-
1.发明授权Methods and apparatuses for secure information sharing in social networks using randomly-generated keys 有权使用随机生成的密钥在社交网络中进行安全信息共享的方法和装置公开(公告)号:US08769259B2
公开(公告)日:2014-07-01
申请号:US13345241
申请日:2012-01-06
IPC分类号: H04L29/06
CPC分类号: H04L9/0822
摘要: There can be problems with the security of social networking communications. For example, there may be occasions when a number of friends wish to communicate securely through a social network infrastructure, such that non-trusted 3rd-party entities, such as a Social Network Operator or host that provides the application infrastructure, does not overhear the communication. In response to the above problems, embodiments presented propose a set of innovative, lightweight solutions, considering that in certain scenarios the Social Network Operator may not be a trusted entity. Embodiments of the present invention are directed to methods and apparatuses for secure information sharing in social networks using random keys.
摘要翻译: 社交网络通信的安全性可能存在问题。 例如,当许多朋友希望通过社交网络基础设施安全地进行通信时,可能会出现这样的情况,使得诸如社交网络运营商或提供应用基础设施的主机之类的非信任的第三方实体不会听到 通讯。 针对上述问题,所提出的实施例提出了一组创新的,轻量级的解决方案,考虑到在某些情况下,社交网络运营商可能不是可靠的实体。 本发明的实施例涉及使用随机密钥的社交网络中的安全信息共享的方法和装置。
-
公开(公告)号:US08762567B2
公开(公告)日:2014-06-24
申请号:US10917988
申请日:2004-08-13
IPC分类号: G06F15/16
CPC分类号: H04L47/32 , H04L47/10 , H04L47/11 , H04L47/12 , H04L47/14 , H04L47/2441 , H04L47/25 , H04W28/10
摘要: A communication network includes an overload control algorithm that adapts to changing circumstances. In a disclosed example, an acceptance fraction for each of a plurality of message types depends upon the arrival rates of the message types. As at least one of the arrival rates changes, the acceptance fraction is responsively changed to provide an overload control algorithm that adapts to changes in message traffic.
摘要翻译: 通信网络包括适应不断变化的情况的过载控制算法。 在公开的示例中,多个消息类型中的每一个的接受分数取决于消息类型的到达速率。 当到达速率中的至少一个改变时,响应地改变接受比例以提供适应消息业务变化的过载控制算法。
-
公开(公告)号:US08583929B2
公开(公告)日:2013-11-12
申请号:US11441969
申请日:2006-05-26
IPC分类号: H04L9/32
CPC分类号: H04L63/0428 , H04L9/0822 , H04L63/061 , H04L2209/60 , H04L2209/80 , H04L2463/061 , H04L2463/062 , H04W12/02 , H04W12/04 , H04W12/10 , H04W84/12
摘要: Methods are provided for securely transmitting a packet between endpoints of a network. In one aspect, there is provided a method for establishing an end-to-end key using extant hop-by-hop security associations. In a second aspect, there is provided a method in which a packet-specific encryption key PEK is used to encrypt a packet p. A signature of the key PEK is independently computed at each of two nodes, using an integrity key shared by the two nodes. The signature is sent from one of the two nodes to the other in association with the packet p. The receiving node uses the signature to verify that the packet p was originated by an entity having possession of the PEK.
摘要翻译: 提供了用于在网络的端点之间安全地传送分组的方法。 一方面,提供了一种使用现有的逐跳安全关联来建立端对端密钥的方法。 在第二方面,提供了一种方法,其中使用分组专用加密密钥PEK来加密分组p。 使用两个节点共享的完整性密钥,在两个节点的每一个上独立地计算密钥PEK的签名。 签名从两个节点之一发送到另一个节点,与分组p相关联。 接收节点使用签名来验证分组p是由拥有PEK的实体发起的。
-
公开(公告)号:US08189544B2
公开(公告)日:2012-05-29
申请号:US11474591
申请日:2006-06-26
IPC分类号: H04W4/00
CPC分类号: H04L63/0428 , H04L63/061 , H04L63/062 , H04W12/04 , H04W80/04
摘要: A key distribution scheme is provided, which is useful for establishing, distributing, and maintaining security associations in a Mobile IP network. An authentication server performs an initial validation of a new session and generates a root key which it delivers to the initial access gateway and to the home agent. The initial access gateway and the home agent each independently compute a derivative key available only to themselves. The initial access gateway, acting as proxy for the mobile station, uses the derivative key to sign the Mobile IP registration or binding update transactions, and sends the signed registration or binding update to the home agent for validation. Once the session is established between the mobile station and the home agent, the access gateways act as proxies on behalf of the mobile station to maintain the session mobility. In handoff, the new access gateway acquires the root key as part of the transferred session context. The new access gateway, acting as proxy for the mobile station, computes a new derivative key from the root key and uses it to sign a binding update.
