-
公开(公告)号:US09270672B2
公开(公告)日:2016-02-23
申请号:US14119665
申请日:2011-05-26
申请人: Silke Holtmanns , Da Jiang Zhang
发明人: Silke Holtmanns , Da Jiang Zhang
CPC分类号: H04L63/0869 , H04L63/065 , H04L63/104 , H04W4/70 , H04W12/04 , H04W12/06
摘要: Provided are a method, a corresponding apparatus and a computer program product for performing a group authentication and key agreement procedure. A method comprises initiating, by a master device in a group of devices, a group authentication and key agreement procedure towards an authentication entity, wherein a shared group key is defined for use in the group authentication and key agreement procedure; performing mutual authentication between the master device and the authentication entity based upon the shared group key; and performing mutual authentication between the authenticated master device and other devices in the group based upon the shared group key for completion of the group authentication and key agreement procedure. With the claimed invention, the impact of the signaling overhead on a network can be significantly decreased without substantive modification to the existing architecture of the network.
摘要翻译: 提供了一种用于执行组认证和密钥协商过程的方法,相应的装置和计算机程序产品。 一种方法包括:通过一组设备中的主设备向认证实体发起组认证和密钥协商过程,其中定义了用于组认证和密钥协商过程中的共享组密钥; 基于所述共享组密钥,在所述主设备和所述认证实体之间执行相互认证; 并且基于用于完成组认证和密钥协商过程的共享组密钥在认证的主设备与组中的其他设备之间执行相互认证。 通过要求保护的发明,可以显着地减少信令开销对网络的影响,而无需对网络的现有架构进行实质性修改。
-
公开(公告)号:US09137662B2
公开(公告)日:2015-09-15
申请号:US13879698
申请日:2010-10-21
申请人: Silke Holtmanns , André Dolenc
发明人: Silke Holtmanns , André Dolenc
CPC分类号: H04L63/08 , H04L63/0492 , H04L63/061 , H04L63/0892 , H04L63/102 , H04W8/205 , H04W12/06
摘要: A method and apparatus are provided for access credential provisioning. A method may include receiving, at a first mobile apparatus, information about a second mobile apparatus. The first mobile apparatus may be provisioned with network access credential information to be transferred from the first mobile apparatus to the second mobile apparatus. The method may further include causing the information about the second mobile apparatus to be provided to a provisioning apparatus for the network. The method may additionally include receiving authorization form the provisioning apparatus to transfer the network access credential information from the first mobile apparatus to the second mobile apparatus. The method may also include, in response to receipt of the authorization, causing the network access credential information to be provided to the second mobile apparatus. A corresponding apparatus is also provided.
摘要翻译: 提供了用于访问凭证提供的方法和装置。 一种方法可以包括在第一移动装置处接收关于第二移动装置的信息。 第一移动装置可以被提供有要从第一移动装置传送到第二移动装置的网络访问凭证信息。 该方法还可以包括使关于第二移动装置的信息被提供给网络的供应装置。 该方法可以另外包括从供应设备接收授权,以将网络接入凭证信息从第一移动设备传送到第二移动设备。 该方法还可以包括响应于接收到授权,使网络访问凭证信息被提供给第二移动装置。 还提供了相应的装置。
-
公开(公告)号:US20150181000A1
公开(公告)日:2015-06-25
申请号:US14403643
申请日:2012-05-31
申请人: Silke Holtmanns , Seamus Moloney
发明人: Silke Holtmanns , Seamus Moloney
CPC分类号: H04L67/325 , H04L67/141 , H04L69/28 , H04W28/0289 , H04W52/0251 , H04W76/10 , Y02D70/1224 , Y02D70/1242 , Y02D70/1262 , Y02D70/1264 , Y02D70/142 , Y02D70/144 , Y02D70/146 , Y02D70/26
摘要: Methods, apparatuses, and computer program products herein enable a communication device to enable the bundling of one or more connection requests in order to reduce overall signaling from a communication device. An example method may include receiving a connection request from an application. In some example embodiments, the connection request defines a connection time indication. The method may further include receiving at least one additional connection request from one or more applications. The method may further include determining a connection time for the application and the one or more applications. In some example embodiments, the connection time is configured to enable the application and the one or more applications to utilize the connection concurrently. The method may further include causing a connection to be established at a connection time. In some example embodiments, the connection time is scheduled prior to an expiration of the connection time indication.
