利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

94 条记录 (耗时 0.032 秒)

    Method and apparatus for handling keys used for encryption and integrity
    22.
    发明申请
    Method and apparatus for handling keys used for encryption and integrity 有权
    用于处理用于加密和完整性的密钥的方法和装置

    公开(公告)号:US20070230707A1

    公开(公告)日:2007-10-04

    申请号:US11726527

    申请日:2007-03-22

    申请人: Rolf Blom Karl Norrman Mats Naslund

    发明人: Rolf Blom Karl Norrman Mats Naslund

    IPC分类号: H04L9/00

    CPC分类号: H04L63/062 H04L9/0844 H04L9/0891 H04L2209/80 H04W12/04

    摘要: A method and an arrangement for providing keys for protecting communication between a terminal (300) and service points in a communication network. A basic key (Ik) is first established with a service control node (304) when the terminal has entered the network. An initial modified key (Ik1) is then created in both the service control node and the terminal, by applying a predetermined first function (f) to at least the basic key and an initial value of a key version parameter (v). The initial modified key is sent to a first service point (302), such that it can be used to protect communication between the terminal and the first service point. When the terminal switches to a second service point (306), the first service point and the terminal both create a second modified key (Ik2) by applying a predetermined second function (g) to the initial modified key, and the first service point sends the second modified key to the second service point.

    摘要翻译: 一种用于提供用于保护终端(300)与通信网络中的服务点之间的通信的密钥的方法和装置。 当终端进入网络时,首先与服务控制节点(304)建立基本密钥(Ik)。 然后,通过将预定的第一功能(f)应用于至少基本密钥和密钥的初始值,在服务控制节点和终端两者中创建初始修改密钥(Ik1< 1>) 版本参数(v)。 初始修改的密钥被发送到第一服务点(302),使得其可以用于保护终端和第一服务点之间的通信。 当终端切换到第二服务点(306)时,第一服务点和终端都通过将预定的第二功能(g)应用于初始修改的密钥来创建第二修改密钥(Ik> 2< 密钥,第一服务点将第二修改密钥发送到第二服务点。

    Key management for network elements
    23.
    发明申请
    Key management for network elements 有权
    网元的密钥管理

    公开(公告)号:US20070160201A1

    公开(公告)日:2007-07-12

    申请号:US10597864

    申请日:2004-02-11

    申请人: Rolf Blom Mats Naslund Elisabetta Carrara Fredrik Lindholm Karl Norrman

    发明人: Rolf Blom Mats Naslund Elisabetta Carrara Fredrik Lindholm Karl Norrman

    IPC分类号: H04L9/30

    CPC分类号: H04L9/0844 H04L9/0891 H04L2209/80

    摘要: The invention provides an establishment of a secret session key shared Between two network elements (NEa, NEb) belonging to different network domains (NDa, NDb). A first network element (NEa) of a first network domain (NDa) requests security parameters from an associated key management center (KMC) (AAAa). Upon reception of the request, the KMC (AAAa) generates a freshness token (FRESH) and calculates the session key (K) based on this token (FRESH) and a master key (KAB) shared with a second network domain (NDb). The security parameters are (securely) provided to the network element (NEa), which extracts the session key (K) and forwards the freshness token (FRESH) to the KMC (AAAb) of the second domain (NDb) through a second network element (NEb). Based on the token (FRESH) and the shared master key (KAB), the KMC (AAAb) generates a copy of the session key (K), which is (securely) provided to the second network element (NEb). The two network elements (NEa, NEb) now have shares the session key (K), enabling them to securely communicate with each other.

    摘要翻译: 本发明提供了属于不同网络域(NDa,NDb)的两个网元(NEa,NEb)之间共享的秘密会话密钥的建立。 第一网络域(NDa)的第一网元(NEa)从相关联的密钥管理中心(AAAa)请求安全参数。 在接收到请求时,KMC(AAAa)生成新鲜令牌(FRESH),并且基于该令牌(FRESH)和与第二网络域(NDb)共享的主密钥(KAB)来计算会话密钥(K)。 安全参数(安全地)被提供给提取会话密钥(K)的网元(NEa),并通过第二网络元件将新鲜度令牌(FRESH)转发到第二域(NDb)的KMC(AAAb) (鼻)。 基于令牌(FRESH)和共享主密钥(KAB),KMC(AAAb)生成(安全地)提供给第二网元(NEb)的会话密钥(K)的副本。 两个网元(NEa,NEb)现在已经共享了会话密钥(K),使得它们能够彼此安全地通信。

    Method and apparatus for handling keys used for encryption and integrity
    24.
    发明授权
    Method and apparatus for handling keys used for encryption and integrity 有权
    用于处理用于加密和完整性的密钥的方法和装置

