-
公开(公告)号:US09225518B2
公开(公告)日:2015-12-29
申请号:US11682516
申请日:2007-03-06
CPC分类号: H04L63/0876 , H04L9/0631 , H04L9/0836 , H04L9/0844 , H04L9/3242 , H04L63/061 , H04L2209/80
摘要: The present invention provides a method of operating a mobile unit in a wireless communication system. Embodiments of the method may include providing access request message(s) including information indicative of a first counter and a message authentication code formed using a first key. The first key is derived from a second key and the first counter. The second key is derived from a third key established for a security session between the mobile unit and an authenticator. The first counter is incremented in response to each access request provided by the mobile unit.
摘要翻译: 本发明提供一种在无线通信系统中操作移动单元的方法。 该方法的实施例可以包括提供包括指示第一计数器的信息和使用第一密钥形成的消息认证码的访问请求消息。 第一个键是从第二个键和第一个计数器派生出来的。 第二个密钥是从为移动单元和认证者之间的安全会话建立的第三个密钥导出的。 响应于由移动单元提供的每个访问请求,第一个计数器递增。
-
52.发明申请Verification Of Integrity Of Peer-Received Content In A Peer-To-Peer Content Distribution System 有权对等内容分发系统中对等接收内容的完整性验证公开(公告)号:US20130104249A1
公开(公告)日:2013-04-25
申请号:US13344985
申请日:2012-01-06
IPC分类号: G06F21/24
CPC分类号: H04L67/1063 , H04L29/06857 , H04L29/06863 , H04L63/08 , H04L63/12
摘要: Structures and methods are disclosed for verifying integrity of peer-supplied content in a peer-to-peer content distribution system, for example, to verify that content supplied from a sending peer node to a receiving peer node corresponds to the content that was requested by the receiving node.
摘要翻译: 公开了用于验证对等内容分发系统中的对等提供的内容的完整性的结构和方法,例如,以验证从发送对等节点提供给接收对等节点的内容对应于由 接收节点。
-
53.发明申请公开(公告)号:US20130072156A1
公开(公告)日:2013-03-21
申请号:US13237032
申请日:2011-09-20
摘要: Techniques include, in response to a first communication network of a hybrid communication system being aware of a potential for a mismatch of reported authentication parameters associated with a second communication network of the hybrid communication system, wherein the first communication network is used to transport the reported authentication parameters to the second communication network, the first communication network preventing the mismatch of the reported authentication parameters. In one example, the first communication network is an LTE network and the second communication network is a CDMA2000 network.
摘要翻译: 技术包括响应于混合通信系统的第一通信网络,其意识到与混合通信系统的第二通信网络相关联的所报告的认证参数不匹配的可能性,其中第一通信网络用于传送所报告的 认证参数到第二通信网络,第一通信网络防止报告的认证参数的不匹配。 在一个示例中,第一通信网络是LTE网络,第二通信网络是CDMA2000网络。
-
公开(公告)号:US20120272064A1
公开(公告)日:2012-10-25
申请号:US13097184
申请日:2011-04-29
IPC分类号: H04L9/32
CPC分类号: H04L9/0894 , H04L63/061 , H04L63/0869 , H04L63/306
摘要: Techniques are disclosed for discovering security associations formed in communication environments. For example, a method for forming a discoverable security association between a first computing device (e.g., a first client) and a second computing device (e.g., a second client) comprises the following steps. The first computing device is provided with a seed that is used by the first computing device to generate a secret that is used by the first computing device to compute a key for use in securing communications with the second computing device. The secret is re-computable based on knowledge of the seed and the key is re-computable based on knowledge of the secret such that a third computing device (e.g., an intercepting server) can use the re-computed key to intercept communications between the first computing device and the second computing device unbeknownst to the first computing device and the second computing device. By way of example, the key may be a result of an identity based authenticated key exchange.
