Method and apparatus for control plane to manage domain-based security and mobility in information-oriented network

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to data transmission networks. A networking system comprising a virtual group controller in an information-oriented network configured to enable mobility and security for a plurality of users groups of the information-oriented network, a plurality of user groups connected to the virtual group controller and associated with the users, a plurality of agents that are each associated with one of the user groups, and a database for trusted service profile connected to the virtual group controller, wherein the virtual group controller is configured to interact with the agents to enable mobility for the user groups using a server-less domain-based naming scheme.

EFFECT: providing global routing on a network.

24 cl, 11 dwg

 

CROSS-REFERENCE TO RELATED APPLICATIONS

The present application claims the priority of provisional application No. 61/439769 for the grant of a U.S. patent, filed on 4 February 2011 author Guo-Qiang Wang and others and entitled "Method and apparatus for the control plane to administer the domain-based security, mobility, and social groups focused on the content network" ("Method and Apparatus for a Control Plane to Manage Domain-Based Security, Mobility and Social Groups in a Content Oriented Network"), and claims the priority of application for the grant of U.S. patent No. 13/352835, filed January 18, 2012 by author Guo-Qiang Wang and others, and entitled "Method and apparatus for the control plane to administer the domain-based security and mobility in information-centric networks" ("Method and Apparatus for a Control Plane to Manage Domain-Based Security and Mobility in an Information Centric Network"), which are included in the materials of the present application by reference, as if it were reproduced in its entirety.

The technical field TO WHICH the INVENTION RELATES

The present invention relates to network communications, and more particularly to a method and apparatus for the control plane to administer the domain-based security and mobility in information-oriented network.

The LEVEL of TECHNOLOGY

Information centric networking (ICN) is a type CE�eve of architecture, in which the focus is on determining the location and provision of information to users, rather than the connection destination of the host nodes that communicate. One type of ICN is focused on the content network (CON). At the CON, also called "focused on the content network (CCN), the content router is responsible for routing user requests and content to proper recipients. In CON unique in your domain-name is assigned to each object that is part of the infrastructure of content delivery. Objects can contain informational content, such as videos or web pages, and/or infrastructure elements such as routers, switches or servers.

The content router uses the name prefixes, which may be the full name of the content or the proper name prefixes of the content, instead of network addresses for routing packets of content within the network content.

Summary of the INVENTION

In one of the embodiments of the disclosure includes a system network that contains the controller of virtual teams in the information centric network configured to provide mobility and security for the many user groups of the information centric network, a variety of user groups attached to the controller in virtual groups and associate users with a set of agents, each of which is associated with one of the groups of users, and a database for the profile of trusted services that are attached to the controller in virtual groups, wherein the virtual controller group is arranged to interact with the agents to enable mobility for groups of users using peer-to-peer-based domains in the same naming scheme.

In yet another embodiment of the disclosure includes a network component operating in the control plane containing the receiver is arranged to accept a request through information-oriented network, wherein a request associated with a user device in a user group, the controller of virtual teams, is arranged to operate in the control plane to determine the domain for the user device based on the domain name obtained from the request, route the request appropriately by displaying a name for the user device in the request using the profile information of trusted services and a transmitter configured to forward the request to the domain for the user device.

In tert�eat aspect, the disclosure includes a method, implemented in a network component, to provide interest on a mobile device comprising receiving, in the controller of virtual teams operating in the control plane in the information centric network, a request to the mobile device from the proxy group, the proxy group shall accept a request from a peer device, displaying, by the controller of the virtual groups of the query in the access point for the mobile device by using the profile of trusted services for mobile device and sending, by the controller of virtual teams, a query in an access point for the mobile device.

These and other features will be more apparent from the following detailed description, taken together with the accompanying drawings and claims.

BRIEF description of the DRAWINGS

For a more complete understanding of this disclosure further made reference to the following brief description, taken together with the accompanying drawings and detailed description, in which similar reference signs represent the same components.

Fig. 1 is a schematic diagram of one embodiment of the CON, including domain-based management system secure mobile virtual group (SMVG).

Fig. 2 is a schematic view of the embodiment of �Hemi names are displayed.

Fig. 3 is a schematic view of the embodiment of the operation of the mobility between gateways.

Fig. 4 is a schematic view of the embodiment of a schematic display name in the security keys.

Fig. 5 is a schematic representation of a variant of implementation of the active data delivery for mobile social group.

Fig. 6 is a schematic view of the embodiment of the multi-domain interaction of the controller and the agent.

Fig. 7 is a schematic view of the embodiment of a multi-domain infrastructure to provide guaranteed service.

Fig. 8 is a block diagram of the sequence of operations of another embodiment of the method of registering devices.

Fig. 9 is a block diagram of the sequence of operations of another embodiment of the method of delivery of interest between domains.

Fig. 10 is a schematic view of the embodiment of the network device.

Fig. 11 is a schematic view of the embodiment of the computer system of General application.

DETAILED DESCRIPTION

It should be clear from the outset that although an illustrative implementation of one or more variants of implementation of the disclosed systems and/or methods may be implemented using any number of technologies, and�known at present or available. The disclosure should in no way be limited to the illustrative implementations, drawings, and technology, illustrated below, including the exemplary designs and implementations illustrated and described in materials of this application, but may be modified within the scope of appended claims along with their full scope of equivalents.

In CON delivery or distribution of content, including publishing, querying and administration (modify, delete), and other functions, can be based on content name, and not the location. CON may also include a caching feature for real-time data, for example, as data is selected by users, and constant data users 140 or suppliers of third party content, such as a company or social network. One aspect of the CON that is different from the traditional organization of the Internet Protocol (IP), is that the accessibility of the content may be determined by the content name, for example, instead of the address of the device that is the carrier of the content. Unlike traditional IP networks, which can be based on the addresses in the system CON supporting services functional building blocks can be implemented on the basis of names. These functional�nye building blocks or control functions network services (objects) may include functions for security mobility, social groups, multicast, broadcast, real-time processing and other functions. In IP networks, content may be stored and selected in the host system (e.g., Google), while in CON content can be duplicated and removed on many routers content. Duplicate content on multiple content routers can cause fundamental effects when control functions network services shifted from a centralized portal for distributed and local portals.

In materials of this application discloses a system and methods for implementing the SMVG control system. System SMVG can help support numerous services support, including security, mobility, and organization of social groups, to administer the profiles of trusted services for users and user groups CON. Because they are based on the domains CON can be configured or constructed in a distributed manner, the implementation SMVG can be based on the names and serverless essentially. Based on the domain structure name can be used in the system SMVG to identify each named object. Based on the domain structure of the naming could serve as a platform control plane, komarapalayam CON the ability to select and mix the named objects for users/user groups to ensure the flow of trusted services, security, security, mobility, and the possibility of organizing social network. The SMVG controller may serve as the object of the control plane, which uses and manages profiles of trusted services of a dynamic and distributed way. The controller may implement operations within a domain and between domains, as further described below.

Fig. 1 illustrates an implementation option CON 100 that can implement the SMVG control system, where the content can be routed on the basis of name prefixes and delivered to users or subscribers upon request. CON 100 is an example of the ICN. However, the methods, systems and devices disclosed in the materials of the present application may be implemented with other types of ICN, other than CON. CON 100 may comprise a plurality of groups 120 users that can be SMVG or protected virtual groups (SVG). The SMVG control system may include a controller 110 SMVG attached to the base 112 of the data profiles of trusted services (TSP), for example, in the home domain, and to groups of 120 users. Group 120 users can be located in CON 100, for example, in the home domain or in multiple domains, or can be located in multiple domains guest access to one or multiple guest networks to�stupid. For example, domains can contain IP domains, Multiprotocol switching on labels (MPLS), Ethernet-domains, or combinations thereof. Each group 120 users can be associated with the agent 122 SMVG attached to the controller 110 SMVG, and a base 124 profile data local access, and the proxy node 126 CON, attached to the agent 122 SMVG. Proxy 126 CON can also be attached to one or more access devices or 128 points of access (AP), made with the ability to communicate with multiple user devices 130 in each group 120 users. In a variant implementation, AP 128 may include a base station, configured to use wireless technology to communicate (via wireless communication) with user devices 130 such as a mobile smartphone or other mobile devices. The components of the CON 100 may be arranged as shown in Fig. 1. The controller 110 SMVG agent 122 SMVG can be functional blocks implemented using hardware, software or both. Proxy 126 CON may correspond to the boundary router of the content in the CON 100.