摘要翻译: 这里的方法,装置和计算机程序产品使得通信设备能够捆绑一个或多个连接请求,以便减少来自通信设备的总体信令。 示例性方法可以包括从应用接收连接请求。 在一些示例性实施例中,连接请求定义连接时间指示。 该方法还可以包括从一个或多个应用接收至少一个附加连接请求。 该方法还可以包括确定应用和一个或多个应用的连接时间。 在一些示例性实施例中,连接时间被配置为使得应用程序和一个或多个应用程序能够同时使用连接。 该方法还可以包括在连接时间建立连接。 在一些示例实施例中,连接时间在连接时间指示期满之前被调度。
-
74.发明授权User identity management for permitting interworking of a bootstrapping architecture and a shared identity service 有权用户身份管理,用于允许自举架构和共享身份服务的互通公开(公告)号:US08943321B2
公开(公告)日:2015-01-27
申请号:US13500491
申请日:2010-10-19
申请人: Silke Holtmanns , Hannes Tschofenig
发明人: Silke Holtmanns , Hannes Tschofenig
CPC分类号: H04W12/04 , H04L63/0421 , H04L63/0815 , H04W12/06
摘要: A method, apparatus and computer program product are provided to facilitate authentication of a request, such as by a mobile terminal, while also supplying information about the user to a service, website, application or the like A method, apparatus and computer program product may provide for interworking a bootstrapping architecture, such as Generic Bootstrapping Architecture, and a shared identity service, such as OpenID architecture In this regard, a method, apparatus and computer program product may provide for a secure session with a service provider through Generic Bootstrapping Architecture while being able to supply the service provider with the user information and/or accessing a user account using OpenID architecture.
摘要翻译: 提供了一种方法,装置和计算机程序产品,以便于诸如由移动终端等请求的认证,同时还将关于用户的信息提供给服务,网站,应用等。方法,装置和计算机程序产品可以 提供互通引导架构(例如通用引导架构)和共享身份服务(例如OpenID架构)在这方面,方法,设备和计算机程序产品可以通过通用引导架构提供与服务提供商的安全会话,而 能够向服务提供商提供用户信息和/或使用OpenID架构访问用户帐户。
-
75.发明申请公开(公告)号:US20140171029A1
公开(公告)日:2014-06-19
申请号:US14131603
申请日:2011-07-08
申请人: Silke Holtmanns
发明人: Silke Holtmanns
IPC分类号: H04W12/04
CPC分类号: H04W12/04 , H04L63/205 , H04L2463/061 , H04W12/06
摘要: A method, apparatus and software for accessing a database having, for each of a plurality of subscribers of a mobile communication network, a long-term secret key shared between the subscriber and the apparatus, for network authentication of a mobile communication device to the mobile communication network; wherein the mobile communication network is a universal mobile telecommunications system or a long term evolution telecommunication network; and producing for the mobile communication device, the authentication of which is being verified, one or more authentication vectors compliant with the global system for mobile communications; each authentication vector comprising a challenge, a signed response and a session key; and containing in the authentication vector an integrity key and an authentication token.
摘要翻译: 一种用于访问数据库的方法,装置和软件,具有针对移动通信网络的多个用户中的每一个的用户和所述装置之间共享的长期秘密密钥,用于移动通信设备到移动台的网络认证 通信网络; 其中所述移动通信网络是通用移动电信系统或长期演进电信网络; 并针对正在验证的认证的移动通信设备的产生,与全球移动通信系统兼容的一个或多个认证向量; 每个认证向量包括质询,签名响应和会话密钥; 并在认证向量中包含完整性密钥和认证令牌。
-
公开(公告)号:US20140047034A1
公开(公告)日:2014-02-13
申请号:US14112345
申请日:2011-04-27
申请人: Silke Holtmanns , Da Jiang Zhang
发明人: Silke Holtmanns , Da Jiang Zhang
IPC分类号: H04L29/08
摘要: Various methods for providing a secure public warning related to a disaster are provided. One example method may comprise providing for transmission of a registration message. The registration message may comprise an indication of an identity and an indication of a location. The method of this example embodiment may further comprise receiving a warning message. The method of this example embodiment may further comprise authenticating the warning message. Additionally, the method of this example may further comprise providing an alert after authenticating the warning message. Similar and related example methods, example apparatuses, and example computer program products are also provided.
摘要翻译: 提供了各种提供与灾难有关的安全公共警报的方法。 一个示例性方法可以包括提供注册消息的传输。 注册消息可以包括身份的指示和位置的指示。 该示例实施例的方法还可以包括接收警告消息。 该示例实施例的方法还可以包括认证警告消息。 此外,该示例的方法还可以包括在认证警告消息之后提供警报。 还提供了类似的和相关的示例性方法,示例性装置和示例性计算机程序产品。
-
公开(公告)号:US20130023309A1
公开(公告)日:2013-01-24
申请号:US13544178
申请日:2012-07-09
摘要: A method includes downloading at the request of a user an application for storage in a secure module of a terminal; requesting the user to assign a descriptive name for the downloaded application; storing the descriptive name together with an application identity of the downloaded application; in response to a request to activate a stored application, presenting the user with a list having elements of one or more stored applications, where each list element comprises at least the user assigned descriptive name; and activating an application associated with a selection of a list element by the user. Various embodiments of apparatus for implementing the method are also disclosed.
