DlVITAS DESCRIPTION PROTOCOL AND METHODS THEREFOR

BACKGROUND f 00011 Conventional mobile communication platforms include cellular communications, for example. Global Systems for Mobile (GSM) communications. Other conventional platforms that support limited mobility include WiFi, which Ls based on IEEH 802 1 1 standards. Cellular and WtFt are both well known and established wireless communication platforms.

[0002] Next generation platforms may be designed to permit mobile users to move between cellular and WiFi networks and include an Unlicensed Mobile Access (UMA) standard that may provide a switch controller for carriers Io permit users to transcend between cellular and WiFi networks and vice-versa. However, the UMA standard may have disadvantages me Iu ding that carriers generally control calls and decide if and when to switch users between networks.

[0003] AB advanced mobile communication platform may be needed to provide enterprise level communication and control over users and the networks such that enterprises (instead of earners) may select networks and/or control calls based on enterprise driven criteria rather than earner en criteria.

[0004] Further, in mobile/wireless communication, generally there have been the following problems: (a) echo; (b) packet delay, packet delay variation (packet jitter), and packet loss which affect quality of service (QoS); (c) hardware or software platform dependency of protocols; and (d) security of enterprise resource access. The problems are described as follows: [0005] (a) Echo

[0006] In voice communications such as conventional PSTN, conference phone, cellular mobile phone, and voice over IP, echo cancellation (F-C) technology has been widely used to improve quality of service (QoS) for end-users Generally there are two types of echo canceller. One types of echo canceller is generally called lme or network echo canceller (1,EC). LEC is generally used io remove electrical echoes caused by reflections of hybrid components on a network where 2- liiie and/or 4-line conversions take place Another type of echo canceller is generally called acoustic echo canceller (AEC) AHC is generally used to remove acoustic echoes caused by acoustic sound feedbacks from a speaker to a microphone on a hand-free speaker phone, mobile phone, or conference phone. Compared with LEC, implementing an AEC" may be more challenging due to

some of the following factors: iøiiger echo tail since the sound speed is much slower than the Sight for electron) speed, and accordingly the echo canceller is required to have more processing power and mote memory, more dynamic change of the acoustic echo characteristics because of movement of the phone or talker and changes in the environment, and accordingly the echo canceller may be required to track and catch up changes in the echo characteristics more quickly; and multiple echo paths due to multiple reflections from different objects with different distances and/or orientations. [0007] Current acoustic echo cancellation technologies generally have limitations. Acoustic echo cancellation technology may have been invented and used for at least 40 years so far. However, the basic approach to cancelling acoustic echoes may not have been significantly changed. In general, a typical AEC utilizes an adaptive filter to model one or more echo path transfer functions and try to produce a replica of the echoes. The AEC may then subtract this replica from the near-end input signal to form a supposedly final echo-free far-end signal output [0008] Most of acoustic echo cancellation technology advancements so far are to employ different kinds of filters such as a FlR or UR filter, single band or multiple bands filter, or time-domain or frequency-domain filter. Further, different algorithms such as LMS ₁ RLS, APA, and so on have been used to improve filter efficiency. Nevertheless, even with all these technology improvements, AEC design and implementation may still be a very challenging task today. Conventional filters may show many limitations on handling the acoustic echoes because of the complexity and the variability nature of the acoustic echoes. One of the limitations may be poor double-talk (both near- end and far-end speakers are talking) performance Calculations in the conventional filters may result in divergence instead of convergence between the echoes and the replica during a double-talk. [0009] (b) Packet delay, packet delay variation (packet jitter), and packet loss which affect quality of service (QoS)

[0010] Sn voice over IP and video over ϊP communications, voice and/or video media contents may need to be transferred from the transmitter to the receiver in real-time, while the underlying IP network was originally designed for non real-time date communications. Accordingly, providing and maintaining the quality of service (QoS) to the end-users may become a very challenging task. The packet delay, the packet delay variation (packet jitter) and the packet loss from end-to-end may be considered three important QoS parameters which affect the quality and performance of the voice and video communications over IP network.

[00! S j Current j itter buffer technologies tend to have limitations. A jitter buffer scheme which may also be called de~jitteτ buffer scheme is usually employed on the receiver side to compensate or remove the network packet jitter. Basically, the scheme may not play out the packet as soon as the packet is received, instead, the scheme may queue up the incoming packets and play out the queued packets at even intervals. In effect, the packet queuing may represent inserting a delay before the play-out happens. The inserted delay is usually called play-out delay. [0012j There may be at least two issues on the current jitter buffer designs and implementations. The first issue may pertain to how much the play-out delay needs to be inserted. There may be a tradeoff on the amount of the play-out delay. For a large delay, there may be less packet loss. On the other hand, fora small delay, there may be a better interactive experience. The first issue may have been acceptably resolved by the adaptive jitter buffer scheme In the adaptive jitter buffer scheme, a receiver may estimate the network packet jitter based on the timestamp of the RTP header of the incoming packets and the receiver local time. The receiver may then insert the minimal delay just enough to compensate the network packet jitter.

[0013 j The second issue on the jitter buffer design may pertain to when to insert the play-out delay. Ideally, the play-out delay can be inserted at the beginning of each talk spurt. Accordingly, each talk spurt may be played out at even intervals, but. only the silence periods between talk spurts are expanded or compressed. For example, if the transmitter employs silence suppression technology, the packets coming m the receiver may ideally have gaps between talk spurts such that a device may be implemented to identify the beginning of the each talk spurt based on the timestamp and the sequence number on the RTP headers of the incoming packets

[0014] However, in reality, inserting delays at talk spurt beginnings can be achieved only in limited situations. Most current silence suppression technologies may have limitations and may perform well only for some clean situations such as single human speaker or low background noise Current silence suppression technologies may not perform well for some other situations such as multiple human speakers in a conference or high background noise such as during mobile communications. Therefore, many applications may be executed without utilizing or activating silence suppression, in order to preserve better audio quality. As a result, the packets coming into the receiver may be continuous without any pauses. There may be no clue on the time&tamp and the sequence number to tell if the packets represent silence or a talk spurt. Having no clue for

identifying silence, the current jitter buffer technologies tend to perform poorly. One reason for the poor performance may be that the current jitter buffer schemes generally look at only the RTP header information of the incoming packets, but not the content on the RTP payϊoad. [0015] (c) Hardware or software platform dependency of protocols'

[00161 Hardware or software platform dependency may cause interoperability and/or configuration problems. For interactive user sessions in communication which involve multimedia elements such as video, voice, chat, gaming, or virtual reality, there may be a need for a light weight protocol over a communication protocol such as, for example, Session Initiation Protocol (SiP) that can efficiently transport information between a server and a client and can work independently of hardware and software platforms, a control plane protocol in use between the server and the client, and an underlying transport layer or the medium over which the server and the client communicate. There may he a need for a protocol that is fast enough to support critical real time control messages and is flexible enough for large-volume data transfer with minimal delay. However, prior -art protocols such as UMA are generally complex and difficult to establish interoperability. [0017] (d) Security when enterprise resources are accessed from mobile devices

[00! 8] More or more enterprises are allowing their employees to use their cellular/mobile phones for business purposes With availability of high speed networks such as WiFi, Edge, UM FS, CDMA EVDC), etc. to mobile phones, different vendors have been implementing VoIP (Voice over TP) for the mobile phones. Such implementations may require opening enterprise firewalls to allow VoIP related protocols, such as SlP, RTP, etc. to operate

[0019] In addition to VoIP, other enterprise data centric applications may also be extended to the mobile phones. The applications may include one or more of Presence/Instant Messaging, Intranet web resources, CRM Support database, etc. If the clients for one or more the above applications on the mobile phones access the enterprise resources directly, enterprise firewalls may need to be opened for multiple protocols, and opening the enterprise firewalls may cause security problems.

SUMMARY

[0020] The invention relates, in an embodiment, to a mobility architectural arrangement.

The arrangement includes a set of software modules At least a subset of the set of software modules

implements a DiVi tas description protocol (DDP), which is DDP configured to transport data packets between a plurality of applications clients on a handset and a plurality of application servers within an enterprise The set of modules includes a client DDP, which is configured to be loaded onto a mobility client of the handset. The client DDP is configured to perform at least one of sending the data packets from a first application client from the plurality of application clients and receiving the data packets from a first application server from the plurality of application servers. The set of modules includes a a server DDP, which is configured to be loaded onto a mobility server managed by the enterprise. ^" The server DDP is configured to perform the at least one of the sending the data packets from the first application server and Ui e ing the data packets from the first application client

[0021] The above summary relates to only one or more of the many embodiments of the invention disclosed herein and is not intended to limit the scope of the invention, which is set forth in the claims herein. These and other features of the present invention will be described m more detail below in the detailed description of the invention and in conjunction with the following figures

DESCRIPTION OF THE DRAWINGS

[0022] The present invention is illustrated by way of example, and not by way of limitation, in the figures of the accompanying drawings and in which like reference numerals refer to similar elements and in which.

[0023] Fig. 1 depicts a system network according to one or more embodiments of the present invention,

[0024] Figs. 2A-C depict a mobility server according to one or more embodiments of the present invention,

[0025] Fig 3 depicts a mobile equipment client according one or more embodiments of the present invention,

[ 0026] Fig 4 depicts a block diagram of a codec based echo canceller in accordance v. ith one or more embodiments of the present invention.

[ 0027] Fig 5A depicts a \ oice jitter buffer scheme m accordance with one or more embodiments of the present invention

[0028] Fig. 5B depicts a v ideo μtter buffet .scheme tn accordance with one or more embodiments of the present invention

[0029] Fig. 6.\ depicts an oven new of a DDP architecture tn accordance with one oi more embodiments of the present invention.

[00301 Fig. 6B depicts a DDP message exchange in accordance with one or more embodiments of the present invention.

[003 Ij Fig 7A depicts a network architecture which includes two network interfaces per host and is fabricated in accordance with one or more embodiments of the present invention.

[0032] Fig. 7B depicts a network architecture tn accordance with one or more embodiments of the present invention.

[0033] Fig 7C depicts a network architecture in accordance with one or more embodiments of the present invention

[0034] Fig. 7D depicts a network architecture in accordance with one or more embodiments of the present inv ention.

[0035] Fig. 8A shows a block diagram of an example prior art communication device including a filter for echo cancellation.

[0036] Ftg 8B shows a flowchart of an example prior art method utilized, for example, m the example prior art communication device shown m Fig 8A. for cancelling echoes

[0037] Fig 9 A shows, in accordance with one or more embodiments of the present invention, a block diagram of a communication device (or system or arrangement) that may cancel echoes without relying on a filtet

[0038] Fig ⁰ B shows, in accordance with one or more embodiments of the present invention, a block diagram of an ID code generator employed in Ui e communication device (or system or arrangement) shown in Fig OA

[003*5] Fig 9C shows, in accordance with or more embodiments of the present invention, a flowchart of a method for cancelling echoes, for example, in the communication device (or system or arrangement) shown in Fig <?λ

[0040] Fig 10A shows a block diagram of a first example prior art packet voice communication system (first prior art arrangement) with an adaptn e jitter buffer scheme

[004 S j Fig. 1OB shows a flowchart of a transmitter -side process of a prior ail jitter buffet scheme utilized, for example, in the first prior art arrangement shown m the example of Fig. 1 OA. [0042] Fig. 1OC shows a flowchart of a prior art delay calculation process

[0043] Fig, iOD shows a flowchart of a prior art packet play-out control process

[00441 Fig. 1 OE shows a schematic representation of received packet flow at a packet play- out control when a transmitter-side voice activity detector (VAD) is aimed on, [0045] Fig. 1 OF shows a schematic representation of received packet flow at the packet play- out control when the transmitter-side VAD is turned off.

[0046] Fig. 1 I A shows a block diagram of a receiver-side device of a second prior art packet voice communication system (second prior art arrangement), which includes adaptive buffer overflow control.

[0047] Fig. 1 IB shows a flowchart of a silence detection process utilized, for example, in the receiver-side device shown in the example of Fig, i 1 A.

[0048] Fig. 1 1C shows a flowchart of a buffer overflow control process utilized, for example, in the receiver-side device shown in the example of Fig. 1 1 A,

[0049] Fig. 12A shows, in accordance with one or more embodiments of the present invention, a block diagram of a receiver-side device of a packet voice communication system with adaptive jitter handling.

[0050] Fig. 12B shows, tn accordance with one or more embodiments of the present invention, a delay insertion control process utilized for adaptive jitter handling utilized, for example. in the receiver-side device shown in the example of Fig. 12 A.

[0051] Fig. 13 shows, in accordance with one or more embodiments of the present invention, a block diagram of a receiver-side device of a packet video communication system with adaptive jitter handling.

[0052] Fig. 14 shows a prior art example of a call flow for establishing a connection between an application client and an application server.

[0053] Fig. 15 shows, in an embodiment of the invention, a simple architectural diagram of the DDP invention.

[0054] Fig. JoA shows, in an embodiment, ati example of how data within a mobility architectural arrangement with DDP may flow between an application client located within a client device and an application server, which is managed by an enterprise.

[0035] Fig, 16B shows, in an embodiment, a code example of an encapsulated SIP notify message.

[0056] Fig. 17 shows, in an embodiment, an example of a call flow illustrating how a secure channel may be established between a client device and a mobility server ϊn an embodiment, to establish a secure channel, registration may occur.

[0057] Fig. J 8 shows, in an embodiment, a simple call flow illustrating a situation in which a large file may have to be sent.

[0058] Fig. 19 shows, in an embodiment of the invention, a simple call flow illustrating a situation in which small control messages, such as those sent by control applications, may be seat.

[0059] Fig. 20 is a prior art example of an architectural arrangement in which each application on a handset is connected individually to a corresponding application server within an enterprise.

[0060] Fig. 2 J is a prior art flow chart illustrating the method for enabling an application client to communicate with an application server in art IP Security VPN environment.

[0061 ] Fig. 22 shows, in an embodiment of the invention, a simple block diagram of a mobility architectural arrangement.

[0062] Fig. 23 shows, in an embodiment of the invention, a block diagram illustrating the mobility architectural arrangement as a rich client.

[0063] Fig. 24 shows, in an embodiment of the invention, a simple flow chart illustrating an example of a method for employing a mobility architectural arrangement.

[0064] Fig. 25 shows, in an embodiment of the invention, a mobility architectural arrangement implemented as a thin client.

TABLE OF CONTENTS [0065] A. Architecture

[0066] B. Codec based Acoustic echo cancellation

[0067] C. Content- based jitter buffer scheme for voice/video over 1 P communications

[0068] D Divttas Description Protocol (DDP)

[006^3 E. Dtvitas Protocol Proxy (DPP)

[007Oj H Conclusion

DETAILED DESCRIPTION

[0071 ] The present invention will now be described in detail with reference to a few preferred embodiments thereof as illustrated in the accompanying drawings In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present invention It will be apparent, however, to one skilled in the art, that the present invention may be practiced without some or ail of these specific details. In other instances, well known process steps and/or structures have not been described m detail in order to not unnecessarily obscure the present invention. The features and advantages of the present invention may he better understood with reference to the drawings and discussions that follow,

[0072] The invention may be described with reference to specific apparatus and embodiments Those skilled in the art will recognize that the description is for illustration and to provide the best mode of practicing the invention The description should not be construed to limit the scope of the invention For example, while references are made to certain communication protocols, others are anticipated by the invention For instance, while WiFi (IEEE 802 1 1 ) ss described as a protocol for wireless communication, other protocols may be implemented in the invention References made herein to Di Vitas server and mobility server may be equivalent References made herein to Di Vitas client and mobile equipment may be equivalent. [0073 j Various embodiments are described herein below, including methods and techniques

It should be kept m mmd that the invention might also cover an article of manufacture that includes a computer readable medium on which computer-readable instructions for earning out embodiments of the inventive technique are stored The computer readable medsiun mas include, for example, semiconductor, magnetic, αpto-maguetic, optical, or other forms of computer readable medium for storing computer readable code Further, the im eαϋon may also co\ er apparatuses for practicing embodiments of the invention Such apparatus ma)" include circuits, dedicated and/or programmable, to carry out operations pertamuig to embodiments of the invention. Examples of such apparatus include a general purpose computer and/or a dedicated computing device when

appropriately programmed and may include a combination of a computer/computing device and dedicated/programmable circuits adapted for the various operations pertaining to embodiments of the invention.

[0074] A. Architecture

[00751 Fig. 1 depicts a system network 100 according to an embodiment of the invention.

Mobile equipment (ME) 102 is provided that communicates with the network in a number of possible ways. ME 102 can communicate with a cellular network ϊ 10 that includes a Base Transceiver Station (BTS) 112, a BTS Switching Center (BSC) 1 14 and Mobile Switching Center (MSC) 116. The MSC is coupled to a Media Gateway 120 that is coupled to a public switched telephone network (PSTN) 122. Other conventiona! public and private telephones 124 are also coupled to the PSTN. A PBX 130 is coupled to the PSTN and serves an enterprise for purposes of making and receiving calls, for example, via telephone 136. Mobility server 150 is coupled to the PFJX as well as other networks. For example, mobility server 150 is coupled via router 132 to an Internet Protocol Wide Area Network (WAN) 138. The mobility server 150 is also coupled via router 140 and firewall 142 to the Internet 144. The mobility server is also coupled to a local area network (IAN) with wireless access point 160. One access point is depicted while the invention anticipates multiple access points as well The access point 160 permits a user with ME i 02 to wander in the enterprise and stay connected to the PSTN through the mobility server 150 and PBX 130. If the user wanders beyond the boundary of the L AN, the user will be connected to an alternate network (e g. the cellular network) as described below in detail. Also depicted is an access point 180 that is coupled to the internet for access under certain conditions as described herein [0076 j Figs. 2A-C? depict a mobility server according to an embodiment of the invention.

[0077] Security Manager - The definition of security when two or more entities are communicating involves the following aspects:

1 . Mutual Authentication of the communicating entities

2. Privacy of the communication channel

3. I integrity of messages exchanged

4. Authentication of messages

[0078] tπ DiVitas mobility solution there are three distinct communicating entities: DiVitas

Client, D j Vitas Server and external VoIP GW. And there are two distinct types of paths between these entities: SIP signaling path and Media path.

