-
1.发明申请Mobile phone locking system using multiple biometric factors for owner authentication 审中-公开手机锁定系统使用多个生物识别因子进行业主验证公开(公告)号:US20080005575A1
公开(公告)日:2008-01-03
申请号:US11477613
申请日:2006-06-30
IPC分类号: H04L9/00
CPC分类号: G07C9/00158 , H04M1/66 , H04M1/67 , H04M2201/41
摘要: A method and apparatus are provided for authenticating a user of a mobile phone. While the user holds the phone to his or her ear, a microphone near the earpiece emits clicks into the user's ear. The speaker of the phone measures the response from the ear as an otoacoustic signal. A processor digitizes the measured otoacoustic signal to produce a received digital otoacoustic signature, and compares this with a stored digital otoacoustic signature of a legitimate user. If the signatures match, the phone is enabled. The invention allows secure authentication of mobile phones in a manner very natural and convenient to users.
摘要翻译: 提供了一种用于认证移动电话的用户的方法和装置。 当用户将手机保持在他或她的耳朵时,耳机附近的麦克风发出点击进入用户的耳朵。 手机的扬声器测量耳朵的响应作为耳声信号。 处理器将测量的耳声信号数字化,以产生接收的数字耳声特征,并将其与合法用户的存储数字耳声特征进行比较。 如果签名匹配,手机启用。 本发明允许以对用户非常自然和方便的方式对移动电话进行安全认证。
-
2.发明申请Multi-level and multi-factor security credentials management for network element authentication 审中-公开用于网络元认证的多级和多因素安全凭证管理公开(公告)号:US20070011452A1
公开(公告)日:2007-01-11
申请号:US11176383
申请日:2005-07-08
申请人: Bertrand Marquet , Francois Cosquer
发明人: Bertrand Marquet , Francois Cosquer
IPC分类号: H04L9/00
CPC分类号: H04L63/105
摘要: A secured execution device (SED) maintains security credentials for a certain user that requests access to the network for performing specified operations or for obtaining specified information. The NE from where the user requests access to the network is authenticated using SED credentials against a multi-level and multi-factor credentials table maintained by a NE authentication controller provided in the EMS/NM/OSS controlling the respective NE. The NE authentication controller issues a challenge and transmits it to the NE. The SED receives the challenge and both the SED and the NE authentication controller process the random number in the same way. The SED then returns a one time usage cryptographic message with the response to the challenge. The NE authentication controller checks the SED response against the expected response calculated locally; the user gains access to the network over the NE if the two responses coincide.
摘要翻译: 安全执行装置(SED)维护特定用户的安全凭证,请求访问网络以执行指定的操作或获取指定的信息。 用户请求访问网络的网元使用SED证书,根据在控制相应网元的EMS / NM / OSS中提供的NE认证控制器维护的多级和多因素证书表进行认证。 NE认证控制器发出挑战并将其发送给NE。 SED接收质询,SED和NE认证控制器以相同的方式处理随机数。 SED然后返回一次使用加密消息与响应的挑战。 NE认证控制器根据本地计算的预期响应来检查SED响应; 如果两个响应相符,则用户通过网络获得对网络的访问。
-
3.发明授权Mechanism for authentication of caller and callee using otoacoustic emissions 有权使用耳声发射的呼叫者和被呼叫者认证机制公开(公告)号:US08102838B2
公开(公告)日:2012-01-24
申请号:US11653980
申请日:2007-01-17
IPC分类号: H04L12/66
CPC分类号: G07C9/00158 , G06F21/32 , H04L63/0861 , H04L65/1006 , H04L65/1069
摘要: A method and apparatus are provided for authenticating a user attempting to establish a service which uses SIP. The user registers with the SIP server by providing the digital otoacoustic signature of the user. Thereafter, when the user attempts to initiate a session through the SIP server, the SIP server sends an Authorization Request message to the SIP client of the user. The SIP client reads the user's digital otoacoustic signature, generates a response based on the digital otoacoustic signature, and embeds the response in a second Invite message sent back to the SIP server. Meanwhile, the SIP server determines an expected response, based on the digital otoacoustic signature registered by the user. If the response provided by the SIP client matches the response expected by the SIP server, the SIP server allows establishment of the server. The invention is of particular use with IP telephony services, since end user devices used with such services are ergonomically well suited for reading of otoacoustic signatures. The invention may also be used to authenticate an intended recipient of an SIP call.