摘要翻译: 提供了一种密钥分配方案,对于在移动IP网络中建立,分发和维护安全关联是有用的。 认证服务器执行新会话的初始验证,并生成一个根密钥,该密钥将传递给初始接入网关和归属代理。 初始接入网关和归属代理各自独立地计算可用于其自身的导数密钥。 作为移动台的代理的初始接入网关使用派生密钥对移动IP注册或绑定更新事务进行签名,并将签名的注册或绑定更新发送到归属代理进行验证。 一旦在移动台和归属代理之间建立了会话,则接入网关代表移动台充当代理以维持会话移动性。 在切换中,新的接入网关获取根密钥作为传送的会话上下文的一部分。 新的接入网关作为移动台的代理,从根密钥计算新的派生密钥,并使用它来签署绑定更新。
-
公开(公告)号:US20070297377A1
公开(公告)日:2007-12-27
申请号:US11474591
申请日:2006-06-26
IPC分类号: H04Q7/24
CPC分类号: H04L63/0428 , H04L63/061 , H04L63/062 , H04W12/04 , H04W80/04
摘要: A key distribution scheme is provided, which is useful for establishing, distributing, and maintaining security associations in a Mobile IP network. An authentication server performs an initial validation of a new session and generates a root key which it delivers to the initial access gateway and to the home agent. The initial access gateway and the home agent each independently compute a derivative key available only to themselves. The initial access gateway, acting as proxy for the mobile station, uses the derivative key to sign the Mobile IP registration or binding update transactions, and sends the signed registration or binding update to the home agent for validation. Once the session is established between the mobile station and the home agent, the access gateways act as proxies on behalf of the mobile station to maintain the session mobility. In handoff, the new access gateway acquires the root key as part of the transferred session context. The new access gateway, acting as proxy for the mobile station, computes a new derivative key from the root key and uses it to sign a binding update.
摘要翻译: 提供了一种密钥分配方案,对于在移动IP网络中建立,分发和维护安全关联是有用的。 认证服务器执行新会话的初始验证,并生成一个根密钥,该密钥将传递给初始接入网关和归属代理。 初始接入网关和归属代理各自独立地计算可用于其自身的导数密钥。 作为移动台的代理的初始接入网关使用派生密钥对移动IP注册或绑定更新事务进行签名,并将签名的注册或绑定更新发送到归属代理进行验证。 一旦在移动台和归属代理之间建立了会话,则接入网关代表移动台充当代理以维持会话移动性。 在切换中,新的接入网关获取根密钥作为传送的会话上下文的一部分。 新的接入网关作为移动台的代理,从根密钥计算新的派生密钥,并使用它来签署绑定更新。
-
公开(公告)号:US20070277035A1
公开(公告)日:2007-11-29
申请号:US11441969
申请日:2006-05-26
IPC分类号: H04L9/00
CPC分类号: H04L63/0428 , H04L9/0822 , H04L63/061 , H04L2209/60 , H04L2209/80 , H04L2463/061 , H04L2463/062 , H04W12/02 , H04W12/04 , H04W12/10 , H04W84/12
摘要: Methods are provided for securely transmitting a packet between endpoints of a network. In one aspect, there is provided a method for establishing an end-to-end key using extant hop-by-hop security associations. In a second aspect, there is provided a method in which a packet-specific encryption key PEK is used to encrypt a packet p. A signature of the key PEK is independently computed at each of two nodes, using an integrity key shared by the two nodes. The signature is sent from one of the two nodes to the other in association with the packet p. The receiving node uses the signature to verify that the packet p was originated by an entity having possession of the PEK.
摘要翻译: 提供了用于在网络的端点之间安全地传送分组的方法。 一方面,提供了一种使用现有的逐跳安全关联来建立端对端密钥的方法。 在第二方面,提供了一种方法,其中使用分组专用加密密钥PEK来加密分组p。 使用两个节点共享的完整性密钥,在两个节点的每一个上独立地计算密钥PEK的签名。 签名从两个节点之一发送到另一个节点,与分组p相关联。 接收节点使用签名来验证分组p是由拥有PEK的实体发起的。
-
7.发明授权Constructions of variable input length cryptographic primitives for high efficiency and high security 有权可变输入长度加密原语的构造,用于高效率和高安全性公开(公告)号:US07221756B2
公开(公告)日:2007-05-22
申请号:US10113666
申请日:2002-03-28
IPC分类号: H04L9/00
CPC分类号: H04L9/0643 , H04L9/0637 , H04L2209/20 , H04L2209/38
摘要: A hash function is applied to a prefix of a VIL input. The output is added to a suffix of the input. A block cipher is applied to results of the addition. An encryption function is performed on the prefix. The final output is the output of the block cipher and the encryption function. In a second encryption technique, a hash function is applied to an input, and the output of the hash function has first and second portions. A block cipher is applied to the second portion. The output of the block cipher is added to the first portion, and a second function is applied to the result of this first addition. The output of the second function is added to the second portion. An inverse hash function is then applied to the output of the first and second additions, creating an encrypted output.