[007 ^Q ] As described in the Architecture Speci£kation[ 1] the following mechanisms are used to achieve the above mentioned security aspects between client, server and external gateway for signaling and data paths:

1. SlP TLS session between client and server.

2. Client Authentication using SlP Notify after SlP TLS establishment

3. Authentication of users with server

4. SlP TLS session between server and external VoIP Gateway.

5. Server authentication with external VoIP Gateway

6. Secure media path

7. Derived requirements

[0080] User/Device Manager/Mobility Controller - The dev ice and mobility Manager

{hereby referred to as DMM) is a module that handles device configuration and status as welϊ as the mobility aspects while there is an active call on a device. The following sections capture the functional and design specifications of the DMM along with the public interfaces that the DMM supports.

[008 \ ] Here is a summary of the roles and responsibilities of the DMM

1. Device configuration controlled by the enterprise administrator

2. Report status of the device.

3. image management for the device

4. Maintain and implement the mobility logic for handsets with an active call - i.e. handle WiFi to Cell and vice-versa handoff.

5. Handles device initialization and configuration requests from the client.

[0082 j Control Plane/Call Control - Call control (CC) is the primary control plane module responsible for the following functions:

1. Voice over IP call processing

2. SlP proxy server and B2BU A

3. PSTN Call management through PSTN GWs

4. PBX feature management through Asterisk

5. Resource and Connection management

[0083] Call control module resides on the DN medta switch The call control module interfaces with the SlP stack and Asterisk (or any other) PBX module to provide the above mentioned functionality.

1 . SlP stack (for UA, CCM, and Asterisk etc). SlP stack is mainly used as protocol message decode/encode engine. SIP stack also performs basic protocol specific tasks., like standards based message parsing and validation, retransmissions, proprietary message validation etc. For most of the proxy and B2BUA tasks, SlP stack relies on CC for decision making, interactions between CC and Asterisk as well as CC and CCM are through standards based SlP messages,

2. Proxy Agent/Configuration Manager (PA/CM): Proxy agent acts as a configuration manager for all the applications. Call control related information is downloaded by PA at the time of provisioning or after the disk OB is read following a system bring up. CC stores the data in RAM for local/faster access. CC also updates PA of any dynamic information (e.g. call going active or down), or on demand information (e.g. SNMP GET)

3. Resource Manager (RM): Resource manager provides logical map of the physical/network resources. These resources include GE port, DSP resources, sockets, UDP.TCP ports, etc and may not. include system resources like memory, buffer pool, timers, queues etc. The resources may not include sockets used for internal IPC communication. CC uses RM for resource CAC, resource reservation and commit. As part of the commit, RM talks to media switch to program hardware to enable media flow.

[0084] Media Switch Application(MSA) - The MSA will be designed to run partially on

Linux and remaining on TMS320DM64x DSP processor. The application will perform the following functions;

RTP packet processing.

Switching.

Transcoding.

Conferencing.

Adaptive jitter buffer.

Packet loss concealment.

Post processing which includes VAD/CNGand AGC

[00851 The MSA software needs to support encoding /decoding of different speech codecs.

The type of algorithm and channel can change during run time i.e. a design to support multi-channel muitt-aigorithm ts needed. Each codec algorithm needs to be reentrant, and the program as well as data needs to be fully releasable. In order to support various codecs the following needs to taken into account : a. Since the DSP has limited on chip data memory not all data can be placed on-chip all the time in multi-channel, multi-algorithm application. This requires all data (context and tables) in each algorithm to be re-loeatabie (between on /off chip memory) during context switching. This requires a need to find out the memory, stack size as well as MIPS requirement for each supported codec. b. A mechanism to exchange messaging between host and DSP process indicating channel number as well as codec type along with any other features. The channel configuration manager needs to open a channel on DSP indicating type of functionality required. Periodic message indicating the state of DSP needs to be implemented.

[0086] The DSP processor allows the externa! host to access the DSP external memory The

DSP has 1 όKbytcs of first level program as well as data memory. The program as well as data memory share the second level memory of 256kbytes. The lόMbytes of external memory (SDRAM) is available. The shared memory between the two processors stores the incoming as well as outgoing RTP data. Since the DSP needs to support N number of channels, this memory will contain N receive as well as transmit buffers of length 320 bytes each (for video these buffers need to be of 1500 bytes). Data structure for messaging between host and DSP as well as information needed on per call basis needs to be defined. The following steps define the DSP functionality. a. At boot up once the software is downloaded to DSP (the DSP will indicate the same by writing a predetermined value at a fixed memory location to indicate to host that the software is downloaded)

b. Upon successful download of software, the DSP will run an infernal timer of 10msec.

At this time the DSP is polling for channel state to change to process which is set by the host once the packet arrives c. A start call or open channel command from the host indicating codec type, data ready as well as call type (initially only voice) is sent for RX as well as TX direction, d. Based on channel opened the DSI-* picks up the RlP data from the external buffers and performs the DSP related functionality on those e. On the TX side the DSP places encoded data on the external buffers to be picked up by the TX agent.

[ 0087] Fig 3 depicts a mobile equipment client according to an embodiment of the invention

[0088] The client software or handset software runs on the handsets that are compatible with the Divitas Server Typically these are dual-mode handsets that have the capability to provide telephony connection on the cellular network {CDMA or GSM) aϋ well as IP connection on the LAN network (wired LAN or wireless LAN).

[0089] The software can be also be compiled for a desktops/laptops or a PDAs which have a microphone and a speaker to function as a softphone.

[0090] User Interface

[0091 ] The client user-interface provides the following functionality.

♦ Setup startup configuration ^••• DNS IP addresses, Divitas server URL, Startup user-state (IN VISIBLE- A VAILABLE), security settings

* Change user state (1NVISIBLE/AVAS L ABLE)

♦ Add enterprise ''buddies" and get their presence information (ϊNλTSIBLE/AVAILABLE/CALL-IN-PROGRESS)

• Display availability status of enterprise "buddies" and connect to them

• User Interface to common enterprise telephony features

• call making

♦ call recemns

♦ call waiting

♦ call forwarding

• call transfer

• multi-party conferencing

• voice-mail notification

• missed calls notification

• received calls notification

* placed calls notification

♦ number lookup and dial by name

♦ Manual override to use cellular network instead of WiFi network

* Display version mismatch

♦ Upgrade request/status

• Disable/inhibit client software ^■ - ISP application is used to make/receive cellular calls Call-control and voice

♦ Call control for making VoIP calls on LAN interface

♦ Voice Engine for making VoIP calls on LAN interface ~ includes codecs, echo-cancellation, jitter control error concealment

• Call handoff from cellular call to VoIP call

• Call handoff from VoIP call to cellular call [0092] 802.11

♦ Determine which IP networks are available and their signal strength and communicate that information to the server

♦ AP client

♦ Power management of 802.1 1 rmniport - whenever the signal strength of 802.1 1 is below acceptable threshold, hibernate and poll networks at infrequent intervals to conserver power

• Package the signal strength and voice-quality info into RTCP packets if the call is in progress, or in keepalives if the call is not in progress to communicate to the server. Whenever the signal strength drops below an acceptable threshold or the voice-quality

deteriorates, the server will make a decision to switch the calls from VoIP to cellular network.

[0093] Platforms

[0094] Since there are a multitude of handset vendors in the market and a iot of them coming up with dual-mode handsets, the software may need to be designed in such a way that most of the code is shared across handsets. Therefore, the code has to be divided into platform dependent part and platform independent part. Most, in fact al! of the Di vitas core value should be m platform independent part of the software which should be easily portable from one platform to another. The platform dependent part should be only the functional adaptation layers (particularly Telephony, LAN, 802.1 1 , Audio and Display adaptation layers). Whenever the code is ported to a new platform, only these adaptation layers need to be modified or rewritten, while providing a uniform API to the platform independent part.

[0095] The client software will run on multiple handset platforms. The most prevalent handset platforms are Windows CE, Symbian and Linux

[0096] In addition to the dual-mode handsets, the cl ient appl ication is designed to work on

802.1 1 phones, PDAs or laptops/desktops which do not have a cellular telephony interface. On these platforms, a subset of features is available to the user. Basically, the call handoff from VoIP to cellular will not be possible [0097] Theory of Operations

[0098] Startup and Security Operations

[0099] On startup, the client application looks for the available resources on the handset. The client application first checks for presence of wired network. If not present, then the client application checks for the presence of an 802,1 1 network. The wired or wireless medium authentication is done depending on the enterprise security policy. The handset client shall support the security mechanism employed in the enterprise. The most common security mechanism is WPA (WiFi Protected Access). Once the authentication is done successfully, the wireless client gets the IP address for the IP interface using DTlCP.

[00100] The application gets the Divitas server URL and DNS LP addresses from persistent database and tries to register with a Divitas server.

[00! 0S j The client application could be running on a handset which LS inside the enterprise network In that case, the client can reach the DtvJtas server without any other security blankets. In case the client is in a public network, say a cotVee shop or an airport with WiFi internet access, typically the user sets up a VPN connection to the enterprise. The client can reach the Divitas server only after the VPN tunnel is setup.

[ 00102] The client application software authenticates the handset with the server by sending an encrypted certificate (installed by Enterprise IT) to the server Once the handset is authenticated, the client gets the login/password from the user or stored in the handset, encrypts the iogin/password and sends the encrypted login/password to the server for user authentication. On successful authentication, the sener replies by sending the enterprise phone number. In reply, the chent sends the cellular phone number to the server. The sener binds the two for all future handoff scenarios.

[00103] The signaling and media stream are secured using SlP TLS for signaling and SRIP for media stream. However, tf the user is on a VPN link, then client need not add another ievel of encryption Adding another level of encryption to that may result in reduced voice quality. In that case, SlP is used for signaling and RTP/RTCP for media stream, f 00104] The above process is repeated whenever the client regains network eonnectiv ity with the server

[00! 05] Steady state operations

[00106] The user can choose to be INVISIBLE or AVAILABLE at startup by configuring on the GUI and saving that configuration in the persistent database. The client updates the user's presence information to the server.

[00107 j The user can also enter frequently called buddies within the enterprise and save that configuration in the persistent database on the handset. The client gets the presence information (m bulk) of these buddies whether they are INVISIBLE, AVAILABLE or CALL-IN-PROGRESS The server updates the presence information of these buddies to the clients as and when the event occurs.

[00108j Whenever a cal! is not in progress, the client and server exchange keepalives periodically.

[00109] The client sends the network status to the server periodically. If the client is on an

802.1 1 wireless network, the client sends the SSlD, signal-strength and bandwidth of the associated

access point (AP) to the server. If there is a call in progress, the client sends the SSlD as par! of intend RTCP packets. If there is no call in progress, the client sends out-of-band keepalive messages. [00! SOj Whenever a network session is available from the client to the server, the preferred mode of making and receiving calls to the client is on the network interface. However, the user can choose to override the preferred mode and make the outgoing calls on the cellular network. This selection is not communicated to the server and may not affect the incoming calls. This selection is also not stored m persistent database. The user has to explicitly make the selection every time the user makes an outgoing call.

[001 1 1 ] Whenever a network session is not available from the client to the server, the only way of making and receiving calls is on the cellular interface. The user does not have access to all the enterprise features. The user can make and receive calls using the client software Ul however the client software provides only a subset of the service provider features. To use all the features of the cellular service provider network, the user may have to terminate (or inhibit) the client software and use the cellular service providers dialer application. If the service provider application is being used to make and receive calls, then the handoff described below in section 3.4.2 will not be possible, f 00! ϊ2] A user has access to all the enterprise features as long as the client has a session established to the server. The client GUI is used to provide access to these enterprise features to the user

[00 U 3] Voice

[00! 14] SlP signaling is used to establish voice calls between the client and the server Voice from the audio receiver is encoded into one of the codecs supported by GlPS Voice Engine (VE), encapsulated into RTP packets, encrypted if needed, and sent on the ϊP interface to the server. Similarly RTP packets received from server is decrypted if needed, decoded using one of the codecs and played out. Speech decoding, jitter control and error concealment are done by GIPS VE on the receive side.

[001 15j In addition to encryption/decryption, encoding/decoding of speech. GlPS Voice

Engine performs error concealment, jitter control, adaptive packet buffering. Acoustic Echo Cancellation and Suppression, Noise Cancellation and Suppression, Automatic Gain Control Voice Activity Detection, Comfort Noise Generation. [001 16] Roaming

[00! 17] A handset client is a mobile device, unlike the portable laptops

[001 \ S] Intra-WLAN handoff

[00! S9j When a user is in an 802.1 1 network having a phone conversation and walks across the building, an AP handoff could occur viz. the handset of the user is now associated with a different AP than the one the handset was previously associated with. The AP handoff could occur without IP address change if the handoff is within the same subnet or to another subnet, in which case the IP address of the handset changes. If the IP address changes, then the client needs to register with the server again. The established calls continue to flow in the meantime using the old flow information until the Voice-Engine (VE) is communicated of the new CP address Voice-engine ensures that the RTP streams going out of the client will have the new IP address. [00120] When a wireless client authenticates using 802. IX, there are a series of messages sent between the wireless client and the wifeless access point (AP) to exchange credentials. This message exchange introduces a delay in the connection process. When a wireless client roams from one wireless AP to another, the delay to perform 802 IX authentication can cause noticeable interruptions in network connectivity, especially for time-dependent traffic such as voice or video- based data streams. To minimize the delay associated with roaming to another wireless AP, the wireless equipment can support PMK caching and preauthenticatioϊi. [00! 2! J PMK Caching

[00122] As a wireless client roams from one wireless AP to another, the wireless client must perform a full 802. IX authentication with each wireless AP. WPA allows the wireless client and the wireless AP to cache the results of a full 802. 1 X authentication so that if a client roams back to a wireless AP with which the wireless client has previously authenticated, the wireless client needs to perform only the 4-way handshake and determine new pairwise transient keys In the Association Request frame, the wireless client includes a PMK identifier that was determined during the initial authentication and stored with both the wireless client &nd wireless AFx PMK cache entries. PMK cache entries are stored for a finite amount of time, as configured on the wireless client and the wireless AP.

[00123] To make the transition faster for wireless networking infrastructures that use a switch that acts as the 802. IX authenticator, the WPA/WPS IE Update calculates the PMK identifier value so that the PMK as determined by the 802.1 X authentication with the switch can be reused when

roaming between wireless APs that are attached to the same switch This practice is known as opportunistic PMK caching.

[00 ! 24j Preautheniication

[00125] With preauthentication, a WPA wireless client can optionally perform 802, 1 X authentications with other wireless APs within its range, while connected to its current wireless AP.

The wireless client sends preauthemi cation traffic to the additional wireless AP over its existing wireless connection. After preauthenticaUng with a wireless AP and storing the PMK and its associated information in the PMK cache, a wireless client that connects to a wireless AP with which the wireless client has pteauthentieated needs to perform only the 4- way handshake.

[00126] WPA clients that support preauthentication can only preauthenticate with wireless

APs that advertise their preauthentication capability in Beacon and Probe Response frames.

[ 00127] WiFi-Cellular handoff

[00128] When the user in an 802, 3 1 network having a phone conversation walks out of the building where there is no or insufficient 802.11 connectivity, the call is handed over to ceihilar network

[00! 29] The decision to handoff the call is made by the client. The decision is based on

802.1 1 signal -strength, channel loading and voice-quality thresholds. Once the decision is made, the decision is communicated to the server which initiates a call to the client on the cellular network.

The client checks the caller-td of the incoming call, compares to the 802 1 1 caller-id, and if there is a match, accepts the cellular call and drops the 802.11 call leg. On the server side, the server drops the

802. S S call leg to the client, patches the cellular call leg to the other talking party.

[00130j Celhilar-WiFi handoff

[00131 ] When the user having a phone conversation on cellular network walks into an 802.11 network, and the handset/user can associate itself with a divitas server, then if the user is talking to another user m the 802.1 1 network, the call is handed over to the 802.11 network.

[00132j The decision to handoff the call is made by the client. The decision is based on availability of sufficient 802.1 1 signal-strength, channel loading and voice quality. Once the decision is made, the decision is communicated to the server which initiates a call to the client on the 802.1 1 network. The client checks the caller-id of the incoming call, compares to the cellular caller-id, and

tf there is a match, accepts the 802. 1 ! call and drops the cellular call leg The server drops the cellular call leg to the client, patches the 802. 1 1 call leg to the other talking party.

[00133] Power Save

[00134] When the handset client is idle on the 802.1 1 network, the 802 1 1 mmiport goes to sleep. Before going Io sleep the handset telϊs the AP that the handset wishes to go to sleep by setting the power save bit in the 802.11 header of every frame. The AP receives the frame, notice the client's wish to enter power save mode. The AP begins buffering the packets for the client while the client ^' s 802.1 1 mmiport is asleep. The mimport consumes very little power while asleep. The mini port wakes up periodically to receive regular beacon transmissions coming from the access point. The power-saving clients need to wake up at the right time when the beacons axe transmitted to receive the beacons, TSF ( Timing Synchronization Function) assures AI ⁵ and power-save clients are synchronized. TSF timer keeps running when stations are sleeping These beacons identify whether sleeping stations have packets buffered at the AP and waiting for delivery to their respective destinations.

[00135] When there are no incoming beacons for an extended period of time, the 802.1 1 mmiport is put to sleep. The mmiport periodically wakes up, probes the air for APs, if there are none present, miniport goes back to sleep. In this case, the miniport sleeps for longer duration than previous case.

[00136] B. Codec Based Acoustic Echo Cancellation

[00137] One or more embodiments of the present invention relate to an apparatus for canceling a signal. The apparatus may include an identification code (ID code) generator configured to generate an ϊD code. The apparatus may also include an ID code injector configured to inject the

ID code into at least one of the signal and a processed signal to produce a convolved signal. The processed signal may he resulted from a processing of the signal. The apparatus may further include an ID code detector configured to detect at least one of the convolved signal, a transformed signal and a transformation of the convolved signal, the transformed signal resulted from the transformation of the convolved signal. The apparatus may further include an arithmetic function configured to remove at least one of the convolved signal arid the transformed signal,

[ 00138] Fig. 4 depicts a method for codec based acoustic echo cancel ler in accordance with one or more embodiments of the present invention.