CON 100 may comprise a plurality of routers 114 content, including the proxy node 126 CON in groups of 120 users. CON 100 may also comprise a plurality of internal nodes, the�them as routers, bridges and/or switches (not shown). Routers 114 content and internal nodes can be connected to each other via a network communication line, for example, persistent connections. Some of the routers 114 content, for example proxy node 126 CON, can also be attached to a set of nodes of subscribers, including user devices 130 and/or the locations of the subscribers, either directly or through AP 128 and, optionally, to multiple access networks (not shown). Routers 114 content and internal nodes can be any nodes, devices or components that support transportation of traffic in CON between 100 and CON 100 and external components, such as user device 130. Routers content 114 can be boundary nodes, such as proxy nodes CON, which forwards the traffic content of internal nodes and/or other routers 114 content to subscriber nodes, including user devices 130, and/or subscriber location, for example, on the basis of a request or requirement of the subscriber. The content routers can also receive content requests from the nodes of subscribers. For example, the routers 114 content can be routers or bridges, such as backbone edge bridges (BEBs), boundary provider bridges (PEB) or label edge marsh�outhistory (LER), forward content based on the prefix of the name of the content. Routers 114 content and internal nodes can contain or can be attached to multiple content servers that store or cache the content that can be delivered to subscribers or subscribers, for example, on demand. Additionally, the routers 114 content may contain content repository that can be configured to cache at least some portion of the content sent by CON 100.

Subscriber nodes can be nodes, devices, or components configured to deliver content to the user or subscriber and receive content requests from a user or subscriber. For example, subscriber nodes, including user device 130 may be fixed or mobile user-friendly devices, such as desktop computers, laptops, personal digital assistants (PDA) or cellular phones. Alternatively, the subscriber nodes can be devices to ensure connectivity in the premises of the subscribers, such as a modem or STB. Subscriber nodes can also contain subscriber equipment (not shown) that may be configured to accept content from Mar�of ralisation content via the network access and distribute the content to multiple destinations. For example, subscriber nodes can contain the application server and its associated virtual machine; a storage device of the data center; optical network terminals (ONU) and/or modules transceivers digital subscriber lines high speed data transmission (VDSL) in residential locations (VTU-R). The access network may be any network that provide access to content in the CON 100, such as virtual private networks (VPN). The location can be any location or office environments, is arranged to receive content from the content routers, and can send the content to the appropriate subscriber nodes via the access network. Subscriber location may receive content requests from the nodes of subscribers and to send requests for content to the content routers.

The SMVG control system may be based on domains platform control plane, which is arranged to provide CON 100 the ability to select and combine named objects for specific users/user groups to ensure the flow of trusted services, security, security, mobility, and the possibility of organizing social network. More precisely, the controller 110 SMVG may be subject to the control plane, located in the house�domain and it is made with the ability to use and administer the profiles of trusted services of a dynamic and distributed way to CON 100, as further described below. The controller 110 SMVG might be situated in or correspond to the node or network component, such as a router (e.g., router 114 content), internal node or a server.

In terms of relations between the subscriber and the service provider, the trust may include security services, the quality of services and accountability of services associated with, for example, based on a set of rules, which are expected to be implemented. In CON 100, the subscriber and the service provider may correspond to the subscriber and the publisher of the content, respectively, such as users of user devices 130. The controller 110 SMVG can be performed with the ability to create, maintain, approve, implement and monitor/measure trusted relationships between users/groups of users, applications, devices, mobility, security, and user/network devices, e.g., within a predefined time (e.g., time of day (TOD), duration, or time-to-live (TTL)). These trust relationships can be described and implemented by the profile.

The SMVG control system may support multiple users/user groups, for example, in the mobile communication environment CON 100. In the case of a single domain controller 110 SMVG can n�be in the home domain, and to function together with numerous groups 120 users. Alternatively, groups of 120 users can be distributed in one or more guest domains access CON 100 or many external access networks attached to the CON 100. The agent 122 SMVG might be situated in or correspond to the node or network component, such as a router (e.g., router 114 content), internal site or server. The controller 110 SMVG able to function together with the agent 122 SMVG in the context of the security and mobility of virtual groups.

Base 112 TSP can be performed with the ability to administer group 120 users. Each group 120 users may be identified by the identifier (ID) that can be unique if you want global mobility, a list of members and metadata relevant to the security functions (e.g., distribution, integrity and confidentiality keys) and social interaction. Additionally, the base 112 TSP data can connect with external facilities of a third party, such as a social network, or VPN, to provide the possibility of interaction between applied/contextual user groups, which can be used through the network of the service provider (SP) registered for treatment in respect of network resources. Information in the database 112 TSP data may contain many�tvo associative links or records (for example, in the table TSP) that associate user IDs, device IDs, group IDs, the anchor point of the network, security privileges, or combinations thereof.

Domain, home domain in the CON 100 may be a set of objects that are constructed and constrained by certain relations, such as administrative relations, property relations, social relations, geographical relationships, topological relationships, other specified attitudes, or combinations thereof. Each domain can have a name, which is "the area" objects in the volume domain. Every object in the domain can also have a name that you can use the domain name as a prefix. Domain can be constructed recursively (that is, the domain can contain subdomains) and, thus, every object in the domain can be assigned to a hierarchical name. For example, the name www.hollywood.com/movie/new_release/The_Company_Men can be used in those cases where the movie "The_Company_Men" belongs to Hollywood and "Hollywood" home domain named movie.

Agents 122 SMVG can function together with the proxy node 126 CON, for example, which may be located in guest access networks, to administer the mobility, distribution of security keys and social ownership. Operations can be based on the name of the objects involved in the spread of conten�and. Named entities may include users, user devices, access points, social groups, the controller and the SMVG agent, other objects, or combinations thereof. In this context, the names of user devices may not necessarily be "globally reachable", i.e., can be local names. However, the SMVG controller name home domain and the name of the guest AP (e.g., wireless base stations (BS) or gateways, 4th generation (4G)) can be globally achievable". Globally achievable the name may also be called "well-known" name, from the point of view of content routing. Base profile data 124 local access can be performed with the ability to store registration information of user devices 130.

The SMVG control system may also include the provision of guaranteed service within the domain. The interaction between the third party whose groups are treated, and SP CON may be located within the boundaries of non-infringement of the rights and privileges of the user. In one scenario, the SP may interact with third parties to display subscribers SP in the famous social network, and hence, to use behavioral statistics subscribers that can come from social networks to promote the services of SP, such as �eklamnye service. In another scenario, the SP can display the subscribers or users in one or more instances of the virtual social group (VPG) routers in the content network, for example, to provide guaranteed performance in relation to the distribution of content through the SP domain.

In a variant implementation, the CON 100 may also comprise a plurality of routers content 114, which may be located between the controller 110 SMVG agents 122 SMVG. Each of these routers content 114 can be arranged to make the transfer or allow communication between the controller 110 SMVG and the corresponding agent 122 SMVG in the appropriate group 120 users. Each router 114 content and corresponding proxy node 126 may be CON associated with the corresponding VPG instance. Accordingly, user device 130 in communication with the proxy node 126 CON can be displayed in the same instance of VPG by SP.

In CON 100, the controller 110 SMVG agents 122 SMVG can communicate with the proxy node 126 CON to support safety, mobility and social networks for a variety of scenarios. The scenarios below describe how the services profiles can be created, maintained and used for these support services. In this Conte�STE, the controller 110 SMVG agents 122 SMVG may be subject to the control plane, and the proxy node 126 can be CON objects to the plane of transport of content data. Management system SMVP may provide for the joint and co-operated control plane services, based on peer-to-peer architecture and is separated from the plane of the transport of content data.

The SMVG control system in the CON 100 may implement based on the domains the naming schema, where each set domain can represent a set of objects. The set of objects may be restricted by certain relations, as described above. Each set domain may represent an area that has a domain name. Within this area, all objects can be named, starting with a domain name that can be used as the prefix of object names. The domain name may be known, i.e., can be globally routed in the CON 100. Infrastructure CON, each element or object can be a named object, and each object can belong to the domain. More precisely, every mobile device 130, the user group 120 users 128 AP, the controller 110 SMVG agent 122 SMVG can be referred to as the selected domain name as a prefix and each may belong to the selected domain. Many or all of the names� domains can be globally routed in the CON 100. Each AP 128 may also be assumed globally routable. For example, the base station of the draft long-term development (LTE) in Santa Clara, California, which can be owned and operated by AT&T, can be named as a top/att.us/CA/SantaClara/BS-1, where "top" is the virtual name that represents an abstract organization or technology, such as the name "www".

