-
公开(公告)号:US08914636B2
公开(公告)日:2014-12-16
申请号:US13535563
申请日:2012-06-28
申请人: Inhyok Cha , Andreas Leicher , Andreas Schmidt , Louis J. Guccione , Yogendra C. Shah , Yousif Targali
发明人: Inhyok Cha , Andreas Leicher , Andreas Schmidt , Louis J. Guccione , Yogendra C. Shah , Yousif Targali
CPC分类号: H04L63/08 , H04L9/0816 , H04L9/32 , H04L12/2856 , H04L63/0815 , H04L63/102 , H04L63/205 , H04W12/06
摘要: Wireless telecommunications networks may implement various forms of authentication. There are a variety of different user and device authentication protocols that follow a similar network architecture, involving various network entities such as a user equipment (UE), a service provider (SP), and an authentication endpoint (AEP). To select an acceptable authentication protocol or credential for authenticating a user or UE, authentication protocol negotiations may take place between various network entities. For example, negotiations may take place in networks implementing a single-sign on (SSO) architecture and/or networks implementing a Generic Bootstrapping Architecture (GBA).
摘要翻译: 无线电信网络可以实现各种形式的认证。 存在各种不同的用户和设备认证协议,其遵循类似的网络架构,涉及诸如用户设备(UE),服务提供商(SP)和认证端点(AEP)的各种网络实体。 为了选择用于验证用户或UE的可接受的认证协议或凭证,认证协议协商可以在各种网络实体之间进行。 例如,可以在实现单点登录(SSO)架构和/或实现通用引导架构(GBA)的网络的网络中进行协商。
-
公开(公告)号:US08850545B2
公开(公告)日:2014-09-30
申请号:US13428836
申请日:2012-03-23
CPC分类号: H04L9/0819 , G06F21/335 , G06F21/42 , G06F21/53 , G06F21/575 , G06F2221/2107 , G06F2221/2149 , H04L9/3271 , H04L63/0272 , H04L63/062 , H04L63/0869 , H04L63/168 , H04L67/02 , H04L67/42 , H04W12/02 , H04W12/04 , H04W12/06
摘要: Secure communications may be established amongst network entities for performing authentication and/or verification of the network entities. For example, a user equipment (UE) may establish a secure channel with an identity provider, capable of issuing user identities for authentication of the user/UE. The UE may also establish a secure channel with a service provider, capable of providing services to the UE via a network. The identity provider may even establish a secure channel with the service provider for performing secure communications. The establishment of each of these secure channels may enable each network entity to authenticate to the other network entities. The secure channels may also enable the UE to verify that the service provider with which it has established the secure channel is an intended service provider for accessing services.
摘要翻译: 可以在用于执行网络实体的认证和/或验证的网络实体之间建立安全通信。 例如,用户设备(UE)可以建立具有身份提供商的安全信道,能够发出用户/ UE用户身份。 UE还可以与服务提供商建立安全信道,能够经由网络向UE提供服务。 身份提供商甚至可以与服务提供商建立用于执行安全通信的安全信道。 这些安全信道中的每一个的建立可以使每个网络实体能够对其他网络实体进行认证。 安全信道还可以使得UE能够验证其已建立安全信道的服务提供商是用于接入服务的预期服务提供商。
-
公开(公告)号:US08510559B2
公开(公告)日:2013-08-13
申请号:US12419798
申请日:2009-04-07
IPC分类号: H04L9/00
CPC分类号: H04L63/0428 , H04L63/061 , H04W12/02 , H04W12/04 , H04W88/02
摘要: A method and apparatus for securing the interface between a Universal Integrated Circuit Card (UICC) and a Terminal in wireless communications is disclosed. The security of Authentication and Key Agreement (AKA) and application level generic bootstrapping architecture (GBA) with UICC-based enhancements (GBA_U) procedures is improved. A secure shared session key is used to encrypt communications between the UICC and the Terminal. The secure shared session key generated using authenticating or non-authenticating procedures.
摘要翻译: 公开了一种在无线通信中用于固定通用集成电路卡(UICC)和终端之间的接口的方法和装置。 基于UICC的增强(GBA_U)程序的身份验证和密钥协商(AKA)和应用级通用引导体系结构(GBA)的安全性得到了改进。 安全的共享会话密钥用于加密UICC和终端之间的通信。 使用验证或非验证过程产生的安全共享会话密钥。
-
公开(公告)号:US20090313472A1
公开(公告)日:2009-12-17
申请号:US12419798
申请日:2009-04-07
CPC分类号: H04L63/0428 , H04L63/061 , H04W12/02 , H04W12/04 , H04W88/02
摘要: A method and apparatus for securing the interface between a Universal Integrated Circuit Card (UICC) and a Terminal in wireless communications is disclosed. The security of Authentication and Key Agreement (AKA) and application level generic bootstrapping architecture (GBA) with UICC-based enhancements (GBA_U) procedures is improved. A secure shared session key is used to encrypt communications between the UICC and the Terminal. The secure shared session key generated using authenticating or non-authenticating procedures.
