公开(公告)号：EP3394848A1

公开(公告)日：2018-10-31

申请号：EP16707662.9

申请日：2016-02-17

申请人： NEC Europe Ltd. ,  UNIVERSITÄT MANNHEIM

发明人： BOHLI, Jens-Matthias ,  KARAME, Ghassan ,  ARMKNECHT, Frederik

IPC分类号： G09C1/00 ,  G06F3/06 ,  H04L9/00 ,  H04L29/06

CPC分类号： H04L9/008 ,  G06F17/30 ,  G06F21/6218 ,  G06F21/64 ,  G09C1/00 ,  H04L63/0428

摘要： The present invention relates to a method for storing data on a storage entity (SE), comprising the steps of: a) computing a file identifier for a file to be stored on said SE; b) checking, by said SE, if the file has already been stored using said file identifier; c) generating a user-specific private and a user-specific public identifier; d) updating or computing tags of said file by said client such that said updating or computing is homomorphic in the user-specific private identifier and in parts of said file; e) providing said user-specific public identifier said updated tags and a proof of possession of said secret identifier to said SE by said client; f) verifying by said SE, said proof-of-possession; g) verifying validity of said tags; h) upon successful checking storing a public identifier for said file incorporating said user-specific public identifier and said updated tags by said SE; i) if the file has not already been stored, storing said file by said SE.

公开(公告)号：EP3213559A1

公开(公告)日：2017-09-06

申请号：EP14828029.0

申请日：2014-12-19

申请人： NEC Europe Ltd.

发明人： ROST, Peter

IPC分类号： H04W36/10 ,  H04W88/08

CPC分类号： H04W36/24 ,  G06F9/455 ,  H04W36/0069 ,  H04W36/10 ,  H04W36/22 ,  H04W88/04 ,  H04W88/085

摘要： A method for operating a centralized radio access network (C-RAN) having a plurality of base stations, wherein at least a portion of base station processing is performed at a centralized processing entity, and wherein a virtualized environment is provided by the centralized processing entity such that the plurality of base stations run in virtual machines, includes relocating base station processing from a first virtual machine that performs base station processing for a first base station that serves an initial cell to a second virtual machine by: introducing a target cell for which the second virtual machine performs base station processing, simultaneously transmitting, via at least a portion of antennas of the first base station, signals for both the initial cell and the target cell, and handing over user terminals that are assigned to the initial cell to the target cell.

摘要翻译： 一种用于操作集中式无线电接入网C-RAN的方法，其中所述网络（1）包括多个基站（BS_A，BS_B），其中基站处理的至少一部分在集中式处理实体（ ，其中在所述集中式处理实体（7）处提供虚拟化环境，使得在虚拟机（VM1，VM2）中运行的所述基站（BS_A，BS_B）的特征在于：将基站处理从第一 通过引入另外的小区 - 目标小区（VM2）来执行对第二虚拟机（VM2）执行服务于特定小区初始小区（CiBS_A）的给定基站（BS_A）的基站处理的虚拟机（VM1） （CBS-A）和所述第二虚拟机（VM2）执行基站处理的所述基站（BS_A）的至少一部分天线同时发送所述初始小区（CiBS_A）和 所述目标小区（CiBS_A）， 并将分配给所述初始小区（CiBS_A）的用户终端（UE1，...，UEn）切换到所述目标小区（CtBs_A）。 此外，描述了用于部署在C-RAN中的集中式无线电接入网络，C-RAN和基站。

公开(公告)号：EP3202080A1

公开(公告)日：2017-08-09

申请号：EP14789186.5

申请日：2014-09-30

申请人： NEC Europe Ltd.

发明人： KARAME, Ghassan

IPC分类号： H04L9/06

CPC分类号： H04L9/0637 ,  G06F17/142 ,  H04L9/0643 ,  H04L2209/08

摘要： A method for at least partially updating encrypted data stored on one or more servers includes dividing the encrypted data into equal sized chunks; encrypting each chunk using an all-or-nothing encryption scheme (AONE) with an encryption key, wherein an additional randomness per chunk is embedded into the AONE; outputting a plurality of ciphertext blocks for each chunk; storing the encrypted chunks on the one or more servers such that an i-th ciphertext block of each encrypted chunk is stored on an i-th server, wherein a result of a predetermined function performed on the randomness for all encrypted chunks is stored with each encrypted chunk; determining one or more chunks to update; reverting the predetermined function by accessing all the encrypted chunks; decrypting the one or more Chunks to update based on the result of, updating the decrypted chunks; re-encrypting the updated decrypted chunks, and storing the re-encrypted chunks.