[00339j When both near-end and far-end speakers are talking, it is difficult to differentiate the echo of the far-end talker's voice from the near-end talker's voice since both ate present in the near- end signal input with the same human voice characteristics Tn this application, a new method is proposed for handling the acoustic echo which is quite different from the current conventional ABC". [001401 One embodiment of the present invention is a method for canceling echo during a communication between a first node and a second node, the method includes injecting a secret code to a signal input of the first node. Tn accordance with one or more embodiments of the present invention, the first node is a network device used by a fax-end user, and the second node is a network device used by a near-end user. In accordance with one or more embodiments of the present invention, the first node is a network device used by a near-end user, and the second node is a network device used by a far-end user.

[ 0014] ] In accordance with one or more embodiments of the present invention, a secret cade is injected into the far-end signal input So a single or multiple echoes of the far-end signal will carry on this secret code and arrive at the near-end signal input. The near-end signal also includes the near- end speaker voice. Since the secret code is carried only on the echoes of the far-end signal but not on the near-end talker ^' s voice, the secrete code may serve as the identities of those echoes and help us to differentiate them from the near-end speaker voice. Some kinds of the matching filters can be employed like the correlation or other means to identify the echoes of the far-end signal from the near-end speaker voice by the secret code and to remove them. A final echo-free signal will be generated on the far-end signal output.

[00142] In order to make this new scheme work, there are two key implementation considerations. One is how to select and design the secret code and another is how to inject the secret code into the far-end input signal. Both considerations come from the same concern that the secret code should not be perceived by the end-end listener.

[ 00143] When a person speaks in front of the microphone., not oniy this person's voice but also some degree of the background noise will come in the microphone. But usually this background noise does not disturb the listener as the speaker voice masks out the background noise. As long as the background noise keeps low and the SNR {signal-to-noise ratio) keeps above certain threshold, the background noise should not become a concern, Tn fact, the background noise always exists in the real voice communications todav.

[00! 44 j Based on the above fact, first the secret code can be tiansforrned into a pseudo iarnlom noise called "seciet code iandom noise" Then the existing backgiound noise is rernox cd from the fat-end signal input and msert the secict code sandorn noise As long as the new SNR is kept ahov e certain threshold, the near-end listenci should not hcai any djffctεnce In accordance with one or more embodiments of the present invention, the nijectoi shown m Fig 4 sei ambles the secret code to a pseudo random noise, remov es the existing backgiound noise m the fai-end signal input and then mstats the seeset code random noise fOOl 45] I he far-end signal detector will detect the fai-end signal presence and tπgger the seciet code geneiator since the echoes will be present only when the fat -end tafkei is speaking Fhe secift code pilot can include the seαet code timing and the phase The seαet code pilot detectoi is used to detect the secret code pilot earned on the echoes of the far-end signal and to adjust the seciet code delav to the matching fikei because of the \ ai table echo path* Fhe unsciambluig piocess wit! be needed m the seei ct code pilot detector

[ 00 ! 46] I he secret code and the secret code pilot may be designed so that the secj et code detector and the matching filter can east!) identify the echoes of the far-end signal winch carry this secret code and its pi tot and then remove these echoes _* In addition, a non-1 mear processor may be used after the matching filter to further reduce the residue echo and improv e AfcC performance [00! 47 j Features and advantages of the present im ention mav be faettet understood with ieference to the figures and discussions that follow

[00! 48] Echoes hav e been a significant problem ni communication As discussed in the background of the invention, m the puos ait, a filtci {or echo cancelles ) mav be employed to model an echo path in trying to provide signals to cancel the echoes

[0014*5] Fig 8 A shows a block diagram of an example pi lot-art communication dev ice 800

(pπor-ait deuce 800) including a filter 814 (or an echo canccUei 814) for echo cancellation As shown m the example of Fig 8λ, pπoi-ait dev ice 800 rnav include a signal iecetver 802 for leceivmg fai-end signals (e g . signal v ^" ) ftom a remote (oi far-end) partv and a signal tiansπiitter 818 foj sending signals (e g , signal /.} to the i emote pattv

[00150] Piior-ait dev ice 800 may also include a speakei S06 for playing out the leceived signals to a uses of pπos -ail dev ice 800 (i e a local or neai -end partv ) and a microphone 810 for

collecting near-end signals (e.g., signal x, which may include voice of the local party and background noises).

[00! 5 S j Prior-art device 800 may also include a buffer 812 for buffering signals received from signal receiver 802 and filter 814 for modeling an echo path 808 between a speaker 806 and microphone 810 and for processing signals buffered m buffer 812. Art echo path S08 may represent multiple paths of delay, attenuation, reverberations, etc., transforming signal y ^τ info signal yl, for example.

[00152] Prior -art device 800 may further include a summation function 816 for subtracting outputs of filter 814 from outputs of microphone 810. Prior-art device 300 may further include a signal feedback path for feeding outputs of the summation function 81o back to filter 814.

[00153 j A signal (e.g., signal y ^" ) received by signal receiver 802 may be forwarded to both of speaker S06 and buffer 812. Filter 814 may receive the signal from buffer 812, process the signal with a model of echo path 808 to generate a cancelling signal (e.g., x2, a function of y"), and send the cancelling signal to a summation function 816, In turn, summation function 816 may subtract the cancelling signal (e.g., x2=f(y ^' ) received from filter 814 from a signal (e.g., xl~x+y 1 ) received from microphone 810 to generate a subtracted signal (e.g., z) and send the subtracted signal to signal transmitter 81 S, The output of summation function 816 may be fed back to filter 814 for updating and improving the echo path model iti filter 814.

[00154] The echo cancellation method implemented in prior arrangement 800 is further described with reference to Fig. 8B.

[00155] Fig. SB shows a flowchart of an example prior art method utilized, for example, in prior- art device 800 (shown in Fig. SA), for cancel ling echoes. As shown in the example of Fig. 8B, the method starts with a step 850, at which signal receiver 802 (shown in Fig. 8A) may send a signal y\ Then, control may be transferred to steps 852 and 854,

[00156] At a step 852, speaker 806 (shown in Fk. 8A) may receive Signal y\ At a step 856, microphone 810 (shown in Fig. 8A) may receive a signal yl plus near-end signal x. Signal yl may represent a transformed signal of signal y' because of delay, attenuation, reverberations, etc The delay, attenuation, reverberations, etc may be caused by echo path 808 between speaker 806 and

miciopbonc 808 (shown m Fig 8 λ) Signal \ nia) include the local party's, voice plius loca! surrounding background noses picked up b\ miciophonc 810 Signal \ϊ that represents a combination of signal v 1 and signal x nia> then be sent to summation function S 16 (shown m Fig 8A)

[UUl 571 At a step 854, buffer 812 mav also tecene signal _v λt a .step 858, filtei 814 ma> process signal y ^" with a model of echo path 808 to produce signal of > \ e g . ' k which is then sent to summation function 81 b (shown in Fig 8 \)

[00158] λt a step 860, summation function 836 may subtract signal x2 from signal xi to pioduce a signal / kføallv if % ") equals to \ 1 then / will equal to \ the near-end signal that is> of interest to the i emote paitv w ith echo (lepreseuted \ 1 ) removed lloweser, the model of echo path 808 implemented in filtei 814 mav not be accurate and tvpicalK z may not be equal to x

[0015*?| At a step 862, summation function Sl 6 may send signal z to Signal tiansrmtter 818 for z to be transmuted the remote part\

[00160] λt a step 864, summation function 816 mav feed signal z back to filler 814, fot updating and ing the echo path model utilized at step 858 The feedback of signal z and associated calculations and updates mav cause fdtei 814 to lequite additional piocessmg time or pi ocessing power

[00161 ] The quality of signal z U e , the en or of signal £ wύh iespect to signal x) ma> depend on algoπthms and echo path modeling implemented m filtei 814 as well as the processing powei and memory of the computing implementing filtei 814

[001 (32] Foi prior art dcMCCs arrangements, and methods, as illustrated pπor-art device

800 of Fig 8A and the method of Fig SB, correct modeling of echo path 808, as performed b> filtei 814, ma> be ciυcial for effectively cancelling echoes However, given \ aπous surrounding noises re\ eiberations of the surrounding noises, and/oi othei factors, echo path 808 may be dynamic and therefore maj be difficult to model correctlv As a result the pt ior ait devices, arrangements, and methods mav not be able to effects e!) cancel the echoes

[001 ft >] r he prior art ices, arrangements, and methods maj face fui ther ciial lenges in double-talk scenarios, in which the local (or near-end) party and the icrnote (or fat -end) pasty aic

talking at the same time. Since the local patty's voice and the remote party ^' s voice may have similar human voice characteristics, filter 814 may be unable to correctly identify which signals to be input into the model of echo path 808. As a result, part of the local party's voice may be cancelled, and part of echoes may not be cancelled, and the error of the echo path model in filter 814 may become divergent instead of converging, resulting in undesirable quality of communication.

[00164] Accordingly, in the prior art. much resource has been devoted to improving algorithms for modeling echo path 808. Further, filter Sl 4 may required a large amount of data memory and may require a CPU(s) with high processing power. As a result, a high cost for implementing echo cancellation may be incurred.

[ 00165] In contrast, one or more embodiments of the present invention involve an apparatus for canceling a signs! even if a filter is not provided, In one or more embodiments, the signal may represent a digital signal. The apparatus may include an identification code {ID code) generator configured to generate an ID code The apparatus may also include an SD code injector configured to inject the ID code into at least one of the signal and a processed signal to produce a convolved signal. The processed signal may be resulted from a processing, such as background noise removal, of the signal. The apparatus may further include an ID code detector configured to detect at least one of the convolved signal, a transformed signal and a transformation of the convolved signal, wherein the transformed signal may be resulted from the transformation of the convolved signal. The transformation of the convolved signal may be caused by the configuration and/or environment of the apparatus. For example, the transformation of the convolved signal may represent the delay caused by one or more echo paths between the speaker and the microphone of the apparatus; the transformed signal may represent a delayed signal given the existence of the delay The apparatus may further include an arithmetic function configured to remove at least one of the convolved signal and the transformed signal.

[00166] Fig 9 A shows, in accordance with one or more embodiments of the present invention, a block diagram of a communication device 900 (device 900) that may cancel echoes even if a filter is not provided. The block diagram may also represent a communication system or arrangement with the components shown in Fig. 9A implemented in one or more devices.

[00167j Device 900 may include input/output components such as a signal receiver 904 {for receiving a far-end signals from a remote party), a signal transmitter 932 (for sending signals to the remote patty), a speaker 914, a microphone 916 (local microphone 916). An echo path 908 that travels from speaker 914 to microphone 916 may exist.

[001681 Device 900 may also include a signal processing module such as a back ground- noise remover 906. Background-noise remover 906 may be configured to remove background noise from signals received from signal receiver 904, Background-noise remover 906 may be implemented utilizing one or more vveil-known algorithms such as spectra! subtraction for removing the background noise,

[ 00169] Device 900 may also include modules for canceling echoes. The modules may include an identification code generator 922 (ID code generator 922 S, an identification code injector 910 (i D code injector 9105, an identification code detector 924 (LD code detector 924), and a buffer 926. The modules may also include a transformation module such as, for example, a delay 928, for transforming signals such as, for example, introducing a delay. The modules may also include an arithmetic function such as, for example, a summation function 930.

[ 00170] ID code generator 922 may be configured to generate a controllable and removable

IO code such that a portion of a signal may be identified. The portion of the signal may then be removed, for example, for echo cancellation purposes. The ϊD code may represent a pseudorandom code that may simulate a background noise or comfort noise, ID code generator 922 may include a linear feedback shift register for generating a pseudorandom noise sequence to be utilized as the ϊD code.

[00171 J Alternatively or additionally, the ID code may include a high-frequency or low- frequency signal that ts unperceivable to human ears. In one or more embodiments, the sampling rate of microphone 916 may be configured to process the high-frequency or low- frequency signal, for example, through configuring hardware and/or software (or driver) of microphone 916. In one or more embodiments, with the ϊD code representing a signal that is unperceivable to human ears, device 900 may not include background-noise remover 906

[00172] ID code injector 910 may be configured to inject the ID code generated by ID code generator 922 into a signal, ID code injector 910 may be implemented by some well-known

algorithms such as digital correlation for inserting the ϊD code into the signal, for example, by convolving the ID code with the signal to produce a convolved signal.

[00! 73 j ID code detector 924 may be configured to detect the ID code within the convolved signal, for example, in a mixed, superimposed, and/or further convolved signal involving one or more other signals. Alternatively or additionally, ID code detector 924 may be configured to detect a transformed signal resulted from a transformation of the convolved signal and/or the ID code; the transformation may be caused, for example, the configuration and/or environment of device 900 Additionally or additionally, ID code detector 924 may be configured to detect the transformation The transformation may include a delay and an signal level attenuation. \D code detector 924 may implement one or more well known algorithm such as digital correlation or match filter for detecting the ID.

[00174] Delay 928 may be configured to introduce a delay into a signal. The delay may be employed in simulating the transformation. Delay 928 may be implemented by a simple delay line shift register for introducing the delay.

[00175] Each of noise remover 906, ID code generator 922, ID code injector 910, ϊD code detector 924, and delay 928 may be included in software that may be downloaded to a user dev ice such as, for example, a telephone, a mobile phone, a teleconference device, etc. (e.g., for acoustic echo cancellation) and/or a server device (e.g., for line or network echo cancellation).

[00176] Fig. 9B shows, in accordance with one or more embodiments of the present invention, a block diagram of ϊD code generator 922 employed in device 900 (shown in Fig. 9A). ID code generator 922 may only include a code generator 921 which will generate a random code directly in this case, the code generator 921 may be implemented by some well-known algorithms such as linear feedback shift register with carefully selecting an appropriate feedback function

[00177] However, ID code generator 922 may include code generator 921 followed by a randomizer 923. In this case, code generator 921 can generate an appropriate identification code first without worrying about the randomization. Then this identification code is fed to randomizer 923 to become a pseudorandom noise sequence as the output of 922. Randomizer 923 could be implemented by a modified liner feedback shift register with its feedback function controlled by code generator 921.

[00! 78] Fig. 9C shows, in accordance with one or more embodiments of the present invention, a flowchart of a method for cancelling echoes, for example, in device 900 (shown in Fig 9A). The method starts with a step 952, at which the signal receiver 904 (shown in Fig. 9A) may receive a signal y'(n) from the remote party.

[001791 At a step 954, noise remover 906 may remove background noise from y'(n), resulting in a signal y(n). The background noise may be removed in order to make room for an ϊϊ) code that includes a random noise. Accordingly, the local party may not receive excessive noise.

[00180] At a step 958, ID code generator 922 (shown in Fig, 9A) may generate an ID code c(n). The ID code c(n) may represent a known and controllable function. At a step 956, ϊD code injector 910 (shown in Fig. 9A) may injects the ID code c(n) into signal y(n). As a result, a convolution of c(n) and y(n) may be generated. For example, the convolution of c{n) and y(n) may be a convolved signal c(n)*y(n) Then, control may be transferred to steps 962 and 980.

[00181 ] At step 962, speaker 914 (shown in Fig, 9A) may receive the convolved signal c(n)*y(n). At a step 964, microphone 916 (shown in Pig. 9A) may receive a delayed signal from speaker 914, i.e., signal c(n-d)*y{n-d) Microphone 91ό may also pick up another input signal x(n), which may include voice of a local party (e.g., in a double-talk scenario) and/or background noise surrounding microphone 916. Microphone 916 may then output a combined signal χ(π) í efn- d)*y(n~d) to ID code detector 924 (shown m Fig. 9A) and summation function 930 (shown in Fig. 9A). .

[00182] At step 980, buffer 926 {shown in Fig, 9.4) may buffer a copy of convolved signal c(n)*y(n) and output the copy of the convolved signal to delay 928

[00 ! 83] At a step 966, ID code detector 924 (shown in Fig, 9A) may detect the ID code c(n-d) in the combined signal x(n) + c{n-d)*y(n-d) and may determine a delay amount d by comparing c(n- ά) with c(n) received from ID code generator 922 given that c(n) is a known and controllable function. The delay amount ά may be fed into delay 928 (shown in Fig. 9A).

[00! 84] At a step 9S2, delay 928 (shown in Fig. 9A) may introduce the delay amount ό into the output of buffer 926 from step 980, i.e.. a copy of e(n)*y(n), resulting in a copy of c(n-d)*y(n-d).

[00! 85] At a step 990, summation function 930 (shown in Fig. 9A) may subtract the output of step 982, i.e., the copy of signal c(n-d)*y(n-d), from the output of step 964, i.e.. signal κ(n) í c(π- d)*y(n~d) In other words, at step 990, summation function 930 calculates signal x(n) -1- c{n-d)*y(n- d) ~ c( ^' n-d)*y(n-d) to obtain signal x(n), which may represent the input signal picked up by receiver microphone 916 (shown in Fig. 9A) with no presence of an echo of signal y'(π), which may be represented by signal y(n-d). Signal x(n) may include voice of a local party., e.g., in a double-talk scenario, and/or background noise surrounding microphone 916

[00186] At a step 992, signal x(n), including voice of a local party, e.g., in a double-talk scenario, and/or background noise surrounding microphone 916 and containing no echo, may be sent to signal transmitter 932. Thus, echoes may be effectively canceled in both signal-talk and double- talk scenarios.

[00187] As can be appreciated from the foregoing, embodiments of the present invention may effectively cancel echoes without the need of a filter (or echo canceller) that is required in a prior art device, arrangement, or method. Being immune to possible errors in echo path modeling that the filter may rely on, embodiments of the present invention may provide more accurate echo cancellation and faster cancellation, and therefore better quality of service. Further, the embodiments of the present invention may effectively cancel echoes in double-talk scenarios where conventional filters may usually perform poorly.

[001 SSj Without substantially relying on filter and associated complexity of echo path modeling, embodiments of the present invention may also advantageously eliminate the need for high CPU processing power and large data memory that may be required by the filter, thereby reducing the coat in implementing echo cancellation.

