公开(公告)号：US20070204160A1

公开(公告)日：2007-08-30

申请号：US11606910

申请日：2006-12-01

申请人： Tat Chan ,  Gabor Bajko

发明人： Tat Chan ,  Gabor Bajko

IPC分类号： H04L9/00

CPC分类号： H04L9/0838 ,  H04L9/08 ,  H04L9/0841 ,  H04L9/3247 ,  H04L9/3265 ,  H04L9/3271 ,  H04L63/061 ,  H04L63/062 ,  H04L63/08 ,  H04L63/0823 ,  H04L63/0869 ,  H04L63/205 ,  H04L2209/38 ,  H04L2209/56 ,  H04L2209/80 ,  H04L2463/061 ,  H04W12/04 ,  H04W12/06 ,  H04W88/02

摘要： The invention relates to a method of authenticating a user equipment in a communications network. The method involves sending a message from a network entity to the user equipment. This message includes a set of options for an authentication procedure for authenticating an internet protocol communication over a first interface between the user equipment and the network entity; said options including a “shared key”-based authentication procedure. The method also involves selecting an option from the set. In the event that the “shared-key”-based authentication procedure is selected, a shared secret from a security key established in a generic bootstrapping architecture (GBA) is generated over a second interface between the user equipment and a bootstrapping service function. The shared secret is then used to compute and verify authentication payloads in the key-based authentication procedure for the communication over the first interface.

摘要翻译： 本发明涉及一种在通信网络中认证用户设备的方法。 该方法涉及将消息从网络实体发送到用户设备。 该消息包括用于通过用户设备和网络实体之间的第一接口认证互联网协议通信的认证过程的一组选项; 所述选项包括基于“共享密钥”的认证过程。 该方法还涉及从集合中选择一个选项。 在选择基于“共享密钥”的认证过程的情况下，通过在通用引导体系结构（GBA）中建立的安全密钥的共享密钥在用户设备和引导服务功能之间的第二接口上生成。 然后，共享秘密用于在基于密钥的认证过程中通过第一接口进行通信的计算和验证认证有效载荷。

公开(公告)号：US20060095767A1

公开(公告)日：2006-05-04

申请号：US11057846

申请日：2005-02-15

申请人： Govindarajan Krishnamurthi ,  Tat Chan

发明人： Govindarajan Krishnamurthi ,  Tat Chan

IPC分类号： H04L9/00

CPC分类号： H04L63/166 ,  H04L63/205

摘要： The present invention describes a novel security model in which security context is pre-negotiated and is used at future instances to secure messaging between nodes involved in sending and receiving data during the execution of the protocol. This anticipatory pre-negotiation of security context avoids expensive handshakes to establish security contexts that occur at future instances to secure sessions during the execution of the protocol.

摘要翻译： 本发明描述了一种新颖的安全模型，其中安全上下文是预协商的，并且在将来的实例中被使用以在协议的执行期间保护涉及发送和接收数据的节点之间的消息传递。 这种安全上下文的预先预先协商避免了昂贵的握手，以建立在将来的实例中发生的安全上下文以在协议的执行期间保护会话。

公开(公告)号：US20060035185A1

公开(公告)日：2006-02-16

申请号：US10918731

申请日：2004-08-16

申请人： Tat Chan ,  Leung Chan

发明人： Tat Chan ,  Leung Chan

IPC分类号： F23D11/36 ,  F23Q1/02

CPC分类号： F23Q2/46

摘要： A flint wheel assembly is disclosed as including a flint wheel rotatable to rub against a flint for generating spark; and two outer wheels, each on a side of the flint wheel, and each operatively associated with the flint wheel via a respective inner wheel; wherein each outer wheel is movable substantially along its longitudinal axis between a first position in which it is out of contact with the inner wheel and a second position in which it is in contact with the inner wheel; and when the outer wheel is in the second position, the outer wheel is simultaneously rotatably movable with the flint wheel upon the application of a force on the outer wheel in a direction generally towards the inner wheel.

摘要翻译： 公开了一种燧石车轮组件，其包括可旋转地摩擦火石以产生火花的火石轮; 和两个外轮，每个在燧石轮的一侧上，并且各自经由相应的内轮与燧石轮操作地相关联; 其中每个外轮可基本上沿着其纵向轴线移动在其与内轮脱离接触的第一位置和与内轮接触的第二位置; 并且当外轮处于第二位置时，外轮同时可旋转地与燧石轮一起移动，这是在大体上朝向内轮的方向上施加在外轮上的力。

