利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

94 条记录 (耗时 0.024 秒)

    OPERATION OF A SERVING NODE IN A NETWORK
    61.
    发明申请
    OPERATION OF A SERVING NODE IN A NETWORK 有权
    网络中服务节点的运行

    公开(公告)号:US20140369315A1

    公开(公告)日:2014-12-18

    申请号:US14374455

    申请日:2012-04-24

    申请人: Karl Norrman

    发明人: Karl Norrman

    IPC分类号: H04W36/00 H04W12/08 H04L29/06 H04W40/04

    CPC分类号: H04W36/0083 H04L63/1466 H04L63/20 H04L63/205 H04W12/08 H04W12/12 H04W36/0038 H04W36/08 H04W40/04

    摘要: The invention provides a system and method for repairing corrupt security information. At a serving node in a telecommunications network, security capabilities of a terminal are received when the terminal registers with the serving node. The received security capabilities are stored. A path switch request message is received from a target base station following an X2 handover request sent from a source base station to the target base station for handover of the terminal, the path switch request including the security capabilities of the terminal. The serving node determines whether the security capabilities of the terminal stored in the storage medium should be sent to the target base station. If so, the serving node sends the stored security capabilities of the terminal to the target base station for use in reselecting security algorithms to be used in communications between the target base station and terminal following the handover.

    摘要翻译: 本发明提供了修复损坏的安全信息的系统和方法。 在电信网络的服务节点,当终端向服务节点注册时,接收终端的安全能力。 收到的安全功能被存储。 在从源基站发送到目标基站的终端的切换的X2切换请求之后,从目标基站接收到路径切换请求消息,路径切换请求包括终端的安全能力。 服务节点确定存储在存储介质中的终端的安全能力是否应发送到目标基站。 如果是,则服务节点将存储的终端的安全能力发送到目标基站,用于重新选择要在切换后的目标基站和终端之间的通信中使用的安全算法。

    Authenticating a Device in a Network
    62.
    发明申请
    Authenticating a Device in a Network 有权
    验证网络中的设备

    公开(公告)号:US20140053241A1

    公开(公告)日:2014-02-20

    申请号:US14113047

    申请日:2011-04-27

    申请人: Karl Norrman Rolf Blom Mats Näslund

    发明人: Karl Norrman Rolf Blom Mats Näslund

    IPC分类号: H04L29/06

    CPC分类号: H04L63/08 H04L63/062 H04L63/0876 H04L63/20 H04W12/04 H04W12/06

    摘要: There is disclosed a system for authentication of a device in a network by establishing a second security context between the device and a serving network node when a first security context has previously been established, assisted by an authentication server, based on a random value and a secret shared between an identity module associated with the device and the authentication server. First re-use information from the establishment of the first security context is stored at the authentication server and at the device, the first re-use information enabling secure generation of the second security context from the random value and the secret. Second re-use information may be generated or stored at the device. A context regeneration request is generated at the device, the context regeneration request authenticated at least partly based on the secret. The context regeneration request is sent to the serving network node. The context regeneration request is sent from the serving network node to the authentication server. The context regeneration request is verified at the authentication server. The second security context is generated at the authentication server based on at least the secret, the random value, and the first and second re-use information. The second security context is communicated from the authentication server to the serving network node.

    摘要翻译: 公开了一种用于通过基于随机值和由认证服务器辅助的先前建立第一安全上下文而在设备和服务网络节点之间建立第二安全上下文的网络中的设备的认证系统。 在与设备相关联的身份模块和认证服务器之间共享秘密。 来自建立第一安全上下文的第一重新使用信息被存储在认证服务器和设备处,第一重用信息使得能够从随机值和秘密中安全地生成第二安全上下文。 可以在设备处生成或存储第二重用信息。 在设备上生成上下文再生请求,上下文再生请求至少部分地基于秘密进行认证。 上下文再生请求被发送到服务网络节点。 上下文再生请求从服务网络节点发送到认证服务器。 认证服务器验证上下文再生请求。 至少基于秘密,随机值以及第一和第二再利用信息,在认证服务器产生第二安全上下文。 第二安全上下文从认证服务器传送到服务网络节点。

    Identification of a manipulated or defect base station during handover
    63.
    发明授权
    Identification of a manipulated or defect base station during handover 有权
    在切换期间识别被操纵或缺陷基站

    公开(公告)号:US08620267B2

    公开(公告)日:2013-12-31

    申请号:US12922314

    申请日:2008-08-25

    申请人: Karl Norrman Bernard Smeets Rolf Blom

    发明人: Karl Norrman Bernard Smeets Rolf Blom

    IPC分类号: H04M1/66 H04W24/00 H04W36/00

    CPC分类号: H04W36/0083 H04W12/10 H04W12/12 H04W36/34 H04W88/08

    摘要: A method of and arrangement for detecting a manipulated or defect base station of a communication network is disclosed, wherein a target base station, having selected one or more algorithms on the basis of a prioritized algorithm list (PAL) and a UE security capabilities (SCAP), reports UE SCAP related information to a core network node. The core network node having knowledge of the UE SCAP compares this information or parts of this information with the retrieved UE SCAP related information in order to be able to identify a manipulated or defect base station when a comparison fails to match.

