Patent•
Applying multicast protocols and VPN tunneling techniques to achieve high quality of service for real time media transport across IP networks
04 Feb 2004-
TL;DR: In this paper, the authors present an end-to-end transport and routing mechanism capable of secure, accurate, and timely delivery of real-time media, which can facilitate serverless, IP based sessions across all of public and private network infrastructure without regard for network hardware or carrier makeup.
Abstract: As prior art systems fail to produce end-to-end transport and routing mechanisms capable of secure, accurate, and timely delivery of real-time media, the present invention prescribes the method and process to facilitate server-less, IP based sessions across all of public and private network infrastructure without regard for network hardware or carrier makeup. The method and process claimed herein defines the application of well known standards in a unique fashion so as to facilitate transportation of TCP and UDP packets associated with a real-time multicast session in a secure manner while achieving unencumbered access through firewalls and across multiple carrier, public networks through IPSec based virtual networking.
Citations
More filters
Patent•
15 Nov 2012
TL;DR: In this paper, the authors propose a method comprising providing a plurality of links to end-user devices communicatively coupled to a network system, a particular link of the plurality supporting control-plane communications between the network system and a particular user over one or more wireless access networks, the message comprising payload for delivery to the particular user and an identifier identifying a particular device agent on the particular enduser device.
Abstract: A method comprising providing a plurality of links to a plurality of end-user devices communicatively coupled to a network system, a particular link of the plurality of links supporting control-plane communications between the network system and a particular end-user device of the plurality of end-user devices over one or more wireless access networks; receiving a message from a server communicatively coupled to the network system, the message comprising payload for delivery to the particular end-user device; generating an encrypted message comprising the payload and an identifier identifying a particular device agent of a plurality of device agents on the particular end-user device, the identifier configured to assist in delivering at least a portion of the payload to the particular device agent on the particular end-user device; and sending the encrypted message to the particular end-user device over the particular link.
483Â citations
Patent•
23 Jan 2013
TL;DR: In this paper, the authors present methods, systems, and apparatuses to enable subscribers of mobile wireless communication devices to view, research, select and customize service plans; to create and manage device groups, share and set permission controls for service plans among devices in device groups; to manage communication services through graphical user interfaces; to sponsor and promote service plans.
Abstract: Disclosed herein are methods, systems, and apparatuses to enable subscribers of mobile wireless communication devices to view, research, select and customize service plans; to create and manage device groups, share and set permission controls for service plans among devices in device groups; to manage communication services through graphical user interfaces; to sponsor and promote service plans; and to design, manage, and control communication services through application programming interfaces.
428Â citations
Patent•
25 May 2011
TL;DR: In this article, a device assisted service (DAS) for protecting network capacity is provided, which includes monitoring a network service usage activity of the communications device in network communication and classifying the network service activity for differential network access control for protecting the network capacity.
Abstract: Device Assisted Services (DAS) for protecting network capacity is provided. In some embodiments, DAS for protecting network capacity includes monitoring a network service usage activity of the communications device in network communication; classifying the network service usage activity for differential network access control for protecting network capacity; and associating the network service usage activity with a network service usage control policy based on a classification of the network service usage activity to facilitate differential network access control for protecting network capacity.
400Â citations
Patent•
04 Oct 2011
TL;DR: In this article, an end user device associated with a service plan having a limit on usage of a network service, the method comprising storing one or more notification actions corresponding to one-or more notification requests; performing a device action that reflects a past or intended use of the network service; receiving one of the one or multiple notification requests from a network element in response to the device action; performing one of several notification actions, the notification action causing the user device to retrieve at least a portion of a notification message associated with the status of the use.
Abstract: A method performed by an end user device associated with a service plan having a limit on usage of a network service, the method comprising storing one or more notification actions corresponding to one or more notification requests; performing a device action that reflects a past or intended use of the network service; receiving one of the one or more notification requests from a network element in response to the device action; performing one of the one or more notification actions in response to the notification request, the notification action causing the end user device to retrieve at least a portion of a notification message associated with a status of the use, the at least a portion of the notification message being separate from the one of the one or more notification requests; and presenting the notification message on a user interface of the end user device.
381Â citations
Patent•
13 Sep 2012
TL;DR: In this paper, a wireless device capable of communicating over a first wireless network and a second wireless network, the wireless device comprising one or more processors for executing agents including an application interface agent for assisting in applying a policy by communicating with a software component associated with a service activity.
Abstract: A wireless device capable of communicating over a first wireless network and a second wireless network, the wireless device comprising one or more processors for executing one or more agents including an application interface agent for assisting in applying a policy by communicating with a software component associated with a service activity, the policy for reducing data usage over the first wireless network associated with the service activity, the policy enabling control of the service activity on the first wireless network that is different from how the service activity is controlled on the second wireless network, the one or more agents configured to: obtain a user input specifying at least an aspect of the policy, identify that the wireless device is connected to the first wireless network, identify an intended, attempted, or successful data communication over the first wireless network associated with the service activity, and apply the policy.
