-
61.发明授权Methods and apparatuses generating a radio base station key in a cellular radio system 有权在蜂窝无线电系统中生成无线基站密钥的方法和装置公开(公告)号:US09232390B2
公开(公告)日:2016-01-05
申请号:US12746879
申请日:2008-07-01
申请人: Rolf Blom , Magnus Lindstrom , Karl Norrman
发明人: Rolf Blom , Magnus Lindstrom , Karl Norrman
CPC分类号: H04W12/04 , H04J11/0069 , H04L9/0656 , H04L2463/061 , H04W88/08
摘要: In a method and a system for providing secure communication in a cellular radio system radio base station key is generated by determining a set of data bits known to both the UE and the radio base station, and creating the radio base station key in response to the determined set of data.
摘要翻译: 在用于在蜂窝无线电系统中提供安全通信的方法和系统中,通过确定UE和无线电基站已知的一组数据比特来生成无线基站密钥,并响应于该无线基站密钥创建无线基站密钥 确定的数据集。
-
公开(公告)号:US20130291071A1
公开(公告)日:2013-10-31
申请号:US13979476
申请日:2011-07-19
申请人: Rolf Blom , Mats Näslund , Karl Norrman
发明人: Rolf Blom , Mats Näslund , Karl Norrman
IPC分类号: H04L29/06
CPC分类号: H04L63/08 , H04L9/0833 , H04L9/321 , H04L9/3271 , H04L63/104 , H04L63/107 , H04L2209/80 , H04W4/70 , H04W12/06
摘要: According to an aspect of the present invention there is provided a method of operating a communication device, the communication device being part of a group comprising two or more communication devices that share a subscription to a communication network. The method comprises receiving a group authentication challenge from the network, at least part of the group authentication challenge having been generated using group authentication information that is associated with the shared subscription. The device then generates a device specific response to the group authentication challenge using the group authentication information and device specific authentication information and sends the device specific response to the network. The device is for example a member of a machine-type communication device group.
摘要翻译: 根据本发明的一个方面,提供了一种操作通信设备的方法,所述通信设备是包括共享对通信网络的订阅的两个或更多个通信设备的组的一部分。 该方法包括从网络接收组认证挑战,使用与共享订阅相关联的组认证信息已经生成了组认证挑战的至少一部分。 然后,该设备使用组认证信息和设备特定认证信息生成对组认证挑战的设备特定响应,并将设备特定响应发送到网络。 该设备例如是机器型通信设备组的成员。
-
公开(公告)号:US20120166802A1
公开(公告)日:2012-06-28
申请号:US13348343
申请日:2012-01-11
申请人: Rolf BLOM , Karl Norrman
发明人: Rolf BLOM , Karl Norrman
IPC分类号: H04L9/32
CPC分类号: H04W12/04 , H04L9/0841 , H04L9/3271 , H04L63/0435 , H04L63/062 , H04L67/26 , H04L2209/56 , H04L2209/80 , H04W84/042
摘要: A method for establishing a security association between a client and a service node for the purpose of pushing information from the service node to the client, where the client and a key server share a base secret. The method comprises sending a request for generation and provision of a service key from the service node to a key server, the request identifying the client and the service node, generating a service key at the key server using the identities of the client and the service node, the base secret, and additional information, and sending the service key to the service node together with said additional information, forwarding said additional information from the service node to the client, and at the client, generating said service key using the received additional information and the base key. A similar approach may be used to provide p2p key management.
摘要翻译: 一种用于在客户机和服务节点之间建立安全关联以便将信息从服务节点推送到客户端的方法,其中客户端和密钥服务器共享基本秘密。 该方法包括从服务节点向密钥服务器发送生成和提供服务密钥的请求,所述请求标识客户端和服务节点,使用客户端和服务的身份在密钥服务器生成服务密钥 节点,基本秘密和附加信息,以及将服务密钥与所述附加信息一起发送到服务节点,将所述附加信息从服务节点转发到客户端,并且在客户端处,使用接收到的附加信息生成所述服务密钥 信息和基本键。 可以使用类似的方法来提供p2p密钥管理。
-
公开(公告)号:US20120254997A1
公开(公告)日:2012-10-04
申请号:US13177385
申请日:2011-07-06
IPC分类号: G06F12/14
CPC分类号: H04L63/14 , H04L63/1466 , H04L63/168 , H04L67/02 , H04L67/14 , H04L2463/061 , H04W12/04
摘要: Methods and apparatuses in a client terminal (400) and a web server (402) for enabling safe communication between said terminal and server. When the terminal obtains a web page from the server in a session, the terminal creates a context-specific key, Ks_NAF′, based on one or more context parameters, P1, . . . Pn, pertaining to said session and/or web page. The terminal then indicates the context-specific key in a login request to the server, and the server determines a context-specific key, Ks_NAF′, in the same manner to verify the client if the context-specific key determined in the web server matches the context-specific key received from the client terminal. The context-specific key is thus bound to and valid for the present context or session only and cannot be used in other contexts or sessions.