[00189] C. Content-Based Jitter Buffer Scheme for Voice/Video over IP Communications

[00! 90] One or more embodiments of the present invention provide a mechanism to handle excessive WLAN jitter using VAD and jitter compensation for audio. One or more embodiments of the present invention work aJso for video where lack of motion or no motion is used in conjunction with packet jitter.

[00191] One or more embodiments of the present invention relate to a packet communication device. The packet communication device may include a detector configured to detect a

chaιactcπ/cd content in incoming packets, receix ed bv the packet communication des ice The packet communication άc\ tee mav fuithcr include a plavout conti ol configuicd to peiform an adjustment oi the incoming packets to produce adjusted packets and output the adjusted packets if the detectoi has detected the chaiacteuzed content m the incoming packets

[UU 1921 λ new titter buffet scheme called content-based μttei buffei is proposed to o\ eieome the cuπent jitter buffet technology limitation In aecoi dance with one oi inote embodiments of the piesent tm ention not onl\ the RTP headei information ot the incoming packets but also then RTP pavioad contents to identify the silences and taik spurts on the incoming packets aie ebsei\ed I hen based on this silence or talk spun cue to decide when the pla\ -out άefay can be inseited to compensate the network packet jHtet With this new scheme, the jittei buffet en the lecervβi side vs ill no longei depend on the tiansmttter's silence suppression any rnoie

1001 ^Q 3] t-ig 5 'VB gn es a high le\ el o\ ei \ ιew of the utter buffei aichαectui e f s the path the packets wiH trace through functional blocks in the Voice Quahts Fngine {\ ^' O ) The dim here is introduce an adaptix e de-jttter controller to e\en out pla\ -out λ sπuilai scheme ma> be used to handle \ ideo jitter

[00194] In one of pπor art μtter buffer designs, a so-called i ecei\ er~side VAD (voice actix Jt> detection) mav be used to pi ev ent the μtter buffer ox eiflow

[00! 9^j tπ another word the silence or talk spurt cue is used to Hush the jittci buffer when the biienee or talk spuit cue reaches the ma\imum length The diffeιcnoet> of the new scheme fiora the pπor ait design include that the silence ot LiIk ^purt cue is used to control when the ρla>-out dclaγ can be inserted to compensate the network packet |ittet So, in accordance w ith otic oi more embodiments ot the piesent imention the silence υι talk spun detection will become a ke\ part of the μttej buffet scheme Tndei some circumstances it mav be too late to make anv adjustment when thejittei bullei becomes ovei flow

[ 001 °6] l leie is how this eomeut-hased μttei buffet appatatυs and methods can be applied to the ieal~wυrid applications Both \ oice and video cases are described a-» lollows

[00W] The figuie ^A shou^ a block diagiatrs \oice of a jittei buffer m accordance with one oi moie embodiments of the present invention Fhe coie jittet buffei includes one oi moie compoαents for packet queuing packet pla>-out, μttei calculation and μttei compensation Hete the decodei and VAD will geneiate a silence or talk spmt uidicatoi I he silence oi talk spun indicatoi is

then fed back to the jitter compensation part and used to decide when to insert the play-out silence to compensate the network packet jitter.

[00! 98] Fig. 5B shows a block diagram of a video jitter buffer in accordance wifh one or more embodiments of the present invention. The core jitter buffer is similar to voice's one, except the play-out delay will be inserted when there is no motion or very low motion on the video frames. Here after the decoder, the motion estimation and the motion compensation will generate a residue frame. A no-motion indicator can he formed from this residue frame plus some specific threshold. The no-motion indicator then fed back to the jitter compensation pail and used to decide when to insert the play-out silence to compensate the network packet jitter. Cn video, inserting the play-out silence is actually to stop playing out the new frame while repeating the previous video frame. [00199] As discussed above, problems such as packet delays (i.e., late arrivals of packets), packet delay variations, and packet loss may have negative effects on quality of serv ice (QoS) in packet communication. Packet delays and packet delay variation may also be known as jitter To address the problems, in the prior art, a fixed de-jitter buffer scheme may be employed to compensate the late arrivals of packets by periodically inserting delays (e.g., in the form of silence packets or comfort noise packets) when playing out packets from a packet buffer. However, with the fixed de-jitter scheme, delays may be excessively inserted between voice packets, resulting in choppy voice.

[00200] In the prior art. a transmitter-side voice activity detector (VAD) may also be employed for adaptively inserting delays, thereby compensating packet delays and packet delay variations. However, the transmitter-side VAD may not be supported by some user devices. Further, given existing VAD algorithms, the transmitter-side VAD may cause undesirable noise or choppy votce, for example, when a transmitting party is performing music playback, because {muses in music may be treated as silence and inappropriately handled. For another example, when the transmitting party uses G.729AB codec with the transmitter-side VAD turned on to play out some music, the user m the receiver side may perceive distorted music. Therefore, the transmitter -side VAD may be commonly turned off by packet communication service providers and may not be able to compensate packet delays and packet delay variations. As a result, fixed de-jitter buffer scheme may still be employed, and the quality of service may still be undesirable to a receiving party

[0020 SJ Further, in the prior art, a receiver-side silence detector may be employed for controlling packet buffer overflow, for preventing packet loss. However, according to arrangements in the prior art, voice packets may be discarded and therefore lost when the packet buffer is nearly full or ts full, and the quality of service may be undesirable to the receiving party.

[00202] In contrast, embodiments of the present invention may employ a receiver-side silence detector for timely compensating delays and delay variations and adapiively playing out packets from the packet buffer. Advantageously, the transmitter-side VAD is not needed, and desirable quality of service may be provided. Further, one or more embodiments of the present invention may employ a receiver-side video detector, thereby adaptively handling jitter in video communication.

[00203] The present invention relates, in one or more embodiments, to a packet communication device that may include a detector configured to detect a characterized content in incoming packets received by the packet communication device. The characterized content may represent silence (e.g., a time period with no voice packets received) in voice communication. Alternatively or additionally, the characterized content may represent at least one of no motion and an amount of motion that is lower than a threshold. For example, the threshold of a no-motion or still picture may be selected to be 10% to 15% (in terms of data volume) of the full active picture in video communication.

[00204] The packet, communication device may further include a play-out control configured to perform an adjustment of the incoming packets to produce adjusted packets and output the adjusted packets, if the detector has detected the characterized content in the incoming packets. The adjustment may include insertion of a delay, for example, in the form of silence packets or comfort noise packets. Alternatively or additionally, the adjustment may include repeating playing out packets that have been previously played out. As a result, the delays and delay variations of the incoming packets received at the packet buffer may be timely compensated, and the adjusted packets may be of acceptable quality to the receiving party.

[00205] Features and advantages of the present invention may be better understood with reference to the figures and discussions that follow

[00206] Fig. I OA shows a block diagram of a first example prior art packet voice communication arrangement (first prior art arrangement) with an adaptive jitter buffer scheme. As

shown in the example of Fϊg I OA ₅ the first pπoi ait aiiangemcnt includes a ttansmitter-Mde device 109 } and a recen er-side see 1092, connected through a network 1003 Fach of transmitter-side device 1091 and receiver-side device 1002 rnav repiesent a telephone, a mobile phone, or a teleconference ice

[0020?| Transnutter-side device 1091 may include the following components a speech buffer

1000, a voice activity detectot H)OI (VAD 1001 ), and a transmitter 1002 These components may be described as follows

[00208] Speech buffei 1000 may be configured to receive \oice packets (packets) from a microphone, buffer the packets, and then transmit the buffeted packets to VλD 1001

[0020°] VAD 1001 may be configured to msert a Silence descriptor (SlD) when there is silence (i e , a peπod of time between voice packets) m the packets received from speech buffer 1000

[0021Oj Tiansmittei 1002 may be con fig used to receive the packets from VλD 1001 and transmit the packets to network 1003

[0021 1 j In turn, network 1003 may transmit the packets to recen er-sϊde device 10 ^c >2

[ 00212] Receiver-side include the follow ing components a packet buffer

1004, a packet play-out conttol 1005, a delay insertion control 1006, a delay information module 1007, a jitter calculator 1008, and a play-out dela> calculator 1009 These components may be described as follows

[00213] Packet buffer 1004 may be configured to tecene the packets from network 1003. buffer the packets, and then send the packets to jitter calculator 1008, delay insertion control 1006, and packet play-out control 1005

[00214] Jitter calculator 1008 ma> be configuied to calculate the size of jitter in the packets

The _. utter may represent silence, i e , a time peπod between armals of two voice packets w ith no data

[00215] Delay insertion control 1006 may be configured to determine when to msert delays based on SlDs inserted in the packets by VAD S(K)I of transmitter-side device KNl Delay insertion

control 1006 may receive jitter size information from jitter calculator 10OS and may receive packets from packet buffer 1004.

[002 S όj Play-out delay calculator 1009 may be configured to receive jitter size information from jitter calculator 1008 Based on the jitter size information, play-out delay calculator 1009 may calculate sizes of delays to be inserted into the packets.

[00217] Delay information module 1007 may be configured to consolidate information from delay insertion control 1006 regarding timing for inserting the delays and information from play-out delay calculator 1009 regarding the sizes of the delays. Accordingly, delay information module 1007 may build the consolidated information into a data structure and send the data structure to packet play-out control 1005.

[00218] Packet play-out control 1005 may be configured to receive packets from packet buffer

1004 and insert delays into the packets, according to the data structure received from delay information module 1007.

[00219] Fig. 1OB shows a flowchart of a transmitter-side process of a prior art jitter buffer scheme utilized, for example, in the first prior art arrangement shown in the example of Piy, 1OA. The transmitter-side process starts with a step 1060, at which speech buffer 1000 (shown in Fig. 10A) may receive packets, for example, from the microphone used by a transmitting party. Speech buffer 1000 many then buffer the packets.

[00220] At a step 1062, speech buffer 1000 may set the marker bit of each packet to 0 by default. When each packet reaches a final step 1072, the marker bit of the packet may be set to 1 if the packet the first voice packet of a talk spurt. Otherwise, the marker bit may be kept to 0.

[00221 ] At a step 1064, VAD 1001 may determine whether the packets contain one or more sϋenc-e periods (i.e., one or more time periods with no data between packets). If the packets contain one or more silence periods, control may be transferred to a step 1074; if not, control may be transferred to a step 1066

[00222] At step 1074, VAD 1001 may determine whether a SID(s) have been set in the packets. A SlD (silence descriptor) is configured to mark the beginning of a silence period, if the S!D(s) have been set for a silence period(s) in the packets, control may be directly transferred back

to final step S.072; if not, control may be transferred to a step 1076 before being transferred to final step 1072. At step 1076, VAD 1001 may generate the S1.D(s) for the packets. At final step 1072, transmitter 1002 {shown in .Fig. 10A) may transmit, the packets to network 1003.

[00223] At step 1066, VAD 1001 may determine whether the packets contain a first voice packers) after a silence peπod(s). if Use packets contain a first voice packers), control may be transferred to a step 1068, at which VAD 1001 may sel the marker bit(s) for the first voice packet(s) to 1. If the packets contain no first voice packet(s), control may be transferred to final step 1072, at which transmitter 3002 may transmit the packets to network 1003.

[00224] Fig. 1 OC shows a flowchart of a prior art delay calculation process. The delay calculation process may be part of the receiver side process utilized, for example., m receiver-side device 1092 of the first prior art arrangement shown in Fig. 1OA. The delay calculation process may be performed involving packet buffer 1004, delay insertion control 1006, jitter calculator 1008, play- out delay calculator 1009, and delay information module 1007 of receiver-side device 1092 shown in the example of Hg. I OA.

[00225] The delay calculation process may start at a step 1022, at which packet buffer 1004 may receive packets from network J 003 and buffer the packets. For example, the packets may represent packets transmitted by transmitter 1002 (shown in Fig. 10A) at final step 1072 (shown in Fig. 10B).

[00226] At a step 1024, jitter calculator 1008 may calculate an average jitter j.

[00227] At a step 1026, jitter calculator 1008 may calculate jitter deviation v.

[00228] At a step ^" 1028, play-out delay calculator 1009 may calculate a play-out delay using j and v and based on a network model represented by f(j, v), i.e., delay d = f(j, v).

[00229] At a step ^" 1030, delay insertion control 1006 may determine whether packet buffer

1004 is empty. If packet buffer 1004 is empty, control may be transferred to a step 1038; if not, control may be transferred to a step 1032,

[00230] At step 1032 delay insertion control 1006 may determine whether marker bit(s) of value I have been set. If the mark bit(s) of value 1 have been set, control may be transferred to step ! 038; if not, control may be transferred to a stepl 034.

[0023 S j At step 1034, delay insertion control 1006 may determine whether there is a SID{s) in the packets. If there is a SlD(s), control may be transferred to step 1038: if not, control may be transferred to a step 1036.

[00232] At step 1036, delay insertion control 1006 may determine whether the average jitter j is greater than a predetermined threshold. For example, the threshold here may be the length of packet buffer 1004.

[002331 If the average jitter j is greater than the predetermined threshold., control may be transferred to step 1038; if not control may be directly transferred to a step S 040

[00234| At step 1038, delay information module 1007 may consolidate size and timing information for inserting delays, then control may be transferred to step 1040

[00235] At step 1040, information pertaining to inserting delays may be output to play -out control 1005.

[00236] Fig. 1 OD shows a flowchart of a prior art packet play-out control process. The packet piay-out control process may be part of a receiver side process utilized, for example, in receiver-side device 1092 of the first prior art arrangement shown in Fig. 1OA. The packet piay-out control process may be performed by packet piay-out control 1005 shown in Fig. 1OA.

[00237] The packet play-out control process starts at a step 1042, at which packet play-out control 1005 may receive packets from packet buffer 1004 (shown in fig. 10A) and may receive the information pertaining to inserting delay &$ a result of step 1040 (shown in Fig. 10C) from delay information module 1007 {shown in Fig, 10A).

[00238] At a step 1044, packet play-out control 1005 may determine whether enough delays have been inserted. If enough delays have been inserted, control may be transferred to step 1048; if not. control may be transferred to a step 1046.

[00239] At step 1046, packet play-out control 1005 may insert delays (e.g , in the form of silence packets or comfort noise packets} into the packets received from packet buffer 1004.

[00240] At a step 1048, packet play -out. control 1005 may retrieve packets from packet buffer

1004.

[0024S j At step 10SO ₅ packet play-out control 1004 may play out packets resulted from steps

1046 and 1048.

[00242] Fig. 1OE shows a schematic representation of received packet flow at packet buffer

1004 (shown in Fig. JOA) when the transmitter-side VAD 100! (shown in Fig. I OA) is turned on As shown in the example of Fig. 1 OE, the received packet flow may include voice packets 1 OSO ₅ silence 1084 following voice packets 1080. voice packets 1086 following silence 1084, silence 1088 following voice packets 1086, etc. Silence 1084 and silence 1088 represent time periods during which no voice packets are received at packet play-out control 1005. Since VAD 1001 is turned on, VAD 1001 may have set marker hits of first voice packets such as packets 1080a and 1086a to 1. The marker bits of value 1 may be utilized at step 1032 shown in Fig, 1OC for determining when to insert delay.

[ 00243] Further, V AD 1001 may have inserted SlD 1082 at the beginning of silence 1084 and

SID 1090 at the beginni ng of silence 1088 SlD 1082 a πd SlD 1090 may also be utilized at step 1034 shown in Fig 1OC to determine when to insert the delay.

[00244] Fig. 1 OF shows a schematic representation of received packet flow at packet buffer

1004 (showα m Fig. 10A) when transmitter-side VAD 1001 (shown in Fig. 10A) is turned off. Because existing algorithms employed in VAD 1001 may cause undesirable noise or choppy voice, for example, in music playback, VAD 1001 may commonly be turned off by packet communication service providers and therefore may not be able to provide information related to voice activity.

[00245] As shown in the example of Fig, !0F, the received packet flow may include voice packets J 092. silence packets 1094 following voice packets 1092, voice packets 1096 following silence packets 1094. silence packets \ 098 following voice packets i 096, etc. Because VAD iOOJ is turned off, there may be no SID inserted for the silence periods represented, for example, by silence packets 1094 and silence packets 1098. As a resυh, step 1034 {i.e., detecting SIDs) shown in Fig. 1 OC may not be performed.

[00246] Further, although voice packet 1092a may have a marker bit value of 1 , all of the rest of the received packets may have a marker bit value of 0, Therefore, step 1032 (i.e., determining whether mark bit values for first packets are set to 1) shown in Fig. 1OC may not be performed

[00247] Still further, when VAD 1001 on transmitter side 1091 is turned off, the packets may be continuously coming into the packet buffer 1004 on receiver side 1092 such that packet buffer ! 004 may never be empty. Therefore, step 1030 (i.e., determining whether packet buffer 1004 is empty) shown in Fig. I OC may not be performed as designed.

[00248| Accordingly, when VAD 1.001 is turned off, delay insertion control 1006 may not be able to perform steps 1030, 1032, and 1034 for determining the timing for inserting delays. Although, at step 1036 shown in Fig. JOC, delay insertion control 1006 may still be able obtain information regarding whether the average jitter j(i) is greater than the predetermined threshold, the information is not sufficient for determining the timing for inserting the delays. For example, when the average jitter j(i) is greater than the predetermined threshold, it may have been to late to insert the delays. Consequently, the delays may be inserted at inaccurate timing, causing choppy voice m voice communication.

[00249] Furthermore, even if VAD 1001 is turned on, existing VAD algorithms may not enable VAD 1001 to insert SIDs precisely. As a result, front end clipping and.br rear end clipping of voice packets may occur, and voice quality may be undesirable to a receiving party.

