Patents by Inventor Wassim Haddad

Wassim Haddad has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20100325416
    Abstract: A method is provided for use in a Mobile IP network in which it is determined whether a Mobile Node (10) in a visited network is reachable on a new claimed Care-of Address for the Mobile Node (10) using information relating to a pre-established cryptographic relationship between the Mobile Node (10) and an Access Router (20) of the visited network. It may be determined, through communication between a Home Agent (30) for the Mobile Node (10) in the Mobile Node 10's home network and the Access Router (20), whether such a pre-established cryptographic relationship exists. The existence of such a pre-established relationship would indicate that the Mobile Node (10) is reachable on the claimed Care-of Address.
    Type: Application
    Filed: February 8, 2008
    Publication date: December 23, 2010
    Applicant: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventor: Wassim Haddad
  • Publication number: 20100318795
    Abstract: Aspects describe enabling two peers that have already paired together under some circumstances to re-identify themselves under different circumstances so that the peers can bypass performing another pairing only to discover that they are already paired. A Bloom filter is constructed from an available pool of locally selected identifiers and is sent to a peer node in a first message. Upon receiving the message with the Bloom filter, peer node checks all its known identifiers. If peer node finds that one of its identifiers is a member of the Bloom filter, peer node sends a reply in order to achieve a mutual identification.
    Type: Application
    Filed: June 11, 2009
    Publication date: December 16, 2010
    Applicant: QUALCOMM Incorporated
    Inventors: Wassim Haddad, Michaela Vanderveen, Georgios Tsirtsis, Vincent D. Park
  • Publication number: 20100284368
    Abstract: A method of performing hand-off of a Mobile Node from a previous Access Point to a new Access Point within a WLAN domain, where the previous and new Access Points are connected respectively to previous and new Access Routers. The method comprises, following a MAC authentication exchange between the Mobile Node and the new Access Point, sending a MAC Reassociation Request from the Mobile Node to the New Access Point, forwarding said Reassociation Request to said new Access Router, and sending the Reassociation Request from said new Access Router to said previous Access Router within an IP hand-off request, and authenticating the Reassociation Request at the previous Access Router and initiating the tunnelling of IP packets received at the previous Access Router and destined for said Mobile Node, towards said new Access Router.
    Type: Application
    Filed: November 23, 2007
    Publication date: November 11, 2010
    Applicant: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Wassim Haddad, Karl Norrman
  • Publication number: 20100260338
    Abstract: A method and apparatus for establishing a cryptographic relationship between a first node and a second node in a communications network. The first node receives at least part of a cryptographic attribute of the second node, uses the received at least part of the cryptographic attribute to generate an identifier for the first node. The cryptographic attribute may a public key belonging to the second node, and the identifier may be a Cryptographically Generated IP address. The cryptographic relationship allows the second node to establish with a third node that it is entitled to act on behalf of the first node.
    Type: Application
    Filed: November 21, 2008
    Publication date: October 14, 2010
    Applicant: TELEFONAKTIEBOLAGET L M ERICSSON (PUBL)
    Inventors: Wassim Haddad, Mats Naslund
  • Publication number: 20100238874
    Abstract: A system, method, and node for protecting a telecommunication system against a mobile and multi-homed attacker, MMA (10). The telecommunication system includes one or more correspondent nodes, CN, (102, 104) for transferring data packets. A mobile and multi-homed network node, MMN, (108) associated with the MMA communicates and receives data packets with the CN. An access router, AR, (106) transferring data between the MMN and the CN performs a reachability test with the MMN to determine if the MMN is still reachable. The AR sends a message to the CN to flush cached information associated with the MMN if the MMN is not reachable by the AR. The CN, upon receiving the message to flush cached information, flushes binding cache entries associated with the MMN from the CN.
    Type: Application
    Filed: July 13, 2007
    Publication date: September 23, 2010
    Applicant: TELEFONAKTIEBOLAGET L M ERICSSON (PUBL)
    Inventors: Wassim Haddad, Mats Naslund, Andras Mehes
  • Publication number: 20100175109
    Abstract: A method of establishing a route optimisation mode between a mobile node and a correspondent node across a mobile IP network. The method comprises establishing a bi-directional security association between a proxy mobile agent to which the mobile node is attached or to which the mobile node will attach, and the correspondent node. On behalf of the mobile node, the proxy mobile agent performs a reachability test with the correspondent node via a home agent of the mobile node, and sends a binding update to the correspondent node.