摘要翻译： 包括以下步骤：a）将包括第一数量的m个明文块的数据划分成 第二数目N的相等大小的组块，其中所述第二数目基于将在其上存储所述数据的服务器的数目，使得每个组块包括m / N个块的明文块，b）使用所述块中的每一个加密 具有加密密钥的全或无的加密方案，其中每块的附加随机性被嵌入全或无的加密方案中，并且为每个块输出多个密文块，c）将加密的块存储在 N个服务器，使得每个加密组块的第i密文块被存储在第i个服务器上，并且其中针对所有加密组块的所述随机性执行的预定功能的结果与每个加密的chu一起被存储 d）确定如果有的话需要更新的一个或多个组块的一个或多个部分e）通过访问所有组块来恢复所述功能以获取所述确定的一个或多个组块的随机性，f）基于所述确定的块 根据步骤e）的结果，g）更新解密的块，h）使用所有或不加密的加密方案重新加密更新的块，以及i）根据步骤c）存储重新加密的块。

公开(公告)号：EP3201709A1

公开(公告)日：2017-08-09

申请号：EP14790012.0

申请日：2014-09-30

申请人： NEC Europe Ltd.

发明人： ALESIANI, Francesco

IPC分类号： G05D1/02

CPC分类号： G01C21/20 ,  G01C21/00 ,  G05D1/0212 ,  G05D1/0217

摘要： A method for determining a path of an object for moving from a starting node representing a starting state to an end state includes a) determining a plurality of child nodes to a parent node, b) checking whether transitions from the parent node to each of the child nodes are free of obstacles and excluding partial paths that are not free of obstacles, c) computing a cost value for each of the non-excluded partial paths, d) adding the computed cost value to a cost value from the starting node to the parent node, e) adding an estimated or expected cost value for a partial path from each of the child nodes to an end node representing an end state, f) determining a lowest overall cost value and selecting a new parent node, and g) repeatedly performing steps a)-f) until at least one termination condition is fulfilled.

摘要翻译： 用于确定从表示开始状态的开始节点移动到结束状态的对象的路径的方法包括a）确定多个子节点到父节点，b）检查是否从父节点转换到每个 子节点没有障碍物并且排除了没有障碍物的部分路径，c）为每个未排除的部分路径计算成本值，d）将计算的成本值添加到从起始节点到成本值的成本值 e）为从每个子节点到代表结束状态的末端节点的部分路径添加估计或期望的成本值，f）确定最低总成本值并选择新的父节点，以及g）重复 执行步骤a）-f）直到满足至少一个终止条件。

公开(公告)号：EP3167633A1

公开(公告)日：2017-05-17

申请号：EP14781820.7

申请日：2014-09-11

申请人： NEC Europe Ltd.

发明人： JACOBS, Tobias ,  KOVACS, Ernoe

IPC分类号： H04W4/02 ,  H04W68/12

CPC分类号： H04W4/021 ,  G01S1/00 ,  G01S5/02 ,  H04L69/08

摘要： The present invention relates to method for realizing a geofence scenario with a system according to at least the OMA NGSI 9/10 standard – NGSI-system -, wherein the NGSI-system provides a NGSI subscription operation for subscribing NGSI-entities for notifications, wherein said geofence scenario is defined at least by at least a geofence object set comprising mobile objects, at least a geofencing set comprising one or more geofences and one or more geofence predicates for mathematically combining a geofence object set and a geofencing set, which result includes at least the values true and false, wherein when the predicate changes from the value false to the value true is considered an ENTER geofence event, and wherein when the predicate changes from true to another value is considered a LEAVE geofence event, wherein for subscribing to geofence event notification according to the NGSI subscription protocol a) the geofence scenario is specified as NGSI operational scope for the NGSI subscription and/or b) the geofence scenario is included as one or more attributes of a NGSI entity for the NGSI subscription.

