Information transmission method and apparatus
US-2024236840-A1 · Jul 11, 2024 · US
Method and system for EASDF secure service
US12348512B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12348512-B2 |
| Application number | US-202318307950-A |
| Country | US |
| Kind code | B2 |
| Filing date | Apr 27, 2023 |
| Priority date | Apr 27, 2023 |
| Publication date | Jul 1, 2025 |
| Grant date | Jul 1, 2025 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A method, a network device, and a non-transitory computer-readable storage medium are described in relation to an EASDF secure service. The EASDF secure service may include a network-side service that may validate access and authorization to use a domain name system (DNS) resolver device, such as an edge application server discovery function. The network-side service may validate access and authorization of an end device based on tokens. The EASDF secure service may include an end device-side service that includes a token with a DNS query to the DNS resolver device. The end device-side service may further provide authorization regarding access and use of applications, networks, and application devices that host applications and/or assets by the end device at the end device. The end device-side service may determine access and/or authorization based on tokens and a validation procedure performed at the end device.
First claim
Opening claim text (preview).
What is claimed is: 1. A method comprising: receiving, by a domain name system (DNS) resolver device from a network device, a message that includes a first token pertaining to access authorization by an end device; receiving, by the DNS resolver device from the end device, a DNS query that includes a second token; comparing, by the DNS resolver device, the first token and the second token; and determining, by the DNS resolver device based on the comparing, whether the end device is authorized to access the DNS resolver device. 2. The method of claim 1 , wherein the network device includes a session management function (SMF) of a core network. 3. The method of claim 1 , further comprising: storing, by the DNS resolver device, the first token; and receiving, by the DNS resolver device from the network device before receiving the DNS query, end device information that includes a unique identifier of the end device, wherein the end device information is correlated to the first token. 4. The method of claim 1 , further comprising: determining, by the DNS resolver device, that access is authorized; generating, by the DNS resolver device, a response message to the DNS query that includes a network address of an application device regarding the DNS query; and transmitting, by the DNS resolver device to the end device, the response message. 5. The method of claim 1 , further comprising: determining, by the DNS resolver device, that access is not authorized; generating, by the DNS resolver device, a response message to the DNS query that includes a network address of another DNS resolver device; and transmitting, by the DNS resolver device to the end device, the response message. 6. The method of claim 1 , wherein the DNS query includes a unique identifier and a network address of the end device, and wherein the method further comprises: selecting, by the DNS resolver device in response to receiving the DNS query, the first token based on at least one of the unique identifier or the network address of the end device. 7. The method of claim 1 , wherein the message includes a network address and a fully qualified domain name of an application server. 8. The method of claim 1 , wherein the DNS resolver device includes an edge application server discovery function (EASDF). 9. A network device comprising: a processor that is configured to: receive, from another network device, a message that includes a first token pertaining to access authorization by an end device, wherein the network device includes a domain name system (DNS) resolver device; receive, from the end device, a DNS query that includes a second token; compare the first token and the second token; and determine, based on the comparison, whether the end device is authorized to access the DNS resolver device. 10. The network device of claim 9 , wherein the other network device includes a session management function (SMF) of a core network. 11. The network device of claim 9 , wherein the processor is further configured to: store the first token; and receive, from the other network device before receiving the DNS query, end device information that includes a unique identifier of the end device, wherein the end device information is correlated to the first token. 12. The network device of claim 9 , wherein the processor is further configured to: determine that access is authorized; generate a response message to the DNS query that includes a network address of an application device regarding the DNS query; and transmit, to the end device, the response message. 13. The network device of claim 9 , wherein the processor is further configured to: determine that access is not authorized; generate a response message to the DNS query that includes a network address of another DNS resolver device; and transmit, to the end device, the response message. 14. The network device of claim 9 , wherein the DNS query includes a unique identifier and a network address of the end device, and wherein the processor is further configured to: select, in response to receipt of the DNS query, the first token based on at least one of the unique identifier or the network address of the end device. 15. The network device of claim 9 , wherein the message includes a network address and a fully qualified domain name of an application server. 16. The network device of claim 9 , wherein the DNS resolver device includes an edge application server discovery function (EASDF). 17. A non-transitory computer-readable storage medium storing instructions executable by a processor of a domain name system (DNS) resolver device, wherein the instructions are configured to: receive, from a network device, a message that includes a first token pertaining to access authorization by an end device; receive, from the end device, a DNS query that includes a second token; compare the first token and the second token; and determine, based on the comparison, whether the end device is authorized to access the DNS resolver device. 18. The non-transitory computer-readable storage medium of claim 17 , wherein the instructions are further configured to: determine that access is authorized; generate a response message to the DNS query that includes a network address of an application device regarding the DNS query; and transmit, to the end device, the response message. 19. The non-transitory computer-readable storage medium of claim 17 , wherein the instructions are further configured to: determine that access is not authorized; generate a response message to the DNS query that includes a network address of another DNS resolver device; and transmit, to the end device, the response message. 20. The non-transitory computer-readable storage medium of claim 17 , wherein the DNS query includes a unique identifier and a network address of the end device, and wherein the instructions are further configured to: select, in response to receipt of the DNS query, the first token based on at least one of the unique identifier or the network address of the end device.
Assignees
Inventors
Classifications
using domain name system [DNS] · CPC title
- H04L61/5046Primary
Resolving address allocation conflicts; Testing of addresses (testing when self-assigning an address H04L61/5092) · CPC title
using tickets, e.g. Kerberos (cryptographic mechanisms or cryptographic arrangements for entity authentication using tickets or tokens H04L9/3213) · CPC title
- H04L63/083Primary
using passwords (cryptographic mechanisms or cryptographic arrangements for entity authentication using a predetermined code H04L9/3226) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12348512B2 cover?
- A method, a network device, and a non-transitory computer-readable storage medium are described in relation to an EASDF secure service. The EASDF secure service may include a network-side service that may validate access and authorization to use a domain name system (DNS) resolver device, such as an edge application server discovery function. The network-side service may validate access and aut…
- Who is the assignee on this patent?
- Verizon Patent & Licensing Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L61/5046. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Jul 01 2025 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 6 related publications on this page (citations in our corpus or others sharing the same primary CPC).