    公开(公告)号:US09106409B2

    公开(公告)日:2015-08-11

    申请号:US11726527

    申请日:2007-03-22

    申请人: Rolf Blom Karl Norrman Mats Näslund

    发明人: Rolf Blom Karl Norrman Mats Näslund

    IPC分类号: H04L9/08 H04L29/06 H04W12/04

    CPC分类号: H04L63/062 H04L9/0844 H04L9/0891 H04L2209/80 H04W12/04

    摘要: A method and an arrangement for providing keys for protecting communication between a terminal (300) and service points in a communication network. A basic key (Ik) is first established with a service control node (304) when the terminal has entered the network. An initial modified key (Ik1) is then created in both the service control node and the terminal, by applying a predetermined first function (f) to at least the basic key and an initial value of a key version parameter (v). The initial modified key is sent to a first service point (302), such that it can be used to protect communication between the terminal and the first service point. When the terminal switches to a second service point (306), the first service point and the terminal both create a second modified key (Ik2) by applying a predetermined second function (g) to the initial modified key, and the first service point sends the second modified key to the second service point.

    摘要翻译: 一种用于提供用于保护终端(300)与通信网络中的服务点之间的通信的密钥的方法和装置。 当终端进入网络时,首先与服务控制节点(304)建立基本密钥(Ik)。 然后,通过将预定的第一函数(f)应用于至少基本密钥和密钥版本参数(v)的初始值,在服务控制节点和终端两者中创建初始修改密钥(Ik1)。 初始修改的密钥被发送到第一服务点(302),使得其可以用于保护终端和第一服务点之间的通信。 当终端切换到第二服务点(306)时,第一服务点和终端都通过对初始修改密钥应用预定的第二功能(g)来创建第二修改密钥(Ik2),并且第一服务点发送 第二个修改密钥到第二个服务点。

    Key management in a communication network
    25.
    发明授权
    Key management in a communication network 有权
    通信网络中的密钥管理

    公开(公告)号:US08837737B2

    公开(公告)日:2014-09-16

    申请号:US13063997

    申请日:2009-03-13

    申请人: Rolf Blom Fredrik Lindholm Mats Naslund Karl Norrman

    发明人: Rolf Blom Fredrik Lindholm Mats Naslund Karl Norrman

    IPC分类号: H04L9/08 H04L29/06 H04L9/32

    CPC分类号: H04L63/0869 H04L9/0819 H04L9/083 H04L9/3213 H04L63/0428 H04L63/06 H04L63/08

    摘要: A method and apparatus for key management in a communication network. A Key Management Terminal KMS Terminal Server (KMS) receives from a first device a request for a token associated with a user identity, the user identity being associated with a second device. The KMS then sends the requested token and a user key associated with the user to the first device. The KMS subsequently receives the token from the second device. A second device key is generated using the user key and a modifying parameter associated with the second device. The modifying parameter is available to the first device for generating the second device key. The second device key is then sent from the KMS to the second device. The second device key can be used by the second device to authenticate itself to the first device, or for the first device to secure communications to the second device.

    摘要翻译: 一种用于通信网络中密钥管理的方法和装置。 密钥管理服务器(KMS)从第一设备接收与用户身份相关联的令牌的请求,所述用户身份与第二设备相关联。 然后,KMS将所请求的令牌和与用户相关联的用户密钥发送到第一设备。 KMS随后从第二个设备接收令牌。 使用用户密钥和与第二设备相关联的修改参数来生成第二设备密钥。 修改参数可用于第一设备用于生成第二设备密钥。 然后,第二个设备密钥从KMS发送到第二个设备。 第二设备密钥可以由第二设备用于向第一设备或第一设备认证自身以确保与第二设备的通信。

    Storing and forwarding media data
    26.
    发明授权
    Storing and forwarding media data 有权
    存储和转发媒体数据

    公开(公告)号:US08661243B2

    公开(公告)日:2014-02-25

    申请号:US12997924

    申请日:2008-06-16

    申请人: Rolf Blom Karl Norrman

    发明人: Rolf Blom Karl Norrman

    IPC分类号: H04L29/06

    CPC分类号: H04L63/168 H04L65/605 H04L65/608 H04L69/22

    摘要: A method apparatus for storing and forwarding media data in a communication network. An intermediate node disposed between a media data source node and a client node receives encrypted media data packets from the media data source node. The intermediate node stores the received media data packets in a memory for later sending to the client node, and adjusts fields in the original header of each stored media data packet to create modified media data packets having a modified header, and sends adjustment information to the client node. The adjustment information allows the client node to recreate the original headers from the modified headers, before decrypting the encrypted media packets with keying materials already sent between the media data source node and the client node. The modified media data packets are then sent to the client node for decryption. This allows the intermediate node to “store and forward” SRTP data without being able to access the encrypted data content.