摘要翻译: 客户终端(400)和网络服务器(402)中的方法和装置,用于使所述终端和服务器之间能够进行安全通信。 当终端在会话中从服务器获得网页时,终端基于一个或多个上下文参数P1创建上下文特定密钥Ks_NAF'。 。 。 Pn,涉及所述会话和/或网页。 终端然后在向服务器的登录请求中指示上下文特定密钥,并且服务器以相同的方式确定上下文特定密钥Ks_NAF',以验证客户端,如果在web服务器中确定的上下文特定密钥匹配 从客户终端接收到的上下文相关密钥。 因此,上下文特定的密钥被绑定到并且仅对于当前上下文或会话有效,并且不能在其他上下文或会话中使用。
-
公开(公告)号:US09467433B2
公开(公告)日:2016-10-11
申请号:US14130166
申请日:2012-06-14
CPC分类号: H04L63/08 , H04L63/123 , H04W4/90 , H04W12/10
摘要: There is described herein a device (101) for communicating with a network. The device (101) comprises a communications unit for receiving data, a notification device for providing a notification to a user, and a control unit for controlling the operation of the communications unit and notification unit. The communications unit is configured to receive an information message (110, 112, 115), and to receive security authentication data (110, 112, 115) associated with the information message if such security authentication data is available. The control unit is configured to operate in a first or second configuration. In the first configuration it ignores the security authentication data, (111, 113), and instructs the notification unit to convey the notification to the user. In the second configuration, it verifies the information message (116) on the basis of the security authentication data and instructs the notification unit to convey the notification to the user if the verification is successful. The communications unit is configured to receive a configuration message (114) indicating the configuration in which the control unit should operate, and the control unit is configured to change configuration if the indicated configuration is different to the current configuration.
摘要翻译: 这里描述了用于与网络通信的设备(101)。 设备(101)包括用于接收数据的通信单元,用于向用户提供通知的通知装置,以及用于控制通信单元和通知单元的操作的控制单元。 通信单元被配置为接收信息消息(110,112,115),并且如果这种安全认证数据可用,则接收与该信息消息相关联的安全认证数据(110,112,115)。 控制单元被配置为以第一或第二配置操作。 在第一配置中,它忽略安全认证数据(111,113),并指示通知单元向用户传达通知。 在第二配置中,它根据安全认证数据来验证信息消息(116),并且如果验证成功则指示通知单元向用户传达该通知。 通信单元被配置为接收指示控制单元应该运行的配置的配置消息(114),并且如果所指示的配置与当前配置不同,则配置控制单元来改变配置。
-
公开(公告)号:US08903095B2
公开(公告)日:2014-12-02
申请号:US13177385
申请日:2011-07-06
CPC分类号: H04L63/14 , H04L63/1466 , H04L63/168 , H04L67/02 , H04L67/14 , H04L2463/061 , H04W12/04
摘要: Methods and apparatuses in a client terminal (400) and a web server (402) for enabling safe communication between said terminal and server. When the terminal obtains a web page from the server in a session, the terminal creates a context-specific key, Ks_NAF′, based on one or more context parameters, P1, . . . Pn, pertaining to said session and/or web page. The terminal then indicates the context-specific key in a login request to the server, and the server determines a context-specific key, Ks_NAF′, in the same manner to verify the client if the context-specific key determined in the web server matches the context-specific key received from the client terminal. The context-specific key is thus bound to and valid for the present context or session only and cannot be used in other contexts or sessions.
