公开(公告)号：EP2266334B1

公开(公告)日：2018-12-26

申请号：EP09728383.2

申请日：2009-03-30

申请人： Nokia Technologies Oy

发明人： FORSBERG, Dan, Lars, Anders ,  NIEMI, Pentti Valtteri ,  BLOMMAERT, Marc

IPC分类号： H04W12/04 ,  H04L29/06

CPC分类号： H04W12/04 ,  H04L9/083 ,  H04L9/0866 ,  H04L63/062 ,  H04L2209/80 ,  H04L2463/061 ,  H04W36/08

摘要： A method, apparatus and computer program product are provided to provide cryptographical key separation for handovers. A method is provided which includes calculating a key based at least in part upon a previously stored first intermediary value. The method also includes calculating a second intermediary value based at least in part upon the calculated key. The method additionally includes sending a path switch acknowledgement including the second intermediary value to a target access point. The method may further include receiving a path switch message including an indication of a cell identification and calculating the encryption key based upon the indication of the cell identification. The method may further include storing the second intermediary value. The calculation of the key may further comprise calculating the key following a radio link handover. Corresponding apparatuses and computer program products are also provided.

公开(公告)号：EP2756649B1

公开(公告)日：2018-08-01

申请号：EP12783691.4

申请日：2012-09-12

申请人： Qualcomm Incorporated

发明人： HO, Sai Yiu Duncan ,  QUICK, JR., Roy Franklin ,  MOHANTY, Bibhu Prasad ,  COHEN, Etan Gur

IPC分类号： H04L29/06 ,  H04L9/08

CPC分类号： H04L9/14 ,  H04L9/0861 ,  H04L63/06 ,  H04L2463/061

摘要： Security keys are typically needed to communicate with various network communication protocols of a mixed communication network. Herein, a protocol-specific key for a particular network communication protocol is generated based upon a result of a hash operation that includes a network key associated with the mixed communication network and information corresponding to the particular network communication protocol. Interoperability of multiple devices in the mixed communication network is made possible when the multiple devices generate (i.e. derive) protocol-specific keys using the same network key and common information corresponding to particular network communication protocols.

公开(公告)号：EP3331216A1

公开(公告)日：2018-06-06

申请号：EP18153168.2

申请日：2014-07-07

申请人： NEC Corporation

发明人： ZHANG, Xiaowei ,  PRASAD, Anand Raghawa

IPC分类号： H04L29/06 ,  H04W4/70 ,  H04W12/04 ,  H04W88/16 ,  H04W4/08 ,  H04W12/06

CPC分类号： H04L63/065 ,  H04L63/062 ,  H04L63/083 ,  H04L2463/061 ,  H04L2463/062 ,  H04W4/08 ,  H04W4/70 ,  H04W12/04 ,  H04W12/06 ,  H04W88/16

摘要： In order to improve security upon distributing a group key, there is provided a gateway (20) to a core network for a group of MTC devices (10_1-10_n) communicating with the core network. The gateway (20) protects confidentiality and integrity of a group key, and distributes the protected group key to each of the MTC devices (10_1-10_n). The protection is performed by using: a key (Kgr) that is preliminarily shared between the gateway (20) and each of the MTC devices (10_1-10_n), and that is used for the gateway (20) to authenticate each of the MTC devices (10_1-10_n) as a member of the group; or a key (K iwf) that is shared between an MTC-IWF (50) and each of the MTC devices (10_1-10_n), and that is used to derive temporary keys for securely conducting individual communication between the MTC-IWF (50) and each of the MTC devices (10_1-10_n).

公开(公告)号：EP2174459B1

公开(公告)日：2018-04-11

申请号：EP08763432.5

申请日：2008-07-01

申请人： Koninklijke Philips N.V. ,  Philips Intellectual Property & Standards GmbH

发明人： GARCIA MORCHON, Oscar ,  BALDUS, Heribert ,  HUEBNER, Axel, Gunther

IPC分类号： H04W12/04 ,  H04L29/06 ,  H04L29/08 ,  G06F19/00 ,  H04W84/18

CPC分类号： H04L63/061 ,  G06F19/00 ,  G06F19/3418 ,  H04L67/12 ,  H04L2463/061 ,  H04W12/04 ,  H04W84/18

摘要： A method, wireless system and a wireless device provide multidimensional identification, authentication, authorization and key distribution providing secure communications at a deepest common security domain.