摘要翻译: 提供了一种用于认证尝试建立使用SIP的服务的用户的方法和装置。 用户通过提供用户的数字耳声签名向SIP服务器注册。 此后,当用户尝试通过SIP服务器发起会话时,SIP服务器向用户的SIP客户端发送授权请求消息。 SIP客户端读取用户的数字耳声签名,基于数字耳声签名产生响应,并将响应嵌入到发送回SIP服务器的第二个邀请消息中。 同时,SIP服务器基于用户登记的数字耳声标签来确定预期响应。 如果SIP客户端提供的响应与SIP服务器预期的响应匹配,则SIP服务器允许建立服务器。 本发明特别用于IP电话业务,因为与此类服务一起使用的终端用户设备符合人体工程学非常适合于读取耳声特征。 本发明还可以用于认证SIP呼叫的预期接收者。
-
公开(公告)号:US07305554B2
公开(公告)日:2007-12-04
申请号:US10319639
申请日:2002-12-16
IPC分类号: H04L9/00 , G06F15/16 , G06F15/173
摘要: Systems and methods of dynamically introducing security features into a client-server application program are described. A security server between an application server and a database has multiple security components with a shared dependency. This shared dependency enables the introduction of a new security component providing a new security function without compromising the security of the application program. The new security component acquires state information from other security components in the security server thereby dynamically reconfiguring the component-based security system.
摘要翻译: 描述了将安全特征动态地引入到客户机 - 服务器应用程序中的系统和方法。 应用程序服务器和数据库之间的安全服务器具有多个具有共享依赖关系的安全组件。 这种共享依赖关系使得能够引入新的安全组件,提供新的安全功能,而不会影响应用程序的安全性。 新的安全组件从安全服务器中的其他安全组件获取状态信息,从而动态地重新配置基于组件的安全系统。
-
公开(公告)号:US07284269B2
公开(公告)日:2007-10-16
申请号:US10156083
申请日:2002-05-29
CPC分类号: H04L63/0227 , H04L63/0263
摘要: A communications security system has been described. The security system in the form of a firewall is made up of a plurality of communicatively coupled sets of modules in a matrix configuration. The modules may be implemented in hardware and software in order to rely on the advantages of each technology. Data packets are typically coupled to an ingress side of the firewall where policy rules having the highest importance are checked first. The result is a high speed system having carrier class availability.
摘要翻译: 已经描述了通信安全系统。 防火墙形式的安全系统由矩阵配置的多个通信耦合的模块组成。 这些模块可以在硬件和软件中实现,以便依靠每种技术的优点。 数据包通常耦合到防火墙的入口侧,首先检查具有最高重要性的策略规则。 结果是具有载波类可用性的高速系统。
-
公开(公告)号:US20060274643A1
公开(公告)日:2006-12-07
申请号:US11143620
申请日:2005-06-03
申请人: Vinod Choyi , Bertrand Marquet , Frederic Gariador
发明人: Vinod Choyi , Bertrand Marquet , Frederic Gariador
CPC分类号: H04L29/12009 , H04L9/3228 , H04L29/12783 , H04L61/35 , H04L63/1466 , H04L2209/80 , H04W8/26 , H04W12/12 , H04W48/20
摘要: Mechanisms and methods for providing a mobile/wireless device with protection against false access-point/base-station attacks using MAC address protection are presented. The mobile/wireless device known as mobile client (MC) gains access to wireless network by discovering and selectively associating with an access point (AP). The MAC addresses of both the AP and the MC are protected during all communications between the AP and MC during the discovery phase. This protection mitigates MAC address spoofing type attacks on both the AP and the MC.
摘要翻译: 提出了使用MAC地址保护为移动/无线设备提供防止虚假接入点/基站攻击的机制和方法。 称为移动客户端(MC)的移动/无线设备通过发现和选择性地与接入点(AP)关联来获得对无线网络的接入。 在发现阶段,在AP和MC之间的所有通信期间,AP和MC两者的MAC地址都受到保护。 这种保护可以减轻AP和MC两者的MAC地址欺骗类型攻击。
-
7.发明申请公开(公告)号:US20060265751A1
公开(公告)日:2006-11-23
申请号:US11132118
申请日:2005-05-18
IPC分类号: G06F12/14
CPC分类号: H04L63/1416 , H04L63/1441
摘要: Communication network security risk exposure management systems and methods are disclosed. Risks to a communication network are determined by analyzing assets of the communication network and vulnerabilities affecting the assets. Assets may include physical assets such as equipment or logical assets such as software or data. Risk analysis may be adapted to assess risks to a particular feature of a communication network by analyzing assets of the communication network which are associated with that feature and one or more of vulnerabilities which affect the feature and vulnerabilities which affect the assets associated with the feature. A feature may be an asset itself or a function or service offered in the network and supported by particular assets, for example.