摘要翻译: 散列函数应用于VIL输入的前缀。 输出被添加到输入的后缀。 将块密码应用于添加的结果。 在前缀上执行加密功能。 最终输出是块密码和加密函数的输出。 在第二加密技术中,将哈希函数应用于输入,并且散列函数的输出具有第一和第二部分。 块密码被应用于第二部分。 将块密码的输出添加到第一部分,并且将第二函数应用于该第一次添加的结果。 第二功能的输出被添加到第二部分。 然后将逆散列函数应用于第一和第二加法的输出,创建加密输出。
-
8.发明授权公开(公告)号:US07117424B2
公开(公告)日:2006-10-03
申请号:US10144473
申请日:2002-05-13
IPC分类号: H03M13/00
CPC分类号: H03M13/132 , H03M13/15
摘要: In a method of block coding, each character of the codeword may be thought of as a sum of characters of the message word, computed such that each message-word character that contributes to the sum is weighted by a respective weight coefficient. In the method described here, the weight coefficients are derived from a division polynomial of an elliptic curve.
-
公开(公告)号:US06930981B2
公开(公告)日:2005-08-16
申请号:US09730637
申请日:2000-12-06
申请人: Nandu Gopalakrishnan , Srinivas R. Kadaba , Farooq Ullah Khan , Sanjiv Nanda , Mehmet Oguz Sunay , Ganapathy Subramanian Sundaram
发明人: Nandu Gopalakrishnan , Srinivas R. Kadaba , Farooq Ullah Khan , Sanjiv Nanda , Mehmet Oguz Sunay , Ganapathy Subramanian Sundaram
CPC分类号: H04L1/0022 , H04B2201/70703 , H04J13/0048 , H04L1/0003 , H04L1/0009 , H04L1/0025 , H04W28/22 , H04W72/042 , H04W72/0466
摘要: Data rate determination is provided in a system where the available power fraction and available Walsh codes in each active leg are dynamically changing over time. This method adapts the rate (modulation and coding) based on the combined resource (power & code space) levels seen at each cell. The method results in maximization of the rate supportable by each cell given their resource constrained situation while meeting the constraints of target packet or frame error rate and orthogonality. Furthermore, improved fast cell selection by the mobile results due to this approach that is based on knowledge of combined resource (power & code space) levels across the cells in the active set.
摘要翻译: 在系统中提供数据速率确定,其中每个活动腿中的可用功率分数和可用沃尔什码随时间动态变化。 该方法基于在每个小区看到的组合资源(功率和码空间)水平来适应速率(调制和编码)。 该方法在满足目标包或帧错误率和正交性的约束的情况下,给出了其资源受限情况下每个小区可支持的速率的最大化。 此外,由于基于活动集中的单元格上的组合资源(功率和代码空间)级别的知识的这种方法,通过移动结果来改进快速小区选择。
-
10.发明授权公开(公告)号:US06836666B2
公开(公告)日:2004-12-28
申请号:US09851100
申请日:2001-05-08
申请人: Nandu Gopalakrishnan , Srinivas R. Kadaba , Ashok N. Rudrapatna , Ganapathy Subramanian Sundaram
发明人: Nandu Gopalakrishnan , Srinivas R. Kadaba , Ashok N. Rudrapatna , Ganapathy Subramanian Sundaram
IPC分类号: H04Q720
CPC分类号: H04W72/1284 , H04B2201/70703 , H04W52/265 , H04W52/267 , H04W52/50 , H04W72/1268
摘要: Efficient data communication in wireless communication system is provided by using centralized control of data communications, such as packet switched services, over the uplink channel (mobile station (MS) to base station (BS)). A multiple access protocol is used where packet data mobile stations make requests for uplink channel resources. The request messages transmitted by the MSs inform the BS of service parameters. Examples of such service parameters are available transmit power at the MS, the amount of data to transmit and Quality of Service (QoS). The BS then processes the received request messages and performs interference management calculations to determine the portion of the BS's receive power budget that can be allocated to the data user requesting service. These calculations are used to control the amount of interference seen at the base station, to assign a data rate to the user and to aid scheduling algorithms in computing service order priorities. Any scheduling algorithm may be used; for example, scheduling may be based on the amount of data to be transmitted, the age of the data or the service priority associated with the mobile station. The interference control is used to prevent the occurrence of catastrophic levels of interference while maximizing the utilization of resources on the uplink.
摘要翻译: 通过上行链路信道(移动台(MS)到基站(BS))的数据通信(例如分组交换业务)的集中控制来提供无线通信系统中的高效数据通信。 使用多址协议,其中分组数据移动台对上行链路信道资源进行请求。 MS发送的请求消息通知BS服务参数。 这种服务参数的示例是MS处的可用发射功率,要传输的数据量和服务质量(QoS)。 然后,BS处理接收到的请求消息并执行干扰管理计算,以确定可以分配给数据用户请求服务的BS的接收功率预算的部分。 这些计算用于控制在基站处看到的干扰量,为用户分配数据速率,并帮助调度算法计算服务顺序优先级。 可以使用任何调度算法; 例如,调度可以基于要发送的数据量,数据的年龄或与移动站相关联的服务优先级。 干扰控制用于防止灾难性干扰水平的发生,同时最大化上行链路上的资源利用率。
-
-
-
-
-
-
-
-
-
搜索结果
23 条记录 (耗时 0.021 秒)