公开(公告)号：EP3136763B1

公开(公告)日：2018-03-07

申请号：EP16158400.8

申请日：2012-12-13

申请人： Huawei Technologies Co., Ltd.

发明人： ZHANG, Dongmei ,  CHEN, Jing ,  CUI, Yang

IPC分类号： H04W12/04 ,  H04W76/02 ,  H04W88/06 ,  H04W88/10 ,  H04L29/06

CPC分类号： H04L63/0485 ,  H04L2463/061 ,  H04W12/04 ,  H04W76/15 ,  H04W88/06 ,  H04W88/10

摘要： Embodiments of the present invention provide a method and a device thereof for generating an access stratum key in a In the communication system, a user equipment UE accesses a core network via a first network-side device by using a first air interface and connects to the first network-side device via a second network-side device by using a second air interface to access the core network. The method includes: acquiring, by the network-side device, an input parameter; calculating, by the network-side device, an access stratum root key KeNB* according to the input parameter and an access stratum root key KeNB on the first air interface, or using, by the network-side device, the KeNB as the KeNB*; and generating, by the second network-side device, an access stratum key on the second air interface according to the KeNB*, or sending, by the first network-side device, the KeNB* to the second network-side device, so that the second network-side device generates the access stratum key on the second air interface according to the KeNB*. In this way, security of data transmission over the second air interface may be improved by using the access stratum key on the second air interface.

公开(公告)号：EP3255914A4

公开(公告)日：2018-02-14

申请号：EP15882974

申请日：2015-02-28

申请人： HUAWEI TECH CO LTD

发明人： LI XING ,  LI ZHENZHEN ,  CHEN JING

IPC分类号： H04W12/04 ,  H04L9/08 ,  H04L9/32 ,  H04L29/06 ,  H04W12/06 ,  H04W36/00 ,  H04W88/06 ,  H04W92/02

CPC分类号： H04W12/04 ,  H04L9/0847 ,  H04L9/3271 ,  H04L63/205 ,  H04L2463/061 ,  H04W12/06 ,  H04W36/0038 ,  H04W36/0066 ,  H04W88/06

摘要： Embodiments of the present invention relate to the communications field, and provide a key generation method, device, and system. The method includes: after receiving a first command, obtaining, by UE located in a first-standard network, a type identifier of a second-standard network that needs to provide a service to the UE, where the first command is a service request response message, or a handover command, or any message in an air interface secure activation process; determining, by the UE, an access key according to the type identifier of the second-standard network, a key of the first-standard network, and a non-access stratum NAS count of the first-standard network by using a preset key derivation algorithm; and generating, by the UE, an access stratum AS key of the second-standard network according to the access key. The present invention can resolve problems of relatively long total communication latency and relatively high communication load of a heterogeneous network, decrease the total communication latency of a heterogeneous network and reduce the communication load of the heterogeneous network. The present invention is used for communication in a heterogeneous network.

公开(公告)号：EP3272100A2

公开(公告)日：2018-01-24

申请号：EP16763347.8

申请日：2016-01-20

申请人： Netskope, Inc.

发明人： NARAYANASWAMY, Krishna ,  ITHAL, Ravi ,  MALMSKOG, Steve ,  GNANASHANMUGAM, Shankaran ,  SAMBAMOORTHY, Arjun ,  ANAND, Chetan ,  ARUN, Prashanth

IPC分类号： H04L29/06 ,  H04W12/08 ,  G06F21/55 ,  H04L9/08 ,  G06F21/62 ,  G06F21/60 ,  H04L29/08

CPC分类号： G06F21/6218 ,  G06F21/554 ,  G06F21/602 ,  G06F21/6209 ,  H04L9/083 ,  H04L9/0861 ,  H04L9/0866 ,  H04L9/0869 ,  H04L9/0872 ,  H04L9/3236 ,  H04L63/0281 ,  H04L63/0435 ,  H04L63/062 ,  H04L63/123 ,  H04L63/1416 ,  H04L63/145 ,  H04L63/1458 ,  H04L67/1097 ,  H04L2463/061 ,  H04W12/08

摘要： A computer-implemented method is described to monitor and control enterprise information stored on a cloud computing service (CCS). The method includes using a cross-application monitor to detect a cloud computing service (CCS) application programming interface (API) in use and a function or an activity being performed via the CCS API. The method also includes determining the function or the activity being performed via the CCS API by parsing a data stream based on the CCS API and identifying content being transmitted to the CCS. The method further includes applying a content inspection rule to find strings and interrelated strings in the content that are subject to content control and triggering a security action responsive to finding the strings and interrelated strings subject to content control in the parsed stream.