摘要翻译: 公开了用于发现在通信环境中形成的安全关联的技术。 例如,用于在第一计算设备(例如,第一客户端)和第二计算设备(例如,第二客户端)之间形成可发现的安全关联的方法包括以下步骤。 第一计算设备被提供有种子,该种子由第一计算设备用于生成由第一计算设备用于计算密钥以用于保护与第二计算设备的通信的密钥。 基于种子的知识可以重新计算秘密,并且基于秘密的知识可以重新计算密钥,使得第三计算设备(例如,拦截服务器)可以使用重新计算的密钥来拦截 第一计算设备和第二计算设备不受第一计算设备和第二计算设备的影响。 作为示例,密钥可以是基于身份的认证密钥交换的结果。
-
公开(公告)号:US20110107085A1
公开(公告)日:2011-05-05
申请号:US12655842
申请日:2010-01-08
申请人: Semyon B. Mizikovsky
发明人: Semyon B. Mizikovsky
IPC分类号: H04L29/06
CPC分类号: H04W12/12 , H04L63/0892 , H04L63/123 , H04W12/06
摘要: A method is provided for Authenticator Relocation in a communication system applying an Extensible Authentication Protocol, or the like, which provides replay protection and mitigates the rogue ASN-GW problem during relocation of the Anchor Authentication, and without conducting re-authentication of the MS. The method of the invention optionally allows secure refresh of the MSK.
摘要翻译: 在应用可扩展认证协议等的通信系统中提供用于认证器重定位的方法,其提供重放保护并且在锚定认证重新定位期间减轻流氓ASN-GW问题,并且不进行MS的重新认证。 本发明的方法可选地允许MSK的安全刷新。
-
56.发明申请公开(公告)号:US20090233578A1
公开(公告)日:2009-09-17
申请号:US12076176
申请日:2008-03-14
IPC分类号: H04M3/16
CPC分类号: H04L63/062 , H04L63/068 , H04W12/04 , H04W84/12
摘要: Methods for dynamic management of security associations in a network are provided. According to one method, a security key management entity determines whether to apply a new security key as an active security key based on an existing active security key. Each of the new security key and the existing active security key are associated with a same home agent, and the existing active security key serves as a basis for an existing security association between the home agent and at least one other network element.
摘要翻译: 提供了网络中安全关联的动态管理方法。 根据一种方法,安全密钥管理实体基于现有的主动安全密钥来确定是否应用新的安全密钥作为主动安全密钥。 新的安全密钥和现有的主动安全密钥中的每个与相同的归属代理相关联,并且现有的主动安全密钥用作归属代理和至少一个其他网络元件之间的现有安全关联的基础。
-
57.发明申请公开(公告)号:US20080059792A1
公开(公告)日:2008-03-06
申请号:US11740152
申请日:2007-04-25
CPC分类号: H04L9/321 , H04L63/0892 , H04L2209/76 , H04L2209/80 , H04W12/04 , H04W12/06 , H04W80/04
摘要: The present invention provides a method involving a mobile node, a home agent, and an authentication server in a wireless communication system. The method includes generating, at the authentication server, a first security key that indicates a secure association between the home agent and the mobile node based on a second security key that indicates a secure association between the mobile node and the authentication server. The method also includes generating, at the authentication server, at least one first index associated with the first security key. The first index is also generated by the mobile node. The method also includes storing, at the authentication server, the first index and the first security key.
摘要翻译: 本发明提供一种在无线通信系统中涉及移动节点,归属代理和认证服务器的方法。 该方法包括在认证服务器处基于指示移动节点和认证服务器之间的安全关联的第二安全密钥,生成指示归属代理和移动节点之间的安全关联的第一安全密钥。 该方法还包括在认证服务器处生成与第一安全密钥相关联的至少一个第一索引。 第一个索引也是由移动节点生成的。 该方法还包括在认证服务器处存储第一索引和第一安全密钥。
-
公开(公告)号:US07200750B1
公开(公告)日:2007-04-03
申请号:US09662580
申请日:2000-09-15
IPC分类号: H04L9/00
CPC分类号: H04W12/04 , H04L63/061 , H04L63/18 , H04L2463/062
摘要: A first communication network is used to securely communicate a key that is used for communications over a different network. In one embodiment, a CDMA network is used to securely communicate a key that is used for communications in a data network. The key used in the data network may be used for authentication and/or enciphering or encryption.