The SMVG control system also implement a procedure for the administration of registration and ID, for example, after user device 130 is attached to AR 128 CON 100. Although 128 AP authenticates the device/user, AP 128 may learn (or infer) the home domain for the name prefix of the mobile device. This may be applicable to the case where the mobile device 130 belongs to the domain AP 128 and also to the case where the mobile device 130 and 128 AP belongs to a different domain. In the latter case, the operator (e.g., telephone company) of the mobile device may be a need to verify whether policy license agreement on service (SLA) operator the possibility of permitting or authorization of the mobile device in the guest domain access.

After registration of the mobile device 130 in the profile 130 local access, local agent 122 SMVG can replies� message registration profile in the home controller 110 SMVG. The name of the destination for the message reception can be determined by domain name that are abstracted from the name of a user device 130 (or together with the user name). The registration message may contain the name of the mobile device (e.g., user domain/user-name/My.IPhone) and the name of the AP (e.g., top/att.us/CA/SantaClara/BS-1). These two names can be stored in the database 112 TSP data in the home domain and may be used to determine the relationship of binding between the user device 130 and AP 128. This binding can be updated dynamically, for example, when a mobile device changes its attachment (e.g. transportation, transfer service, nomadic movement, busy loop, etc.).

Registration can be done successfully many times, for example, if a user owns multiple devices, which may include mobile and/or stationary devices, and/or due to policy updates between 128 AP and the mobile device 130. The user can also switch between devices in real time. Registration can create the appropriate records in the database 112 TSP data or table in the home domain. The base 112 of the data or TSP table can have additional fields to support and administration services. For example, TSP table may contain�AMB name field of the caller to indicate what type of call should go to which devices (e.g., personal mobility). Table TSP may also contain the ID of the social group, which specifies a user group. Table TSP may also contain the location provider keys which specifies which cryptographic materials were assigned to the mobile device 130. Table TSP also can include different policies for administration ID, access control, security of service, quality of service (QoS), and/or administration (mgmt) location. The base 112 of the data or the TSP file can contain statically recorded field (for example, when the user account was created in the home domain or a domain of a third party, such as a social group and personal profile), or dynamically writable field (for example, when the mobile device 130 is attached to the guest network access).

The SMVG control system may also support the mobility in the CON 100. In a variant implementation, the SMVG control system may implement three types of mobility management: service transmission, nomadic movement and the global movement. Typically, the transfer of service between two base stations or AP 128 (for example, running some of the gateway, such as gateway global compatibility of broadband�about wireless access (WiMAX) or LTE) can be controlled by Wi-Fi access level two (L2). CON 100 at the level of named objects may require support for nomadic movement of the mobile device 130 and the global movement. With the use of domain-based schema naming, as described above, each object name can be prefixed with the domain name and the domain name can be globally achievable in the CON 100. Thus, the derivation of the name of the home domain name from user device 130 may not be difficult. The controller 110 SMVG agent 122 SMVG in the CON 100 may also support domain-based mobility.

When the mobile device 130 is attached to the guest access network, a local agent 122 SMVG may be operable to send a registration message to the controller 110 SMVG home domain. The name of the home domain of the mobile devices may receive on behalf of the mobile device (or can be derived from the data, pre-configured on the user device 130). The registration message may contain both a name from the user device 130 and AP 128. The controller 110 SMVG can record the data binding between the user device and the AP 128 in the TSP profile. When the corresponding peer node is required to send requests or interest to the mobile device 130 (e.g., to issue a telephone call), the local Angora� 122 SMVG, attached to this AP 128, first can get the name of the home domain name of the called party and send the message to the home controller 110 SMVG to determine the current location of the called party. Then, the proxy 126 CON in the location of the caller may send an interest in the location of the called party receiving end through a coupling location name (e.g., name, AP caller) as a prefix, combined with the name of the called party. Since the names of both AP 128 on both sides can be globally routed, the connection between the caller and the called party can effectively be installed using globally routable resolved name. In this case, the names of the caller and the called party may not be globally routable. In some cases, it may be difficult to fill the reachability of the calling/called party in respect of a global network (even if the names are globally routable) due to the dynamic mobility of the calling/called party and the scalability of the update of the routing Protocol.

Fig. 2 illustrates a variant implementation of the circuit 200 to display names that can be used in CON, for example, such CON 100, for example, as part of the system �Board SMVG, described above. Diagram 200 display names can be used to display between household names 210 (in the hierarchy of household names and external names 220 (in the hierarchy of external names). Pets names 210 can be assigned from the home domain to CON, and 220 external names can be assigned from the domain guest access. Pets names 210 and 220 external names can be globally routable at the CON, but in different domains. For example, Pets names 210 may be used or routed to the home domain, and can be displayed in external names 220 in the corresponding guest domain access. External names 220 can be used and routed in the respective domains guest access.

For example, Pets names 210 may be used for two user devices (mobile devices) registered user: top/Huawei/Abel/Abel IPhone and top/Huawei/Abel/Abel.iPad. The user device also has many external names (for example, for each radio access network (RAN)). External names 220 may be used for two user devices in the two respective domains guest access and guest access networks, which can have different access technology. The user device may receive the external name when you visit the domain or access network. For example, the external names of 220 m�may be used for different RAN: top/ATT.US/LTE/SF-GW/Huawei/Abel/Abel.IPhone for LTE access and top/ATT.US/WiFi/LA-GW/Huawei/Abel/Abel.iPad.

The user device may register its external name in the home domain. Home name can be displayed in an external name in the home domain, for example, when receiving or sending requests (interests) or responses containing the names of objects. Home SMVG controller can manage the mapping between the home domain and foreign domain. Diagram display 200 can be used with based on the ID of the public key infrastructure (PKI) and implement policy management domain when mapping between the home name and the external name.

Fig. 3 illustrates an implementation option of the functioning of the 300 mobility between gateways that can be used in CON, for example, such CON 100, for example, as part of the SMVG control system described above. The operation 300 of mobility between gateways can be implemented for proper management of data transmission to the mobile device when the mobile device moves between different AP in CON, for example, to maintain continuity of service. CON may contain or may be attached to the serving AP 310 attached to the first proxy CON or serving proxy 312, the target AP 320 connected to the second proxy CON or target proxy 322, equal and correspondent point 330 of access (AP), attached to the tre�third proxy CON or equitable proxy 332. Serving AP 310 may be associated with the first mobile device 314, which can move (during handoff) from the serving AP 310 to the target AP 320. The correspondent peer node 330 may be associated with the second mobile device 316, which may be connected (e.g., establishes a call with the first mobile device 314. Serving proxy 312, the target proxy 322 and equitable proxy 332 can be supportive CON gateways (or base stations), is arranged to connect or communicate user or mobile device with AP in CON and to provide an opportunity for communication between CON and devices.

The operation 300 of mobility between gateways may correspond to the scenario of establishing a new break an existing connection to administer mobility between gateways. Before the first mobile device 314 moves from the serving proxy 312 in serving AP 310 to the target proxy 322 to the target AP 320, the first mobile device 314 can begin the process of attachment with the target proxy 322/target AP 320. The first mobile device 314 can then inform the serving proxy 312 that the target proxy 322 is a proxy target for transfer (transfer of service). Serving proxy 312 may then notify the peer proxy 32 to the correspondent peer node 330 on behalf of the target proxy 322. Thus, equitable proxy 332 may use the name of the target proxy 322 as prefix and concatenate the prefix with the name of the first mobile device 314 for data binding.

Serving proxy 312 may also use the name of the target proxy 322 to replace the name prefix in the received data. Received data, for example, from the second mobile device 316 may be targeted first mobile device 314 using the old prefix (for example, name of the serving proxy 312). The name of the target proxy 322 can be used as a new prefix. These can go with a peer proxy 332 on the serving proxy 312 via the first path (marked "tract prior to the transfer of service"). Essentially serving proxy 312 may route received data to the target proxy 322. During handoffs, equitable proxy 332 may perform dvuhotsechnuyu data transmission at the serving proxy 312 and the target proxy 322. If the peer proxy 332 binds the unicast traffic only to the serving proxy 312, after the transfer service, equitable proxy 332 can switch the data to the target AP 320 using the new prefix, and serving proxy 312 may rearrange or move the remaining data (taken in rinse�under proxy 312) to the target AP 320 via the transition path. When all the data is switched or rearranged after the transfer service peer proxy 332 can send data to the target proxy 322 through the second path (marked path after the transfer of service").

