公开(公告)号：US20090029677A1

公开(公告)日：2009-01-29

申请号：US12040247

申请日：2008-02-29

申请人： Hyoung-Kee CHOI ,  Chan-Kyu Han

发明人： Hyoung-Kee CHOI ,  Chan-Kyu Han

IPC分类号： H04M1/66

CPC分类号： H04L63/0869 ,  H04L63/0807 ,  H04L63/083 ,  H04W12/06 ,  H04W36/00

摘要： A method of mobile authentication with enhanced mutual authentication and handover security is disclosed. The method of mutual authentication in a mobile network in accordance with an embodiment of the present invention includes: generating at least one service ticket and session key corresponding to a mobile station in accordance with an authentication data request for the mobile station; encrypting the service ticket and the session key by using a user security key pre-assigned in accordance with the mobile station; sending the encrypted service ticket and session key to the mobile station by using a control message; and authenticating the mobile station by analyzing user mutual authentication information received from the mobile station. The present invention, therefore, can provide a more powerful and effective mutual authentication method in a mobile network.

摘要翻译： 公开了一种具有增强的相互认证和切换安全性的移动认证方法。 根据本发明的实施例的移动网络中的相互认证方法包括：根据对移动台的认证数据请求生成对应于移动台的至少一个服务票证和会话密钥; 通过使用根据移动台预分配的用户安全密钥来加密服务票据和会话密钥; 通过使用控制消息将加密的服务票据和会话密钥发送到移动台; 并通过分析从移动台接收到的用户相互认证信息来认证移动台。 因此，本发明可以在移动网络中提供更强大和有效的相互认证方法。

公开(公告)号：US08112065B2

公开(公告)日：2012-02-07

申请号：US12040247

申请日：2008-02-29

申请人： Hyoung-Kee Choi ,  Chan-Kyu Han

发明人： Hyoung-Kee Choi ,  Chan-Kyu Han

IPC分类号： H04M1/66

CPC分类号： H04L63/0869 ,  H04L63/0807 ,  H04L63/083 ,  H04W12/06 ,  H04W36/00

摘要： A method of mobile authentication with enhanced mutual authentication and handover security is disclosed. The method of mutual authentication in a mobile network in accordance with an embodiment of the present invention includes: generating at least one service ticket and session key corresponding to a mobile station in accordance with an authentication data request for the mobile station; encrypting the service ticket and the session key by using a user security key pre-assigned in accordance with the mobile station; sending the encrypted service ticket and session key to the mobile station by using a control message; and authenticating the mobile station by analyzing user mutual authentication information received from the mobile station. The present invention, therefore, can provide a more powerful and effective mutual authentication method in a mobile network.

摘要翻译： 公开了一种具有增强的相互认证和切换安全性的移动认证方法。 根据本发明的实施例的移动网络中的相互认证方法包括：根据移动台的认证数据请求生成对应于移动台的至少一个服务票证和会话密钥; 通过使用根据移动台预分配的用户安全密钥来加密服务票据和会话密钥; 通过使用控制消息将加密的服务票据和会话密钥发送到移动台; 并通过分析从移动台接收到的用户相互认证信息来认证移动台。 因此，本发明可以在移动网络中提供更强大和有效的相互认证方法。

公开(公告)号：US08144603B2

公开(公告)日：2012-03-27

申请号：US12685736

申请日：2010-01-12

申请人： Hyoung-Kee Choi ,  Chan-Kyu Han

发明人： Hyoung-Kee Choi ,  Chan-Kyu Han

IPC分类号： H04L1/00

CPC分类号： H04L63/1416 ,  H04L41/0631 ,  H04L43/026 ,  H04L69/16 ,  H04L69/162

摘要： IP state-vector manager determines state vector value by updating token numbers of IP state vector according to source and destination IP addresses of the received packet, and obtains state number of state vector value by counting state vector value. Port-number state-vector manager determines state vector value by updating token numbers of port-number state vector according to source and destination token numbers of packet, and obtains state number of state vector value by counting state vector value. Entropy calculator calculates entropies related to IP address and port number, based on number and state number of state vector values related to IP state vector and port-number state vector. Anomalous event determiner determines whether there is anomalous event in network based on calculated entropies. Anomalous event can be efficiently detected with minimized false negative and positive rates.

摘要翻译： IP状态向量管理器通过根据接收到的分组的源和目的地IP地址更新IP状态向量的令牌号来确定状态向量值，并且通过计数状态向量值来获得状态向量值的状态数。 端口号状态向量管理器通过根据报文的源和目标令牌号更新端口号状态向量的令牌号来确定状态向量值，并通过计数状态向量值获取状态向量值的状态数。 熵计算器根据与IP状态向量和端口号状态向量相关的状态向量值的数量和状态数量，计算与IP地址和端口号相关的熵。 基于计算熵，异常事件确定器确定网络中是否存在异常事件。 可以以最小的假阴性和阳性率有效地检测异常事件。

公开(公告)号：US20110141915A1

公开(公告)日：2011-06-16

申请号：US12685736

申请日：2010-01-12

申请人： Hyoung-Kee CHOI ,  Chan-Kyu Han

发明人： Hyoung-Kee CHOI ,  Chan-Kyu Han

IPC分类号： H04L12/56 ,  H04L12/26

CPC分类号： H04L63/1416 ,  H04L41/0631 ,  H04L43/026 ,  H04L69/16 ,  H04L69/162

摘要： IP state-vector manager determines state vector value by updating token numbers of IP state vector according to source and destination IP addresses of the received packet, and obtains state number of state vector value by counting state vector value. Port-number state-vector manager determines state vector value by updating token numbers of port-number state vector according to source and destination token numbers of packet, and obtains state number of state vector value by counting state vector value. Entropy calculator calculates entropies related to IP address and port number, based on number and state number of state vector values related to IP state vector and port-number state vector. Anomalous event determiner determines whether there is anomalous event in network based on calculated entropies. Anomalous event can be efficiently detected with minimized false negative and positive rates.

摘要翻译： IP状态向量管理器通过根据接收到的分组的源和目的地IP地址更新IP状态向量的令牌号来确定状态向量值，并且通过计数状态向量值来获得状态向量值的状态数。 端口号状态向量管理器通过根据报文的源和目标令牌号更新端口号状态向量的令牌号来确定状态向量值，并通过计数状态向量值获取状态向量值的状态数。 熵计算器根据与IP状态向量和端口号状态向量相关的状态向量值的数量和状态数量，计算与IP地址和端口号相关的熵。 基于计算熵，异常事件确定器确定网络中是否存在异常事件。 可以以最小的假阴性和阳性率有效地检测异常事件。