[00250] Fig. 1 IA shows a block diagram of a receiver-side device 1 100 of a second prior art packet voice communication arrangement (second prior art arrangement), which includes adaptive buffer overflow control. As shown in the example of Fig, 11 A, receiver-side device 1 i 00 includes the components of receiver-side device 1092 in the first prior art arrangement shown in Fig. K)A. In addition, receiver-side device 1100 includes additional components 1 1 SO. The additional components i i 80 may include a decoder U 18, a silence detector 1 U 6, and a buffer overflow control 1 1 14, described as follows:

[00251 ] Decoder 1 1 18 may be configured to decompress voice packets

[00252] Silence detector 1 1 16 may be configured to detect silence in the packets received from decoder 1 1 } S. If there is silence, then silence detector 1 1 16 may set a silence flag value to I . If there is no silence, silence detector 1 1 16 may set the silence flag value to 0

[00253 j Buffer overflow control 1 1 14 may be configured to monitor the status of a packet buffer 1 102. According to the status of packet buffer 1 102, buffer overflow control 1 1 14 may determine whether to drop or to keep next packets received at packet buffer i 102,

[00254] Fig. i I B shows a flowchart of a silence detection process utilized, for example, in receiver-side device 1 100 shown in the example of Fig, 1 I A. The silence detection process starts at a step 1 120, at which decoder 1 1 18 (shown in Fig. 1 I A) may decompress voice packets {packets) received from a packet play-out control 1 104 {shown in Fig. 1 IA).

[00255] At a step 1 124, silence detector 1 1 16 (shown in Fig 1 1 A) may determine whether there is silence in the received packets. If there is silence, control may be transferred to a step 1130, at which silence detector 1 1 16 sets the silence flag value to 1. If there is no silence., control may be transferred to a step 1 126, at which silence detector 1 1 16 sets the silence flag value to 0.

[00256] At a step 1 128, silence detector 1 1 16 may output the silence flag value,

[00257] Fig. 1 1 C shows a flowchart of a buffer overflow control process utilized, for example, in receiver-side device 1 100 shown in the example of Fig. 3 IA. The buffer overflow control process may be performed by buffer overflow control 1 1 14 shown in Fig. 1 1 A. The buffer overflow control process starts at a step 1 132, at which buffer overflow control 1 1 14 receives the silence flag value from silence detector 1 1 16 (shown in Fig. 1 I A)

[00258] At a step 1 134, buffer overflow control 1 1 14 may determine whether packet buffer

1 102 (shown in Fig. 2A) has reached a first threshold such as, for example, 100% full. If packet buffer i 102 has reached the first threshold, control may be transferred to a step 1 144, if not, control may be transferred to a step 1 136.

[00259] At step 1 144, buffer overflow control 1 1 14 may command packet buffer 1 102 to discard newly received packets, regardless of whether the newly receive packets represent voice packets Buffer overflow control H 14 may also command packet buffer 1 102 to provide packets to be played out

[00260] At step \ 136, buffer overflow control 1 1 14 may determine whether packet buffer

1 102 has reached a second threshold such as, for example, 80% full if packet buffer 1 102 has

reached the second threshold, control may be transferred to step 1 140; if not, control may be transferred to a step 1138.

[0026 SJ At a step 1 140, buffer overflow control 1114 may determine whether the silence flag value received from silence detector 1116 is 1. If the silence flag value is I , control may be transferred to step 1 142, if not, control may be transferred to step 1138,

[00262] At a step 1 142, buffer overflow control 1 1 14 may command packet buffer 1 102 to discard newly received packets since the newly received packets may represent silence. Buffer overflow control 1 1 14 may also command packet buffer 1 102 to provide packets to be played out. Control may then be transferred to step 1 138.

[00263] At step 1 138, packet buffer 1 102 may receive and buffer packets.

[00264] The buffer overflow control process shown in the example of Fig. 11C may not be effective in maintaining quality of service. For example, when packet buffer 1 102 has reached the first threshold, e.g., 100% full, voice packets may be discarded according to step 1 144. Therefore, choppy voice may be resulted. Further, when packet buffer 1 102 has reached the second threshold but not the first threshold, e.g., 80% full but not 100% full, packet buffer U 02 may still receive bursts of voice packets which are greater than the remaining capacity of the packet buffer 1 102. Consequently j overflow may still occur, and packets (including voice packets) that exceed the capacity of packet buffer 1 102 may still be lost. As a result, quality of service may be undesirable to a receiving part)'.

[00265] Fig. I2A shows, in accordance with one or more embodiments of the present invention, a block diagram of a receiver-side device 1.200 of a packet voice communication system with adaptive jitter handling. Receiver-side device 1200 may represent a user device such as, for example, a telephone, a mobile phone, a teleconference device, an audio player, or a video phone. Alternatively or additionally, receiver-side device 1200 may represent a server device in a packet communication network.

[00266] As shown m the example of Fig 12 A, receiver-side device 1200 may include one or more of the following components: a packet buffer 1202, a packet play-out control 1208, a decoder !2! O ₇ a delay insertion control 1214, a delay information module 1216, a jitter calculator 1204, and a

play-out delay calculator 1206. Receiver-side device 1200 may further include a detector configured to detect a characterized content such as a silence detector 1212 for detecting silence Silence detector ! 25.2 may be configured to receive decompressed packets from decoder 12 J 0 Silence detector 1212 may further be configured to process the decompressed packets and provide a silence flag (but not the decompressed packets) to delay insertion control 1214 through a link 1299.

One or more of the components may he included in software thai may he downloaded into receiver- side device 1200.

[00267] One or more components of receiver-side device 1200 may have capabilities similar to capabilities of components of receiver -side device 1 100 shown in Fig. 11 A. However, in contrast with silence detector 1 1 16 of receiver -side device 1100, siience detector 1212 may be configured determine when to insert delays for handling jitters instead of or in addition to controlling packet buffer overflow.

[00268] Further, in contrast, with delay insertion control 1 108 of receiver-side device 1 100, instead of receiving information from jitter calculator 1204 as in the prior art jitter buffering schemes, delay insertion control 1214 may receive information from siience detector 1212,

[ 00269] Delay insertion control 1214 may he directly coupled to silence detector 1212 through link 1299. Link 1299 may represent a direct logical link or physical fink. There may be no direct logical or physical connection between jitter calculation 1204 and delay insertion control 1214, in contrast with link 1 199 between jitter calculator .1 1 10 and delay insertion control 1 108 shown in the example of Fig. 1 I A and link 1099 between jitter calculator 1008 and delay insertion control 1006 shown in the example of Fig. 10A.

[00270] Fig. 12B shows, in accordance with one or more embodiments of the present invention, a delay insertion control process utilized for adaptive jitter handling utilized, for example, in receiver-side device 1200 shown in the example of Fig. 12A The delay insertion control process starts with a step 1220, at which delay insertion control 1214 (shown in Fig. 12A) may determine whether packet buffer 1202 (shown in Fig. 12A) is empty, i.e., containing no packets for playing out ϊ.f packet buffer 1202 is empty, control may be transferred to a step 1228; if not, control may be transferred to a 1222.

[0027 S j At step 1222, delay insertion control 1214 may determine whether the marker bιi(s) of value 1 are set in incoming packets that are received through packet buffer 1202 Jf the mark btt{s) of value 1 are set, control may be transferred to step 1228; if not, control may be transferred to a step 1224.

[002?2| At step 1224, delay insertion control 1214 may determine whether there is a SlD(s) in the incoming packets. If there is a SϊD(s), control may be transferred to step 1228, if not, control may be transferred to a step 1226,

[00273] At step 1226. delay insertion control 1214 may determine whether the silence flag value received from silence detector 1212 {shown in Fig 12A) is 1. If the silence flag value is U control may be transferred to step 1228; if not, control may be transferred to a step 1230,

[00274] At step 1228, packet play-out control 120S (shown in Fig. 12A) may insert delays

(e.g., silence packets or comfort noise packets) into the incoming packets according to information received from delay information module J 216 (shown in Fig. 12A) to generate adjusted packets The delay information includes size information provided by play-out delay calculator 1206 (shown in Fig. 3A) and timing information provided by delay insertion control 1214.

[00275] At step 1230, packet play-out control 1208 may play out the adjust packets. The adjusted packets may be decompressed by decoder 1210 and then be played out by receiver-side device 1200.

[00276] As can be appreciated from Fig, 12B, in accordance with one or more embodiments of the present invention, delay insertion control 1214 may determine the timing for inserting delays based on silence flag value received from silence detector 1212 (at step 1226) even if no information is received from jitter calculator 1204.

[00277] Fig. 13 shows, in accordance with one or more embodiments of the present invention, a block diagram of a receiver-side device 1300 of a packet video communication system with adaptive jitter handling. Receiver-side device 1300 may represent at least one of a telephone, a mobile phone, a teleconference device, a video phone, and a video player Alternatively or additionally, receiver-side device 1300 may represent a server device in a packet communication network.

[00278] Receiver-side device 1300 may include components performing functions similar to functions of components of receiver-side device 1200 shown in the example of Fig 12 A. Receiver- side device 1300 may include one or more of a picket buffer 1302. a jitter calculator 1304, a compensation control 1314, a compensation calculator 1306, a compensation information module ! 316, a packet play-out control 1308, a decoder 1310, and a video detector 1312.

[0027*3] What may be different may be that video detector 1312 may be configured to detect no motion or low motion rn video packets, instead of silence Further, instead of being configured to calculate and consolidate information for delay insertion, compensation 1306, compensation control 1314, and compensation information module 1316 may be configured to calculate and consolidate information for video compensation. The video compensation may include stopping playing new video frames while repeating video frames and may be performed by packet play -out control 1308.

[00280] Similar to the configuration of receiver-side device 1200, compensation control 1314 may be directly coupled to video detector 1312 through a link 1 399 for determining timing for the video compensation,

[00281] The video compensation control process for jitter handling utilized in receiver-side device 1300 may be similar to the delay insertion control process shown m the example of Fig. I2B

[00282] One or more embodiments of the present invention may involve a receiver-side device that includes a configuration similar the configuration of receiver-side device 1300 and is configured to handle jitter in multimedia communication that includes voice and video. Further, one or more embodiments of the present invention may involve a delay insertion control and video compensation control process that is similar to the delay insertion control process shown in the example of Fig. 12Fl

[00283] As can be appreciated from the foregoing, embodiments of the present invention may effectively handle jitter in packet communication without depending on a transmitter-side voice activity detector (VAD) or a fixed jitter buffer scheme. Using a receiver-side silence detector for delay insertion control instead of only for buffer overflow control, embodiments of the present invention may accurately insert delays without unnecessarily inserting delays into voice packets. Advantageously, choppy voice may be reduced, and voice quality may be ensured. Further.

embodiments of the present invention may be utilized tn video communication and/or multimedia communication

[00284] D. Divttas Description Protocol (DDP)

[00285] One or more embodiments of the present invention include a light weight protocol over SlP that will efficiently transport information between the server and the client and will work independent of the hardware and software platforms.

[00286| Architecture of DDP; DDP has been architccied taking the following factors into consideration;

[00287] independent of server and client hardware and OS. The structure and format of the protocol (DDP) is such that DDP is agnostic of the server or handset hardware platform as we!! as the operating system running on both of the platforms, In accordance with one or more embodiments of the present invention, the protocol is architected and designed to run on any server or handset hardware platform and is independent of the Operating System/SW platform running as well For example, DDP may run on Linux, Symbian, Windows Mobile 5.0 etc. In summary-, no special adapter layer needs to designed or developed even' time this module has to be ported on to a new hardware or software platform.

[002SSj Decoupled from control plane protocol; DDP has been architected such that is can be used with any of the control plane technologies that is use on a given platform - i.e , SIP, H.323 etc

[00289] Independent of transport protocol: Designed to be efficient when used over both UDP and TCP Has an optional module to ensure a level of reliability and performance (using

ACK/NACK and a windowing mechanism) if being used over a transport layer than is best effort.

This reliability module removes the burden on higher layer application to worry about guaranteed delivery especially in environments with high packet loss

[00290] Generic and application-unaware: DDP will be used for a wide range of application ranging from critical control plane messages with strict real time requirements to application that need to transfer large amounts of data between the server and the client. Optional module within

DDP enables the application to transfer files and buffers between the server and client. The protocol also does not care about the type of the application data ^••• i.e binary, text.

[00291 ] Service Priority Level; Enables the scheduling and queuing of messages with different priority levels for application with different delay and service requirements.

[00292] Support for Encryption: Optional module within DDP allows the server and handset to set up a secure tunnel at initialization and ail further exchange of DDP messages are encrypted providing a level of security for applications that need encryption This will still allow applications to exchange unencrypted messages for such applications that do not need encryption.

[002931 Built-in Session Management: Has specific control messages to initialize and maintain the session between the server and the client.

[00294] Independent of the medium. The protocol is independent of the medium over which the client is connected to the server. The session could be over WiFi, cellular data channel or wired

Ethernet.

[00295] Fig. 6A shows an overview of a DDP architecture that is fabricated in accordance with one or more embodiments of the present invention. As shown in Fig. 6 A, DDP is a session layer application that runs over SlF protocol. The encrypted application layer information that is transmitted between client and server is used to affect handoff decisions, provide session persistence for data applications such as, for example and without limitation, email or SMTP, Fig. 6A gives a high level view of the different modules that make up DDP. Here is a brief description of the different modules within DDP in accordance with one or more embodiments of the present invention'

[00296] i. DDP Message Handler: This is comprised of the parser and the message formatting module. The parser is responsible for checking the validity of a received DDP message and extracting the various information pieces before invoking the callback handlers. The formatting module takes the information from a higher level application and formats the DDP message before the DDP message is packed in to a signaling message packet,

[00297] π. Session Management: An inbuilt mechanism to evaluate the health of the DDP session between two peers and mechanisms for informing the registered applications if the session fails.

[00298] iii. DOP Scheduler: Provision for having different priority levels for DDP messages based on the application requirements.

[00299] iv. Reliable DDP module: Support for guaranteeing reliable delivery of DDP messages depending on the application requirements.

[0030Oj v. DDX (Divitas Data Transfer) module: The module that uses DDP messages for transferring files and data buffers between peers. The DDX module will work independent of the file format or the buffer contents and has mechanisms for error checking and confirmation of delivery.

[00301 ] vt. DDPS: The module in DDP that encrypts and decrypts the DDP contents before they are inserted in the signaling packets. DDP has a protocol for establishing the secure DDP tunnel between 2 Divitas peers.

[00302] Fig. 6B shows the exchange of DDP messages during the initialization of a client when a user logs on to one of the devices in accordance with one or more embodiments of the present invention.

[00303] In accordance with one or more embodiments of the present invention, DDF is a

Layer 4 or an application layer protocol. DDP can use TCP, UDP or 1 ^" LS for transport. Similar to

SIP or SDP, DDP is a text -encoded protocol. In accordance with one or more embodiments of the present invention, a DDP message comprises a sequence of lines or fields wherein each Sine of field begins with a single lower case letter which denotes the type of information that is being conveyed; the rest of the line or field contains pieces of information associated with a function or method. In accordance with one or more embodiments of the present invention, there can be multiple lines or fields with the same starting name or type In accordance with one or more embodiments of the present invention, each DDP message comprises a set of mandatory lines or fields and optional lines or field, depending on the specific type of DDP message being sent If any of the mandatory lines are missing, a parser will reject the DPP message. Optional lines that the parser cannot understand are skipped over. This allows for backward compatibility and interoperability between different versions of software. Here is an example of a DDP message"

[00304] v-0.0.0.1

[00305] o ^b server

[00306] r===dala 2

[00307] c-ext 4444

[00308] c ^::: pref cell will gprs sras wka 5 eka 10 pwd 1200 whys 20 chys 60

[00309] c-wifi rssilo 30 rssihi 60 chlo 30 chhi 50

[ 00310] c ===qos deiaylo 50 delay hi 100 losslo 1 lossh i 10 jitterlo 30 jitterhi 50

[00311 ] C=STv intip 1023414444 extip - 1 343245032

[003 12] e===end

[00313] The DDP message ss then added as a message body in a SIP message with a message body type of "applieatiαn/ddp" or "applieatioπ/ddps" The DDP body can also be sent with other signaling protocols if required

[003 141 Exemplary applications of DDP in accordance with one or more embodiments of the present invention are described as follows.

[00315 j Voice Mobility: Voice mobility depends on a lot of factors ^••• the primary one being the WiFi quality experienced by the client DDP is used to send the WiFi report in real time with information about the AP that the handset is currently associated with to make mobility decisions

The WiFi report can also optionally contain information about the neighboring APs so that the mobility server can use this information to take preemptive mobility decisions based on the predicting the movement of the handset, ϊn addition to the automatic updates based on the WiFi conditions, DDP is also used for user initiated mobility decisions

[003 i 6] Client/Device Management: DDP is used extensively in managing the client and the user experience on the handset. Here are some of the different way in which DDP based control and bulk transfer messages are used for managing the client' a. Des ice Configuration: Sending device specific configuration to the device during initialization once the deuce/ user have been authenticated. b. Mobility Thresholds. WiFi thresholds based on administrator settings for fhe client to initiate mobility actions. c. User Information- When a user logs on to one of the clients, the server pushes the user specific information (like extensions, preferences etc ) ox er DDP d. Device Image Management' Ability to upgrade the handset software o\er the air is achieved using DDP bulk transfer capability

[ 0031 7] VoicemaH/Emaii download to handset: One of the key differentiator of the Div Jtas solution is the ability to download voicemails to the handset and manage them at a time of your convenience. The ability to manage voicemails without IVR is possible by proprietary control messages that interface with the Voicemail system as well the bulk transfer capability in DDP to transfer the voicemaiis to the handset A similar functionality can also be achieved for Email system where an adapter module can be built to interface with the Email system of choice, [00318] User Presence Management: DDP messages with the user's preference for voice and text over the different medium is communicated to the server for presence management. This is

a key piece of functionality that allows the support of Presence aware calling The architecture and design of Rendezvous calling is also based on enhanced presence and user preferences - all communicated over DDP to provide the sendee Rendezvous calling is designed to provide

[00319] Instant Messaging: The messages for IM are tunneled over a DDP session This allows the IM client on the handset Io be unaware of the medium/protocol in which the device is operating.

[0032Oj Features and advantages of the present invention may be better understood with reference to the figures and discussions that follow.

[00321 ] Fig. ! 4 shows a prior art example of a call flow for establishing a connection between an application client and an application server. Consider the situation wherein, for example, a user of a handset wants to employ an application client 1404 to request for a software download 1406 via a web browser through a HTTP (hypertext transfer protocol) connection

[00322] Before software download 1406 may occur, an HTTP connection may first have to be established between application client 1404 and an application server 1402, At a first step i 408, application client 1404 may send a TCP (transmission control protocol) SYN (synchronization) to application server 1402. At a next step 1410, application server 1402 may send a TCP SYN-ACK

( TCP synchronization acknowledgement) back to application client 1404. At a next step 1412, application client 1404 may send a TCP ACK to application server 1402.