    摘要翻译: 公开了一种用于检测通信网络的被操纵或缺陷基站的方法和装置,其中基于优先级算法列表(PAL)和UE安全能力(SCAP)选择了一个或多个算法的目标基站 )向核心网络节点报告UE SCAP相关信息。 具有UE SCAP知识的核心网络节点将该信息或该部分信息与检索到的UE SCAP相关信息进行比较,以便能够在比较不匹配时识别被操纵或缺陷基站。

    Methods and Apparatus for Secure Routing of Data Packets
    65.
    发明申请
    Methods and Apparatus for Secure Routing of Data Packets 失效
    数据包安全路由的方法与装置

    公开(公告)号:US20130124757A1

    公开(公告)日:2013-05-16

    申请号:US13520301

    申请日:2010-01-04

    申请人: Karl Norrman Jukka Ylitalo Mats Näslund Pekka Nikander

    发明人: Karl Norrman Jukka Ylitalo Mats Näslund Pekka Nikander

    IPC分类号: H04L12/56

    CPC分类号: H04L45/00 H04L63/04 H04L63/06

    摘要: Methods and arrangements for supporting a forwarding process in routers when routing data packets through a packet-switched network, by employing hierarchical parameters in which the hops of a predetermined transmission path between a sender and a receiver are encoded. A name server generates and distributes router-associated keys to routers in the network which keys are used for computing the hierarchical parameters.

    摘要翻译: 通过采用编码发送器和接收器之间的预定传输路径的跳的层次参数来支持通过分组交换网络路由数据分组时在路由器中的转发过程的方法和装置。 名称服务器生成并将与路由器相关的密钥分发给网络中用于计算分层参数的密钥的路由器。

    Wireless LAN mobility
    66.
    发明授权
    Wireless LAN mobility 有权
    无线局域网移动性

    公开(公告)号:US08442006B2

    公开(公告)日:2013-05-14

    申请号:US12743694

    申请日:2007-11-23

    申请人: Wassim Haddad Karl Norrman

    发明人: Wassim Haddad Karl Norrman

    IPC分类号: H04W4/00

    CPC分类号: H04L63/0823 H04L63/0807 H04W12/06 H04W36/0011 H04W84/12

    摘要: A method of performing hand-off of a Mobile Node from a previous Access Point to a new Access Point within a WLAN domain, where the previous and new Access Points are connected respectively to previous and new Access Routers. The method comprises, following a MAC authentication exchange between the Mobile Node and the new Access Point, sending a MAC Reassociation Request from the Mobile Node to the New Access Point, forwarding said Reassociation Request to said new Access Router, and sending the Reassociation Request from said new Access Router to said previous Access Router within an IP hand-off request, and authenticating the Reassociation Request at the previous Access Router and initiating the tunnelling of IP packets received at the previous Access Router and destined for said Mobile Node, towards said new Access Router.

    摘要翻译: 执行移动节点从先前接入点切换到WLAN域内的新接入点的方法,其中先前和新的接入点分别连接到先前和新的接入路由器。 该方法包括:在移动节点和新的接入点之间的MAC认证交换之后,从移动节点向新的接入点发送MAC重新关联请求,将所述重新关联请求转发到所述新的接入路由器,并将所述重新关联请求从 在IP切换请求中将所述新的接入路由器表示到所述先前的接入路由器,并且在先前的接入路由器上认证重新发送请求,并且发起在先前的接入路由器接收并发往所述移动节点的IP分组的隧道,朝向所述新的 接入路由器

    Protection of data delivered out-of-order
    67.
    发明授权
    Protection of data delivered out-of-order 有权
    保护无序传送的数据

    公开(公告)号:US08352727B2

    公开(公告)日:2013-01-08

    申请号:US11883052

    申请日:2006-03-09

    申请人: Ta-wei Chen Karl Norrman

    发明人: Ta-wei Chen Karl Norrman

    IPC分类号: H04L29/06

    CPC分类号: H04L47/10 H04L63/0428 H04L63/166 H04L69/14 H04L69/16 H04L69/163 H04L69/165

    摘要: A basic idea of this system is to separate ordered delivery data and unordered delivery data in a security protocol running on top of a reliable transport protocol, and perform a first type of security processing for ordered delivery data and a second different type of security processing for unordered delivery data in the security protocol. Preferably, data messages using ordered delivery and data messages using unordered delivery within a secure data stream are separated into two message sequence spaces on the security protocol layer, and data security processing is then performed differently in these two spaces. This system is particularly suitable for a reliable transport protocol such as SCTP (Stream Control Transmission Protocol). The security protocol running on top of the transport protocol is preferably based on the TLS (Transport Layer Security) or a TLS-like protocol with a security processing extension for unordered delivery.