公开(公告)号：USD485392S1

公开(公告)日：2004-01-13

申请号：US29181035

申请日：2003-05-05

申请人： Tat Chan ,  Leung Chan

设计人： Tat Chan ,  Leung Chan

公开(公告)号：US06648632B2

公开(公告)日：2003-11-18

申请号：US10042310

申请日：2002-01-11

申请人： Adrian Berry ,  Tat Chan

发明人： Adrian Berry ,  Tat Chan

IPC分类号： F23D304

CPC分类号： F23Q2/287

摘要： A lighter is disclosed as including a body and an button, the body including a piezo electric unit and a container for containing fuel under pressure, the body further including an at which a flame may he produced upon movement of the button relative to the body, and the button is slidable relative to the body parallel to a longitudinal axis of the body, and the button has an outer surface which may be operated by a user to slide the button relative to the body, and the outer surface of the button is generally orthogonal to the end of the body, and wherein the button is generally as long as the body.

公开(公告)号：US07290141B2

公开(公告)日：2007-10-30

申请号：US10180096

申请日：2002-06-27

申请人： Senthil Sengodan ,  Tat Chan

发明人： Senthil Sengodan ,  Tat Chan

IPC分类号： G06F7/04 ,  G06K9/00 ,  H04L9/00

CPC分类号： H04L63/08 ,  H04L9/3236 ,  H04L9/3271 ,  H04L63/0428 ,  H04L63/064 ,  H04L2209/80

摘要： A method and system for authenticating messages received from users across multiple remote devices are provided. A residential gateway authenticates a user using a modified digest authentication scheme by storing a sequence number in the nonce field. Access encryption keys and sequence number spaces may be assigned based on user or on user/remote device pairs. When sequence number spaces are assigned based on user, and the user uses multiple remote devices to access the residential gateway, the sequence number space may be divided into mini-sequence number spaces for each of the multiple remote devices. Access encryption may be two-tiered, such that a secondary key is generated based on a user's primary key, and the secondary key is only valid for a limited amount of time before it expires and a new secondary key must be generated.

摘要翻译： 提供了一种用于认证从多个远程设备上的用户接收的消息的方法和系统。 住宅网关通过在序列号存储序列号来验证使用经修改的摘要认证方案的用户。 访问加密密钥和序列号空格可以基于用户或用户/远程设备对分配。 当基于用户分配序列号空间，并且用户使用多个远程设备访问住宅网关时，序列号空间可以被划分为多个远程设备中的每一个的小序列号空间。 访问加密可以是双层的，使得基于用户的主键生成次密钥，并且辅助密钥仅在有效的时间段到期之前有效并且必须生成新的辅助密钥。

公开(公告)号：US20070124587A1

公开(公告)日：2007-05-31

申请号：US11533861

申请日：2006-09-21

申请人： Govindarajan Krishnamurthi ,  Tat Chan ,  Pekka Laitinen

发明人： Govindarajan Krishnamurthi ,  Tat Chan ,  Pekka Laitinen

IPC分类号： H04L9/00

CPC分类号： H04L9/3271 ,  H04L9/0844 ,  H04L9/321 ,  H04L63/061 ,  H04L63/068 ,  H04L63/162 ,  H04L2209/80 ,  H04L2463/061 ,  H04W12/04031 ,  H04W12/06

摘要： An apparatus for re-keying a mobile terminal in a foreign network includes a processor. The processor is configured to receive, at the apparatus which is physically located in the foreign network, a request for re-keying from the mobile terminal in the foreign network. The processor is also configured to translate the request for transmission to a home network of the mobile terminal and to transmit the translated request to a bootstrapping server function of the home network.

摘要翻译： 用于将外部网络中的移动终端重新键入的装置包括处理器。 处理器被配置为在物理上位于外部网络的设备处接收来自外部网络中的移动终端的重新加密的请求。 所述处理器还被配置为将所述传输请求转换到所述移动终端的归属网络，并将所转换的请求传送到所述家庭网络的引导服务器功能。

公开(公告)号：US20070033296A1

公开(公告)日：2007-02-08

申请号：US11445537

申请日：2006-06-02

申请人： Tat Chan ,  Songly Mu

发明人： Tat Chan ,  Songly Mu

IPC分类号： G06F15/16

CPC分类号： H04B3/542 ,  H04B2203/5408 ,  H04B2203/5441 ,  H04B2203/5445 ,  H04B2203/5466 ,  H04B2203/5479 ,  H04B2203/5483 ,  H04B2203/5491 ,  H04L12/66

摘要： A system for powerline networking. The system has an external data source, which is derived from a world wide networks of computers. A router is coupled to the external data source and coupled to a first datasource connection. A powerline network switch apparatus is coupled to the first datasource connection. The apparatus has a second datasource connection, which is coupled to the first data source connection. The apparatus also has a powerline device coupled to the second datasource connection. Preferably, the powerline device is adapted to receive and transmit information in a first format from the second data source connection and adapted to receive and transmit information in a second format. The apparatus also has a virtual local area network device including a first input/output port and a plurality of second input/output ports. Each of the second input/output ports is numbered from 1 through N, where N is an integer greater than 1. A plurality of modem devices are coupled to the virtual local area network device. The plurality of modem devices are numbered from 1 through N, where each of the plurality of modem devices being coupled respectively to one of the plurality of second input/output ports and where each of the plurality of modem devices also being coupled to one of a plurality of power lines numbered from 1 through N, each of the power lines being capable of communicating information to and from the second data source connection.

