Patents by Inventor Serge Manning
Serge Manning has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240080323Abstract: A method comprises receiving, by a threat level engine (TLE) in the network, security data from a plurality of different sources, wherein the security data comprises data regarding traffic related to a security threat occurring in the network, determining, by the TLE, a security related event indicating a security threat occurring at network elements in the network based on security key performance indicators and the security data, when a threat impact level of the security related event exceeds a threshold, determining, by the TLE, a remediation action for the security related event based on the threat impact level, transmitting, by the TLE to a policy decision point, an instruction to generate and store a rule based on the remediation action for the security related event, and transmitting, to a policy enforcement point, an authorization to create the secure tunnel between the one or more network elements and another endpoint.Type: ApplicationFiled: September 6, 2022Publication date: March 7, 2024Inventors: Marouane BALMAKHTAR, Serge MANNING, Gregory SCHUMACHER
-
Publication number: 20230403304Abstract: A method of testing a communication system implementing a zero trust architecture. The method comprises sending a request by a test equipment platform to access a microsegment to a policy enforcement point (PEP); sending an authorization request by the PEP to a policy decision point (PDP); authorizing access of the test equipment platform to the microsegment by the PDP; sending authorization of access of the test equipment platform to the microsegment by the PDP to the PEP; establishing a secure tunnel by the PEP between the test equipment platform and the microsegment; sending a command to provide test data by the test equipment platform via the secure tunnel to a probe in the microsegment; analyzing the test data by the test equipment platform; and producing a test result by the test equipment platform based on analyzing the test data.Type: ApplicationFiled: June 9, 2022Publication date: December 14, 2023Inventors: Marouane Balmakhtar, Serge Manning, Greg Schumacher
-
Publication number: 20230354143Abstract: Systems and methods are provided for rapid user equipment route selection policy rule processing. A method includes determining an applicable routing policy based on user equipment route selection policy (URSP) rules for an established protocol data unit (PDU) session and storing PDU session information with the established uplink PDU session in a cache. The method further includes examining subsequent uplink packets for PDU session information and checking the cache for an established PDU session with matching uplink PDU session information. The method additionally includes routing the subsequent uplink packets to the established PDU session having the matching PDU session information, causing the subsequent uplink packet to be processed in accordance with the applicable routing policy as previously determined based on the URSP rules.Type: ApplicationFiled: May 2, 2022Publication date: November 2, 2023Inventors: Gregory SCHUMACHER, Marouane BALMAKHTAR, Serge MANNING
-
Publication number: 20230337001Abstract: A method of user equipment (UE) implemented network slice security protection is disclosed. The method comprises the UE receiving a request to initialize an application, querying a UE Route Selection Policy (URSP) stored on the UE, and receiving traffic descriptors and security descriptors in response to the querying. The traffic descriptors identify a network slice for the application. The security descriptors comprise a security flag and a virtualization container ID. The method also comprises the UE initiating the application within a virtualization container corresponding to the virtualization container ID based on the security flag indicating that the network slice is secure and binding traffic for the application in the virtualization container to a PDU session based on the traffic descriptors. The method further comprises communicating, by the application executing within the virtualization container, with a core network over the PDU session via the network slice bound to the virtualization container.Type: ApplicationFiled: June 16, 2023Publication date: October 19, 2023Inventors: Marouane Balmakhtar, Serge Manning, Greg Schumacher
-
Patent number: 11751058Abstract: A method of user equipment (UE) implemented network slice security protection is disclosed. The method comprises the UE receiving a request to initialize an application, querying a UE Route Selection Policy (URSP) stored on the UE, and receiving traffic descriptors and security descriptors in response to the querying. The traffic descriptors identify a network slice for the application. The security descriptors comprise a security flag and a virtualization container ID. The method also comprises the UE initiating the application within a virtualization container corresponding to the virtualization container ID based on the security flag indicating that the network slice is secure and binding traffic for the application in the virtualization container to a PDU session based on the traffic descriptors. The method further comprises communicating, by the application executing within the virtualization container, with a core network over the PDU session via the network slice bound to the virtualization container.Type: GrantFiled: January 14, 2022Date of Patent: September 5, 2023Assignee: T-Mobile Innovations LLCInventors: Marouane Balmakhtar, Serge Manning, Greg Schumacher
-