摘要翻译: 第一通信网络用于安全地传送用于通过不同网络进行通信的密钥。 在一个实施例中,使用CDMA网络来安全地传送用于数据网络中的通信的密钥。 在数据网络中使用的密钥可用于认证和/或加密或加密。
-
公开(公告)号:US07023998B2
公开(公告)日:2006-04-04
申请号:US09823042
申请日:2001-03-30
IPC分类号: H04L9/00
CPC分类号: G06F21/602 , G06F2221/2107 , H04L9/0827 , H04L9/0891 , H04L2209/60
摘要: A method and apparatus enhancing the security of an encrypted cryptographic key by storing its key re-transforming information in a decryption store that is separate from a cryptographic key store, which stores the encrypted cryptographic key, from which accessing circuitry is able to access the encrypted cryptographic key. The cryptographic key store may be a disk drive of a computer, the decryption store may be a network access card installed in that computer or a mobile terminal coupled to that computer, and the accessing circuitry may be the computer's controller. Decryption of the encrypted cryptographic key is carried out in the decryption store, as is the subsequent encryption or decryption using the decrypted cryptographic key. The accessing circuitry communicates with the decryption store exclusively via a predetermined interface, where the interface does not allow the accessing circuitry access to the cryptographic key and to at least a portion of the key re-transforming information from the decryption store. Thus, the encrypted cryptographic key can be stored relatively insecurely; while the security of the cryptographic key is maintained at a very high level because there is no native capability for the computer to randomly read information from the network access card or the mobile terminal.
-
60.发明授权Method for transmitting a displayable message to a short message entity in more than one data package 失效用于在多于一个数据包中向短消息实体发送可显示消息的方法公开(公告)号:US06868274B1
公开(公告)日:2005-03-15
申请号:US09541301
申请日:2000-04-03
CPC分类号: H04W4/14 , H04W28/14 , H04W88/184
摘要: A system (100) that is capable of transmitting a displayable message to a short message entity (102, 104 or 105) in more than one data package over a conveying network. The system (100) uses a capacity determiner (206) to determine a capacity of the conveying network for transmitting data. Based on this capacity of the conveying network, a fragmenter (204) divides the displayable message into fragments at an application protocol layer. The size of a fragment does not exceed the capacity of the conveying network. Finally, a packager (208) packages the fragments into data packages. The data packages are operable to be separately transmitted by a short message service over the conveying network. The data packages may include a reference parameter corresponding to the position of the fragment in the displayable message. Further, a reference parameter may indicate the total size of the displayable message being fragmented and packaged. When all of the fragments of the displayable message are received at the terminating short message entity (102, 104 or 105), a fragment retriever (304) retrieves the fragments. A message reconstructer (306) reconstructs the displayable message. The displayable message is then passed to a disposing device (308).
摘要翻译: 一种能够通过传送网络在多于一个数据包中向短消息实体(102,104或105)发送可显示消息的系统(100)。 系统(100)使用容量确定器(206)来确定用于传输数据的传送网络的容量。 基于传送网络的容量,分片器(204)将可显示消息划分为应用协议层的片段。 片段的大小不超过传输网络的容量。 最后,包装商(208)将片段打包成数据包。 数据包可操作以通过传送网络上的短消息服务分开发送。 数据包可以包括与可显示消息中的片段的位置相对应的参考参数。 此外,参考参数可以指示被分段和打包的可显示消息的总大小。 当所述可显示消息的所有片段在终止短消息实体(102,104或105)处被接收时,片段检索器(304)检索片段。 消息重构器(306)重构可显示消息。 然后可显示的消息被传递到处理设备(308)。
-
-
-
-
-
-
-
-
-
搜索结果
67 条记录 (耗时 0.026 秒)