摘要翻译: 客户终端(400)和网络服务器(402)中的方法和装置,用于使所述终端和服务器之间能够进行安全通信。 当终端在会话中从服务器获得网页时,终端基于一个或多个上下文参数P1创建上下文特定密钥Ks_NAF'。 。 。 Pn,涉及所述会话和/或网页。 终端然后在向服务器的登录请求中指示上下文特定密钥,并且服务器以相同的方式确定上下文特定密钥Ks_NAF',以验证客户端,如果在web服务器中确定的上下文特定密钥匹配 从客户终端接收到的上下文相关密钥。 因此,上下文特定的密钥被绑定到并且仅对于当前上下文或会话有效,并且不能在其他上下文或会话中使用。
-
67.发明授权公开(公告)号:US08417952B2
公开(公告)日:2013-04-09
申请号:US12809125
申请日:2007-12-19
申请人: Yi Cheng , Luis Barriga , Karl Norrman
发明人: Yi Cheng , Luis Barriga , Karl Norrman
IPC分类号: H04L9/32
CPC分类号: H04W12/08 , G06F21/10 , G06F2221/0717 , H04L2463/101
摘要: The present invention relates to a method and an operator network node for enabling a user-defined DRM domain of *SIMs hosted by *SIM-enabled devices. The operator network node is connectable to a *SIM based device and to a content provider node, and comprises means for establishing a secure channel between a *SIM-based device and an operator network node, means for creating a DRM domain defined by at least one user of *SIM-based devices, means for receiving at the operator network node a registration request from the *SIM-based device to register the *SIM of the *SIM-based device into the created user-defined DRM domain, means for registering at the operator network node the *SIM of the *SIM-based device into the registered user-defined DRM domain, and means for making the registered information associated with the user-defined DRM domain available to the content provider. The invention also relates to a further method and the content provider comprising means for accessing in the operator network node registered information associated with a registered user-defined DRM domain comprising *SIMs of a user, and means for establishing a content provider defined DRM domain comprising at least one of the *SIMs of the user-defined DRM domain.
摘要翻译: 本发明涉及一种方法和运营商网络节点,用于启用由启用SIM的设备主持的* SIM的用户定义的DRM域。 运营商网络节点可连接到基于* SIM的设备和内容提供商节点,并且包括用于在基于* SIM的设备和运营商网络节点之间建立安全信道的装置,用于创建至少定义的DRM域的装置 用于基于SIM的设备的一个用户,用于在所述运营商网络节点处接收来自所述基于* SIM的设备的注册请求以将所述基于* SIM的设备的* SIM注册到所创建的用户定义的DRM域中的装置, 在运营商网络节点将基于* SIM的设备的* SIM注册到注册的用户定义的DRM域中,以及用于使与用户定义的DRM域相关联的注册信息可用于内容提供商的装置。 本发明还涉及一种另外的方法和内容提供器,其包括用于在运营商网络节点中访问与包括用户的SIM的注册用户定义的DRM域相关联的注册信息的装置,以及用于建立内容提供商定义的DRM域的装置,包括 用户定义的DRM域的* SIM中的至少一个。
-
公开(公告)号:US08078733B2
公开(公告)日:2011-12-13
申请号:US11661550
申请日:2006-02-24
申请人: Bo Åström , Ignacio Más Ivars , Hans Carlsson , Yi Cheng , Karl Norrman
发明人: Bo Åström , Ignacio Más Ivars , Hans Carlsson , Yi Cheng , Karl Norrman
IPC分类号: G06F15/16
CPC分类号: H04L29/06027 , H04L65/1006 , H04L65/1016 , H04L65/1063 , H04L65/1069 , H04L65/1073 , H04L65/80
摘要: An IMS-enabled control channel for an IPTV service is provided by receiving at a Serving Call/State Control Function (S-CSCF) a Session Initiation Protocol (SIP) REGISTER message, the SIP REGISTER message identifying the originating user, receiving at the originating user a response from the S-CSCF indicating that the originating user has been authorized, and sending a SIP INVITE message from the S-CSCF to establish an open channel connection with a selected IPTV Application Server (AS). This open channel connection can then be used for the transmission of control messages, such as for starting play, starting recording, stopping play, etc., between the STB and the IPTV applications server, as well as for the delivery of personalized content, such as advertisements, voting responses, personalized voting triggers and targeted interactive events. By maintaining an open control channel with the IPTV AS, this offers a substantial reduction in the setup delay times for different applications.