Publication number: 20230232236Abstract: A method of user equipment (UE) implemented network slice security protection is disclosed. The method comprises the UE receiving a request to initialize an application, querying a UE Route Selection Policy (URSP) stored on the UE, and receiving traffic descriptors and security descriptors in response to the querying. The traffic descriptors identify a network slice for the application. The security descriptors comprise a security flag and a virtualization container ID. The method also comprises the UE initiating the application within a virtualization container corresponding to the virtualization container ID based on the security flag indicating that the network slice is secure and binding traffic for the application in the virtualization container to a PDU session based on the traffic descriptors. The method further comprises communicating, by the application executing within the virtualization container, with a core network over the PDU session via the network slice bound to the virtualization container.Type: ApplicationFiled: January 14, 2022Publication date: July 20, 2023Inventors: Marouane Balmakhtar, Serge Manning, Greg Schumacher
-
Patent number: 9271197Abstract: An embodiment method for session handling for a connection between an UE and a network includes establishing, at a first distributed EPC, user and IP sessions over the connection through the first distributed EPC. The first distributed EPC includes a first PGW at which the IP session is anchored. The method also includes holding original IP resources and releasing original connection resources for the sessions at the first distributed EPC when the UE moves beyond the first distributed EPC to a second distributed EPC. The method then establishes a tunnel between the first PGW and a second PGW for the second distributed EPC. The tunnel utilizes the original IP resources and new connection resources at the second distributed EPC. The method then routes data from the tunnel, through the first PGW, and to the network.Type: GrantFiled: May 21, 2014Date of Patent: February 23, 2016Assignee: Futurewei Technologies, Inc.Inventors: John Kaippallimalil, Hinghung Anthony Chan, Zhixian Xiang, Khosrow Tony Saboorian, Serge Manning
-
Patent number: 9001741Abstract: Exemplary methods and systems for providing access to IMS services are disclosed herein.Type: GrantFiled: October 29, 2013Date of Patent: April 7, 2015Assignee: Sprint Spectrum L.P.Inventors: Jeremy Breau, Serge Manning, Pallavur Sankaranaraynan
-
Publication number: 20140348130Abstract: An embodiment method for session handling for a connection between an UE and a network includes establishing, at a first distributed EPC, user and IP sessions over the connection through the first distributed EPC. The first distributed EPC includes a first PGW at which the IP session is anchored. The method also includes holding original IP resources and releasing original connection resources for the sessions at the first distributed EPC when the UE moves beyond the first distributed EPC to a second distributed EPC. The method then establishes a tunnel between the first PGW and a second PGW for the second distributed EPC. The tunnel utilizes the original IP resources and new connection resources at the second distributed EPC. The method then routes data from the tunnel, through the first PGW, and to the network.Type: ApplicationFiled: May 21, 2014Publication date: November 27, 2014Inventors: John Kaippallimalil, Hinghung Anthony Chan, Zhixian Xiang, Khosrow Tony Saboorian, Serge Manning
-
Publication number: 20140056226Abstract: Exemplary methods and systems for providing access to IMS services are disclosed herein.Type: ApplicationFiled: October 29, 2013Publication date: February 27, 2014Applicant: Sprint Spectrum L.P.Inventors: Jeremy Breau, Serge Manning, Pallavur Sankaranaraynan
-
Patent number: 8594105Abstract: Exemplary methods and systems for providing access to IMS services are disclosed herein.Type: GrantFiled: July 12, 2011Date of Patent: November 26, 2013Assignee: Sprint Spectrum L.P.Inventors: Jeremy Breau, Serge Manning, Pallavur Sankaranaraynan
-
Patent number: 8170529Abstract: A method, system, and computer-readable media are provided for determining connection needs of a mobile device connecting to a wireless network. In one aspect, the computer-readable media provide a method that includes receiving a request from a mobile device to access a wireless network, and performing an authentication phase related to the mobile device attempting to access the wireless network. Furthermore, the method includes evaluating signaling behavior of the mobile device during the authentication phase to determine which access technology from a plurality of types of access technologies to use to connect the mobile device to the wireless network. Moreover, the method includes connecting the mobile device to the wireless network using the determined access technology.Type: GrantFiled: February 8, 2007Date of Patent: May 1, 2012Assignee: Clearwire IP Holdings LLCInventors: Jeremy R. Breau, Arun Santharam, Serge Manning, Reza Jafari, Shingara Dhanoa
-
Patent number: 7193980Abstract: A new message format and protocol in an IP mobility system. Deallocation of a mobile node's IP address during a multipart communication session on a foreign network can cause serious communication and accounting errors. The new message format and protocol should eliminate the premature deallocation of a mobile node's IP address, which should reduce associated communication and accounting errors.Type: GrantFiled: July 3, 2001Date of Patent: March 20, 2007Assignee: Nortel Networks LimitedInventors: Peter W. Wenzel, Serge Manning
-