摘要翻译: 披露了通信网络安全风险管理系统和方法。 通信网络的风险是通过分析通信网络的资产和影响资产的漏洞来确定的。 资产可能包括物理资产,如设备或逻辑资产,如软件或数据。 可以通过分析与该特征相关联的通信网络的资产以及影响影响与特征相关联的资产的特征和漏洞的一个或多个漏洞来评估风险分析来评估通信网络的特定特征的风险。 特征可以是资产本身或网络中提供并由特定资产支持的功能或服务。
-
公开(公告)号:US07783756B2
公开(公告)日:2010-08-24
申请号:US11143620
申请日:2005-06-03
IPC分类号: G06F15/173
CPC分类号: H04L29/12009 , H04L9/3228 , H04L29/12783 , H04L61/35 , H04L63/1466 , H04L2209/80 , H04W8/26 , H04W12/12 , H04W48/20
摘要: Mechanisms and methods for providing a mobile/wireless device with protection against false access-point/base-station attacks using MAC address protection are presented. The mobile/wireless device known as mobile client (MC) gains access to wireless network by discovering and selectively associating with an access point (AP). The MAC addresses of both the AP and the MC are protected during all communications between the AP and MC during the discovery phase. This protection mitigates MAC address spoofing type attacks on both the AP and the MC.
摘要翻译: 提出了使用MAC地址保护为移动/无线设备提供防止虚假接入点/基站攻击的机制和方法。 称为移动客户端(MC)的移动/无线设备通过发现和选择性地与接入点(AP)关联来获得对无线网络的接入。 在发现阶段,在AP和MC之间的所有通信期间,AP和MC两者的MAC地址都受到保护。 这种保护可以减轻AP和MC两者的MAC地址欺骗类型攻击。
-
9.发明授权Labeling gateway for compartmented multi-operator network elements over a heterogeneous network 有权在异构网络上分隔的多运营商网络元素的标记网关公开(公告)号:US07536716B2
公开(公告)日:2009-05-19
申请号:US10417117
申请日:2003-04-17
CPC分类号: H04L41/0226 , H04L41/022 , H04L63/102
摘要: The present invention provides adequate service virtualization and compartmentalization in Network Management Systems for heterogeneous Network Elements to provide interoperability. It introduces a generic mediation layer that can be added to each Network Element that does not provide a network compartmentalization model that is compatible with the one used by the Network Management System. The mediation layer acts as a reverse proxy for the Network Management System to provide an operator with transparent access to an appropriate Management Service. The present invention is also instrumental in providing a high level of security in such hybrid networks.
摘要翻译: 本发明提供了用于异构网络元件的网络管理系统中足够的服务虚拟化和分区,以提供互操作性。 它引入了可以添加到每个网络元素的通用中介层,该网络元素不提供与网络管理系统使用的网络区分模型兼容的网络划分模型。 中介层作为网络管理系统的反向代理,为运营商提供对适当管理服务的透明访问。 本发明还有助于在这种混合网络中提供高水平的安全性。
-
10.发明申请Mechanism for authentication of caller and callee using otoacoustic emissions 有权使用耳声发射的呼叫者和被呼叫者认证机制公开(公告)号:US20080172728A1
公开(公告)日:2008-07-17
申请号:US11653980
申请日:2007-01-17
CPC分类号: G07C9/00158 , G06F21/32 , H04L63/0861 , H04L65/1006 , H04L65/1069
摘要: A method and apparatus are provided for authenticating a user attempting to establish a service which uses SIP. The user registers with the SIP server by providing the digital otoacoustic signature of the user. Thereafter, when the user attempts to initiate a session through the SIP server, the SIP server sends an Authorization Request message to the SIP client of the user. The SIP client reads the user's digital otoacoustic signature, generates a response based on the digital otoacoustic signature, and embeds the response in a second Invite message sent back to the SIP server. Meanwhile, the SIP server determines an expected response, based on the digital otoacoustic signature registered by the user. If the response provided by the SIP client matches the response expected by the SIP server, the SIP server allows establishment of the server. The invention is of particular use with IP telephony services, since end user devices used with such services are ergonomically well suited for reading of otoacoustic signatures. The invention may also be used to authenticate an intended recipient of an SIP call.
摘要翻译: 提供了一种用于认证尝试建立使用SIP的服务的用户的方法和装置。 用户通过提供用户的数字耳声签名向SIP服务器注册。 此后,当用户尝试通过SIP服务器发起会话时,SIP服务器向用户的SIP客户端发送授权请求消息。 SIP客户端读取用户的数字耳声签名,基于数字耳声签名产生响应,并将响应嵌入到发送回SIP服务器的第二个邀请消息中。 同时,SIP服务器基于用户登记的数字耳声标签来确定预期响应。 如果SIP客户端提供的响应与SIP服务器预期的响应匹配,则SIP服务器允许建立服务器。 本发明特别用于IP电话业务,因为与此类服务一起使用的终端用户设备符合人体工程学非常适合于读取耳声特征。 本发明还可以用于认证SIP呼叫的预期接收者。
-
-
-
-
-
-
-
-
-
搜索结果
17 条记录 (耗时 0.013 秒)