    Type: Application
    Filed: May 25, 2007
    Publication date: July 8, 2010
    Inventor: Wassim Haddad
  • Publication number: 20100150064
    Abstract: A node arranged in use to communicate over an IP network, the node comprising means for receiving an IP packet either from a peer node or from a higher protocol layer within the node, means for XORing a header of the packet or part thereof with a pad to translate the header or part thereof, and means for sending the packet to a peer node or for delivering the packet to a higher protocol layer within the node.
    Type: Application
    Filed: February 9, 2007
    Publication date: June 17, 2010
    Inventor: Wassim Haddad
  • Publication number: 20100153706
    Abstract: A method of securing IP traffic sent from a first host to a second host attached respectively to first and second access points. The method comprises establishing a shared secret between said first and second hosts, and for each packet to be sent, using the next value in a pseudo-random number sequence as an interface identifier part of the source IP address.
    Type: Application
    Filed: March 16, 2007
    Publication date: June 17, 2010
    Inventor: Wassim Haddad
  • Patent number: 7707297
    Abstract: A method of at least partially creating a network connection from a computing device to a network wherein the method comprises determining the bandwidth associated with the network connection that it is desired to make to the computing device from the network and assessing whether this bandwidth is available from the network before commencing creating the connection. Generally, this method will be used during a hand-over process from an existing network to the network.
    Type: Grant
    Filed: October 31, 2003
    Date of Patent: April 27, 2010
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventor: Wassim Haddad
  • Publication number: 20100031044
    Abstract: There is disclosed a method, and a communication system, and a communication node for implementing the claimed method, for attempting to enhance legitimacy assessment and thwart a man-in-the middle or similar false-location attack by evaluating the topology of a communication-session requesting node relative to the proposed communication path through a network between the requesting node and the requested node. Upon receiving the request, a PRD (Prefix Reachability Detection) protocol is initiated, either after or during a secure key exchange, if any, which if performed preferably includes an ART (address reachability text). The PRD is executed by sending a message to the communication node challenging the location-authenticity of the requesting device. The communication node, which may be for example an access router through which the requesting node accesses the network, determines if the requesting node is positioned behind the communication node topologically, and reports the result to the requested node.
    Type: Application
    Filed: February 26, 2008
    Publication date: February 4, 2010
    Inventors: Wassim Haddad, Mats Näslund
  • Patent number: 7508793
    Abstract: A MN, a method and a VMAP for increasing efficiency of handover of the MN from a AR1 to a AR2. The VMAP is hierarchically below a MAP and above the AR1. The MN has a RCoA valid under the MAP and a LCoA valid under the AR1. The VMAP comprises an OMM Function capable of receiving a PathUM thereby informing the VMAP that the MN 412 is handing over to the AR2, computing a LCoA2 valid under the AR2 and forwarding traffic received on the LCoA to the LCoA2. A VMAP Binding Cache Entry for the MN comprises at least the MN's RCoA, the MN's LCoA and a unique value associated with the MN. The VMAP, therewith, computes the LCoA2 using a same function as in the MN. Prior to receiving the PathUM, the VMAP could receive an E-LBA issued from the MAP and addressed to the LCoA comprising the MN's RCoA and the unique value associated with the MN and thereafter, creating or updating the VBCE for the MN using information included therein.
    Type: Grant
    Filed: September 20, 2005
    Date of Patent: March 24, 2009
    Assignee: Telefonaktiebolaget L M Ericsson (Publ)
    Inventors: Wassim Haddad, Suresh Krishnan
  • Publication number: 20080316974
    Abstract: Methods, Mobile Node and Mobility Access gateway for enabling vertical handoff of the Mobile Node between a first and second network interfaces using a pad translator.
    Type: Application
    Filed: August 29, 2008
    Publication date: December 25, 2008
    Inventors: Suresh KRISHNAN, Wassim HADDAD
  • Publication number: 20080301434
    Abstract: Methods and apparatuses for combining internet protocol layer authentication and mobility signaling are disclosed. Various embodiments for providing authentication and mobility signaling when a mobile node moves from a 3GPP access network to a non 3GPP access network and vice versa are described.
    Type: Application
    Filed: May 29, 2008
    Publication date: December 4, 2008
    Inventors: Wassim Haddad, Karl Norrman, Conny Larsson
  • Publication number: 20080205653
    Abstract: A method and Mobility Anchor Point (MAP) are provided for authenticating an update message received at the MAP from a Mobile Node (MN). A table entry is created in the MAP, following receipt of a first message comprising a public key of the MN, a first pointer and a first comparison data, information elements received from the first message being stored in the table entry. The MAP then receives an update message requesting binding of a Local Care-of Address (LCoA) with a Regional Care-of Address (RCoA). The update message further comprises a second pointer and a second comparison data. The MAP locates the table entry by use of the second pointer. The MAP then authenticates the second message by hashing one of the first or second comparison data and comparing a result of the hashing with the other one of the first and second comparison data. If a match is found, the second message is authenticated and the MAP binds the LCoA and the RCoA by storing both addresses in the table entry.
