new connectivity request from the mobile node.Type: ApplicationFiled: September 14, 2012Publication date: March 14, 2013Inventors: Ahmad Muhanna, Mohamed Khalil, Khosrow Saboorian