In a variant implementation, when a mobile device or other object changes its location within the same domain, wireless access, transfer service within a domain can be controlled by wireless network access. When the gateway is oriented architecture-enabled on the content network (CONA), proxy CONA can perform data-binding functionality for all or multiple base stations or AP within this domain. In both scenarios the transfer service inside the gateway and between the gateway proxy CONA may be able to perform data-binding functionality, using the name of the object. When the transfer is successful, the local SMVG agent in the target AP may register at the SMVG controller home domain of the new information linking, as described above.

The SMVG control system may also maintain user security in CON (for example, CON 100), enabling numerous security services for mobile devices with support CON SMVG controller and proxy nodes. With regard to the authenticity and integrity of data, each� data in CON can subscribe secret key from the publisher, for example, a specific user, device or application keys, and can be verified by the receiver by using the public key of the publisher. The distribution of these keys may cause complexity of implementation. To simplify the implementation, the SMVG control system may allow flexible verification of authenticity data, applying domain-based named data. More precisely, while the AP can handle the operations of publishing and subscription data for mobile devices, for example, as an authenticator. AP can offer the function of verification of the certificate and verification of the signature data from a device.

For example, on the basis of a trust relationship established between the home SMVG controller in a home domain SMVG agent on the guest AP in the guest domain access, the SMVG agent can verify all the certificates from mobile publishers belonging to such home domain. In this case, when the correspondent peer node (AP) inquires about the location of the mobile device, the home SMVG controller may send the certificates on mobile device SMVG agent attached to the correspondent peer node. The SMVG agent can work as a representative of the correspondent peer node, ver�to vizirovat certificates, and then forwards the public key of the mobile publisher in the appropriate correspondent peer node. This can save the cost of extraction and verification of public key certificates content publishers from CON. In addition, to publishing data, the AP may generate a digital signature on behalf of mobile devices to ensure the integrity of the transported data. For example, upon delivery of the certificates to the publisher from the mobile home SMVG controller at the SMVG agent, the named object can be guaranteed through the use of a mandate established between the SMVG controller and the SMVG agent. Protected name can also be applicable to communication between AP, for example, on the basis of previously established a trust relationship between two AP (both within a domain and between domains). This can be helpful, since numerous signaling data is typically expensive for limited capacity devices.

As for secrecy and privacy, the home SMVG controller may be used as a server and the distribution of keys. More precisely, when the mobile device is registered with your ID social group proxy CON via AP, the new session key can be generated by the SMVG controller on the basis of a domain name or ID. To enable secure group communication between mobile devices, the key can be shared between all devices within the same group, so that each device could use group key for constructing a logic of secure communication channels with other peer nodes (devices) in the group. Data released by the device may be achievable for devices in the same group. Essentially, the SMVG controller may become the Issuer, a distributor key and administrator group membership on the basis of the device registration process and social values or context.

In addition, the home SMVG controller device may be a proxy for secure communications between other peer nodes (devices) across numerous domains. This can provide the opportunity to model of representatives to administer trust relationships for communication between domains. When devices in different domains established for the formation of protected groups corresponding to the home SMVG controller devices can negotiate a unique session key for all peers and spread the key on separate devices, for example, with pairs of public/private keys of the devices listed�tion at their home SMVG controller. This can save computation and, thus, the energy for each mobile device on the key agreement.

Fig. 4 illustrates a variant of implementation of the scheme 400 display name in the security keys that can be used in CON, for example, such CON 100, for example, as part of the SMVG control system described above. Diagram of 400 names are displayed in the security keys can be used to display between household names 410 (in the hierarchy of household names) and corresponding keys 420 (in the key hierarchy). Pets names 410 can be assigned from the home domain to CON, and the keys 420 may form the home SMVG controller using household names 410. Pets names 410 can be displayed in the appropriate keys 420, which then can be distributed to the appropriate devices, for example, via AP domains in guest access.

In the diagram 400 displays the name in the security keys, Pets names 410 can be used as the ID of the devices for forming the respective keys 420. ID names or devices 410 can be used to retrieve public keys, e.g. based on the identity of the cryptographic (IBC). The keys 420 may be used to ensure security of publishing/recording data/content between devices. Hierarchical IBC (HIBC) m�may be used for the key 420 on the basis of names 410, where the upper domain can be intermediate by the Issuer (service) keys. Mapped keys 420 may be any combination of the user (service) key domain of the Issuer (service) of the user key and the generated key. The user domain key, the Issuer and the user key can be obtained from the names 410. For example, Pets names 410 may be used for two user devices (mobile devices) registered user: top/Huawei/Abel/Abel IPhone and top/Huawei/Abel/Abel.iPad. Essentially, two keys 420 may be used for two user devices: Huawei/Abel/key1-for-IPhone and Huawei/Abel/key1-for-iPad.

The SMVG control system may also support social work groups that use CON, for example, CON 100. Management system SMVP can be configured to support functions of the organization of social groups for fixed/mobile users. The user can register their information of a social group (or location provider, social groups) in the TSP profile. For example, the TSP profile may contain entries for storing the ID of the social group of the user, VPN ID, status, social activities, presence, and/or other associated information about the group. TSP may also store, in which "social events" the user is interested.

Fig. 5 illustrare� variant of implementation of the model with the active data source for mobile social group 500, which can be implemented in CON, for example, such CON 100. The model with the active data source for the mobile group 500 can be controlled by the control system SMVP in CON for active delivery of events to the number of members in a social group. In this scenario, when the publisher of the event, such as a mobile device 514, puts the event in CON (via proxy 512), local agent 513 SMVG (domain 510 guest access) can send interest "push" to the controller 511 SMVG home domain (home domain 502). The controller 511 SMVG may be part of the domain Manager, VPN in the home domain 502. By displaying the name of a social group (and/or type of an interested event), the controller 511 SMVG can broadcast interest "push" to many registered mobile device 514, for example, in one or more domains 510 guest access. The controller 511 SMVG is able to communicate with agents 513 SMVG in domains 510 guest access to broadcast interests active delivery. Interest active delivery may be similar to the message "paging" which could be taken by the relevant AP in domains. In turn, the mobile device 514 domains can go prospecting calls. The mobile device 514, which are sent by�scoby challenge then can send the interest to the publisher (mobile device 514) to retrieve the event.

In this scenario, the controller 511 SMVG agents 513 SMVG can transmit control messages, but not the event data. The event data can actually be transferred between the proxy nodes 512 CON in different domains 510 guest access (for example, in the data plane). While these events are duplicated on some routers content, the event data can be shared among social group members, if their interest are the same tract. Another advantage of this approach is energy-saving. As for all mobile members or devices 514 in the same social group, the members do not necessarily have to be "always on" and able to periodically "passive delivery" event (or update social status) in respect of other members. Members can send the call if the event occurs. Group "search and call" can give a benefit to mobile devices 514 due to its reduced or limited capacity. "Search and call" on the name level content can also work in conjunction with wireless paging L2 to achieve additional energy savings when mobile devices�STW 514 is in a state of inactivity.

In the table TSP account of a social group can serve as a location provider for the social domain of a third party, which may provide an opportunity for the exchange of profiles between domains. For example, the domain of AT&T can receive information, "what do you like/dislike the user from the domain Facebook. When AP AT&T actively delivers the events to the mobile device, the AP may use the information user profile received from a third party to put some banner ads on a user's mobile device. For example, when a user goes to the store Wal-Mart, proxy CON can actively deliver the coupon Wal-Mart on the IPhone user. Proxy CON also can actively deliver the menu of the nearest Chinese restaurant on the IPhone, if the proxy CON knows that the user likes Chinese food. This example shows how the SMVG control system may combine information about the location and social group to support new services.

The SMVG control system may also implement administration policies between domains in CON. This administration policies between domains may be associated with the replacement and enforce the policy profiles between domains, when mobile users move between domains. Fig. 6 illustre�should variant implementation of the multi-domain interaction 600 controller and agent in CON, for example, such CON 100, which may be part of the SMVG control system. More precisely, multiple domains attached to the CON, can work together to give the members of the virtual group that can be distributed globally, the opportunity to interact with each other. Typically, the organization of a social network can be considered as excessive phenomenon (OTT), that is, where social interaction can be visible or invisible to SP. The establishment of the provider of this interaction can give the provider the opportunity to create new services that can be customized to the needs of each virtual group that may lead to improved support for quality of experience (QoE) in a global context.