摘要翻译: 公开了一种在无线通信中用于固定通用集成电路卡(UICC)和终端之间的接口的方法和装置。 基于UICC的增强(GBA_U)程序的身份验证和密钥协商(AKA)和应用级通用引导体系结构(GBA)的安全性得到了改进。 安全的共享会话密钥用于加密UICC和终端之间的通信。 使用验证或非验证过程产生的安全共享会话密钥。
-
25.发明授权Migration of credentials and/or domains between trusted hardware subscription modules 有权可信硬件订阅模块之间的凭证和/或域的迁移公开(公告)号:US09032473B2
公开(公告)日:2015-05-12
申请号:US13581752
申请日:2011-03-02
CPC分类号: H04L63/20 , H04L63/102 , H04W8/205 , H04W12/08
摘要: Systems, methods, and instrumentalities are disclosed that allow a user to initiate migration of a credential from one domain to another domain. A request to initiate a migration of credentials from a first domain to a second domain may be initiated by a user (1a.). A remote owner may receive a message indicating that the migration has been requested. The message received by the remote owner may be an indication that the source and destination devices have performed internal checks and determined that a migration could proceed. The remote owner may evaluate source information received from the source device and destination information received from the destination device (6), (6a.), (6b.). Based on the evaluation of the source information and the destination information, the remote owner may determine that the migration is acceptable. The remote owner may send an indication to proceed with the migration (7), (7a).
摘要翻译: 公开了允许用户启动将证书从一个域迁移到另一个域的系统,方法和工具。 可以由用户(1a。)发起将凭证从第一域迁移到第二域的请求。 远程所有者可能会收到指示已请求迁移的消息。 远程所有者收到的消息可能表示源设备和目标设备已执行内部检查,并确定迁移可以进行。 远程所有者可以评估从源设备接收的源信息和从目的地设备(6),(6a。),(6b。)接收的目的地信息。 基于源信息和目的地信息的评估,远程所有者可以确定迁移是可接受的。 远程所有者可以发送进行迁移的指示(7),(7a)。
-
公开(公告)号:US20080123851A1
公开(公告)日:2008-05-29
申请号:US11736830
申请日:2007-04-18
申请人: Louis J. Guccione , Inhyok Cha , Alexander Reznik , Chunxuan Ye , Renuka Racha
发明人: Louis J. Guccione , Inhyok Cha , Alexander Reznik , Chunxuan Ye , Renuka Racha
IPC分类号: H04L9/00
CPC分类号: H04L63/061 , H04L9/0875 , H04L9/0891 , H04L63/083 , H04L2209/80 , H04W12/02 , H04W12/04 , H04W80/02
摘要: A wireless transmit/receive unit (WTRU) and a Node B, respectively, perform joint randomness not shared by others (JRNSO) measurement to generate JRNSO bits based on a channel estimate between the WTRU and the Node B. The WTRU and the Node B then perform a reconciliation procedure to generate a common JRNSO bits. The Node B sends the common JRNSO bits to a serving network. The WTRU and the SN secure a session key (such as an integrity key, a cipher key and an anonymity key), using the common JRNSO bits. The JRNSO measurements are performed on an on-going basis, and the session key is updated using a new set of common JRNSO bits. The JRNSO bits may be expanded by using a pseudorandom number generator (PNG) or a windowing technique. A handover may be intentionally induced to increase the JRNSO bits generation rate.
摘要翻译: 无线发送/接收单元(WTRU)和节点B分别基于WTRU和节点B之间的信道估计来执行其他人不共享的联合随机(JRNSO)测量以生成JRNSO比特。WTRU和节点B 然后执行协调过程以生成一个常见的JRNSO位。 节点B将公共JRNSO比特发送到服务网络。 WTRU和SN使用公共JRNSO比特来保护会话密钥(诸如完整性密钥,加密密钥和匿名密钥)。 JRNSO测量是在持续的基础上执行的,会话密钥使用一组常见的JRNSO位进行更新。 可以通过使用伪随机数生成器(PNG)或开窗技术来扩展JRNSO比特。 可以有意地引起切换以增加JRNSO比特生成速率。
-
公开(公告)号:US07991160B2
公开(公告)日:2011-08-02
申请号:US11736830
申请日:2007-04-18
申请人: Louis J. Guccione , Inhyok Cha , Alexander Reznik , Chunxuan Ye , Renuka Racha
发明人: Louis J. Guccione , Inhyok Cha , Alexander Reznik , Chunxuan Ye , Renuka Racha
IPC分类号: H04K1/00
CPC分类号: H04L63/061 , H04L9/0875 , H04L9/0891 , H04L63/083 , H04L2209/80 , H04W12/02 , H04W12/04 , H04W80/02
摘要: A wireless transmit/receive unit (WTRU) and a Node B, respectively, perform joint randomness not shared by others (JRNSO) measurement to generate JRNSO bits based on a channel estimate between the WTRU and the Node B. The WTRU and the Node B then perform a reconciliation procedure to generate a common JRNSO bits. The Node B sends the common JRNSO bits to a serving network. The WTRU and the SN secure a session key (such as an integrity key, a cipher key and an anonymity key), using the common JRNSO bits. The JRNSO measurements are performed on an on-going basis, and the session key is updated using a new set of common JRNSO bits. The JRNSO bits may be expanded by using a pseudorandom number generator (PNG) or a windowing technique. A handover may be intentionally induced to increase the JRNSO bits generation rate.
