Patent application number | Description | Published |
20080271132 | Host Identity Protocol Method and Apparatus - A method is provided of at least partially securing communications between first and second hosts using the Host Identity Protocol, HIP, where the first host is not HIP enabled and the second host is HIP enabled. A persistent HIP identity is associated with the first host and maintained at a remote server. A public part of the persistent HIP identity is obtained from the remote server together with a certificate authorising a gateway node between the first and second hosts to use a temporary HIP identity associated with the first host in a subsequent negotiating step. A secure HIP connection is then negotiated between the gateway node and the second host using at least part of each of the persistent HIP identity, the temporary HIP identity and the certificate. A Host Identity Protocol, HIP, method is provided for use in a network in which a non-HIP-enabled host is communicating with a HIP-enabled host via a plurality of gateway nodes in turn, comprising using a persistent HIP identity for the first host, maintained at a remote server, for each such gateway node used. | 10-30-2008 |
20090265541 | ADDRESSING AND ROUTING MECHANISM FOR WEB SERVER CLUSTERS - A method of establishing a Host Identity Protocol session between first and second Host Identity Protocol enabled hosts, where at least said second host is located behind a reverse-proxy. The method comprises providing the reverse-proxy with Diffie-Hellman public keying material of the second host, sending said Diffie-Hellman public keying material from the reverse-proxy to the first host as part of the Host Identity Protocol base exchange procedure, this material being bound to the Host Identity of the reverse-proxy for the purpose of the Host Identity Protocol session, and, at the first host, using the Host Identity of the reverse-proxy as the correspondent Host Identity for the Host Identity Protocol session, and, at the second host, using the Host Identity of the reverse-proxy as the originating Host Identity for the Host Identity Protocol session. | 10-22-2009 |
20100106972 | SIGNALLING DELEGATION IN A MOVING NETWORK - In order to delegate location update signaling responsibility from a Mobile Node to a Mobile Router, the Mobile Router is provided with a second symmetric key generated by a Mobile Node using a first symmetric key shared between the Mobile Node and a Peer Node. The Mobile Router is additionally provided with a “certificate” authenticating the second symmetric key using the first symmetric key. In this way, the mobile router can sign location update related messages sent to the Peer Node with the second symmetric key, and can provide the Peer Node with the certificate in order to allow the Peer Node to authenticate the right of the Mobile Router to act on behalf of the Mobile Node. | 04-29-2010 |
20100153715 | PACKET HANDLING IN A MOBILE IP ARCHITECTURE - A method of handling IP packets transmitted from a correspondent node to a mobile node via an intermediate node using the IPsec security protocol. The method comprises, at the correspondent node, identifying specified selector information within the part of the packet to be encrypted, and incorporating the identified information or a digest thereof into a header part of the packet which is to be sent unencrypted, transmitting the packet from the correspondent node to said intermediate node, and, at the intermediate node, receiving the transmitted packet and identifying a policy to be applied to the packet using said information or digest contained in the packet, and applying the policy to the packet. | 06-17-2010 |
20100303072 | Multicast Source Mobility - A method of delivering an IP multicast stream from a source node to a destination node. The method comprises establishing a Host Identity Protocol association between a multicast router and at least one further network node upstream of the multicast router, both of which are present in the multicast path, and using said association(s) to transport multicast packets. | 12-02-2010 |
20100306350 | HIP Node Reachability - A method of configuring a plurality of rendezvous servers to provide a Host Identity Protocol, HIP, based mobility service to HIP nodes, where the servers are arranged in a hierarchical branching structure. For each HIP node, a Host Identity Tag, HIT, and contact address mapping is registered with a rendezvous server. That server then identifies itself and the HIT to each higher level server within the same branch, without explicitly identifying the contact address to those higher level servers wherein, in use, when a first rendezvous server receives a HIP contact message addressed to a given HIT, if that first server is unaware of the destination HIT, it forwards the message to a higher level server within the same branch and if the first server is not the server at which the HIT is registered but is aware of the HIT, it forwards the contact message to the neighbouring rendezvous server corresponding to the HIT. | 12-02-2010 |
20100312898 | PUBLISH/SUBSCRIBE NETWORKS - A method of making data, published on a first publication/subscribe (pubsub) network, available to hosts within a second publication/subscribe network where the networks are interconnected via the Internet. The method comprises registering a publication identity of said data within a rendezvous system located within the Internet, forwarding Subscribe requests associated with said publication identity from said second network to said rendezvous system and, at the rendezvous system, identifying a location of said data within said first network. The Subscribe request can then be forwarded to said first network, and said data delivered from said first network to said second network via the Internet. | 12-09-2010 |
20110055570 | LOCATION UPDATE OF A MOBILE NODE - A method of facilitating location update signalling within a communication network between a mobile node and an end host includes establishing a trust relationship between one or more end hosts ( | 03-03-2011 |
20110103394 | NETWORK TOPOLOGY CONCEALMENT USING ADDRESS PERMUTATION - A first packet is received from a client over an internal network destined for a remote node of an external network. The first packet includes a source IP address having an internal network portion that identifies a location of the client in the internal network and an external network portion that identifies a location of the internal network accessible by the external network. An obfuscation operation is performed on the internal network portion of the source IP address of the first packet to conceal the location of the client in the internal network and the internal network portion of the source IP address of the first packet is rewritten with the obfuscated internal network portion while maintaining the current external network portion of the source IP address. Thereafter, the first packet is transmitted to the remote node over the external network. | 05-05-2011 |
20110149973 | Packet Forwarding In A Network - A method of providing packet routing information comprises: encoding routing information from a source node to one or more destination nodes into a compact representation of set membership; and putting the compact representation of sets into a header of a packet that is to be sent from the source node to the destination node(s). The compact representation may be obtained by: generating d representations of a set of identifiers; generating d candidate compact representations of set membership from the d representations of the identifiers; and selecting one of the candidate compact representation of set membership. The selection may be made on the basis of which of the candidate compact representations has the lowest rate of returning false positives. | 06-23-2011 |
20120300781 | Packet Routing in a Network - A network node ( | 11-29-2012 |
20140330984 | HIP Node Reachability - A method of configuring a plurality of rendezvous servers to provide a Host Identity Protocol, HIP, based mobility service to HIP nodes, where the servers are arranged in a hierarchical branching structure. For each HIP node, a Host Identity Tag, HIT,-and contact address mapping is registered with a rendezvous server ( | 11-06-2014 |