Domains can include home domain 602 CON and multiple domains 610 guest access, which can be located in lots of external access networks attached to the CON. Members of virtual teams may include mobile objects or device 614 connected to external networks access and/or CON. Home domain 602 may include home controller 611 and the SMVG 609 TSP data. Each external network access or domains 610 guest access can include guest controller 615 SMVG, local agent 613 SMVG base 616 profile data local access and local proxy CON 612. Proxy 612 CON to be attached to the mobile device 614 via AP (not shown).

CON may also contain one or more groups of users (not shown) attached to the home domain 602, and each of which contains SMVG agent, database access profiles and proxy CON that can be attached to a user's mobile device. Agents and home SMVG controller 611 in the home SMVG domain 602 can interact within the home domain (interact within a domain), as described above. Local agents 613 SMVG also can interact with guest controllers 615 SMVG in their respective domains 610 guest access, as described above. Additionally, the home controller 611 in the home SMVG domain 602 can interact with guest controllers 615 SMVG in their respective domains 610 guest access, providing the opportunity for interactions between domains, for example, to implement and/or support administration policies between domains, the reachability between domains, mobile check-in and guaranteed service, as described below.

The SMVG control system in CON can maintain reachability between domains. More precisely, to allow interaction between multiple domains, for example, in some way, similar to the management of IP networks, SP CON may conduct research or from�, the values at boundary points (AP) in different domains. Interaction in the control plane through protocols routing within a domain or subscriber paragraph by mutual agreement may be used in the AP in the same domain to exchange named prefixes (for content objects, network elements and other facilities) other domains. This can provide each domain with the ability to build the reachability required for proper authorization ID (name) SMVG controller, and provide the proxy nodes CON properly identify the points of the boundary gateways (AP).

The SMVG control system in CON can also support mobile registration. Every mobile user device may be initially registered in your home SMVG controller through my home proxy CON and home SMVG agent. As soon as the mobile device moves to another domain, guest and associate the proxy CON in a new domain it detects a mobile device, the proxy CON may first consult with a local database peer domain information across domains to determine whether it may be admitted mobile device. Proxy CON can check it using the ID (name) of the user that the mobile device uses ads themselves, once the mobile device is within range priceplan� proxy CON.

For example, a user from the network AT&T "~/att" in its name can be verified if the user is given the opportunity to move into a network of Verizon by checking with a local database peer information exchange network, which may indicate a policy and agreement in place for users arriving from the network AT&T. If a mobile device given the opportunity to move into a network of Verizon, guest proxy CON first may update your SMVG agent that can interact with a local home SMVG controller (in the network of Verizon) to register the roaming user. Then, the guest SMVG agent may initiate the update of control plane in relation to the home SMVG agent moving mobile device. Hence, any mobile device can establish a session with a moving mobile device, primarily by contacting with a private SMVG controller of the mobile device to determine whether moving the mobile device in its current domain. If the request for moving the device cannot be resolved, the SMVG controller may forward the request to the home SMVG controller moving the mobile device that may be able to resolve the user regarding the current house�and. In the case where the mobile device is in a working session, and the mobile device will guest domain access (provided that the mobile user is given the opportunity to move into the guest domain access), the scheme of establishing a new break an existing connection, described above, can be used to enable session continuity, even after the transfer of service between domains. This interaction can also be used even in scenarios where the corresponding device is not owned by the home domain or guest domain access.

System SMVG may also allow interaction and social groups in multiple domains, to allow interaction among the group members, distributed in numerous domains. To ensure interoperability between users in different domains of TSP in different domains can work together for the concretization of group profiles that are supported within their own domains. These specifications can typically require human intervention to fill the appropriate policies that would give the TSP from different domains to interact with each other. Exchange of information the control plane may provide each TP the possibility to link the profile information of the group. From a practical point of view, it may be necessary to TSP was supported by all groups. Information profile of the group also can be dynamically modified, thanks to the intervention of an operator or triggering mechanism application layer/level of the third party.

With fleshed out the profile information of the group information of the group profile can be applied to mobile users (mobile devices) in their home domain or a foreign domain. As for moving users, the policy group can be applied as follows: whenever mobile user device with the appropriate facilities to the group is included in the guest domain, for example, during the registration process at the SMVG controller, the user can submit the mandate of the group of users (in addition to your ID name). The SMVG controller may compare the group submitted for consideration to the information user groups with groups that are supported in its own domain. From groups that submitted for review, the SMVG controller may accept for processing a subset of the groups. Once identified, the set of groups supported within the guest domain the guest SMVG controller may notify the home SMVG controller (moving�of trojstva) about a new guest proxy CON, attached to the mobile device and the interaction of the group can support the guest SMVG controller. This can provide the home SMVG controller the ability to forward queries for group members to establish new sessions or to provide for a distribution of action "push data" to members of the same group, even if they are in different domains.

The SMVG control system may also provide a secure service to comply with any agreement in place to provide assurance of services, for example, when the user moves between domains. The SMVG control system may give CON the ability to deliver content with guaranteed QoS (quality of service), reliability, availability and security of the content that is exchanged between domains. A model providing fine-grained QoS and efficient distribution of content can be expanded at the point of equal information exchange (AP).

Fig. 7 illustrates a variant of the implementation of a multi-domain infrastructure 700 guaranteed service at the CON, for example, like CON 100, which can use VPG. The VPG instances in CON can be concretised by the points of equal information exchange. This may pre�to leave any distribution of content between domains occur in the context of group profiles, defined in the content routers. CON can be attached to a variety of domains including the first domain 702 (Domain-1) and the second domain 704 (Domain-2). The first domain 702 may include a controller 710 home SMVG domain database data 712 TSP and many groups 720 users. Each group 720 users may contain agent 722 SMVG, proxy 726 CON, base 724 profile data local access and plenty of AP 728, which can be attached to mobile devices 740. At least one router 714 content in the first domain 702 may be attached to another router 714 content in the second domain 704.

A second domain 702 may include a controller 711 SMVG external (or guest) domain, another relevant basis data 712 TSP and many relevant groups 720 users. Each respective group 720 users may contain external (or guest) agent 723 SMVG, proxy 726 CON, base 724 profile data local access and plenty of AP 728, which can be attached to mobile devices 740. Components of the first domain and the second domain can be configured essentially similar to respective components CON 100 and can be combined, as shown in Fig. 7. External agents 722 SMVG can also be attached to the base 713 data (DB) peer information exchange, which m�can be a local database peer information exchange between domains, used to determine whether the mobile device to be admitted to the second domain 704. DB 713 peer information exchange may contain information about the mobile device 740, for example, such information is available in the first domain 702. The controller 710 home SMVG domain controller 711 external domain SMVG agents 722 SMVG, external agents 723 SMVG and corresponding proxy nodes 726 CON in both domains can communicate with each other to provide the possibility of interactions between the domains, as described above.

Fig. 8 illustrates an embodiment of a method 800 of registration devices, which may be implemented by a SMVG control system, for example, in the CON 100. The method may begin at block 810, where the mobile device may be logged in the local access profile. The mobile device can be attached via the AP to the home domain CON or guest domain access (e.g., guest or external access network connected to a CON). AP can authenticate the mobile device/user of the device and display the home domain for the name prefix of the mobile device. Local SMVG agent can then register the mobile device in a local access profile. In step 820, the message of registration of the profile for the mobile device may start control�R SMVG home domain. The SMVG controller home domain may be identified based on the home domain, extracted from the mobile device. The SMVG controller home domain may be located in the same domain, which is attached to the mobile device, for example, in the case of scenario registration within the domain, or in a separate domain, for example, in the case of scenario registration between domains.

In block 830, the TSP record corresponding to the registration message may be generated for the mobile device. The TSP record may contain registration information for the mobile device specified in the message registration and/or received from the forwarded name in the message. A TSP account can be entered in the database or table TSP in the home domain that is attached to the SMVG controller. The TSP record may contain information linking between the mobile device and the AP attached to the mobile device. The TSP record may contain the name of the AP that is attached to the mobile device that indicates the location of the mobile device, and which can be globally routable at the CON. Then, the method 800 may end.

Fig. 9 illustrates an embodiment of a method 900 of sending interest between domains, which may be implemented by a SMVG control system, for example, in the CON 100. The method can begins�Xia in block 910, where the interest in respect of the mobile device may be received from peer device. Interest can be a voice call request sent to the mobile device (the called side) peer device (calling device). The SMVG agent in the local domain peer device may take an interest. In block 920 may be the domain of the mobile device. The SMVG agent can output the name of the home domain of the mobile device by the mobile device name in the accepted interest. In block 930, the interest can go to the SMVG controller home domain of the mobile device. The SMVG agent may send an interest in a certain SMVG controller home domain of the mobile device, which can be located in a separate domain than the peer device. The first interest may be sent to the local controller home SMVG domain, corresponding to the local SMVG agent and equal to the device before sending it in the SMVG controller home domain of the mobile device. For example, when the peer device is in a separate network than the mobile device, each network can have its own controller SMVG home domain.