    摘要翻译: 该系统的基本思想是在可靠传输协议之上运行的安全协议中分离有序传送数据和无序传送数据,并对有序传送数据执行第一类安全处理,并对第二种不同类型的安全处理执行 安全协议中的无序传送数据。 优选地,使用有序传送的数据消息和使用安全数据流内的无序传送的数据消息在安全协议层上分成两个消息序列空间,然后在这两个空间中进行不同的数据安全处理。 该系统特别适用于可靠的传输协议,如SCTP(流控制传输协议)。 运行在传输协议之上的安全协议优选地基于TLS(传输层安全性)或具有用于无序传送的安全处理扩展的类TLS协议。

    Methods and Arrangements for Communication Channel Re-Establishment
    69.
    发明申请
    Methods and Arrangements for Communication Channel Re-Establishment 有权
    沟通渠道重组的方法与安排

    公开(公告)号:US20110269426A1

    公开(公告)日:2011-11-03

    申请号:US13099050

    申请日:2011-05-02

    申请人: Fredrik Hultin Ingrid Viola Nordstrand Karl Norrman

    发明人: Fredrik Hultin Ingrid Viola Nordstrand Karl Norrman

    IPC分类号: H04W12/06

    CPC分类号: H04W12/10 H04L63/123 H04L63/126 H04L63/205 H04W36/0055 H04W76/19 H04W80/02 H04W88/06

    摘要: The present invention relates to Radio Resource Control, RRC Connection re-establishments of unauthenticated calls or sessions between MEs, and one or more eNodeBs. By making use of the Cell Identity of the cell in which a ME having radio connection malfunction resides, in the calculation of a Message Authentication Code for data Integrity, MAC-I a ME unique MAC-I can be calculated which is used for the identification and verification of MEs by a target base station such as a eNodeB, in RRC Connection re-establishment of unauthenticated calls.

    摘要翻译: 本发明涉及无线资源控制,RRC连接重新建立未认证呼叫或ME之间的会话以及一个或多个eNodeB。 通过利用其中具有无线电连接故障的ME的小区的小区标识,在计算数据完整性的消息认证码时,可以计算用于识别的MAC-I ME唯一MAC-1 以及目标基站如eNodeB的ME的验证,在RRC连接中重新建立未认证的呼叫。

    Sending Secure Media Streams
    70.
    发明申请
    Sending Secure Media Streams 有权
    发送安全媒体流

    公开(公告)号:US20110093609A1

    公开(公告)日:2011-04-21

    申请号:US12999178

    申请日:2009-02-20

    申请人: Rolf Blom Yi Cheng John Mattsson Mats Näslund Karl Norrman

    发明人: Rolf Blom Yi Cheng John Mattsson Mats Näslund Karl Norrman

    IPC分类号: G06F15/16

    CPC分类号: H04L65/605 H04L63/0428 H04L65/608

    摘要: A method and apparatus for sending a first secured media stream having a payload via an intermediate node. The intermediate node receives from a sender the first secured media stream. An end-to-end context identifier and a hop-by-hop context identifier are determined for the first secured media stream, where the hop-by-hop context identifier relates to the intermediate node and the end-to-end identifier relates to the sender. A second secured media stream is generated, which includes at least the payload of the first secured media stream and the context identifiers to identify the first secured media stream. The second secured media stream is sent to a receiving node, and the context identifiers are also sent to the receiving node. The context identifiers are usable by the receiving node to recover the first secured media stream.

    摘要翻译: 一种用于经由中间节点发送具有有效载荷的第一安全媒体流的方法和装置。 中间节点从发送器接收第一安全媒体流。 针对第一安全媒体流确定端到端上下文标识符和逐跳上下文标识符,其中逐跳上下文标识符与中间节点相关,并且端到端标识符与 发件人。 生成第二安全媒体流,其包括至少第一安全媒体流的有效载荷和上下文标识符以识别第一安全媒体流。 第二安全媒体流被发送到接收节点,并且上下文标识符也被发送到接收节点。 上下文标识符可由接收节点使用以恢复第一安全媒体流。