摘要翻译： 本发明涉及用于根据至少OMA NGSI 9/10标准 - NGSI系统实现地理围栏场景的方法，其中NGSI系统提供用于订阅NGSI实体以用于通知的NGSI订购操作，其中 所述地理围栏场景至少由至少包括移动对象的地理围栏对象集合，至少一个地理围栏组包括一个或多个地理围栏和一个或多个地理围栏谓词用于在数学上组合地理围栏对象组和地理围栏组，所述结果包括at 其中当谓词从值false改变为值true时被认为是ENTER地理围栏事件，并且其中当谓词从真值改变到另一值时被认为是LEAVE地理围栏事件，其中为了订阅地理围栏 根据NGSI订阅协议的事件通知a）地理围栏情景被指定为NGSI的NGSI操作范围 和/或b）地理围栏场景被包括为NGSI订购的NGSI实体的一个或多个属性。

公开(公告)号：EP3167399A1

公开(公告)日：2017-05-17

申请号：EP14805501.5

申请日：2014-11-04

申请人： NEC Europe Ltd.

发明人： KARAME, Ghassan ,  KLAEDTKE, Felix

IPC分类号： G06F21/62 ,  H04L9/00

CPC分类号： H04L9/0847 ,  G06F21/60 ,  G06F21/602 ,  G06F21/62 ,  G06F21/6218 ,  G06F21/6227 ,  H04L9/08 ,  H04L9/0861 ,  H04L9/088 ,  H04L9/0894 ,  H04L2209/08

摘要： A method for providing encrypted information by an information entity to one or more operating entities, the information entity having a database for storing encrypted information and the one or more operating entities being configured to operate on the encrypted information, wherein the encrypted information is stored encrypted with an encryption key known to the one or more operating entities includes performing, by an operating entity, a request on the encrypted information, wherein plaintext information to be stored encrypted is provided in tuples, each having ID information, one or more fields with field information specifying the fields, and values, wherein at least the values are encrypted with non-deterministic order preserving encryption with at least one encryption key such that each plaintext value is encrypted into a set of encrypted values, and wherein the set of encrypted values is partitioned into a left set and a right set.

摘要翻译： 本发明涉及一种用于通过信息实体提供加密信息的方法，该信息实体具有用于存储信息到一个或多个操作实体的数据库OE用于对所述存储的加密信息进行操作，其中数据库中的信息被加密存储 其中所述加密密钥对于所述OE是已知的，并且其中所述OE的请求是对所述加密信息执行的，其中要加密存储的所述明文信息以元组形式提供，每个元组具有id信息，一个或多个 其中至少所述值用具有至少一个加密密钥的非确定性顺序保留加密-ND-OPE加密，使得每个明文值被加密成一组加密值 - SEV-，其中所述SEV被分割成左集合LS和右集合RS-，其中LS中的每个元素是sm 并且其中每个所述元件在解密时产生对应的明文值，优选地，其中LS和/或RS以左区间-L1-和右区间-RI-的形式提供，以及 其中每个值通过使用LS或RS中的至少一个被加密存储。

公开(公告)号：EP3123667A1

公开(公告)日：2017-02-01

申请号：EP14741822.2

申请日：2014-06-26

申请人： NEC Europe Ltd.

发明人： BIFULCO, Roberto

IPC分类号： H04L12/26 ,  H04L12/24 ,  H04L29/08

摘要： A method for monitoring a status in a form of presence and/or absence of a subscribed network entity in a network by a presence service, wherein the network is a software defined network having one or more forwarding elements being configurable for recognizing and applying one or more actions on packets being forwarded by the forwarding elements and one or more network entities, includes monitoring the status of the subscribed network entity. The monitoring the status of the subscribed network entity includes providing the presence service with a status update of the selected network entity only when at least one of the one or more forwarding elements, to which the selected network entity is directly connected, has detected a change in the presence status of the subscribed network entity; and dropping packets of the subscribed network entity destined for the presence service.