In block 940 may display an appropriate name for�away forward the interest to the mobile device. The SMVG controller home domain of the mobile device (or a local SMVG controller of the home domain of the peer device) can display the name in the interest before sending the interest to the mobile device, for example, using a database of TSP. The name may be displayed to indicate the proper AP attached to the called mobile device, where the destination domain or the target domain. In block 950, the interest can go with the displayed name to your mobile device. Interest may be sent SMVG controller home domain SMVG agent, and then the proxy CON domain, where it is attached mobile device, based on the information displayed name. Then method 900 may end.

Fig. 10 illustrates a variant of implementation of the network module 1000, which may be any device that transports and processes data within the network. For example, network device 1000 may be located in the content router or any node in the CON 100, or any node on the schemes described above. The content router can also be configured to implement or maintain the system and method CON described above. The network module 1000 may include one or more input ports or modules 1010, connected to the receiver 1012 (RX) DL� reception of signals and frames/data from other network components. The network module 1000 may contain knowledgeable about the content module 1020 to determine which network components to send the content. Knowledgeable about content module 1020 may be implemented using hardware, software or both. The network module 1000 may include one or more output ports or modules 1030 attached to the transmitter 1032 (TX), for transmitting signals and frames/data to other network components. The receiver 1012, knowledgeable about the content module 120 and transmitter 1032 may also be configured to implement at least some of the disclosed circuits and methods that may be hardware-based, software, or both. The components of the network module 1000 can be combined, as shown in Fig. 10.

Knowledgeable about content module 1020 may also include a programmable block 1028 forwarding plane content and one or more blocks 1022 storage that can be attached to the programmable block 1028 forwarding plane content. Programmable block 1028 the plane of delivery of the content may be configured to implement functions to the transfer and processing of content, such as at the application level or L3, where the content may be sent upon the name or prefix of the content, and perhaps a friend�th relevant to the content of the information which displays the content in the network traffic. This information display can be maintained in the table of content in aware of the content of module 1020 or network module 1000. Programmable block 1028 plane forwarding of content to interpret user requests for content and to choose the content, for example, based on metadata and/or content from the network or other routers and content can save content, for example, temporarily in blocks 1022 storage. Programmable block 1028 forwarding plane content can then send the cached content to the user. Programmable block 1028 the plane of delivery of the content can be implemented using software, hardware or both and can operate above the IP layer or L2. Blocks 1022 storage can contain cache memory 1024 for the temporary storage of content, such as content that is requested by the subscriber. Additionally, blocks 1022 storage may include long-term storage device 1026 storage content is relatively longer, such as content that is submitted by publisher. For example, the cache memory 1024 and long-term storage device 1026 may include dynamic random access memory (DRAM), solid state drives (SSD), hard drives and�and combinations thereof.

The network components described above may be implemented in any network component of General application, such as a computer or network component with sufficient processing power, memory resources and capacity of network bandwidth to handle the necessary workload placed on it. Fig. 11 illustrates a typical network component 1100 General application suitable for implementing one or more embodiments of the components disclosed in the materials of the present application. Network component 1100 includes a processor 1102 (which may be referred to as a Central processor or CPU, CPU) that is in communication with memory devices including an auxiliary storage device 1104, a permanent storage device 1106 (ROM, ROM), random access memory 1108 (RAM, RAM), the device 1110 input/output (I/O) device and 1112 provide network connectivity. Processor 11102 may be implemented as one or more CPU chips, or may be part of one or more specialized integrated circuits (ASIC).

The auxiliary storage device 1104 typically contains one or more storage drives or tape drives and is used for nonvolatile storage of data and as a data storage device PE�of epolene, if the RAM 1108 is not large enough to hold all working data. The auxiliary storage device 1104 may be used to store programs that are loaded into the RAM 1108, when such programs are selected for execution. The ROM 1106 is used to store commands and perhaps data that are read during execution of programs. The ROM 1106 is a non-volatile memory device that typically has a small memory capacity relative to the larger memory capacity of the auxiliary storage device 1104. RAM 1108 is used to store volatile data and perhaps to store commands. Access to the ROM 1106, and memory 1108 is typically faster than to the auxiliary storage device 1104.

Disclosed at least one variant of implementation, and options, combinations and/or modifications of option(s) implementation and/or characteristics of the option(s) implementation produced by an ordinary specialist in the art are within the scope of disclosure. Alternative implementation options, which are the result of combining, merging, and/or not included in the characteristics of the variant(s) of implementation, are also within the scope of disclosure. In cases where ranges or limitations of numerical values is stated explicitly such precisely defined ranges or limitations should be understood to include iterative ranges or limitations of like magnitude, within the limits set out in the direct form of ranges or limitations (e.g., from approximately 1 to approximately 9 includes 2, 3, 4, etc.; more than 0,10 includes 0,11, 0,12, 0,13, etc.). For example, whenever revealed a range of numeric values, with a lower limit, R1and an upper limit, Ruspecifically disclosed, any number falling within the range. In particular, the specifically disclosed the following numbers within the range: R = R1+ k * (Ru-R1), wherein k is a variable ranging from 1 percent to 100 percent of 1 increments of 1 percent, i.e., k is 1 percent, 2 percent, 3 percent, 4 percent, 7 percent,..., 70 percent, 71 percent, 72 percent,..., 97 percent, 96 percent, 97 percent, 98 percent, 99 percent or 100 percent. Moreover, any numerical range of values defined by two numbers R, as defined above, also specifically disclosed. The use of the term "election with respect to some realization of the claim means that you want the element or, alternatively, the element is not required, both alternatives are within the scope of the claim. Use of broader terms such as comprises, includes, and has to be understood-supporting DL� narrower terms such as consisting of, consisting essentially of and essentially containing. Accordingly, the scope of protection is not limited by the description set out above but is further defined by the claims, this volume includes all equivalents of the subject matter. Each and every item of the invention is included, as additional disclosure, in the description of the invention, and the claims are embodiment(s) of implementing the present disclosure. Discussion of the reference material in the disclosure is not an admission that it is prior art, especially any reference material, which has a publication date after the priority date of this application. The disclosure of all patents, patent applications and publications cited in the disclosure are hereby incorporated into the composition by reference to the extent that they provide exemplary, procedural or other details supplementary to the disclosure.

Although several embodiments have been provided in the present disclosure is to be understood that the disclosed systems and methods might be embodied in many other specific forms without deviating from the essence and exit from the scope of the present disclosure. These examples should be considered as illustrative and not restrictive, and the examples we have�of rhenium to limit the invention details contained in the materials of the present application. For example, the various elements or components may be combined or join in another system or certain features may be omitted or not implemented.

In addition, technologies, systems, subsystems and methods described and illustrated in the various embodiments as separate or separate may be combined or aggregated with other systems, modules, technologies or methods, not the exit from the scope of the present disclosure. Other items shown or discussed as related or directly related or connected with each other, can be linked or indirectly capable of communicating through some interface, device, or intermediate component, electrically, mechanically or otherwise. Other examples of changes, substitutions, and transformations can be identified by the specialist in the art and could be made without deviating from the essence and exit from the scope of the invention disclosed in the materials of this application.

1. The system of organization of the network containing the processor and neuremedy read by a processor, the medium having stored therein executable by the processor instructions, wherein the instructions include a plurality of blocks, wherein the blocks of sod�rat:
controller of virtual teams in the information centric network configured to provide mobility and security for the many user groups mentioned information-oriented network;
a set of agents, each of which is associated with one of said plurality of groups of users and groups of users connected to the virtual controller group and associated with said users; and
the database for the profile of trusted services connected to the virtual controller group,
in this case, the virtual controller group is arranged to interact with agents to provide mobility for groups of users using peer-to-peer and based on the domains of the same naming scheme,
in this case, the virtual controller group configured to operate in the control plane to determine the domain for the user device based on the domain name obtained from the request, mentioned routing the request through a display name for a user device in the request using the profile information of trusted service, wherein the virtual controller group provides registration and administration user name of device and name display to provide�secure mobility for groups of users and to ensure proper global routing network.

2. System network according to claim 1, further comprising multiple databases of local access profiles associated with one group of users and is connected to one of the agents.