266Â citations
References
More filters
Patent•
AT&T1
TL;DR: In this paper, the authors present a list describing the subject matter of each session, and the user at the Unicast client selects the session to which he or she wants to join, which causes the Multicast-Unicast server to join the appropriate session on behalf of the requesting client for each media type in which the joining client wants to be a participant.
Abstract: Unicast endpoint clients (110, 111, 115) on an IP Unicast network (107, 108) are provided access to Multicast sessions on an IP Multicast network (101) through a Multicast-Unicast gateway server (120, 121). The server obtains information about sessions on the Multicast network and makes such information available to a Unicast client on the Unicast network upon request bythe client. Upon being presented with a list describing the subject matter of each session, the user at the Unicast client selects the session to which he or she wants to join, which causes the Multicast-Unicast server to join the appropriate session on behalf of the requesting client for each media type in which the joining client wants to be a participant. The server then sets a bi-directional Unicast User Datagram Protocol (UDP) stream between itself and the client. All packets then received by the server from the Unicast client are address-translated to the appropriate Multicast session address. In addition, all packets received by the server on the Multicast session address are address-translated and sent to the Unicast client. The Unicast client is then able to participate in the Multicast session as both a sender and a receiver of packets to and from other Unicast and Multicast clients which are active during the session. Further, the Unicast client is capable of creating a new session, recording a session in the network for later retrieval and playback, and creating and accessing low bandwidth versions of existing sessions.
294Â citations
Patent•
13 Mar 2000TL;DR: In this paper, a respective broadcast address is assigned to each of a plurality of distinct sets of virtual ports, and a respective egress address corresponds to a respective destination address of the entering packet when a correspondence between the destination address and an Egress address is known.
Abstract: In methods and apparatus for routing packets through a communications network, a respective distinct broadcast address is assigned to each of a plurality of distinct sets of virtual ports. No virtual port belongs to more than one of the distinct sets. A respective egress address is assigned to each packet entering the network via an ingress virtual port. The respective egress address corresponds to a respective destination address of the entering packet when a correspondence between the destination address and an egress address is known. When no correspondence between the destination address and an egress address is known, the respective egress address is a broadcast egress address corresponding to the set comprising the ingress virtual port. The packet is routed according to the respective egress address. The routing is restricted to virtual ports belonging to the distinct set of virtual ports that includes the ingress virtual port. The distinct sets of virtual ports and their associated broadcast addresses define isolated virtual private networks within the network. Each physical port of the network may map one-to-one onto a corresponding virtual port, or may map onto a corresponding plurality of virtual ports, in which case the each virtual port of the plurality is associated with a respective distinct combination of a physical address of the physical port and a respective virtual network identifier.
255Â citations
Patent•
12 Feb 2001
TL;DR: In this article, a method and system for providing a secure communication network to facilitate consultations between a client and a counselor that limits legal liability to the participants comprising at least one web module, a certificate module, from which a digital certificate is issued to the client once said client contacts the at least 1 web module.
Abstract: A method and system for providing a secure communication network to facilitate consultations between a client and a counselor that limits legal liability to the participants comprising at least one web module, a certificate module, from which a digital certificate is issued to the client once said client contacts the at least one web module, a liability limitation module through which a liability limiting agreement is provided to the client via the at least one web module, a payment module, to which the client communicates a payment method via the at least one web module, a consultant database module, from which the client selects a consultant of choice via the at least one web module, and a consultation module, within which the consultant of choice and the client confer via the at least one web module in a secure environment is described.
186Â citations
Patent•
25 Jan 2002
TL;DR: In this paper, the authors describe a secure packet tunnel system that includes a source device and a destination device coupled to a network, where the source and destination devices may comprise, for example, edge routers that couple local area networks to the network via access links.
Abstract: Automated techniques are described that provide continuous, uninterrupted operation of the secure packet tunnels in spite of access link flooding attacks. A system is described that includes a source device and a destination device coupled to a network. The source and destination devices may comprise, for example, edge routers that couple local area networks to the network via access links. The source device and the destination device establish a packet tunnel that has a source network address and a destination network address. Upon detecting a network attack, the destination device selects a new network address for at least one of the source network address and the destination network address and establishes a new packet tunnel with the source device. The source network address and the destination network address may comprise port numbers, Internet Protocol (IP) addresses, or other information describing the source and destination devices.
75Â citations
Patent•
13 Jan 2003TL;DR: In this article, the authors propose a protocol based on IGMP or MLD which is a multicast control packet between the client host 3 and the router device 2, by adding an information regarding the accounting or a reason for the authentication failure.
Abstract: In order to make the client host capable of learning an accounting information or an authentication failure information, the accounting information or the authentication failure reason is notified from the routing device 2 to the client host 3, by adding an information regarding the accounting or an information regarding a reason for the authentication failure of the client host 3, to a packet of a protocol based on IGMP or MLD which is a multicast control packet between the client host 3 and the router device 2.
42Â citations