[00323] Once an HTTP connection has been established between application client 1404 and application server 1402, at a next step 1414, application client 1404 may send an HTTP Get to application server 1402. In other words, at step 1414, application client 1404 is sending the user's request for a software download 1406 to application server 1402.

[00324] Upon receiving the HTTP Get, application server 1402 may perform a search to locate the requested download, at a next step 1416.

[00325] At a next step 1418, once the software has been located., application server 1402 may begin sending the requested software as data packets (e.g., TCP data segments) to application client

1404. in sending the requested software file, the software file may be broken into a plurality of data packets in order to facilitate the process of sending the software file through the network.

[00326] At a next step 1420, upon receiving the TCP data segment, application client 1404 may send a TCP ACK to application server 1402.

[00327] Steps S 418 and S 420 may be repeated irniύ all of the data packets for the requested software download have been sent by application server 1402 to application client 1404. [00328] Once ail of the TCP data segments have been sent, then at a next step 1422, application server 1402 may send an HTTP 200 OK to application client 1404. in sending an HTTP 200 OK, application server 1402 is notifying application client 1404 that all data packets related to the software download request have been sent,

[00329] Once application client 1404 has received each of the data packets, then application client 1404 may send a notification 1424 to the user informing the user that the download has been completed.

[00330] For each application client on a handset, the method described in the call flow of Fig,

14 may have to be performed by each application client. Thus, if the handset includes multiple application clients (e.g., video application client, voice application client instant messaging application client, game application client virtual reality application client, etc. ), an independent channel may have to be established between each application client and its corresponding application server before interaction between the application client and the application server may commence With multiple applications running on a client communication between the different applications is not guaranteed. As a result, an application running on a given client may be unaware of the data exchange that may be happening for another application on the same client. [00331 ] In addition, the method described in Fig 14 is a cumbersome method that may reqmre each application on a client to he properly configured in order to assure that the application may successfully interact with its corresponding application on a given server withm an enterprise This method may create both security risks and increased complexity by requiring that a separate network session he allowed for each of the applications that communicate between a client and a server

[00332] In one aspect of Use invention, the inventors herein realized that a single protocol that is independent of hardware (e.g , handset) and software < e.g., video application client, voice application client instant messaging application client game application client, virtual reality application client, etc.) may be employed to consolidate ail of the applications network sessions, in other words, the i m entors realized that application clients do not need to establish multiple network sessions with their corresponding application servers. Instead, a protocol may be implemented that

takes advantage of existing control and transport protocols but is hardware and software independent, thereby allowing a plurality of application clients to interact with its corresponding plurality of application servers.

[00333] In accordance with embodiments of the invention, a mobility architectural arrangement is provided by implementing a Di Vi las description protocol (DDP). in an embodiment, the DDP may include a DDP client and a DDP server. Embodiments of the invention enable the DDP to efficiently transport data packets between a plurality of application clients on a handset and a plurality of application servers within an enterprise. Embodiments of the invention also enable DDP to be implemented independent of the hardware and software platforms. [ 00334] In an embodiment of the invention, the DDP is independent of the hardware platform.

Thus, the DPP may be implemented on dual-mode handsets, personal digital assistants { PDAs), 802. i i telephones, and the like. In an embodiment of the invention, the DPP is also independent of the software platform. As a result, the DPP may be ran on a Linux ^® system, a Symbian ^® system, a Window ^{J M} Mobile 5.0 system, and the like

[00335] In the prior art, the establishment of multiple network sessions may require multiple channels to be established between the client and the server, In other words, a plurality of "holes" may be "punched" into the firewall of the enterprise in order to enable the plurality of application clients to interact with their corresponding application servers. In an embodiment of the invention, DDP may be implemented to establish a single secure channel through which interaction between application clients on a handset and application servers within an enterprise may be conducted. [00336J With a single secure channel from which a plurality of data traffic may be exchanged, the information that is downloaded onto the handset may be managed by the application client. Thus, an application client that may require the utilization of information that has already been downloaded does not have to request for the data to be downloaded again. Instead, the mobility client will? DDP may be able to direct the application client to the storage location of the requested data.

[0033?| In an embodiment of the invention, the DDP may be independent of the network, In an example, the secure channel established by the DDP may be through Wi-Fi network or a cellular data network, for example. This enables DDP to ensure that a network session can be handed off to a separate network, when a user on a client device roams.

[00338] tπ an embodiment, the DDP ss built on top of a control protocol and a hanspott piotocol In an embodiment, the DDP may be implemented with am available control protocol {e g , StP, ϊϊ 323, etc ) In another embodiment, the DDP mav be implemented with ans available tianspoit protocol such as a user datagram piotocol (UDP), a transmission control protocol (IXT K oi a transport layer ,secuutv (TLS), tbi example Thus, the DDP IJ> able to efficjenϋy ioute data packets and manage connectivity without ing to be concerned about the conttαl and 01 ttanspυrt protocol that ma\ be available f0033*?| In an embodiment of the m\ ention, the DDP may include a reliability module

(RDDP) which ma\ ensuie a level of reliability foi the dehveiy of the data traffic This module is useful when utilizing a ti an sport protocol, such as I'DP, that does not ρro\ ide reliability Thus, DDP mav piovide assurance of a successful tiansfer and remove the burden of momtoiing the data traffic from the application clients

[00340] In an embodiment of the invention, the DDP mav be implemented foi a plurahtv of applications (i e , application clients arid their corresponding application sen ers) In an example, the DDP may be employed bv a simple application that mav not requiie real time exchange of data In another example the DDP tnav, be emploj ed bv an application that has tcai time requirements for the exchange of data Due to the DDP adaptability, applications mav be added or impacting the capability and versatility of the DDP

[0014J ] In an embodiment of the in % ention DDP may include a pπoi nv message scheduler module which mav be configured to schedule and queue data traffic The DDP raa> employ the priority message scheduler module to automate the plurality of downloads and uploads _* that the plurality of applications mav need or tequire

[ 00342] I he features and ma\ be better understood with iefeience to the figures and discussions that follow

[00343] Fig 15 , show s in an embodiment of the rm eution a simple architectural diagtam of the DDP mv enlton in an embodiment of the invention, DDP 1536 is independent of haidware and ot software platfoims In an example, DDl ^y 1536 ma\ be implemented on a plurality of client deuces, including, but aie not limited to, dual-mode handsets, PDAs, laptops, and the like In another example DDP 1 136 may be implemented with different opeiatmg systems, such as. a Lmux& system, a S> system, a Window TM Mobile 5 0 system, and the like As a lesult,

DDP 1536 may be loaded onto different hardware and/or software platform with minimal modification.

[00344] DDP S 536 may be built on top of a control protocol and a transport protocol. In an example, DDP 1536 may be used with different type of control protocols (e.g., SlP 1532 and other control protocols 1 524) and different type of transport protocols (e.g., UDP 1 534, UDP 1528, TCP 1530, TCP 1526, etc.}. The type of control protocol and/or transport protocol that may be employed by DDP 1536 in order to perform its function may be easily adapted by DDP Thus, if the control protocol and/or the transport protocol change, DDP 1536 will adapt itself to utilize any combination of available transport and control protocols as required. Note that changes to the control protocol and/or the transport protocol do not impact the application layer which may include, but is not limited to, a voice mobility control application client 1 506, a device management application 1 504, a project management application i 502, a voicemail/email transfer application 1 508, a device image management application i 5 i 0, an instant messaging application 1552, and the like. [00345] In addition, DDP 1536, in an embodiment, that is capable of determining the preferred transport protocol to provide the best performance and reliability. Thus, the responsibility of identifying the correct transport protocol may be centralized and moved from the plurality of applications to DDP 1 536. Since all the data traffic between a DDP client and server is now handled by DDP 1536, DDP 1536 may be able to determine the best transport protocol for routing data traffic while minimizing the possibility of data packet loss.

[00346] In an embodiment, DDP 1536 may include one or more modules, such as a DDP with security extension module (DDPS module 1522), a priority message scheduler module 151 S ₁ a reliable DDP module (RDDP module 1 516), a built-in session management module 1520, and a Di Vitas data exchange module (DDX module 1514).

[00347] Sn an embodiment, DDPS module \ 522 may provide security functionality to DDP

1536. in an example, DDPS module 1522 may enable a secure channel to be established between a mobility client of a handset and a mobility server within an enterprise. With a secure channel, all incoming and outgoing data traffic from the plurality of applications may be routed through a single secure channel,

[00348] In some situations, individual authentication may have to occur before an application client may be able to interact with its corresponding application server. Unlike the prior art, the

authentication piocess may be automated In an embodiment DPPS module 1522 ma\ include a database which may include the authentication data requited for establishing a connection between an application client and an application server

[00i4 ^Q ] In an embodiment of the invention, DDPS module 1522 mav piovide encivption-'deeiyption functionality, thus enabling DDP 153ύ to piovide secuutv foi applications thai may lequire the functionality Iu an example, an important e-mail from application client 1508 ts routed from an email MMV CI to an email application client on the handout To ensuie the seeiuity of the email, DDPb module 1522 πia> encrypt the DDP data packets before sending the packets to the corresponding application ses \ er In another example, an instant message betw eeα t\\ o ( VI clients mav be sent in a non-secme mannei Thus. DDP 1 536 ma> ioute the instant message vsithout emplo\ ing the DDPS module 1522 to encrypt the data packets sent between the IM clients [ 003 IQ] I n an erøhod? ment of the DDP 1536 ma\ include pi io! ity message scheduler module I M 8. which ma\. be configuicd to schedule and queue data packets In other Vv oids, pnoiitj message scheduler module 1518 may be responsible for managing the plurality of different data packets that ma> be iced b} DDP i M6 In an embodiment, puoπty message scheduler module ? Si 8 may establish a pohcj for handling the incoming and outgoing data packets In an embodiment, pπoi ity message scheduler module 1 518 ma> ha\ e diffeient pi ionty le\ els depending upon the ongtnatmg application In an example, application A (e g , email) mav have no i cquiremcnt foi real-time delsx cry of its data packets. Howevei application B {e g Presence Vlanagemcnt) ma> be semitis e to time delay and requiic real-time delivers' of the data packets In an embodiment, ptioπt) message scheduler module 1 *»! 8 may be an optional DDP module In an example, if DDP 1 ^6 is currently only handling data traffic foi one application, then DDP I ^6 mav not to employ pπoπtv message schedulei module 1518 to handle the scheduling of the data packets

[00351 ] In an embodiment of the unention, DDi ^y 1 536 mas include iehable module (RDDP

1 of the of data packets Io assuje debveiy, in an embodiment RDDP 1516 has mechanism to retiansout packets that do not successfully ieach then destination vuthm a specified time intenal In an embodiment, if a data packet is not teceiλ ed withm a pieset time interval, the packet v\ ill be tetiansmitted The packet may be ietransmitted a specified numbei of times before the application that the transfer of the

packet lias failed. With RDDP 1516, DDP ! 536 may provide assurance that data packets are being sent and/or received in the order in which the application requires

[00352J tπ an embodiment, DDP 1536 may include DDX module 1514, which may be employed to transport large amounts of data (e.g. image files, log files, etc..) between the mobility client and the mobility server. ϊn an embodiment, DDX module 1514 includes mechanisms to ensure the data integrity of the data transfers between the mobility client and mobility server, In yet another embodiment of the invention, DDX module 1514 may include mechanisms for confirming completion of the data transfer to the applications.

[00353] In an embodiment of the invention, DDP 1536 may be implemented for a plurality of applications including, but are not limited to, voice mobility control application 1 506, device management application 1504, project management application 1502, voicemail/email transfer application 1508, device image management application 1510, instant messaging application 1 512, and the like. Tn an embodiment of the invention, the plurality of applications may be divided into two groups.

[00354] In the first group, the plurality of applications (e.g., voicemaii/email transfer application 1508, device image management application 1510, instant messaging application 1512, etc.) are applications that may tend to send larger files, thus DDP 1536 may employ DDX module 1514 to convert the files into smaller data packets that can utilize any of the other modules within DDP 1536. including 1516, 1518, 1522, and provide assurance that the data file has been successfully transmitted and that the application has been notified of the completed transfer. [00355] In the second group, the plurality of applications (voice mobility control application

1506, device management application 1504., project management application 1502, etc.) are usually applications that may tend to send smaller control messages. Usually, applications in the second group tend to be control applications. In an example, voice mobility control 1506 may enable the mobility client and the mobility server to share mobility status, which may be sent m a single DDF packet.

[00356] Fig. 16A shows, i α an embodiment, an example of how data within a mobility architectural arrangement with DDP may Sow between an application client located within a client device and an application server, which is managed by an enterprise. Consider the situation wherein,

for example, a user on a client device wants to employ a voscemail client 1602 to retrieve a voicemat! from a voice-mat! server 1604.

[00357J Upon receiving the request from application client 1602, voicemail server f 604 may initiate a file transfer. Voicemail server i 604 may send the file along a path 1650. Upon receiving the file, the mobility server may prepare the file to be sent through a secure channel to a mobility client on the client device.

[00358] Sn an embodiment, a server DDX module 1608, which is within the mobility server, may be employed to convert the file into a format that is compatible with the control and transport protocol of the secure channel, In an example, server DDX module 1608 may convert the file, which may be in a binary format into a format that can be transported over the SiP protocol. Also, server DDX module 160S may break the file into a plurality of data packets in order to ensure the effectiveness of routing the plurality of data packets through the secure channel. [00359] After initial processing has completed, server DDX module 1608 may send a first data packet to a server DDP 1616. Server DDP 1616, in an embodiment may include a server RDDP 1614, which may provide a level of assurance for the delivery of the first data packet. [00360] Once the first data packet has been received by server DDP 1616, the first data packet may be encrypted. In an embodiment, server DDP 1616 may include a DDPS module, which may encrypt the data packets as required by the application. In an example, simple data packets (e.g.. instant messages) may be sent without encryption. In another example, important data packets (e g.. a confidential email) may be encrypted before being routed to the requestor. [00361 ] From server DDP 1616, the first data packet may be encapsulated as a SlP notify message (as shown in a code example 1670 of Fig, 16B) and sent via the secure channel through a network 1624 to the client device. In an example, the first data packet may be sent through the secure channel by using a server SϊP control protocol 1620 and a server UDP transport protocol 1622. The first data packet may be received securely by the mobility client of the client device, which may receive data packets through a client UDP transport protocol 1626 arid a client SlP control protocol 1628.

[00362] Within the mobility client, a client DDP 1632 may receive the first data packet A client RDDP 1634 may perform a similar check as that performed by server RDDP 1614. Also, client RDDP 1634 may send a SIP Notify Message with a DDΫ acknowledgment along a path 1652

through the secute channel to vet vcr DDX module 1608 By sending the DDP acknowledgement, client RDDP 1634 may send an assurance from the mobility client to the mobility server that data packet lias been tecerved Likewise, it ^" server RDDP module 1614 does not tcccise the RDDP acknowledgement, server RDDP module 1614 will retransmit the data packet until the packet has been successfully acknowledged or the maximum numbta of retries LS exhausted [00363] In an embodiment, a data packet may be .sent and the next data packet may not be sent until a DDP acknowledgement has been receded In an example, server DDX module 1608 may not send a second data packet until a DDP acknowledgement has been received In another embodiment, a fixed number of data packets may be sent and the sending of additional packets would not occui until an acknowledgement is received for one or mote of the initial data packets In an example, server DDX module 160S send a group of 10 data packets and vull be required to wan until at least one acknowledgment is receded before it JS allowed to transmit an additional data packet

[00364] Once the mobility cl tent has sent a DDP acknow lodgment to the mobility sen er, the data packet will be routed to a client DDX module \ 636 ϊti an embodiment, client I)DX module ! 636 may hold the date packets υntti all data packets have been receded Tn an embodiment, server DDX module 160S may send a message indicating that each of the data packets for the requested file has been sent and that no additional data packet ten the file will be forthcoming Once all of the data packets have been received, then client DDX module 1636 will reassemble the file and notify client 1602 that the voice-mail file is available

[00365] λs can be seen from Fig 15 and S 6, the architectute of the DDP mav provide a Single secuie channel from which a pluiality of application clients ma\ intetact with a piumhty of application seivers By liav uig data traffic flowing through a single .seciue channel, the architecture of the DDP may provide contiol by assuiing that the data packets ate being received, that proper verification has been done in ordei to acknowledge that all data packets have been leceived, and that there are no miss-ing data packets In an example, the architecture of the DDP mav enable laige files to be btoken up into smaller data packets, which mav be sent with the assurance that the acknowledgement may be sent by the recemng side

[00366] Fig 17 shows, in an embodiment of the invention, an example of a call flow illustiatmg how a secure channel may be established between a client dev ice and a mobility server

ϊn an embodiment, to establish a secure channel, registration may occui Consider the situation wherein, fot example a user initialises a client ice for the fust time

[00367] _' \t a fit st step ! 724 a SlP registtatson must first be established In an example, a client SIP 1 716 mav send a SlP registtation request through a client UDP 1714 I he SIP registration lequest ma\ be receiv ed b\ a servei SIP 1 710 through a sen ei UDP 1712

[00368] I ipon leceivtng the SIP iegisttation request, servet SIP 1 710 may send a SiP iegistralion t esponse 172(5 \ ia sen ei V DP 1712 and cl tent I DP 1714 to client SlP 1 716 Once the

SIP regjstiatjon has been successfully completed, steps to establish a secure DDP channel aie initiated

[ 00369] At a next step 1 ^28, a client DDPb module 1718, a module of a client DDP 1 ?20, vs ill send a DDPS session iequest to a sen er DDPS module 1 70S In an example, the DDPS session request may be touted through cheat SlP 1 716. client LOP 1714, .set ver VD? 1 712. set vet StP 1710 to servei DDPS module 1708

[00370] Upon recen ing the DDPS session request, at a next step 1730, sen er DDPS module

1708 will send a ODPS session response 1730 to client DDPS module Pϊ 8 \ ia sesver SlP 17i O, sen er UDP ! 712, client UDP 1 714, and chcnt SlP 1716 Once the secure channel has been established, the uset may to tegsster with the mobility serx ei To notify the usei, client DDPS

1 7! 8 ma\ forward the DDPS session response to an application client 1722

[0017J ] Upon iccen sng the notification, at a next step 1 732, application client 1722 mav send a DDP registtation tcquest to a user see manager 1704 In άn. example, application client 1722 rnav send the iegistratton tnfottrtation to a client DDP 1720 Client DDP 1 720 may send the iegistration infonration thiough the established secute channel (t e , thtough client DDPS module

1718, client SIP 1716, client VDΫ 1 714 sm et UDP 1712, servei SIP 1 710, and senet DDPS module 1 708) to a DDP 1 70b _% which mav then toute the iegtstration m fot mat) on to usei inanaget 17C4

[00372 j L'pon receiving the registtation tuforroatiuu, user dev ice manager 1 704 mas send a

DDP iegistration response to application client 1732, at a next step 1 734 in an example, uses see manager 1704 ma> senϋ the DDP registration response to sen er DDP 1 706 Sen ei DDP 1706 ma> send the iegistration mfoimation thiough the established secuie channel (ι e , thtough seiver DDPS

1708, servei SIP 1 710, sen er UDP 1712, client UDP 1714. client SlP 1716, and client DDPS 1718)

to DDP 1720, which may then route the DDP registration response to the user of application client 1722.