3. System network according to claim 1, additionally containing many proxy sites are associated with one group of users and is connected to one of the agents, wherein the virtual controller group additionally performed with the opportunity to interact with the proxy nodes to provide mobility for groups of users using peer-to-peer and based on the domains of the same naming scheme.

4. System network according to claim 3, further comprising:
a lot of content routers that are attached to the controller in virtual communities and user groups, and configured to route and cache content data; and
the multiple access points (AP) that is attached to the proxy nodes and associated with groups of users, wherein the set AR is arranged to provide a point of attachment for many mobile devices that are assigned to user groups, and to facilitate communication between multiple mobile devices.

5. System network according to claim 3, in which the proxy node configured to manage mobility�awn for mobile devices using display the prefixes for incoming messages for mobile devices on the serving AR, to specify the target AP when the mobile devices are beginning to move from the serving AP to the target AP, and forwarding the incoming messages to a mapping of prefixes to target AR until then, until there has been a transition to a target AP.

6. System network according to claim 3, in which the controller virtual groups and one or more user groups are located in the same domain, and thus the controller of virtual teams, agents and proxy nodes provide security services, mobility and the organization of social groups within a domain for user groups.

7. System network according to claim 3, in which the controller virtual groups and one or more user groups are located in different domains, and thus the controller of virtual teams, agents and proxy nodes provide security services, mobility and the organization of social groups between domains for user groups.

8. System network according to claim 7, in which groups of users that are located in other domains than the controller of the virtual groups are also associated with many relevant local domain controllers that are located in these other domains than the controller of virtual groups.

9. System network according to claim 7, in which the controller virtual groups attached to the same database�equal information exchange, which is used to get information about user groups in other domains.

10. System network according to claim 7, in which groups of users that are located in other domains than the controller of virtual teams, also located in a separate network than the home controller of the domain.

11. System network according to claim 3, in which the controller of virtual teams, agents and proxy nodes is arranged to provide integrated and functioning together, the control plane services, which is separate from the plane of the transport of content data.

12. System network according to claim 1, in which the controller virtual groups attached to the content provider a third party that delivers the content data in the user group.

13. System network according to claim 1, in which the virtual controller group controller contains a secure mobile virtual groups (SMVG) home domain.

14. System network according to claim 3, in which the proxy node includes a proxy node focused on the content network (CON).

15. System network according to claim 3, in which the controller of virtual teams, agents and proxy nodes together are designed to ensure the safety and organization of social groups to administer the profiles of trusted CONV�g for groups of users using the mentioned peer-to-peer and based on the domains of the same naming scheme.

16. The network component is operating in the control plane that contains:
the receiver is arranged to accept a request through information-oriented network, wherein the request associated with the user device in the group of users;
controller virtual groups, made with the possibility of functioning in the control plane to determine a domain for the user device based on the domain name obtained from the request, route the request appropriately by displaying a name for the user device in the request using the profile information of trusted services; and
a transmitter configured to forward the request to the domain for the user device,
thus the controller of virtual teams provides registration and administration user name of device and name display to provide user mobility and to ensure adequate global routing network.

17. The network component according to claim 16, in which the display name is used to display the hierarchy of the home name of the user devices assigned to from home domain and containing the name of the home domain, user name, device name and user devices, in the hierarchy of the external�n user devices, routable on the external domain and containing the name of the external domain name of the access technology radio access network (RAN) to the access point (AP) attached to a user's device in the external domain, the name of the home domain, user name, device name and the user's device.

18. The network component according to claim 16, wherein the virtual controller group provides mapping and allocation keys based on the user names to ensure the security of user content.

19. The network component according to claim 18, in which the keys of the display are used to display the hierarchy of the home name of the user devices assigned to from home domain and containing the name of the home domain, user name, device name and user devices in the key to ensure the security of publish/subscribe data content to user devices, and contains the name of the home domain, the user name of the device and a key generated based on the name of a user device and using based on the identity of the cryptographic (IBC).

20. The network component according to claim 16, wherein the virtual controller group provides the organization of social groups using profile information trusted services, which specifies the set g�SCP users their associated user devices and the access point (AP) attached to the user's device.

21. The network component according to claim 16, wherein the virtual controller group provides administration policies between domains, the reachability between domains and social interaction between domains, with many profiles of trusted services that operate in conjunction with each other in a variety of domains.

22. The network component according to claim 16, wherein the virtual controller group additionally performed with the opportunity to provide security services, mobility and social organization of groups for the user group with the use of domain-based naming.

23. Method implemented in a network component, to provide interest on a mobile device, comprising stages on which:
take in the controller of virtual teams operating in the control plane in the information centric network, a request to the mobile device from the proxy group, the proxy group accepts the request from the peer device;
display, using the virtual controller group name for the mobile device in the request to the access point for the mobile device by using the profile of trusted services for mobile devices and�STV; and
sending, by the controller of virtual teams, a request to the access point for the mobile device.

24. A method according to claim 23, further comprising stages on which:
register a mobile device that is attached to a domain network, in profile to the local access domain network;
send a message of registration of the profile for the mobile device to the virtual controller group associated with the network domain; and
create an entry for the profile of trusted services corresponding to the registration message for the mobile device.



 

Same patents:

FIELD: radio engineering, communication.

SUBSTANCE: invention relates to communication. A method and device for changing a transmission/reception setting of a base station (BS) in a communication network to another transmission/reception setting (for example, using fewer transmitting antennae and/or a narrower channel bandwidth), without affecting communication with user equipment, includes "replacing" the existing BS with a "virtual" BS having the other transmission/reception setting. Replacement can be carried out, for example, by reducing the power of the existing or the first BS, having the corresponding identification (ID) of a first cell or a first node, and simultaneously increasing the power of the virtual or second BS, having the corresponding ID of a second cell or a second node.

EFFECT: improved BS efficiency.

18 cl, 6 dwg

FIELD: radio engineering, communication.

SUBSTANCE: result is achieved by dividing a geographical area into a plurality of geographical bins, setting up a plurality of zones for a cell based on a plurality of boundary thresholds, receiving a plurality of signal measurements from a plurality of user devices across the geographical bins, classifying the geographical bins into the different zones by comparing the signal measurements to the boundary thresholds of the zones, calculating a plurality of gain adjustments for the corresponding geographical bins in the zones and generating a beam pattern based on the gain adjustments.

EFFECT: optimising the antenna beam pattern of a base station.

23 cl, 10 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to data transmission. The method enables a femtocell access point to automatically establish communication with a communication network provider; enable said access point to automatically download a personal configuration from an initialisation server belonging to said communication network provider and a domain name system server is automatically used to obtain the address of the initialisation server.

EFFECT: improved femtocell initialisation method.

19 cl, 4 dwg

FIELD: radio engineering, communication.

SUBSTANCE: invention discloses, in particular, a method of detecting a preamble, which includes the following: chips of a preamble are divided into a plurality of chip blocks, and correlative accumulation is performed on the plurality of chip blocks to obtain multiple groups of partial products of signature components; compensation of positive frequency offset is performed on each group of the multiple groups of partial products of signature components to obtain multiple groups of compensation results of positive frequency offset, and compensation of negative frequency offset is performed on each group of the multiple groups of partial products of signature components to obtain multiple groups of compensation results of negative frequency offset; coherent accumulation, phase rotation, signature matching and complex modulus calculation, and dual-antenna merging are performed on the multiple groups of compensation results of positive frequency offset, and the coherent accumulation, the phase rotation, the signature matching and the complex modulus calculation, and the dual-antenna merging are performed on the multiple groups of compensation results of negative frequency offset.

EFFECT: high efficiency of detecting preamble in a wideband code division multiple access system.

14 cl, 4 dwg

FIELD: radio engineering, communication.

SUBSTANCE: method includes receiving a network packet containing a device identifier, determining the device identifier and checking if the device identifier is contained in a database. If the device identifier is not contained in the database, an installed application is launched which, through the device, transmits a login request to the system, during which the device identifier and the associated application identifier are entered into the database. If the device identifier is contained in the database, an application identifier is retrieved from the database, said application identifier serving as the address for sending push notifications and corresponding to said device.

EFFECT: enabling identification of devices with referencing to the geographic location in local zones.

7 cl

FIELD: radio engineering, communication.

SUBSTANCE: direct communication is facilitated using a network-connected server device, which provides a common platform for a plurality of requesting devices in order to request a plurality of target devices with any initiation means based on a plurality of service attributes. The network-connected server device has an auxiliary function - making the system compatible with all initiation means, but in which the system is absent during service level communication in the devices.