摘要翻译： 电力线网络系统。 该系统具有外部数据源，源自全球计算机网络。 路由器耦合到外部数据源并耦合到第一数据源连接。 电力线网络交换设备耦合到第一数据源连接。 该装置具有第二数据源连接，其连接到第一数据源连接。 该装置还具有耦合到第二数据源连接的电力线装置。 优选地，电力线设备适于从第二数据源连接接收和发送以第一格式的信息，并且适于以第二格式接收和发送信息。 该装置还具有包括第一输入/输出端口和多个第二输入/输出端口的虚拟局域网设备。 第二输入/输出端口中的每一个从1到N编号，其中N是大于1的整数。多个调制解调器装置耦合到虚拟局域网设备。 多个调制解调器装置从1到N编号，其中多个调制解调器装置中的每一个分别耦合到多个第二输入/输出端口中的一个，并且多个调制解调器装置中的每一个也耦合到 多个从1到N编号的电力线，每个电力线能够向第二数据源连接传送信息和从第二数据源连接传送信息。

公开(公告)号：US20070026866A1

公开(公告)日：2007-02-01

申请号：US11139449

申请日：2005-05-27

申请人： Govindarajan Krishnamurthi ,  Tat Chan

发明人： Govindarajan Krishnamurthi ,  Tat Chan

IPC分类号： H04Q7/20

CPC分类号： H04W36/14 ,  H04W36/32 ,  H04W64/00 ,  H04W76/16 ,  H04W84/042 ,  H04W84/12 ,  H04W88/06 ,  Y02D70/00 ,  Y02D70/1224 ,  Y02D70/1242 ,  Y02D70/142 ,  Y02D70/144 ,  Y02D70/146 ,  Y02D70/164 ,  Y02D70/168 ,  Y02D70/23

摘要： A mobile node includes first and second communication interfaces for connecting to first and second types of networks, respectively. The mobile node also includes a processor capable of connecting to a first type of network via the first communication interface. The processor can monitor location information from the first type of network, the location information being representative of a geographic area within which the mobile node is currently located and available as a result of the connection to the first type of network. The processor can determine if the mobile node is currently located in an area associated with a second type of network based upon the monitoring of the location information. If so, the processor can turn on the second communication interface, and effectuate a handoff of the mobile node from the first type of network to the second type of network via the second communication interface.

摘要翻译： 移动节点分别包括用于连接到第一和第二类型的网络的第一和第二通信接口。 移动节点还包括能够经由第一通信接口连接到第一类型的网络的处理器。 处理器可以监视来自第一类型的网络的位置信息，位置信息表示作为与第一类型的网络的连接的移动节点当前所在的地理区域和可用的地理区域。 基于对位置信息的监视，处理器可以确定移动节点当前是否位于与第二类型的网络相关联的区域中。 如果是，则处理器可以打开第二通信接口，并且通过第二通信接口实现移动节点从第一类型的网络切换到第二类型的网络。

公开(公告)号：US20060288423A1

公开(公告)日：2006-12-21

申请号：US11236794

申请日：2005-09-28

申请人： Franck Le ,  Tat Chan

发明人： Franck Le ,  Tat Chan

IPC分类号： H04L9/32

CPC分类号： H04L63/0428 ,  H04L63/0471 ,  H04L65/1006 ,  H04L65/1069 ,  H04W12/0013 ,  H04W12/10

摘要： The invention provides media protection of media flows between a network element such as an end point, for instance a mobile user terminal, and another network element over an access network. When media protection is requested, the network element and an intermediate network element such as media proxy establish a connection providing media protection over the access network. An application layer gateway, ALG, may assist in establishing the connection providing media protection by pushing a security association, SA, to the intermediate network element, so as to enable media protection between the network element and the intermediate network element.

摘要翻译： 本发明提供了诸如终端的网络元件（例如，移动用户终端）与接入网络上的另一网络元件之间的媒体流的媒体保护。 当请求媒体保护时，网络元件和媒体代理等中间网元建立通过接入网络提供媒体保护的连接。 应用层网关ALG可以通过将安全关联SA推送到中间网元来协助建立提供媒体保护的连接，以便能够实现网元和中间网元之间的媒体保护。