[00373] tπ a mobility architectural arrangement with DDP, registration may be a one-tone event, hi an example, ehent device will register with the mobility server when the client device is initialized for the first time. Since a secure channel has already been established at steps 1728 and 1730, the user of the client device may be assured that the sensitive DDP registration information JS being sent encrypted and through a secure channel. In an embodiment, no additional DDP registration may need to occur as long as the secure channel between the client device and the mobility server is maintained. In an embodiment interaction between application clients on s client device and application servers managed by an enterprise may now be conducted securely through a single secure channel. Fig. 18 and 19 show, in an embodiment, examples of hovs DDP may handle interaction between applications clients on a client device and application servers managed by an enterprise

[00374] Fig. 18 shows, in an embodiment, a simple call flow illustrating a situation in which a large file may have to be sent. Consider the situation wherein, for example, a client device may need to download the latest software upgrade. In an example, an application client 1814 may send a request 1816 for software upgrade to an image manager 1802, which may be responsible for managing the different software images on the server side.

[00375] At a first step 1818, application client 1814 may send a new image request to image manager 1802. In an example, the new image request may first be sent from client application 1814 to a client DDP I Sl O. After receiving the new image request. DDP 1810 may send the request through a secure channel to a server DDP 1808 Before being sent to image manager 1802. the new image request may be routed to a device/user manager 1804, which may be responsible for determining which software may need to be upgraded After device user/manager 1804 has determined which software upgrades the client device may need, device user/manager 1804 may route the new image request to image manager 1802.

[00376] Upon receiving Ui e request, the image manager 1802 may then send the requested software upgrade (e.g , requested data 1820} to a server DDX module 1806, In an embodiment server DDX module 1806 may convert the file into a format Uiat is capable of being sent through the secure channel established between the client device and the mobility server. In an embodiment.

sen or DDX module 1806 will break the large file into a plurality of data packets in oidci to ttampoit the file through the secuic channel

[00377] 4t a next step 1822, server DDX module 1806 may send a DDX file iiansibr statt to a client DDX module 18)2 via serve* DDP 1808 and client DDP 1810 In an embodiment, a DDX Me transfer start iefers to a notification between a ses vei DDX and a client DDX that a file is about to be sent I he DDX file Uansfer stait mav include basic sutbi matron about the incoming file such as, for example, name of the file file si/e, number of data packets that mav be sent the application that is requesting for the file, and the like

[00378] λt a next step i 824. client DDP 18 i 0 mav send a DDX .start response to .sen, er DD\

1806 in an embodiment, an RDDP module \\ ithm the DDP may be sending the DOX stait response

[ 00379] At a next step 1826, sei \ et DDX module 1806 may .send a fn st ODX data packet to client DDX module 1812 As described m Fig i 6. the DDX data message may first be sent to sen er

DDP 1808 I he DDX data message will be encapsulated as a SIP notif> message, m an embodiment, and sent through the secure channel over a StP control protocol and a UDP transport protocol On the client device, the DDX data message ma) be received by a client DDP 1810, which ma\ then toute the DDX data message to client DDK module 1812

[00380] At a next step 1828, upon seceiv sng the DDX data message, a DDP acknowledgement will be sent bv chent DDP 18 {0 In an embodiment, the RDDP module within client DDP 1850 will send the DDP acknow ledgement to mfoim ses\ ct DDX module 1806 that the incoming DDX data message has been teem ed successfully

[00381] Steps 1826 and 1828 may be ttei alive steps that mav be iepeafed until all DDX data packets and acknowledgements ha\ e been exchanged between the seiser and client DDX module

[00382] Once the last DDX data message and DDX acknowledgement have been sent, reiver

DDX module 1806 will send a DDX file hansfei end, at a next step 1830, to application chent 1814 to notify the application chent that all DDX data messages have been sent in an example, the DDX file transfer end may be sent ftom ser\ ei DDK module 1806 to sen & DDP 1808 to the chent device

[00383] The DDX file transfer end ma> be received by client DDP 1810 In an embodiment, the RDDP of client DDP 1810 mav send a DUP acknow ledgement to image manages 1802, at a next step 1832

[00384] Meanwhile, cl ient DDP I SIO may route the ODX file transfer end to client DDX module 1812, which will notify the application client 1814.

[00385 j As can be appreciated from Fig. 18, a new secure channel may not have to be established m order to request the software upgrade. Instead, the request for a software upgrade may be received and handled by the application sewer without having to establish a new secure channel.

As can also be seen. Pig. 18 shows how the architecture of the DDF may be employed to send data traffic in a secure and reliable manner that may enable the sender and the requestor the assurance that ali data packets for a requested file have been successfully received.

[00386] Fig. 19 shows, in an embodiment of the invention, a simple call flow illustrating a situation in which small control messages, such as those sent by control applications, may be sent.

In Fig, 1 ^< ->, the interaction between an application client and an application server may occur without a DDX module.

[00387] Consider the situation wherein, for example, a user of a client device wants to share his or her user presence (e.g , available, busy, phone call only, etc.).

[00388] At a first step 1914, a client presence manager J 9S 0 on a client device may send a presence preference setting to a server presence manager \ 902, In an example, client presence manager 1910 may send a presence preference setting (as a single DDP data packet) to a client DDP

! 908, which may then send the presence preference setting through a secure channel to a server DDP

1906.

[00389] Upon receiving the presence preference setting, server DDP 1906 may send a DDP acknowledgement, at a next step ! 918. In an embodiment, a RDDP module within the DDP may be sending the DDP acknowledgement. Meanwhile, server DDP 1906 will notify the server presence manager 1902 of the presence preference setting through device/user manager 1904,

[00390] Consider another situation wherein, for example, the same user wants to discover the presence status of another user.

[00391] At a first step 1922, client presence manager 1910 may send a presence query to client DDP 1908, which may send the presence query through the established secure channel to server DDP 1906. Upon receiving the presence query, server DDP 1906 will forward the query through device/user manager 1904 to server presence manager 1902, which may perform the requested query to retrieve the requested information.

[00392] At a next step 1928, server presence manager 1902 may send a presence response

{e.g.. requested stems data) to client presence manager 1910. Jn an example, the presence response may be sent from server presence manager {902 through device/user manager 1904 to server DDP 1906. Then, the presence response may be sent through the secure channel to client DDP 190S, which may then route the presence response to client presence manager 1910. [00393] As aforementioned. Fig. 18 and 19 show different examples of how DDP may be employed to manage the interaction between a plurality of data applications on a client device and a plurality of application serv ers managed by an enterprise, A mobility architectural arrangement with DDP establishes a single channel from which each of the application clients and the application servers may interact with one another Also, the architecture of DDP may be employed to send data traffic, in a secure and reliable manner that may enable the sender and the requestor the assurance that all data packets for a requested file have been successfully received.

[00394] Since the mobility architectural arrangement with DDP may now be the center of control, the mobility architectural arrangement with DDP may now coordinate the various activities that a user of a client handset may have previously individually managed, ϊn an example. Fig. 18 shows how DDP may be employed in managing the user's experience on the client device including, but are not limited to, software upgrade, device configuration, and user information management, hi another example, the DDP may manage a user's presence (as seen in Fig. 19} by allowing the user to share his status, thus enabling the system to manage incoming traffic and to allow others to see his or her status Sn yet another example, DDP may manage mobility by allowing the user to roam from one data network to another without haying to worry about session management [00395] As can be appreciated by the embodiment of the invention, a mobility architectural arrangement with DDP reduces the security risk by providing a single secure channel from which multiple applications on a client device may be able to communicate with a plurality of applications on an enterprise server. DDP is a versatile protocol that may be advantageously implemented independent of hardware and/or software limitations. Also, DDP is an adaptable protocol that may be manipulated to take advantage of a plurality of control and/or transport protocols. [00396] E. Divitas Protocol Proxy (DPP)

[ 00397] If c! tents for appl icaύons on the mobile handset access the enterprise resources directly, the enterprise firewall needs to be opened for multiple protocols. A method which

fabricated in accordance with one or more embodiment of the present invention allows the handsel based enterprise applications to make use of existing VoIP related connection in a secure manner. [00398] This invention ss implemented by devising a distributed protocol proxy. The distributed protocol proxy may be divided into two parts. One part resides on the mobile handset along wiili the VoIP client. The other part resides, inside the enterprise along with the VoIP server. [00399] As shown in the Fig. 7A-D the handset based VoIP client acts as a server for the different applications running on the handset This component makes use of existing VoIP related connection (e.g. SiP) to send the application pay load across to the enterprise. The server side proxy component is responsible for stripping the pay load and making connection to the actual enterprise servers The client and server side proxy components may further be sub-divided into multiple subcomponents Each subcomponent shall be responsible for proxy ing one protocol. [00400] Fig 7A shows a network architecture in accordance with one or more embodiments of the present invention and includes two network interfaces per host. Two paths are provided through the independent networks, one from interface CO to SO and another from Cl to Sl . in SCTP, these two paths would be collected into an association

[ ^" 004Oi ] Divitas "Thin Client" monitors the paths of the association using a built-in heartbeat; upon detecting a path failure, the protocol sends traffic over the alternate path. It may not be necessary for the applications to know that a faikner recovery occurred

[00402] Fatiover can also be used to maintain network application connectivity. For example, consider a laptop that includes a wireless 802 1 1 interface and an Ethernet interlace When the laptop is in its docking station, the higher-speed Ethernet interface would be preferred, but upon loss of connection (removal from the docking station), connections would be failed over to the wireless interface. Upon return to the docking station, the Ethernet connection would be detected and communication resumed over this interface. This is a powerful mechanism for prov iding high availability and increased reliability

[0(403 j In accordance with one or more embodiments of the present invention, a nmlti- homing scheme is implemented which provides applications with higher availability than those that use TCP A multi-homed host is one that has more than one netvsork interface and therefore more than one IP address for which the multi-homed host can be addressed. In TCP, a connection refers to a channel between two endpoints (in this case, a socket between the interfaces of two hosts)

[00404] Figs. ?B~D show how a thin client along with a counterpart of the thin client on the server has in affect created an efficient transport mechanism for conveying state information between handset and the server in accordance with one or more embodiments of the present invention. An example of an e-mail application (i.e., SMTP) is shown that uses the SlP ^■••• NOTIFY method to tunnel application layer packets without the knowledge of the SMTP application. This has advantages where the presentation layer application on the client does not have to be changed to provide session persistence.

[00405] Advantageously, using the above method for mobility applications, the enterprises may achieve a more secure and easy to manage enterprise mobility. This method also enables VoIP vendors to extend their mobility solution to different enterprise applications. [00406] Features and advantages of the present invention may be better understood with reference to the figures and discussions that follow.

[00407] Fig. 20 is a prior art example of an architectural arrangement in which each application on a handset is connected individually to a corresponding application server within an enterprise A handset 2000 may include a plurality of application clients including, but are not limited to, a DiVitas client 2002, a CRM (customer relationship management) application client 2006, and a mail application client 2008 The application clients may be independent of one another or may interact with one another via application protocol interfaces (APIs). In an example, application clients 2006 and 2008 may be interacting with DiVitas client 2002 via an API 2010 and an API 2012, respectively

[0040S] The application clients in handset 2000 may interact with application servers within an enterprise 2000. Enterprise 2090 may include a plurality of application servers including, but are not limited to, a DiVitas server 2022, a CRM application server 2026.. and a mail application server 2028. The application servers may be independent of one another or may interact with one another via APIs, in an example, application servers 2026 and 2028 may be interacting with DiVitas server 2022 via an API 2030 and an API 2032, respectively. Note that the purpose of the APIs is to enable the application to interact with one another. However, since each application is independent of one another, the interaction via the APIs is optional

[00409] Consider the situation wherein, for example, a stockbroker on handset 2000 may be communicating with his client via DiVitas client 2002, While conversing with his client, the

stockbroker may waist to have his client's portfolio readily available. In this example, the stockbroker may have to establish two different sessions. The stockbroker may establish a first session to enable him to converse with his client via Dt Vitas client 2002. To bring up the portfolio, the stockbroker may establish a second session by employing CRM application client 2006 to interact with CRM application server 2026, which is located behind a firewall 2040 within an enterprise 2090.

[0041Oj Sn a typical secure sockets layer (SSL) virtual private network (VPN) environment, for each channel that may have to be established, a network administrator may have to establish different configuration. In order to establish two different sessions, two separate secure channels may have to be established. In an example, a new mail application client has been added to a handset. In order to communicate with the mail application server, which is located within the firewall of an enterprise, the network administrator may have to create a new secure channel. Thus, in a typical SSL VPN environment, a user may have to establish multiple sessions, which may require multiple sign-on arid may cause the enterprise to be more susceptible to security risk. The SSL VPN environment is not only inconvenient for the user but this type of environment may also require more human resources to manage the security of the enterprise's network environment [0041 1 J To mi njmize the number of secure channels that may be created, an Internet Protocol

(IP) Security Gateway may be employed instead of an S ₁ SL. In an ϊP Security VPN environment, one or more application clients on a handset may interact with application servers via one secure channel by traversing through an JP Security Client 2014 and an IP Security Gateway 2030. To establish the secure channel, the user may first have to provide authentication data (e.g., user name, password, etc.). Once the secure channel has been established, the user may also be burdened with the responsibility of authenticating each tune a different application client is utilized. In other words, each application client may be individually configured to communicate with its corresponding application server via a different IP address.

[00412j In an example, CRM application client 2006 wants io interact with application server

2026. If a secure channel 2084 has not been established, then the user may have to first provide authentication data. Once secure channel 2084 has been established, the user may then have to provide additional authentication data in order to enable CRM application client 2006 to interact with CRM application server 2026.

[004 S 3 j tπ addition, a new secure channel and re-authentication may have to occur each Ume a session ss dropped In an example, if a user is mobile while in a session, the user may encounter a πsk of being accidentally dropped from a session if the connection is lost For example, a user, connected via a Wi-Fi network, may traverse outside of the Wi-Fi network The session may be dropped and the user may have to establish another session, .such as a cellular connection, for example. As a result, tiie user may become burdened with the inconvenience of establishing a new session and also may become frustrated with the limited mobility.

[00414] To show how an application client may interact with an application server, prior art

Fig 21 is provided. Fig. 21 is a prior art flow chart illustrating the method for enabling an application client to communicate with an application server in an IP Security VPN em ironment.

Fig. 21 is discussed in relation to Fig 20,

[ 004] 5] Consider the situation wherein, for example, a user of handset 2000 wants to employ mail application client 2008 to send an email.

[00416] At a first step 2102, email data traffic is sent to the application server. In an example, mail application client 2008 may send email data packets to mail application server 2028 within enterprise 2090.

[00417] At a next step 2104, the email data traffic is received by the IP Security Client 2014, which may perform a check to determine how to route the traffic. In other words, IP Security Chen!

2014 may analyze each packet to determine if the packet is intended for enterprise 2090 IP Security

Client 2014 may identify the recipient of the packet by analyzing the IP address and the port number that is located within the packet.

[00418] Sf the recipient of the email data traffic is not one of a plurality of application servers within enterprise 2090, then at a next step 2100, IP Security Client 2014 may either drop the traffic or may direct the email traffic to a server, which is not located inside enterprise 2090. How an email traffic that is not intended for an application server within enterprise 2090 is handled may depend upon how IP Security Client 2014 may have been configured to handle the non-en ierpnse data traffic.

