利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

60 条记录 (耗时 0.036 秒)

    Kerberized handover keying
    41.
    发明授权
    Kerberized handover keying 有权
    Kerberized切换密钥

    公开(公告)号:US08332923B2

    公开(公告)日:2012-12-11

    申请号:US11972450

    申请日:2008-01-10

    申请人: Yoshihiro Oba Subir Das

    发明人: Yoshihiro Oba Subir Das

    IPC分类号: H04L29/04

    CPC分类号: H04W12/06 H04L63/062 H04L63/0807 H04L63/162 H04W8/005 H04W12/04 H04W36/005 H04W36/12

    摘要: A media-independent handover key management architecture is disclosed that uses Kerberos for secure key distribution among a server, an authenticator, and a mobile node. In the preferred embodiments, signaling for key distribution is based on re-keying and is decoupled from re-authentication that requires EAP (Extensible Authentication Protocol) and AAA (Authentication, Authorization and Accounting) signaling similar to initial network access authentication. In this framework, the mobile node is able to obtain master session keys required for dynamically establishing the security associations with a set of authenticators without communicating with them before handover. By separating re-key operation from re-authentication, the proposed architecture is more optimized for a proactive mode of operation. It can also be optimized for reactive mode of operation by reversing the key distribution roles between the mobile node and the target access node.

    摘要翻译: 公开了一种媒体独立的切换密钥管理架构,其使用Kerberos在服务器,认证器和移动节点之间进行安全密钥分发。 在优选实施例中,用于密钥分发的信令基于重新键入,并且与需要与初始网络接入认证相似的EAP(可扩展认证协议)和AAA(认证,授权和计费)信令的再认证解耦。 在该框架中,移动节点能够获得主动会话密钥,用于在切换之前与一组认证者动态建立安全关联,而不与其进行通信。 通过将重新键入操作与重新认证分离,所提出的架构针对主动操作模式进行了更优化。 还可以通过反转移动节点和目标接入节点之间的密钥分发角色来优化用于反应的操作模式。

    System and Method for Group Communications in 3GPP Machine-to-Machine Networks
    42.
    发明申请
    System and Method for Group Communications in 3GPP Machine-to-Machine Networks 审中-公开
    3GPP机器到机器网络中的组通信的系统和方法

    公开(公告)号:US20120296968A1

    公开(公告)日:2012-11-22

    申请号:US13365847

    申请日:2012-02-03

    申请人: Fuchun Joseph Lin Ming-Yee Lai Subir Das Jyh-Cheng Chen

    发明人: Fuchun Joseph Lin Ming-Yee Lai Subir Das Jyh-Cheng Chen

    IPC分类号: G06F15/16

    CPC分类号: H04L61/103 H04L61/2069 H04W4/70 H04W8/02 H04W8/26 H04W60/04

    摘要: An inventive system and method for group communication among devices in M2M networks comprises associating one or more of the devices with a gateway having a unique identifier, initiating registration of the devices at an M2M network using the unique identifier of the gateway, providing from the network a temporary identifier to the gateway and associating, in the network, the temporary identifier with the gateway, attaching the devices to the network using the temporary identifier, and communicating information between the network and the device through the gateway. In one aspect, the devices can be classified into sub-groups and each sub-group has a sub-group head that can be attached to the gateway so that the devices can communicate with the network through the sub-group head instead of the gateway. Each sub-group can be associated with a unique temporary identifier, in addition to the temporary identifier associated with the gateway.

    摘要翻译: 用于M2M网络中的设备之间的群组通信的创新系统和方法包括将一个或多个设备与具有唯一标识符的网关相关联,使用网关的唯一标识符在M2M网络上发起设备的注册,从网络提供 网关的临时标识符,并将临时标识符与网关相关联,使用临时标识符将设备附加到网络,以及通过网关在网络和设备之间传送信息。 在一个方面,设备可以分为子组,每个子组都有一个可以连接到网关的子组头,使得设备可以通过子组头而不是网关与网络进行通信 。 除了与网关相关联的临时标识符之外,每个子组可以与唯一的临时标识符相关联。

    MIH pre-authentication
    45.
    发明授权
    MIH pre-authentication 有权
    MIH预认证

    公开(公告)号:US08036176B2

    公开(公告)日:2011-10-11

    申请号:US12135194

    申请日:2008-06-08

    申请人: Yoshihiro Oba Subir Das

    发明人: Yoshihiro Oba Subir Das

    IPC分类号: H04Q7/00

    CPC分类号: H04W12/06 H04L63/0823 H04W36/0011 H04W36/005 H04W60/005

    摘要: A system and method for performing MIH pre-authentication, which includes providing support for both direct and/or indirect pre-authentication and providing support for both network-initiated and mobile-initiated pre-authentication.