摘要翻译: 无线发送/接收单元(WTRU)和节点B分别基于WTRU和节点B之间的信道估计来执行其他人不共享的联合随机(JRNSO)测量以生成JRNSO比特。WTRU和节点B 然后执行协调过程以生成一个常见的JRNSO位。 节点B将公共JRNSO比特发送到服务网络。 WTRU和SN使用公共JRNSO比特来保护会话密钥(诸如完整性密钥,加密密钥和匿名密钥)。 JRNSO测量是在持续的基础上执行的,会话密钥使用一组常见的JRNSO位进行更新。 可以通过使用伪随机数生成器(PNG)或开窗技术来扩展JRNSO比特。 可以有意地引起切换以增加JRNSO比特生成速率。
-
28.发明授权Registration and credential roll-out for accessing a subscription-based service 有权注册和凭证推出,用于访问基于订阅的服务公开(公告)号:US09203846B2
公开(公告)日:2015-12-01
申请号:US13501801
申请日:2010-10-15
申请人: Louis J. Guccione , Inhyok Cha
发明人: Louis J. Guccione , Inhyok Cha
CPC分类号: H04L63/102 , G06Q20/20 , H04L63/083 , H04L63/0853 , H04L63/10 , H04L63/104 , H04L67/26 , H04W12/04
摘要: A user may access a subscription-based service via a system comprising one or more devices with one or more separate domains where each domain may be owned or controlled by one or more different local or remote owners. Each domain may have a different owner, and a remote owner offering a subscription-based service may have taken ownership of a domain, which may be referred to as a remote owner domain. Further, the user may have taken ownership of a domain, which may be referred to as a user domain. In order for the user to access the subscription-based service, registration and credential roll-out may be needed. An exemplary registration and credential roll-out process may comprise registration of the user, obtaining credentials from the remote owner and storing the credentials.
摘要翻译: 用户可以经由包括具有一个或多个单独域的系统的系统访问基于订阅的服务,其中每个域可以由一个或多个不同的本地或远程所有者拥有或控制。 每个域可以具有不同的所有者,并且提供基于订阅的服务的远程所有者可能已经拥有域的所有权,其可以被称为远程所有者域。 此外,用户可能已经拥有可以被称为用户域的域的所有权。 为了使用户能够访问基于订阅的服务,可能需要注册和凭证推出。 示例性的注册和证书推出过程可以包括用户的注册,从远程所有者获得凭证并存储证书。
-
29.发明申请REGISTRATION AND CREDENTIAL ROLL-OUT FOR ACCESSING A SUBSCRIPTION-BASED SERVICE 有权用于访问基于订阅的服务的注册和凭证转出公开(公告)号:US20120278869A1
公开(公告)日:2012-11-01
申请号:US13501801
申请日:2010-10-15
申请人: Louis J. Guccione , Inhyok Cha
发明人: Louis J. Guccione , Inhyok Cha
IPC分类号: G06F21/20
CPC分类号: H04L63/102 , G06Q20/20 , H04L63/083 , H04L63/0853 , H04L63/10 , H04L63/104 , H04L67/26 , H04W12/04
摘要: A user may access a subscription-based service via a system comprising one or more devices with one or more separate domains where each domain may be owned or controlled by one or more different local or remote owners. Each domain may have a different owner, and a remote owner offering a subscription-based service may have taken ownership of a domain, which may be referred to as a remote owner domain. Further, the user may have taken ownership of a domain, which may be referred to as a user domain. In order for the user to access the subscription-based service, registration and credential roll-out may be needed. An exemplary registration and credential roll-out process may comprise registration of the user, obtaining credentials from the remote owner and storing the credentials.
摘要翻译: 用户可以经由包括具有一个或多个单独域的系统的系统访问基于订阅的服务,其中每个域可以由一个或多个不同的本地或远程所有者拥有或控制。 每个域可以具有不同的所有者,并且提供基于订阅的服务的远程所有者可能已经拥有域的所有权,其可以被称为远程所有者域。 此外,用户可能已经拥有可以被称为用户域的域的所有权。 为了使用户能够访问基于订阅的服务,可能需要注册和凭证推出。 示例性的注册和证书推出过程可以包括用户的注册,从远程所有者获得凭证并存储证书。
-
公开(公告)号:US20120003961A1
公开(公告)日:2012-01-05
申请号:US13234764
申请日:2011-09-16
摘要: Disclosed is method and apparatus for operation of a base station in wireless communications, including self-configuration of the base station for secure and authenticated communications with other base stations.
摘要翻译: 公开了用于无线通信中的基站的操作的方法和装置,包括用于与其他基站的安全和认证的通信的基站的自配置。
-
-
-
-
-
-
-
-
-
搜索结果
40 条记录 (耗时 0.042 秒)