An system and method for handling broadcast network requests for auto-configuration and discovery of IP to MAC address mappings and gateway presence in wireless peer-to-peer ad-hoc routing networks. The significant portion of a node's IP address is calculated by applying a hashing function to the six-byte hardware (MAC) address. The significant portion is appended to routing advertisements, and thereby propagates passively to other network nodes. DHCP and ARP requests, as well as other broadcast type requests, are handled by the local network stack of a node, without requiring a broadcast transmission over the wireless channel.

A computer system having a network processor comprising a core processor and at least one microengine in operative communication with the core processor is provided. A table comprised of a plurality of entries with IP addresses associated therewith is built, wherein the entries are organized hierarchically according to an LC-Trie compression algorithm operating on the IP addresses. An Information packet is received within the computer system, wherein the information packet has a destination IP address associated therewith. The table is searched using an LC-Trie search algorithm to find a match between an IP address of an entry in the table and the destination IP address of the information packet. The information packet is transmitted to a forwarding IP address associated with the IP address of the matching entry. An interface is provided to accommodate communication between the core processor and microengine of the network processor.

A telecommunications system comprises a user equipment operable to request a bearer for communicating internet protocol data according to the second internet protocol (IPv4) to and from a gateway support node of a packet radio network. The gateway support node is operable to establish a tunnelling protocol bearer for communicating the internet packet data to and from the user equipment across the packet data network. The user equipment is operable in combination with the gateway support node to form a link local address. The link local address comprises an interface identifier including a tunnelling end identifier of the tunnelling protocol bearer which ends at a gateway support node of the core network part of the packet radio network. An internet protocol address according to the first internet protocol is requested from an address allocation server using the link local address. The user equipment is operable in combination with the gateway support node to receive an allocated internet protocol address according to the first internet protocol, and to communicate with the user equipment using the allocated internet protocol address. Embodiments of the present invention provide a facility for generating a link local address, which can be routed according to the first internet protocol to a server. As such the link local address can be used to acquire an internet protocol address from an address allocation server according to the first internet protocol. The acquired address can therefore be used to communicate internet protocol data, replacing the link local address with the acquired address of the user equipment.

A method for setting up a connection path to a mobile RF network in which, as a connection path between a telecommunications terminal (1) and the access-and-switching units (9,10) of the mobile RF network a radio link (12), or a connection path (13) including the Internet (8) is automatically used, in which the Internet connection path (8,13) is handled as a further RF cell of the mobile RF network, by the access and switching-units (9,10,11), as well as the telecommunications terminal (1), with regard to the relationship with the switch-on of the telecommunications terminal (1) and its booking or log-on during sequences with the mobile RF network as well as a switch-over in the course of a changeover or hand-over of the connection path between the radio link (12) and Internet path (8,13) or vice versa. Independent claims are included for (A) an arrangement for carrying out the method and (B) a telecommunications terminal for carrying out the method.

Transmitting data in a ring network that transmits bursts and data packets. A path setup message (306) is sent to request a data transmission between a source node (302 i ) and a destination node j (302 j ) through intermediate nodes (302 N ) connecting the source node (302 i ) and the destination node j 302 j . Each intermediate node determines that a connection to a next node along the path is available when the connection to the next node, that normally transmits bursts and data packets, transmits data packets. A current data transmission of data packets on the path is stopped when the entire path is determined to be available.

A method for a radio channel allocation for telecommunication networks, comprising fixed transceivers (BTS) and fixed or mobile radio stations (MS). The method comprises a step of performing channel allocation for a particular radio connection to a radio station based upon signal to interference estimates for the radio station. A system and a base station controller are also disclosed.

A method for executing secure data transfer between a communication device and an application server in a wireless network, in which a request requiring a secure transaction of data is sent from either the communication device or the server. An agreement proposal for the secure transaction is sent to the communication device, and if the agreement proposal is considered acceptable, the agreement proposal is sent to a security adapter. Details of the transaction are entered into a message and sent to a smart card in order to activate a signing application in the smart card. The details of the transaction are displayed on the communication device, and if the transaction is accepted, the signing application signs the data and sends it to the security adapter via messages, the signature is verified, and the data is sent to the server.

Multiple devices are identified in a network along with connection information associated with the multiple devices. The connection information associated with the multiple devices is converted into a hierarchical structure and communication links between the multiple devices are identified.

A method for setting up and managing secure data/audio/video links with secure key exchanges, authentication and authorization is described. An embodiment of the invention enables establishment of a secure link with limited privileges using the machine identifier of a trusted machine. This is particularly useful if the user of the machine does not have a user identifying information suitable for authentication. Furthermore, the presentation of a default user identifying information by a user advantageously initiates intervention by a system administrator instead of a blanket denial. This decentralized procedure allows new users access to the network without having to physically access a centralized facility to present their credentials. Another embodiment of the invention enables a remote user to connect to a secure network with limited privileges.

A system for detecting unauthorised use of a network is provided with a pattern matching engine for searching attack signatures into data packets, and with a response analysis engine for detecting response signatures into data packets sent back from an attacked network/computer. When a suspect signature has been detected into a packet, the system enters an alarm status starting a monitoring process on the packets sent back from the potentially attacked network/computer. An alarm is generated only in case the analysis of the response packets produces as well a positive result. Such intrusion detection system is much less prone to false positives and misdiagnosis than a conventional pattern matching intrusion detection system.