    摘要翻译: 一种用于执行MIH预认证的系统和方法,其包括为直接和/或间接预认证提供支持,并且为网络启动和移动发起的预认证提供支持。

    Security optimization for IMS/MMD architecture
    46.
    发明申请
    Security optimization for IMS/MMD architecture 有权
    IMS / MMD架构的安全优化

    公开(公告)号:US20080072310A1

    公开(公告)日:2008-03-20

    申请号:US11900619

    申请日:2007-09-11

    申请人: Ashutosh Dutta Abhrajit Ghosh Subir Das Joesph Lin Kyriakos Manousakis Dana Chee Tsunehiko Chiba Hidetoshi Yokota Akira Idoue

    发明人: Ashutosh Dutta Abhrajit Ghosh Subir Das Joesph Lin Kyriakos Manousakis Dana Chee Tsunehiko Chiba Hidetoshi Yokota Akira Idoue

    IPC分类号: H04L9/00

    CPC分类号: H04W36/0038 H04L63/0272 H04L63/164 H04L65/1016 H04W12/02 H04W12/04

    摘要: A mechanism by which handoff delay can be minimized while not compromising the IMS/MMD security and also protecting the media if required by certain applications is presented. Methods for mitigating delay during SA re-association and mitigating the IPSec tunnel overhead for signaling and media at the Mobile Node are given. In one embodiment, SA keys can be transferred from the old P-CSCF to new P-CSCF, enabling the establishment of SAs before Mobile Node physically moves to the new subnet in a network. Proactive handover is used. In another embodiment, SA keys are transferred from S-CSCF to new P-CSCF. In this case, the SA keys are transferred to the new P-CSCF by S-CSCF through a context transfer mechanism well in advance so that SAs may be established before Mobile Node physically moves to new subnet. In another embodiment, methods for mitigating IPSec tunnel overhead are presented.

    摘要翻译: 呈现切换延迟最小化的机制,同时不影响IMS / MMD安全性,并且在某些应用需要时还可以保护媒体。 给出了在SA重新关联过程中减轻延迟并减轻移动节点上用于信令和媒体的IPSec隧道开销的方法。 在一个实施例中,SA密钥可以从旧的P-CSCF传送到新的P-CSCF,使得能够在移动节点物理移动到网络中的新子网之前建立SA。 使用主动切换。 在另一实施例中,SA密钥从S-CSCF传送到新的P-CSCF。 在这种情况下,SA密钥由S-CSCF通过上下文传送机制预先传送到新的P-CSCF,以便SA可以在移动节点物理移动到新的子网之前被建立。 在另一个实施例中,提出了用于减轻IPSec隧道开销的方法。

    SECURE ISOLATION AND RECOVERY IN WIRELESS NETWORKS
    47.
    发明申请
    SECURE ISOLATION AND RECOVERY IN WIRELESS NETWORKS 有权
    在无线网络中的安全隔离和恢复

    公开(公告)号:US20060236391A1

    公开(公告)日:2006-10-19

    申请号:US11161739

    申请日:2005-08-15

    申请人: Byungsuk Kim Farooq Anjum Subir Das Praveen Gopalakrishnan Latha Kant

    发明人: Byungsuk Kim Farooq Anjum Subir Das Praveen Gopalakrishnan Latha Kant

    IPC分类号: G06F12/14

    CPC分类号: H04L63/1408 H04L63/1466

    摘要: The present invention, among other things, obviates the effects of an attack on a wireless network through appropriate isolation and recovery. An aspect of the present invention can include a system and method of isolating a victim of malicious behavior in a wireless access network, and in particular WLAN networks. By having software on the victim's device, the system provides the capability of recovering the victim from the effects of the intruder, and prevents the victim from being affected by subsequent attacks by the intruder. The preferred embodiments include two key components: a local monitor and a global monitor.