    摘要翻译: 一种在通信网络中存储和转发媒体数据的方法装置。 设置在媒体数据源节点和客户端节点之间的中间节点从媒体数据源节点接收加密的媒体数据分组。 中间节点将接收到的媒体数据分组存储在存储器中用于随后发送到客户端节点,并且调整每个存储的媒体数据分组的原始报头中的字段以创建具有修改的报头的修改的媒体数据分组,并将调整信息发送到 客户端节点。 调整信息允许客户端节点在已经在媒体数据源节点和客户机节点之间发送的密钥材料解密加密的媒体分组之前,从修改的报头重新创建原始报头。 然后将经修改的媒体数据分组发送到客户端节点进行解密。 这允许中间节点“存储和转发”SRTP数据,而不能访问加密的数据内容。

    Key management for network elements
    28.
    发明授权
    Key management for network elements 有权
    网元的密钥管理

    公开(公告)号:US07987366B2

    公开(公告)日:2011-07-26

    申请号:US10597864

    申请日:2004-02-11

    申请人: Rolf Blom Mats Naslund Elisabetta Carrara Fredrik Lindholm Karl Norrman

    发明人: Rolf Blom Mats Naslund Elisabetta Carrara Fredrik Lindholm Karl Norrman

    IPC分类号: H04L9/32 H04L9/30 H04L9/08

    CPC分类号: H04L9/0844 H04L9/0891 H04L2209/80

    摘要: The invention provides an establishment of a secret session key shared Between two network elements (NEa, NEb) belonging to different network domains (NDa, NDb). A first network element (NEa) of a first network domain (NDa) requests security parameters from an associated key management center (KMC) (AAAa). Upon reception of the request, the KMC (AAAa) generates a freshness token (FRESH) and calculates the session key (K) based on this token (FRESH) and a master key (KAB) shared with a second network domain (NDb). The security parameters are (securely) provided to the network element (NEa), which extracts the session key (K) and forwards the freshness token (FRESH) to the KMC (AAAb) of the second domain (NDb) through a second network element (NEb). Based on the token (FRESH) and the shared master key (KAB), the KMC (AAAb) generates a copy of the session key (K), which is (securely) provided to the second network element (NEb). The two network elements (NEa, NEb) now have shares the session key (K), enabling them to securely communicate with each other.

    摘要翻译: 本发明提供了属于不同网络域(NDa,NDb)的两个网元(NEa,NEb)之间共享的秘密会话密钥的建立。 第一网络域(NDa)的第一网元(NEa)从相关联的密钥管理中心(AAAa)请求安全参数。 在接收到请求时,KMC(AAAa)生成新鲜令牌(FRESH),并且基于该令牌(FRESH)和与第二网络域(NDb)共享的主密钥(KAB)来计算会话密钥(K)。 安全参数(安全地)被提供给提取会话密钥(K)的网元(NEa),并通过第二网络元件将新鲜度令牌(FRESH)转发到第二域(NDb)的KMC(AAAb) (鼻)。 基于令牌(FRESH)和共享主密钥(KAB),KMC(AAAb)生成(安全地)提供给第二网元(NEb)的会话密钥(K)的副本。 两个网元(NEa,NEb)现在已经共享了会话密钥(K),使得它们能够彼此安全地通信。

    METHOD AND NETWORK FOR DELIVERING STREAMING DATA
    30.
    发明申请
    METHOD AND NETWORK FOR DELIVERING STREAMING DATA 有权
    提供数据流的方法和网络

    公开(公告)号:US20110047209A1

    公开(公告)日:2011-02-24

    申请号:US12895242

    申请日:2010-09-30

    申请人: Fredrik LINDHOLM Rolf Blom Karl Norrman Göran Selander Mats NÄSLUND

    发明人: Fredrik LINDHOLM Rolf Blom Karl Norrman Göran Selander Mats NÄSLUND

    IPC分类号: G06F15/16

    CPC分类号: H04L63/0442 G06F21/10 G06F2221/0737 G06F2221/0797 H04L29/06027 H04L63/0807 H04L65/4084 H04L65/607 H04L65/608 H04L67/14

    摘要: In a procedure for delivering streaming media, a Client first requests the media from an Order Server. The Order Server authenticates the Client and sends a ticket to the Client. Then, the Client sends the ticket to a Streaming Server. The Streaming Server checks the ticket for validity and if found valid encrypts the streaming data using a standardized real-time protocol such as the SRTP and transmits the encrypted data to the Client. The Client receives the data and decrypts them. Copyrighted material adapted to streaming can be securely delivered to the Client. The robust protocol used is very well suited for in particular wireless clients and similar devices having a low capacity such as cellular telephones and PDAs.

    摘要翻译: 在提供流媒体的过程中,客户端首先从订单服务器请求媒体。 订单服务器对客户端进行身份验证,并向客户端发送故障单。 然后,客户端将票证发送到流服务器。 流服务器检查故障单的有效性,并且如果发现有效使用诸如SRTP的标准化实时协议对流数据进行加密,并将加密的数据发送到客户端。 客户端接收数据并对其进行解密。 适用于流媒体的版权材料可以安全地传递给客户端。 所使用的鲁棒协议非常适合于具有低容量的特定无线客户端和类似设备,例如蜂窝电话和PDA。