公开(公告)号：EP2025088B1

公开(公告)日：2018-01-17

申请号：EP07733026.4

申请日：2007-05-31

申请人： British Telecommunications public limited company

发明人： HERWONO, Ian ,  HODGSON, Paul, William

IPC分类号： H04L9/08 ,  H04L9/32

CPC分类号： H04L63/062 ,  H04L9/0822 ,  H04L9/321 ,  H04L9/3271 ,  H04L63/061 ,  H04L63/0853 ,  H04L2209/80 ,  H04L2463/061 ,  H04W12/04 ,  H04W12/06

摘要： The present invention relates to communications, and in particular though not exclusively to forming a secure connection between two untrusted devices. The present invention provides a method of securely connecting a first device (A) to a second device (B) using a third party authentication server (AS) coupled to the second device, the first device and the authentication server both having first device shared secret data (SSDa) and the second device and the authentication server both having second device shared secret data (SSDb). The method comprises receiving a request from the first device at the authentication server; the authentication server and the first device both generating a first device key (K_A) using the first device shared secret data in response to a first device random number (RANDa) sent from the authentication server to the first device; the authentication server and the second device both generating a second device key (K_B) using the second device shared secret data in response to a second device random number (RANDb) sent from the authentication server to the second device; and the authentication server securely forwarding to the second device (B) and the first device (A) a common key (K_AB) using the second and first device keys (K_B, K_A).

公开(公告)号：EP3249849A1

公开(公告)日：2017-11-29

申请号：EP17180145.9

申请日：2013-06-26

申请人： Certicom Corp.

发明人： BROWN, Daniel Richard L. ,  CAMPAGNA, Matthew John ,  EBEID, Nevine Maurice Nassif

IPC分类号： H04L9/08 ,  H04L9/32 ,  H04L29/06 ,  H04W12/02 ,  H04W12/04 ,  H04W12/10

CPC分类号： H04L9/0819 ,  H04L9/0866 ,  H04L9/14 ,  H04L9/3271 ,  H04L63/123 ,  H04L2209/24 ,  H04L2209/80 ,  H04L2463/061 ,  H04W12/001 ,  H04W12/00512 ,  H04W12/02 ,  H04W12/04 ,  H04W12/10

摘要： Methods, systems, and computer programs for performing key agreement operations in a communication system are described. In some aspects, a wireless network operator receives a mobile device identifier and accesses a secret key associated with the mobile device. A message authentication code function is evaluated based on the secret key to produce an output value. A session key and a challenge value are obtained based on the output value. In some aspects, a mobile device accesses a secret key in response to receiving the challenge value from the wireless network operator. A message authentication code function is evaluated based on the secret key to produce an output value. A response value and a session key are obtained based on the output value. The response value is transmitted to the wireless network operator.

摘要翻译： 描述了用于在通信系统中执行密钥协商操作的方法，系统和计算机程序。 在一些方面，无线网络运营商接收移动设备标识符并且访问与移动设备相关联的秘密密钥。 根据密钥评估消息认证码功能以产生输出值。 会话密钥和挑战值是根据输出值获得的。 在一些方面，移动装置响应于从无线网络运营商接收到挑战值而访问秘密密钥。 根据密钥评估消息认证码功能以产生输出值。 响应值和会话密钥是根据输出值获得的。 响应值被传送给无线网络运营商。

公开(公告)号：EP2139175B3

公开(公告)日：2017-10-04

申请号：EP08784154.0

申请日：2008-08-27

申请人： Huawei Technologies Co., Ltd.

发明人： HE, Chengdong

IPC分类号： H04L29/06 ,  H04W12/06

CPC分类号： H04W12/04 ,  H04L9/0844 ,  H04L9/088 ,  H04L63/0492 ,  H04L63/062 ,  H04L63/0876 ,  H04L63/1441 ,  H04L63/20 ,  H04L63/205 ,  H04L69/24 ,  H04L2463/061 ,  H04W8/02 ,  H04W12/10 ,  H04W12/12 ,  H04W36/0038