    Type: Application
    Filed: September 6, 2006
    Publication date: August 28, 2008
    Applicant: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventor: Wassim Haddad
  • Publication number: 20080192695
    Abstract: A Mobile Node, A Network Node and a method performed in a visited network of a telecommunications network. The Mobile Node has a home address (HoA) valid in a Mobile Node's home network of the telecommunications network or knows how to generate one. The HoA is used in the visited network. A Pad Translator Generator module generates a Pad Translator (PaT) from at least one protection parameter by applying at least one exclusive-or (XOR) thereon and a Pad Translator Applicator module applies the PaT on at least a portion of a header of a packet using an exclusive-or (XOR) function thereby enabling protection of at least a portion of the HoA in the visited network.
    Type: Application
    Filed: December 21, 2007
    Publication date: August 14, 2008
    Applicant: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Suresh Krishnan, Wassim Haddad
  • Publication number: 20080162936
    Abstract: A method, a router and a host are introduced for providing secure communication with limited use of processing intensive cryptographic means. Strong cryptographic keys are first used between the host and the router to sign messages therebetween, thereby ensuring that a first communication between the host and the router is secure. The router generates a secret key and forwards it to the host, the secret key being encrypted at the router and decrypted at the host by use of the strong cryptographic keys. Further communication between the host and the router is signed by use of the secret key.
    Type: Application
    Filed: December 28, 2006
    Publication date: July 3, 2008
    Inventor: Wassim Haddad
  • Patent number: 7391757
    Abstract: A wireless LAN comprises an access point with a data communicator for data communicated over different channels, each using a respective wireless technology, and at least one mobile communications device with a data communicator for data communicated over the channels and using the wireless technologies. A first of the channels uses a wireless technology operating at a first frequency bandwidth, and a second of the channels uses a different wireless technology operating at a second, non-overlapping frequency bandwidth. The wireless technology used for the downlink channel operates at a higher data rate than the wireless technology used for the uplink channel. The controller controls data communications over the downlink channel and the uplink channel to maximise the downlink data communication QoS.
    Type: Grant
    Filed: October 30, 2003
    Date of Patent: June 24, 2008
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Wassim Haddad, James Thomas Edward McDonnell
  • Publication number: 20070287472
    Abstract: Systems and methods are described which delegate reachability testing for mobility signaling in communication networks. A mobile node transmits a mobility signaling package to other network nodes, which can use the information contained therein to perform the delegated reachability testing.
    Type: Application
    Filed: April 23, 2007
    Publication date: December 13, 2007
    Applicant: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventors: Wassim Haddad, Suresh Krishnan
  • Publication number: 20070189250
    Abstract: A method, a correspondent node and a mobile node provide anonymity and unlinkability to a mobile node in a session with a correspondent node. Sequence values, calculated based on secret data, are added to updates sent from the mobile node towards the correspondent node and are used by the correspondent node to authenticate updates from the mobile node. A home address of the mobile node is not explicitly disclosed. An expected care-of address is calculated at the correspondent node and used by the correspondent node to send data packets to the mobile node.
    Type: Application
    Filed: April 4, 2006
    Publication date: August 16, 2007
    Inventors: Wassim Haddad, Suresh Krishnan
  • Patent number: 7228431
    Abstract: Methods and home agent for building a plurality of individual binding updates in the home agent on behalf of a mobile node. One of the methods and the home agent is directed to receiving an Aggregated Binding Update (ABU) at the home agent from the mobile node, building the plurality of individual binding updates from the ABU and sending from the home agent each of the plurality of individual binding updates toward each of the different destination addresses. Each of the plurality of individual binding updates has a different destination address, which is specified in the ABU. Another of the methods and the home agent is directed to intercepting a plurality of binding acknowledgments destined to the mobile node, building an Aggregated Binding Acknowledgment (ABA) from the plurality of binding acknowledgments and sending the ABA toward the mobile node.
    Type: Grant
    Filed: August 21, 2003
    Date of Patent: June 5, 2007
    Assignee: Telefonaktiebolaget LM Ericsson (Publ)
    Inventors: Wassim Haddad, Suresh Krishnan