EFFECT: improved system.

19 cl, 2 dwg

FIELD: radio engineering, communication.

SUBSTANCE: invention relates to a mobile communication system. A terminal (200), which uses a plurality of different layers to transmit two code words in which control information is placed, comprises: a resource amount determining unit (204) which determines, based on a lower one of the encoding rates of the two code words or based on the average value of the inverses of the encoding rates of the two code words, resource amounts of control information in the respective ones of the plurality of layers; and a transport signal generating unit (205) which places, in the two code words, the control information modulated using the resource amounts, thereby generating a transport signal.

EFFECT: invention enables a terminal device to prevent degradation of reception quality of control information even when employing SU-MIMO transmission system.

12 cl, 10 dwg

FIELD: physics, communications.

SUBSTANCE: invention relates to radio communication. A base station performs radio data communication with terminal devices by using a plurality of bands of which each has a data channel region to which a data channel is assigned and a control channel region to which a control channel is assigned. The base station includes a control channel assigning device which assigns a control channel for the terminal device at a location in the control channel region of any band from a plurality of bands corresponding to a band to which a data channel assigned to the terminal device belongs, and a control channel transmitting device which transmits the control channel to the terminal device at the location assigned by the control channel assigning device.

EFFECT: improved efficiency of using system frequency as a whole.

2 cl, 21 dwg

FIELD: radio engineering, communication.

SUBSTANCE: invention relates to mobile communication. The mobile communication method includes a step of determining, by a mobile management node MME, whether a mobile station UE is a roaming mobile station UE, in an attach procedure of a mobile station UE or a transition procedure to an active state; and a step of transmitting, by the mobile management node MME, to a radio base station eNB, user consent indication indicating whether the mobile station UE has given consent for implementation of MDT when it is determined that the mobile station UE is roaming.

EFFECT: performing management such that an instruction to perform minimisation of drive tests (MDT) is not transmitted to a roaming mobile station UE.

6 cl, 6 dwg

FIELD: radio engineering, communication.

SUBSTANCE: invention relates to frequency adjustment in wireless communication. Terminal performance information related to performance of a wireless terminal device, in which at least one of a first frequency bandwidth for use in an uplink or a second frequency bandwidth for use in a downlink is variable, is associated with a terminal category beforehand. When the terminal performance information is received from the wireless terminal device, the terminal category is specified from the terminal performance information, line setting with the wireless terminal device is carried out and a control signal corresponding to the line setting is transmitted.

EFFECT: simple line setting based on terminal category and faster frequency setting.

7 cl, 19 dwg

FIELD: physics; communications.

SUBSTANCE: description is given of a method and device for switching wireless terminal channels. For this, several communication channels with different physical characteristics are supported in the cell of the base station. Each wireless terminal controls several channels and evaluates several channels at the same time, such that, there can be fast switching between channels. Information on the quality of the channel is sent from each wireless terminal to the base station. The wireless terminal or base station selects the channel, based on the evaluated quality of the channel. By supporting several channels and through periodical changes in channels in different implementation alternatives, the time taken before the wireless terminal finds good or suitable channel conditions is minimised, even if the wireless terminal changes position. Several antennae are used at the base station for simultaneous support of several channels, for example, through control of the directional pattern of the antennae.

EFFECT: reduced delays before wireless terminal finds suitable channel conditions.

66 cl, 26 dwg

FIELD: physics; communications.

SUBSTANCE: during different set conditions providing source of sound for company service information as substitutive audio signal for call return, receiver can determine whether source of sound for service information for subscriber or set time interval is provided for. Present invention provides for a method and device for obtaining substitutive repeating audio signal for call return based on choice or successively in accordance with a preset condition.

EFFECT: provision for several substitutive audio signals for call return.

26 cl, 6 dwg

FIELD: physics; communications.

SUBSTANCE: method consists of the following stages: reception of request for channel access from user terminal. Reception of the user terminal can be one of several active user terminals. The transmission cycle duration is determined as a result of reception of a request for channel access. The arrival time of data to the cycle is determined for the user terminal. The arrival time of data to the user terminal is set, so as to designate the channel for the user terminal, starting from the time of arrival of data.

EFFECT: reduced probability of collisions during transfer of data from different users.

31 cl, 8 dwg

FIELD: information technologies.

SUBSTANCE: method for assignment of band channel with adaptive modulation and coding (AMC) to subscriber stations (SS) is realised in wireless communication system, which separates full range of frequencies into multiple subcarrier bands, every of which represents set from previously specified quantity of subranges, every of which represents set of previously specified quantity of adjacent subcarriers. Method comprises the following stages: necessity in use of band channel with AMC is detected; quality of reception is measured in frequency bands; list of frequency bands with high quality of reception is formed; request is sent for assignment of band channel with AMC as well as foresaid list to base station (BS); response is received to mentioned request from BS; in compliance with response, changeover is done in SS in condition of use of band channel with AMC.

EFFECT: creation of flexible system that provides possibility for subscriber stations with proper condition of channel to realise high-speed communication with high throughput.

61 cl, 7 dwg, 3 tbl

FIELD: information technologies.

SUBSTANCE: service center (SZ) for transmission of information content should not know or define number of person who initiates loading, and sole connection (TKV) of communication from communication device (TKG) to service center (SZ) does not require making another communication contact, at that information content is requested in the first communication session (SI1) with the first notice (SN1) about service from service center (SZ), and is delivered from service center (SZ) in the second communication session (SI2) with at least one notice (SN2) about service.

EFFECT: reduction of power inputs and use of hardware resources.

18 cl, 5 dwg

FIELD: information technologies.

SUBSTANCE: system comprises subsystem of all-channel signaling processing, data base subsystem, services processing subsystem and operational maintenance subsystem, at that all subsystems are connected to communication network and accordingly realise information exchange; at that all-channel signaling processing subsystem performs function of OKC-7 processing; data base subsystem is used for storage of user data; services processing subsystem comprises one or more modules for processing of home location register services; operational maintenance subsystem comprises operational maintenance server, services acceptance terminal and close-range terminal of operational maintenance.

EFFECT: provision of possibility to service user of several types of networks via system of home location register.

5 cl, 2 dwg

FIELD: information technologies.

SUBSTANCE: in one version of realisation access network may assign group identifier (group ID) to every of pilot-signals associated with sector, for instance, on the basis of pilot-signals coverage areas, and transmit pilot-signals with appropriate group ID. PN shift may be used as group ID. Access terminal may group accepted pilot-signals in one or more pilot-signals group according to their group ID, and select representative pilot-signals from every group of pilot-signals for transmission of message about pilot-signal level. Access terminal may also use grouping of pilot-signals for efficient control of sets.

EFFECT: provision of efficient and reliable communication systems with multiple carriers.

32 cl, 13 dwg

FIELD: information technologies.

SUBSTANCE: wireless communication network comprises different base stations and subscriber stations. Every base station provides services of broadcasting content transfer to subscriber stations via communication channels of one of the following types: 1) common channel used by multiple subscriber stations, 2) individual channels, every of which is separated for use by separate subscriber station. In response to one or several preset changes of condition, i.e. change of number of subscriber stations that request the program, change of transmission power level used by base station, or in case of other change of network condition, communication channel type used for provisioning of broadcasting content to one or several subscriber stations is switched over.

EFFECT: delivery of broadcasting content with use of errors and individual channels combination, depending on whatever is more preferable in available circumstances.

5 cl, 28 dwg

FIELD: information technologies.

SUBSTANCE: one version of realisation comprises base station, which controls channel of speed indicator, decodes speed indicator channel with application of likelihood maximum decoder and determines availability of packet in speed indicator channel by comparison of probability to threshold, and analyses frame validity in packet-oriented channel on the basis of availability and content of packets accepted in speed indicator channel.

EFFECT: possibility to identify packets in speed indicator channel, high probability of good and bad frames identification in speed indicator channel and corresponding nonperiodical data transfer channel.

43 cl, 5 dwg

FIELD: information technologies.

SUBSTANCE: method and device are provided for provisioning of one or more communication services of point-point set type, such as multimedia service of broadcasting/multicasting (MBMS), to one or more mobile terminals, or subscriber devices (AA). When one or more mobile terminals are moved to new zone of mobile communication system controlled by other network component, after connection to service, information is transmitted between network elements by method.

EFFECT: facilitation of continuous service reception by mobile terminals that moved, preserving network resources and increasing efficiency of mobile communication system.

95 cl, 10 dwg

Up!