摘要翻译: 通过在服务呼叫/状态控制功能(S-CSCF)处接收会话发起协议(SIP)REGISTER消息,识别始发用户的SIP REGISTER消息,以始发方式接收来提供用于IPTV服务的启用IMS的控制信道 用户从S-CSCF收到指示发起用户已被授权的响应,并从S-CSCF发送SIP INVITE消息,以建立与选定的IPTV应用服务器(AS)的开放信道连接。 然后,该开放通道连接可以用于控制消息的传输,例如在STB和IPTV应用服务器之间的开始播放,开始记录,停止播放等,以及用于传送个性化内容,诸如 作为广告,投票回复,个性化投票触发器和有针对性的交互式活动。 通过与IPTV AS保持开放的控制信道,这大大减少了不同应用的建立延迟时间。
-
公开(公告)号:US20100281262A1
公开(公告)日:2010-11-04
申请号:US12809125
申请日:2007-12-19
申请人: Yi Cheng , Luis Barriga , Karl Norrman
发明人: Yi Cheng , Luis Barriga , Karl Norrman
CPC分类号: H04W12/08 , G06F21/10 , G06F2221/0717 , H04L2463/101
摘要: The present invention relates to a method and an operator network node for enabling a user-defined DRM domain of *SIMs hosted by *SIM-enabled devices. The operator network node is connectable to a *SIM based device and to a content provider node, and comprises means for establishing a secure channel between a *SIM-based device and an operator network node, means for creating a DRM domain defined by at least one user of *SIM-based devices, means for receiving at the operator network node a registration request from the *SIM-based device to register the *SIM of the *SIM-based device into the created user-defined DRM domain, means for registering at the operator network node the *SIM of the *SIM-based device into the registered user-defined DRM domain, and means for making the registered information associated with the user-defined DRM domain available to the content provider. The invention also relates to a further method and the content provider comprising means for accessing in the operator network node registered information associated with a registered user-defined DRM domain comprising *SIMs of a user, and means for establishing a content provider defined DRM domain comprising at least one of the *SIMs of the user-defined DRM domain.
摘要翻译: 本发明涉及一种方法和运营商网络节点,用于启用由启用SIM的设备主持的* SIM的用户定义的DRM域。 运营商网络节点可连接到基于* SIM的设备和内容提供商节点,并且包括用于在基于* SIM的设备和运营商网络节点之间建立安全信道的装置,用于创建至少定义的DRM域的装置 用于基于SIM的设备的一个用户,用于在所述运营商网络节点处接收来自所述基于* SIM的设备的注册请求以将所述基于* SIM的设备的* SIM注册到所创建的用户定义的DRM域中的装置, 在运营商网络节点将基于* SIM的设备的* SIM注册到注册的用户定义的DRM域中,以及用于使与用户定义的DRM域相关联的注册信息可用于内容提供商的装置。 本发明还涉及一种另外的方法和内容提供器,其包括用于在运营商网络节点中访问与包括用户的SIM的注册用户定义的DRM域相关联的注册信息的装置,以及用于建立内容提供商定义的DRM域的装置,包括 用户定义的DRM域的* SIM中的至少一个。
-
公开(公告)号:US20100284368A1
公开(公告)日:2010-11-11
申请号:US12743694
申请日:2007-11-23
申请人: Wassim Haddad , Karl Norrman
发明人: Wassim Haddad , Karl Norrman
CPC分类号: H04L63/0823 , H04L63/0807 , H04W12/06 , H04W36/0011 , H04W84/12
摘要: A method of performing hand-off of a Mobile Node from a previous Access Point to a new Access Point within a WLAN domain, where the previous and new Access Points are connected respectively to previous and new Access Routers. The method comprises, following a MAC authentication exchange between the Mobile Node and the new Access Point, sending a MAC Reassociation Request from the Mobile Node to the New Access Point, forwarding said Reassociation Request to said new Access Router, and sending the Reassociation Request from said new Access Router to said previous Access Router within an IP hand-off request, and authenticating the Reassociation Request at the previous Access Router and initiating the tunnelling of IP packets received at the previous Access Router and destined for said Mobile Node, towards said new Access Router.
摘要翻译: 执行移动节点从先前接入点切换到WLAN域内的新接入点的方法,其中先前和新的接入点分别连接到先前和新的接入路由器。 该方法包括:在移动节点和新的接入点之间的MAC认证交换之后,从移动节点向新的接入点发送MAC重新关联请求,将所述重新关联请求转发到所述新的接入路由器,并将所述重新关联请求从 在IP切换请求中将所述新的接入路由器表示到所述先前的接入路由器,并且在先前的接入路由器上认证重新发送请求,并且发起在先前的接入路由器接收并发往所述移动节点的IP分组的隧道,朝向所述新的 接入路由器
-
-
-
-
-
-
-
-
-
搜索结果
94 条记录 (耗时 0.038 秒)