摘要翻译： 一种用于监测在由存在服务的网络中的订阅的网络实体的存在和/或不存在的形态的状态，worin网络方法是具有一个或多个转发元件可配置用于识别和施加一个或一个软件定义网络 上分组多个动作由转发元件和一个或多个网络实体被转发，包括监测所订阅网络实体的状态。 所订阅的网络实体的监控状态包括提供具有只有在其所选的网络实体直接连接在一个或多个转发元件中的至少一个，所选择的网络实体的状态更新状态信息服务，已检测到变化 订阅的网络实体的存在状态; 和滴往存在服务订阅的网络实体的分组。

公开(公告)号：EP3078216A1

公开(公告)日：2016-10-12

申请号：EP13811825.2

申请日：2013-12-05

申请人： NEC Europe Ltd.

发明人： BOHLI, Jens-Matthias ,  KARAME, Ghassan ,  LI, Wenting ,  DOBRE, Dan

IPC分类号： H04W12/02 ,  G06F21/62 ,  H04W4/02

CPC分类号： H04W12/02 ,  G06F21/602 ,  H04W4/021

摘要： A method for preserving privacy within a communication system, wherein a location-based service concerning an area of interest is provided for at least one user by a database server and wherein location information represented by coordinates of objects and/or users and/or areas and/or queries, made to the location-based service, is concealed, includes concealing the location information by transforming coordinates by first splitting the area of interest up in tiles for providing at least one tiling of the area of interest, and then permuting the tiles by a pseudo-random permutation process.

公开(公告)号：EP3072259A1

公开(公告)日：2016-09-28

申请号：EP14737172.8

申请日：2014-06-17

申请人： NEC Europe Ltd.

发明人： KLAEDTKE, Felix ,  KARAME, Ghassan ,  BIFULCO, Roberto

IPC分类号： H04L12/24

CPC分类号： H04L41/06 ,  H04L47/2483 ,  H04L69/22

摘要： A method of providing access control for a software defined network (SDN) controller, wherein said controller (4), upon receiving a trigger event from the data plane (1) of said software defined network, triggers one or more applications (6) that are installed to run at the control plane (2) of said software defined network atop said controller (4) to react to said trigger event, is characterized in that said controller (4), before triggering applications (6) due to a trigger event, applies a conflict resolution scheme comprising the steps of defining flow spaces on the basis of packet headers and assigning each flow space a priority, determining all flow spaces that are affected by said trigger event and selecting from these flow spaces a single flow space having assigned a priority that complies with a predetermined policy, and determining, from the applications related to said selected flow space, a single application – master application – according to predefined criteria and triggering, in addition to said master application, only those applications whose reactions to said trigger event do not conflict with said master application. Furthermore, a corresponding software defined network (SDN) with access control and a corresponding SDN controller are disclosed.

摘要翻译： 提供对软件定义网络（SDN）控制器的访问控制的方法包括在从软件定义的网络的数据平面接收到触发事件时由SDN控制器触发一个或多个安装在控制平面上运行的应用程序 在SDN控制器顶部的软件定义网络对触发事件作出反应，由触发事件触发应用程序之前由SDN控制器应用冲突解决方案。 冲突解决方案包括定义流动空间并将每个流动空间分配给优先级，从这些流动空间中选择符合预定策略的单个选定的流动空间，根据预定义的标准确定单个主应用程序，以及触发除了 主应用程序，只有那些对触发事件的反应与主应用程序不冲突的应用程序。

公开(公告)号：EP2994903A1

公开(公告)日：2016-03-16

申请号：EP14707949.5

申请日：2014-02-05

申请人： NEC Europe Ltd.

发明人： GKIOTSALITIS, Konstantinos ,  ALESIANI, Francesco

IPC分类号： G08G1/01

CPC分类号： G08G1/0145 ,  G06N3/126

摘要： A method for motorway speed control comprises the steps of splitting the motorway into a number of stretches, wherein each stretch includes one or more variable speed limit (VSL) sites that are configured to indicate VSL control settings in form of discrete speed values, defining an initial solution space of each stretch including all possible combinations of VSL control settings, and shrinking the initial solution space of each stretch by applying constraint-based and/or macroscopic traffic analysis-based reduction schemes, and based on the resulting residual solution space, evaluating a combination of VSL control settings as a solution combination for being indicated by said VSL sites of the respective stretch by performing an iterative solution search in which macro-simulations together with a limited number of micro-simulations are applied on selected candidate subsets of combinations of VSL control settings.