[00419] if IP Security Client 2014 determines that the data traffic is intended for an application server that is located within enterprise 2090, then at a next step 2! 08, IP Security Client

2014 may encrypt each data packet before forwarding the data packet. The process of encryption

each data packet ma\ requite handset 2000 to ha\e sufficient CPC pioeessmg power Purifies , the lcquiremcnt that each data packet he enαvpted in an IP Security VPN em sronment mav cause latencv issue m a voice communication situation, such as a Voice ovet IP (VoIP) telecommunication session in other words. \ oice quality during the \-orce communication session mav be sc\ ereiv degraded resulting m a had \oice communication experience fe g , echo m the backgiound inaudible convetsaUon, etc }

[(!(42Oj λt a next step 2 J J 0, IP Security Client 2014 mav then send the encrypted ti affic to the intended application sen er along secure channel 2084 As mentioned above, a secuie channel has to be cieated each time a new application is being employed In an example, IP Secuutv Client

2014 mav send the enciypted bailie thiough a netw-oik 2Q5C) and a firewall 2040 to IP Secuπtv

Gatevvav 2030 of enterprise 20 ^c >0

[00421 ] At a next step 21 12, IP Secuutv Gateway 2030 may perform a check to deteinune how to route the tiaffie Similar to IP Secui itv Client 2014, TP Security Gateway 2030 mav analyze each packet to detettnme if the packet is intended for entetptise 2090

[00422] If by chance the data packet is not an encrypted IP security packet has been received. at a next step 2 H 4, IP Secuntv Gatewav 2030 may drop the packet

[0042?] If the data packet is an encrvpted IP secuπtv data packet, then at a next step 2116, IP

Sccuπtv Gateway 2030 mav dccrvpt the traffic

[00424] Once the packet has been decrv pted, IP Security Gateway 2030 may then analyze the packet to identrfv the IP address and pott number of the receiving application servei λt a next step

21 1 S, IP Secuπtv Gatewas 2030 rmry forwasd the data packet to the appropriate application serser

(e g , mail application server 2028}

[00425] ϊ he method descnbed in .steps 2102 through 21 18 is a continual ptoce,ss and mav be performed foi each packet that is being sent bv an application client

[ 00426] ϊ hei e as e s e\ ei ai the pr ior art In an example, a ditϊet ent configuration nia\ hase Io l>e performed for each new application client that ma\ be added to a user's handset λs new application client is added, the management of the vauous diffeient application clients and their corresponding application sewers may result in a more complex networking emnoomenl, winch may become costly to maintain Also, useis become burden with the responsibility of performing multiple authentications, thus reqυiπng the υseis to remember a

plurality of authentication data. Further, the benefit from operating within an IP Security VPN environment is diminished by requiring data traffic to be encrypted resulting in an increase cost in hardware (e.g., handset has to have sufficient CPU processing power) and increased latency, In addition, the user may become frustrated with the limited mobility that may be provided each time a session is lost and the user has to re-establish the connection and re-authenticate. [00427] In one aspect of Use invention, the inventors hereni realized that the prior art architectural arrangement of multiple authentications and/or multiple secure channels may be consolidated to create a single sign-on environment

[00428] In other words, the inventors realized that by configuring each application to direct its data traffic through a single application (e.g., DiVitas client) and a single server (e.g , Di Vitas server), data traffic from a plurality of applications may be sent via a single secure channel without requiring the user to perform multiple authentications. In addition, session loss may be substantially reduced without sacrificing mobility.

[00429] In accordance with the embodiments of the invention a mobility architectural arrangement is provided by implementing a DiVitas protocol proxy (DPP). In an embodiment, the DPP may include a client DPP and a server DPP,

[00430] In an embodiment of the im ention, the handset may include a mobility client (e.g.,

DiVitas client), which may include a client DPP to manage the connects ity between the handset and the mobility server (e.g , DiVitas server), in an embodiment of the invention, the mobility server may include a server DPP to manage the connectivity between the mobility server and the handset In an embodiment of the invention, the client and server DPP may include a plurality of sub- client 'server DPPs for managing different types of protocols (e.g., SlP, SMTP, etc K [ 00431 ] In an embodiment of the invention, a DPP enables the estab! ixhment of a single secure channel from which each application client may interact with its corresponding application server. Since each application is routing its data traffic through a common DPP, the DPP may now manage connectivity between tlie handset and the mobility server Connectivity information may include establishing a secure channel between the handset and the mobility server \ ia a control protocol, such as SIP (session initiation protocol). Connectivity information may be employed to determine when and how to connect the handset. In addition, connectivity information may also

include when to perform a handoff from one network to another network {e.g., from a Wi-Fi network to a cellular network), thereby enabling a seamless transition between different networks [00432] The features and advantages of the present invention may be better understood with reference to the figures and discussions that follow.

[00433] Fig. 22 shows, in an embodiment of the invention, a simple bioek diagram of a mobility architectural arrangement. In a mobility architectural arrangement 2200, a handset 2202 is interacting with a Di Vitas server 2218 (e.g. , mobility server ) within an enterprise 2216. Handset 2202 may include a DiVitas client 2204 (e.g., mobility client) and a plurality of application clients (2206 and 2208}. In an embodiment of the invention, DiVitas eiient 2204 may include a client DPP to manage the connectivity between the handset and the mobility server. [00434] Unlike the prior art, application client 2206 and application client 2208 are not configured to directly interact with their corresponding application servers (2220 and 2222). Instead, the various different configurations for each of the application clients may be simplified, in an embodiment, to direct all date traffic to a single local IP host 2210 (e.g., IP address of 127.0.0.1 ) that is associated with DiVitas client 2204. In other words, data traffic from application clients 2206 and 2208 may now be configured to be routed to DiVitas client 2204 via APIs 2212 and 2214. From DiVitas client 2204, all data traffic may then be routed through Di Vitas server 2218 within enterprise 22.16 via a network 2224 (e g., internet). Iti an embodiment of the invention, DiVitas server 2218 may include a server DPP to manage the connectivity between the handset and the mobility server. Once DiVitas server 2218 has received the data traffic, DiVitas server 2218 may then route the traffic appropriately to the corresponding application server (2220 and 2222} via an API (2232 and 2234).

[00435] Consider the situation wherein, for example, a user of handset 2202 wants to send an email by employing application client 2206. Since application client 2206 has been configured to send all data traffic to local host 2210, the data traffic from application client 2206 is sent via API 2212 to local IP host 2210, which is associated with DiVitas client 2204. [00436] Upon receiving the traffic from application client 2206, DiVitas client 2204 may encapsulate the traffic inside a SlP Notify Message using a DiVitas Data Exchange (DDX), As discussed herein, DUX refers to a protocol for transporting data packets between a handset and a

sen or In encapsulating the data packet the DDX add a new tag which add information about the application client that is sending the data traffic

[00437] Unlike the pnor art not all data packets as c encrypted Instead whethct or not a data packet is encrypted ma\ depend upon the prefeience as dictated by the application client hi an embodiment of the the newly added DDX is encrvpted Once the data packet has been encapsulated inside the SlP Notify Message, the encapsulated data packet mav now be forwarded along a secuie channel 2250 which include tiaveising thtυugh netwoik 2224 to be b> DiVitas sener 2218 Note that if the ernes pπse is piotected modules (e g , firewall 2226), then the data packet mav also ha\e to through one oi mote secuut\ modules [00438] Once the data packet has been lecerved b\ D i\ itas sen ei 2218, itas sen ei 2218 ma> emplos the DDK tag to the location of the application reiser In an example, the DDX tag raa> include an identification number (e g MAC addtess, port addtess), which may indicate which application sei \ cr (e g application s,cr\ cr 2220) within the enterpi ihc JS the intended recipient of the data packet

[00439] In an embodiment, a mobility aschitcctuiaS arrangement mav manage the connectn it\ between the handset and the mobility NCγ\ er In an embodiment the mobility ai chnectural arrangement mav emplov a control protocol that is commonK utilized b> a handset, such as SlP foi example

[00440] In a mobiiitv aichitectural anangement, the user may onlv ha\e to pcifortn the manual authentication once in ordei to establish the secure channel In othet vvoids, once a secure channel ha;> been c^tibhshed between the handset and the niobihty seixei, anothei secure channel does not to be established each tune an application client (220o and 2208) wants to interact with an application serves (2220 and 2222}

[(!(44Ij Sn an embodiment, the mobility architectuial aπaπgement mas also include a database which ma> include authentication data foi each application client ϊhus each time a different application client is enipkned m an embodiment, the inobiliU architectural attangεment mas utilizes the authentication data that is specific to the application which may be stoied in the database to automatically authenticate the usei frrom the perspective of the υsei, the mobility aidutectural auangement is essentially a single sign-on ironment

[00442] Advantageously, the mobility architectural arrangement substantially streamlines the time and effort a network administrator may have to spend in configuring each application client. Instead of having to create a new secure channel each time a new application client is added to a handset, the network administrator may substantially eliminate this process by just configuring each of the application clients to interact with a local host. Further, with a single sign-on, the network administrator may be able to substantially reduce tlie time and cost associated with managing security.

[00443] The mobility architectural arrangement may be implemented as a rich or thin client.

Fig 23 shows, in an embodiment of the invention, a block diagram illustrating the mobility architectural arrangement as a rich client. As discussed herein, a rich client refers to a mobility architectural arrangement m which the client DPP and server DPP not only manage the various different applications but may also provide support for at least one or more application client functionality (e.g , a voice application client, an instant, messaging application client, email application client, etc }.

[00444] Consider the situation wherein, for example, a user of a handset 2302 wants to employ a mail application client 2310 {e.g.. Microsoft's) Outlook, etc ) to retrieve an e-mail from a mail application server 2326 (e g., Microsoft® Exchange Server, etc) that is located within an enterprise 2318. Fig 23 will be discussed in conjunction with Fig 24 Fig. 24 shows, in an embodiment of the invention, a simple flow chart illustrating an example of a method for employing a mobility architectural arrangement.

[00445] At a first step 2402, application client may send data traffic to a local host of a

DiYifas client In a mobility architectural arrangement, application client 2310 has been configured to route its data traffic through a local host 2308, which is located within a Di Vitas client 2304. In an example, application client 2310 may send an SMTP {simple mail transfer protocol) data packet 2312 over TCP-IP to DiVitas client 2304 via an API 2350. SMTP data packet 2312 may be received by an SMTP proxy client 2306 (e.g , sub-client DPP), which is located at DiVitas client 2304 [00446] In an embodiment, a client DPP may include a plurality of sub-client DPPs. The type of proxy client that may be employed to handle the data traffic may depend upon the type of application client Sn an embodiment of the invention, the data packet may include a port number, which is unique to an application client, in an example, SMTP data packet 2312 includes the

foil oxMng data 127 0 0 S 25 In this example, the tmmbes 127 0 0 1 ts an IP address which ϊS specific to local host 23(KS and the number 2^ refcts. to a port numhei which m this example is associated with SMTP ptoxv client 2306

[00447] At a next step 2404, the data traffic mav be encapsulated as a SlP Notify Message with a DDX tag In othci upon leceivmg data packet 23 i 2, DiViias _* client 2304 iefornut SMTP data packet 2312 into a SiP data packet 2330 (such as a SlP Notify Message) that is transferable ox ei the handset's contioi protocol such as- SlP In an embodiment ot the indention SIP data packet 2330 may include the ongmal data packet (e g . data packet 2312) vuth a DDX Ueadei 233Oa and a SIP headet 233Ub As aforementioned, the DDX headei mav include a unique identification nυmbei that JS unique to an application seivei in an embodiment of the invention, the unique identification number ma\ be generated based on the port mimbei that was included in the SM Iψ data packet Ia an embodiment of the invention, an additional tag ma\ be included tn the foi matted data packet to identify how the tbi matted data packet mav be transposed Jn an example, tiansport protocol tag 2330c mav be a I DP-IP ttansport tag

[00448] In an embodiment of the m\ ention, one or more parts of SIP data packet 21 M ⁾ may be encrj pted Jn an embodiment, the DDX part is enm pted even if the rest of the data packet is not [00449] At a next step 2406, the Di\ itas client ma> send the data packet to the Di Vitas sen ei

Once data packet 2312 has been reformatted into SlP data packet 2310 {e g encapsulated as a SlP Notitv Message), SlP data packet 2130 mav be sent \ia a secure channel 21S0 through a netwoik 23 ! 4 and/ ot a firewall 2316 to a Di\ itas sen er 2320

[00450] At a next step 2408, the Qiλ ^' jtas ^en es max check to determine if the incoming data packet is a SlP N'otity Message If the incoming data packet ss not a SIP Message, then at a next step 241 ϋ the data packet be diυpped

[(A »4*5 Ij Howev er, if the incoming data packet is> a SlP Notsf> Message, then at a next step

2412, the Dλ itas seiv ei ina> identify the iutended pϊoxv seivei bv checking the DDX tag In an embodiment the DiYitas setver mav have to decivpt the DDX packet in Oidei to lead the rafoimatioα stoied m the DDX packet In an example based on the unique identification nutnbei in the DDX tag, Di Vitas sen ei 2320 knows to ioute data packet 2330 to SM I P proχ> senei 2322 In an embodiment of the inv ention, a senei DPP mav include a plurality of sub-sen et DPPs In an

embodiment of the invention, the type of proxy server that may handle the incoming traffic may depend upon the type of data traffic.

[00452 j At a next step 2414, the data packet may be routed to the proxy server. Since SlP data packet 2330 is an SMTP data packet, formatted data packet is handled by SMTP proxy server

2322 (e.g., sub- server DPP), which is located inside DiVitas server 2320.

[00453] At a next step 2416, the data packet is routed to the intended application server. In an embodiment of the invention. SMTP proxy server 2322 may convert SϊP data packet 2330 into a format that is acceptable by the receiving application server. In an example, SlF data packet 2330 may be converted from a SIP notify message into an SMTP data packet 2328. Also, the DDX part may be dropped. Further, the transport protocol may be changed from UDP-IP to TCP-IP, which may be better employed to deploy email data traffic to the respective application server (e.g., mail application server 2326} via API 2332.

[00454] The method steps described in Fig. 24 does not show the encryption and/or decryption of a data packet. In an embodiment, the data packet may be sent without being encrypted. The requirement for encryption may be optional and may depend upon the user's requirement In an embodiment part or the entire data packet may be encrypted. In an example, the

DDX part may be encrypted but the rest of the data packet may remain unencrypted The optional encryption enables less processing power to be utilized and a decrease in latency that is usually associated with encrypted data packets.

[00455] As can be seen from Fig. 23 and 24, the rich mobility architectural arrangement may act as a mobility manager enabling application clients of a handset to interact with application servers within a single sign-on environment. Further, the rich mobility architectural arrangement may include functionality for converting data packets from a variety of applications into data packets that are capable of being transported by the control protocol and transport protocol that is specific Io the secure channel that has been established.

[00456 j In an embodiment of the invention, the mobility architectural arrangement may be implemented as a thin client, as shown in Fig. 25. In a thin mobility architectural arrangement, the client DPP and the server DPF may be employed only as mobility managers (e.g., manage the connectivity for the applications) and may not provide support for at least one or more application functionalities.

[00457 j Consider the situation wherein, for example, a user of a handset 2500 wants to cali a friend. The user may employ a telephone application client 2508 (e g.. VoIP, etc.) to make bis telephone call Assume in this example that a secure channel 2550 has already been established between a Di Vitas client 2502 and a DiVitas server 2518, which is located within enterprise 2530. [00458| To establish the telecommunication session, telephone application client 2508 may send a data packet 2512 (e.g., SIP/UD-iP) to a local host 2550 within Di Vitas client 2502 via an API 2552. As mentioned above, a plurality of proxy clients may reside within DiVitas client 2502 to support the various different application clients. In an example, a SlF proxy client 2504 may be located within DiVitas client 2502 to handle data packets from telephone application client 2508. [0045*?] Upon receiving data packet 2512, SϊP proxy client 2504 may analyze the data packet to determine how to route the packet. As aforementioned, the data packet that may be sent to a DiVitas client may include a port number (e.g., 5060, etc.) that may be unique to an application server With this information, DiVttas client 2502 may route date packet 2512 through a network 2514 and a firewall 2528 to DiVitas server 2518. in an embodiment, a data packet does not have to be converted if the data packet is already in a format that is mutable by a DiVitas client. In an example, data packet 25 i 2 is in a S1P/UDP4P format which is the format that DiVitas client 2502 may employ to route its data traffic

[00460] tn an embodiment, a plurality of proxy server may reside within a DiVitas server. In an example, a SIP proxy server 2532 may reside within DiVitas server 2558 to manage the incoming data traffic from telephone application client 2508 Since data packet 2512 has been sent from telephone application client 2508, the data packet is handled by SlP proxy server 2532. Upon receiving data packet 2512, SlP proxy server 2532 may forward data packet 2512 along a path 2522 to a destination telecommunication device (e.g., telephone, etc ) via a telephone gateway 2520 (e.g., PSTN, GSM, CDMA, etc.). Once a telecommunication session has been established between handset 2500 and the destination telecommunication device, the other data packets 2562 (e.g., RTF data packets, etc) that may be sent by telephone application client may be sent along a path 2560 through secure channel 2550 to Di Vitas server 2518 without having to go through DiVitas client 2502.

[00461 ] In a thin mobility architectural arrangement, the purpose of establishing a telecommunication session with the aid of a DiVitas client is to enable the application client to take

advantage of the mobility functionality of the DiVitas client. In other words, a control center lias been established between the DiVitas client and the DiVitas server to monitor the connectivity of the application client. By establishing this relationship, the DiVttas client and the DiVitas server may be able to share its connectivity status and be able to seamlessly handle roaming when the situation arises.

[00462] In an example, the user in the above situation is currently connected through a Wi-Fi network. During the telephone conversation, the user may roam outside of the Wi-Fi network. In the prior art, the connection may be dropped and the user may have to rediaS, However, in a mobility architectural arrangement, the connectivity status of the user's handset lias, been monitored and the DiVitas client and DiVitas server may perform a seamless network switch (e.g., from Wi-Fi to a cellular network) without the user being aware of the change.

[00463] Advantageously, a thin mobility architectural arrangement may be implemented by an enterprise that may have already invested a large sum of money into a plurality of application and may only need a mobility' manager. Thus, the enterprise may be able to take advantage of the mobility manager capability of the mobility architectural arrangement without having to restructure its telecommunication infrastructure.

[00464] As can be appreciated from embodiment of this present invention, the mobility architectural arrangement with DPP provides a mobility manager capable of streamlining the telecommunication infrastructure In other words, the mobility architectural arrangement provides a single sign-on environment. In an example, instead of multiple secure channels into an enterprise, the same functionality may be achieved with a single secure channel. With a single sign-on environment, the cost and effort of managing the telecommunication infrastructure may be substantially reduced. Further, the mobility architectural arrangement enables connectivity to be monitored and seamlessly handled without negatively impacting the user's telecommunication experience.

[00465] F. Conclusion

[00466] Whtle this invention has been described in terms of several preferred embodiments, there are alterations, permutations, and equivalents which fall within the scope of this invention. It should also be noted that there are many alternative ways of implementing the methods and apparatuses of the present invention. Furthermore, embodiments of the present invention may find

utility in other applications. The abstract section is provided herein for convenience and, due to word count limitation, is accordingly written for reading convenience and should not be employed to iirαiϊ the scope of the churns. It is therefore intended that the following appended claims be interpreted as including all such alternations, permutations, and equivalents as fail within the true spirit and scope of the present invention.