Patent number: 7167466Abstract: A method and apparatus for dynamically assigning a home agent to a mobile station for a mobile IP session. The method and apparatus allow the telecommunications network to assign the home agent that is best able to serve the mobile station. This is achieved by utilizing a predetermined IP address that indicates to the network components, such as the packet-switched data network, the home agent, the home authorization, authentication, and accounting server, and the like, that the mobile station is requesting a dynamically assigned home agent.Type: GrantFiled: November 20, 2001Date of Patent: January 23, 2007Assignee: Nortel Networks LimitedInventors: Kuntal Chowdhury, Serge Manning, Pierre Boulos
-
Patent number: 6765909Abstract: A classification application utilizing a table of connection numbers and associated TCP/IP applications is utilized for determining a wireless packet communication, quality of service level by decoding a connection number field of the compressed packet header. Packets carrying different connection numbers can be mapped to different Quality of Service planes. When a non-active TCP connection becomes active, the classification application detects and identifies the connection by reading the connection number field of a compressed TCP/IP header in a packet of the application. The classification application applies the appropriate Quality of Service level as determined from a user database and a list of available Quality of Service levels. If the connection has no table entry, the TCP/IP application is identified based on comparison to a pre-loaded table of port numbers and a new entry is created in the connection number table.Type: GrantFiled: December 3, 1999Date of Patent: July 20, 2004Assignee: Nortel Networks LimitedInventors: Sanjoy Sen, Serge Manning, Chung-Ching Wang
-
Patent number: 6614779Abstract: A new access channel protocol for use in cellular systems such as CDMA whereby the data transfer efficiency of an access message is increased by removing the requirement that a preamble frame and a message capsule frame have equal times of duration. With such removal, the BTS must inform listening MSs as to the time duration of the frames in each of the preamble and the message portions of the access channel time slot in addition to previously supplied information as to the number of frames in each portion. When unequal frame duration times are allowed, each portion of the access channel may be more nearly optimized to the actual time required to perform the functions of synchronization and message detection.Type: GrantFiled: January 28, 1999Date of Patent: September 2, 2003Assignee: Nortel Networks LimitedInventors: Alberto Gutierrez, Serge Manning, Ahmad Jalali
-
Patent number: 6606311Abstract: An adaptation sublayer is provided between LAC/MAC and a Packet Data Service Node for a Code Division Multiple Access telecommunication system. Quality of Service parameters are defined and stored within a Base Station and Base Transceiver Station along with subscriber profiles, including class of service. The profiles include specified Quality of Service requirements for each subscriber profile. A Quality of Service Adaptation Layer provides logic and control means to identify each active subscriber, provide the associated Quality of Service and direct the active subscriber's communication connection to a target host.Type: GrantFiled: December 3, 1999Date of Patent: August 12, 2003Assignee: Nortel Networks LimitedInventors: Chung-Ching Wang, Serge Manning, Sanjoy Sen
-
Patent number: 6580699Abstract: A system and method for timely maintaining or establishing an R-P connection after a mobile station (MS) roams from the control of an old base station controller (BSC) to that of a new BSC is provided. The process may be initiated during a registration process of the MS, during an origination process, or during a termination process. A Mobile Service Center (MSC), Visitor's Location Register (VLR), or the MS may be used to store the packet data call status information including point to point protocol (PPP) session status information and configuration information about an old BSC including its related cells and PDSNs. In some cases, this information may also be transferred to the new BSC through a BSC to BSC connection.Type: GrantFiled: March 27, 2000Date of Patent: June 17, 2003Assignee: Nortel Networks LimitedInventors: Serge Manning, Jianping Jiang
-
Patent number: 6519266Abstract: A communications system and method that separates operational aspects of a packet data service to be provided on a wireless network into separate, independent state diagrams. The method first decomposes the communication service into several different service layers. The method then defines a dynamic behavior of the service layers and an interaction therebetween. Once the behavior and interaction between the layers is defined, the method creates a control element with which to coordinate the service layers.Type: GrantFiled: December 22, 1998Date of Patent: February 11, 2003Assignee: Nortel Networks LimitedInventors: Serge Manning, Alberto Gutierrez, Ibrahim Ghaleb
-
Publication number: 20020114323Abstract: A method and apparatus for dynamically assigning a home agent to a mobile station for a mobile IP session. The method and apparatus allow the telecommunications network to assign the home agent that is best able to serve the mobile station. This is achieved by utilizing a predetermined IP address that indicates to the network components, such as the packet-switched data network, the home agent, the home authorization, authentication, and accounting server, and the like, that the mobile station is requesting a dynamically assigned home agent.Type: ApplicationFiled: November 20, 2001Publication date: August 22, 2002Inventors: Kuntal Chowdhury, Serge Manning, Pierre Boulos