摘要翻译: 一种方法包括在用户的请求下下载应用程序以存储在终端的安全模块中; 请求用户分配下载的应用程序的描述性名称; 将描述性名称与所下载的应用的应用标识一起存储; 响应于激活存储的应用的请求,向用户呈现具有一个或多个存储的应用的元素,其中每个列表元素至少包括用户分配的描述性名称; 以及激活与所述用户对列表元素的选择相关联的应用。 还公开了用于实现该方法的装置的各种实施例。
-
公开(公告)号:US08347090B2
公开(公告)日:2013-01-01
申请号:US11902506
申请日:2007-09-21
申请人: Silke Holtmanns , Dan Forsberg
发明人: Silke Holtmanns , Dan Forsberg
IPC分类号: H04L9/32
CPC分类号: H04L9/32 , H04L63/0414 , H04L63/0823 , H04L63/0869 , H04W8/26 , H04W12/02 , H04W12/06
摘要: A method and apparatus including units configured to send a request from a first network entity to a user equipment for an identifier and receive a message indicating that a public key is required from the user equipment by the first network entity. The method and apparatus also includes units configured to send, by the first network entity, the public key to the user equipment and receive an encrypted identifier by the first network entity, wherein upon authenticating the public key, the user equipment encrypts at least part of the identifier using the public key, thereby enabling further processing between the network entity and the user equipment.
摘要翻译: 一种方法和装置,包括被配置为从第一网络实体向用户设备发送用于标识符的请求的单元,并且接收由第一网络实体从用户设备需要公钥的消息。 所述方法和装置还包括被配置为由第一网络实体将公开密钥发送给用户设备并由第一网络实体接收加密的标识符的单元,其中在认证公开密钥时,用户设备加密至少部分 使用公钥的标识符,从而能够在网络实体和用户设备之间进一步处理。
-
公开(公告)号:US08336105B2
公开(公告)日:2012-12-18
申请号:US10595566
申请日:2003-10-31
申请人: Frank Hartung , Silke Holtmanns
发明人: Frank Hartung , Silke Holtmanns
IPC分类号: H04L29/06
CPC分类号: G06F21/10 , H04L9/0822 , H04L9/0825 , H04L2209/603
摘要: A method and devices for a control of usage of content is disclosed. In one embodiment, a user device performs the steps of obtaining the content, defining usage rights, generating integrity protection information for defined usage rights, encrypting the content with a content encryption key, encrypting the content encryption key with a key encryption key associated with a recipient device and/or an operator of the recipient device, communicating the encrypted content, the defined usage rights, the encrypted content encryption key, and the integrity protection information to the recipient device. The recipient device performs the steps of verifying the integrity of the defined usage rights based on the integrity protection information, decrypting the encrypted content encryption key with a decryption key corresponding to the key encryption key, decrypting the encrypted content with the content encryption key in a secure environment, applying the defined usage rights to the content in the secure environment, and using the content according to the applied usage rights.
摘要翻译: 公开了一种用于控制内容使用的方法和装置。 在一个实施例中,用户设备执行以下步骤:获取内容,定义使用权限,生成用于定义的使用权限的完整性保护信息,用内容加密密钥加密内容,用与密钥相关联的密钥加密密钥加密内容加密密钥 收件人设备和/或接收者设备的操作者,将加密的内容,定义的使用权限,加密的内容加密密钥和完整性保护信息传达给接收者设备。 收件人装置执行以下步骤:基于完整性保护信息来验证所定义的使用权限的完整性,用与密钥加密密钥对应的解密密钥对加密的内容加密密钥进行解密,使用内容加密密钥解密加密的内容 安全环境,将定义的使用权利应用于安全环境中的内容,以及根据所应用的使用权利使用内容。
-
80.发明申请公开(公告)号:US20110173105A1
公开(公告)日:2011-07-14
申请号:US12655909
申请日:2010-01-08
CPC分类号: H04L63/08 , G06Q20/12 , G06Q20/16 , G06Q30/0185 , G06Q30/04 , H04L12/14 , H04L12/1403 , H04M15/00
摘要: An apparatus (such as a AAA node of a core/operator network) receives from a relying party an initial credit control request that bears first information comprising a relying party identifier, a service context identifier for a service to be provided by the relying party, and a token that authenticates a subscriber. The first information is extracted and forwarded to a core network accounting server that stores account information for the subscriber. The relying party is not within the core network. In reply to forwarding the extracted first information, the apparatus receives from the accounting server a credit control answer that bears second information comprising the relying party identifier, the service context identifier, and a grant indicating the subscriber may be charged a fee for the service to be provided by the relying party. The second information is extracted and forwarded to the relying party.
摘要翻译: 装置(例如核心/运营商网络的AAA节点)从依赖方接收承载包括依赖方标识符的第一信息的初始信用控制请求,由依赖方提供的服务的服务上下文标识符, 以及认证用户的令牌。 第一个信息被提取并转发给存储订户的帐户信息的核心网络计费服务器。 依赖方不在核心网内。 在转发所提取的第一信息时,设备从会计服务器接收包含依赖方标识符,服务上下文标识符和指示订户的授权的第二信息的信用控制答案可以向服务收取费用 由依赖方提供。 第二个信息被提取并转发给依赖方。
-
-
-
-
-
-
-
-
-
搜索结果
86 条记录 (耗时 0.034 秒)