    摘要翻译: 本发明尤其是通过适当的隔离和恢复来消除对无线网络的攻击的影响。 本发明的一个方面可以包括在无线接入网络,特别是WLAN网络中分离恶意行为的受害者的系统和方法。 通过在受害者的设备上使用软件,系统提供从入侵者的效果中恢复受害者的能力,并防止受害者受到入侵者后续攻击的影响。 优选实施例包括两个关键组件:本地监视器和全局监视器。

    Telecommunication enhanced mobile IP architecture for intra-domain mobility
    48.
    发明授权
    Telecommunication enhanced mobile IP architecture for intra-domain mobility 有权
    电信增强的移动IP架构,用于域内移动性

    公开(公告)号:US06992995B2

    公开(公告)日:2006-01-31

    申请号:US09834237

    申请日:2001-04-12

    申请人: Prathima Agrawal Subir Das Sajal Das Archan Misra

    发明人: Prathima Agrawal Subir Das Sajal Das Archan Misra

    IPC分类号: H04Q7/00

    CPC分类号: H04W8/085 H04W80/04

    摘要: Methods and systems are provided for facilitating intra-domain mobility. A first network or domain includes a home agent or SIP proxy of a mobile node. A second network includes two or more subnetworks and at least one mobility agent (MA). Each subnetwork includes an associated subnet agent. To communicate, the mobile node first registers with a subnet agent, receives a local care-of-address and a global care-of-address, and then registers with an MA. The mobile node may then provide the global care-of-address to the home agent. The local care-of-address may enable communication with the mobile node without determining a specific route to the mobile node. The global care-of-address received from the subnet agent may include the address of the MA. Accordingly, the mobile node may transition from any of the subnetworks to another subnetwork without communicating to the home agent information about the transition and without communicating to the MA information about a security association between the mobile node and the home agent.

    摘要翻译: 提供方法和系统以促进域内迁移。 第一网络或域包括移动节点的归属代理或SIP代理。 第二网络包括两个或多个子网络和至少一个移动性代理(MA)。 每个子网包括相关联的子网代理。 为了通信,移动节点首先向子网代理注册,接收地址转交地址和全局转交地址,然后向MA注册。 然后,移动节点可以向归属代理提供全局转交地址。 本地转交地址可以实现与移动节点的通信,而无需确定到移动节点的特定路由。 从子网代理接收到的全局转交地址可能包括MA的地址。 因此,移动节点可以从任何子网转换到另一个子网,而不需要与归属代理相关的关于转换的信息进行通信,并且不与移动节点和归属代理之间的安全关联的MA信息通信。

    Method and system for dynamic registration and configuration protocol
    49.
    发明授权
    Method and system for dynamic registration and configuration protocol 有权
    动态注册和配置协议的方法和系统

    公开(公告)号:US06799204B1

    公开(公告)日:2004-09-28

    申请号:US09693015

    申请日:2000-10-20

    申请人: Shinichi Baba Subir Das Anthony McAuley Yasuro Shobatake

    发明人: Shinichi Baba Subir Das Anthony McAuley Yasuro Shobatake

    IPC分类号: G06F1516

    CPC分类号: H04L61/2015 H04L29/12311 H04L61/2084 H04W8/26 H04W80/04

    摘要: The Dynamic Registration and Configuration Protocol (DRCP) provides a framework for registering and passing configuration information to roaming mobile hosts. DRCP is compatible with DHCP can switch to using DHCP protocol if only DHCP servers are present in the network. Most importantly, DRCP allows rapid configuration by moving address consistency checking from the critical path. Other novel features of DRCP allow: a) clients to know when to get a new address independent of the layer-2 access technology, b) efficient use of scarce wireless bandwidth, c) clients to be routers, d) dynamic addition or deletion of address pools to any DRCP node, and e) message exchange without broadcast.

    摘要翻译: 动态注册和配置协议(DRCP)提供了一个框架,用于注册和传递配置信息到漫游的移动主机。 如果只有DHCP服务器存在于网络中,则DRCP与DHCP兼容可切换到使用DHCP协议。 最重要的是,通过从关键路径移动地址一致性检查,DRCP允许快速配置。 DRCP的其他新颖特征允许:a)客户端知道何时获得独立于第2层接入技术的新地址,b)有效利用稀缺的无线带宽,c)客户端作为路由器,d)动态添加或删除 地址池到任何DRCP节点,e)消息交换,无需广播。