-
公开(公告)号:US08490159B2
公开(公告)日:2013-07-16
申请号:US13127404
申请日:2008-11-03
申请人: Luciana Costa , Roberta D'Amico , Paolo De Lutiis , Manuel Leone , Maurizio Valvo , Paolo Solina
发明人: Luciana Costa , Roberta D'Amico , Paolo De Lutiis , Manuel Leone , Maurizio Valvo , Paolo Solina
IPC分类号: G06F21/00
CPC分类号: H04L63/0869 , H04L63/06 , H04Q11/0067 , H04Q2011/0088
摘要: A method for security in a passive optical network is disclosed. The method includes, at an optical line termination (OLT): detecting an optical termination device and establishing a connection with the device; generating a first authentication message including a first random number; and transmitting the first authentication message through the established connection. At the optical termination device, the method may include: receiving the first authentication message; calculating a first authentication code by using the first random number and a secret code stored at the device; and generating and transmitting to the OLT a second authentication message including the first authentication code. The method may further include, at the OLT: receiving the second authentication message; calculating a second authentication code by using the first random number and a secret code stored at the OLT; and authenticating the optical termination device if the first authentication code matches the second authentication code.
摘要翻译: 公开了一种无源光网络中的安全性方法。 该方法包括:在光线路终端(OLT)处:检测光终端设备并建立与设备的连接; 生成包括第一随机数的第一认证消息; 以及通过建立的连接发送第一认证消息。 在光学终端装置中,该方法可以包括:接收第一认证消息; 通过使用存储在设备中的第一随机数和密码来计算第一认证码; 以及向所述OLT生成并发送包括所述第一认证码的第二认证消息。 该方法还可以包括:在OLT处:接收第二认证消息; 通过使用存储在OLT处的第一随机数和秘密码来计算第二认证码; 以及如果所述第一认证码与所述第二认证码匹配,则认证所述光学终端设备。
-
公开(公告)号:US08370894B2
公开(公告)日:2013-02-05
申请号:US12448637
申请日:2006-12-29
摘要: A method of enforcing security policies in a mobile ad-hoc network, includes: entrusting at least one first network node along a data traffic route from a data traffic origin node to a data traffic destination node, with the enforcing of predefined security policies on the data traffic; and entrusting at least one second network node, distinct from said first network node, with the control of the enforcement of the security policies by the first network node.
摘要翻译: 一种在移动自组织网络中实施安全策略的方法包括:在数据业务源节点到数据业务目的地节点之间,沿着数据业务路由委托至少一个第一网络节点,同时在 数据流量 以及委托与所述第一网络节点不同的至少一个第二网络节点与所述第一网络节点对所述安全策略的强制的控制。
-
3.发明授权Method for localizing an optical termination device in a passive optical network 有权用于在无源光网络中定位光终端设备的方法公开(公告)号:US08145057B2
公开(公告)日:2012-03-27
申请号:US13142726
申请日:2008-12-29
申请人: Luciana Costa , Roberta D'Amico , Paolo De Lutiis , Luca Viale
发明人: Luciana Costa , Roberta D'Amico , Paolo De Lutiis , Luca Viale
CPC分类号: H04Q11/0067 , H04L12/2898 , H04Q2011/0079 , H04Q2011/009
摘要: A method for localizing an optical network termination (ONT) of a passive optical network is disclosed. The passive optical network comprises an optical line terminal (OLT) and an optical distribution network (ODN) having a plurality of optical links. The ONT is connectable to the OLT by a given optical link of the optical distribution network. The method includes the steps of detecting that the ONT has been connected to the OLT by an optical link of the optical distribution network; determining length information indicative of a length of the optical link; comparing the length information with a reference length information indicative of a length of the given optical link; and if the length information matches the reference length information, localizing the ONT by confirming that it is connected to the OLT by the given optical link.
摘要翻译: 公开了一种用于定位无源光网络的光网络终端(ONT)的方法。 无源光网络包括具有多个光链路的光线路终端(OLT)和光分配网络(ODN)。 ONT可以通过光分配网络的给定光链路连接到OLT。 该方法包括以下步骤:通过光分配网络的光链路检测ONT已经连接到OLT; 确定指示所述光链路的长度的长度信息; 将长度信息与指示给定光链路的长度的参考长度信息进行比较; 并且如果长度信息与参考长度信息匹配,则通过确定通过给定的光学链路连接到OLT来定位ONT。
-
公开(公告)号:US20090217033A1
公开(公告)日:2009-08-27
申请号:US11922781
申请日:2005-06-29
申请人: Luciana Costa , Giorgio Freguglia , Federico Frosali , Romano Fantacci , Leonardo Maccari , Tommaso Pecorella
发明人: Luciana Costa , Giorgio Freguglia , Federico Frosali , Romano Fantacci , Leonardo Maccari , Tommaso Pecorella
CPC分类号: H04L63/08 , H04L63/0807 , H04L63/162 , H04W12/04 , H04W12/06 , H04W84/12
摘要: In a wireless communications network including at least one authenticator and at least one authentication server, wherein the authenticator is adapted to interact with the authentication server for authenticating supplicants in order to conditionally grant thereto access to the wireless communications network, a short authentication method for authenticating a supplicant, the method including: providing a shared secret, shared by and available at the supplicant and the authentication server; having the supplicant provide to the authenticator an authentication token, wherein the authentication token is based on the shared secret available thereat; having the authenticator forward the authentication token to the authentication server; having the authentication server ascertain an authenticity of the received authentication token based on the shared secret available thereat; in case the authenticity of the authentication token is ascertained, having the authentication server generate a first authentication key based on the shared secret available thereat, and provide the generated authentication key to the authenticator; having the supplicant generate a second authentication key based on the shared secret; and having the supplicant and the authenticator exploit the generated first and the second keys for communicating with each other. The short authentication method is particularly useful in situations of handoff of the supplicant from an authenticator to another.
摘要翻译: 在包括至少一个认证器和至少一个认证服务器的无线通信网络中,其中所述认证器适于与所述认证服务器交互以认证请求者,以有条件地向其授予对所述无线通信网络的访问,用于认证的短认证方法 一种请求方,该方法包括:提供在请求方和认证服务器共享和可用的共享密钥; 请求者向认证者提供认证令牌,其中认证令牌基于可用的共享秘密; 使认证者将认证令牌转发到认证服务器; 使认证服务器基于可用的共享秘密来确定接收到的认证令牌的真实性; 在确定认证令牌的真实性的情况下,使认证服务器基于可用的共享秘密生成第一认证密钥,并将所生成的认证密钥提供给认证者; 使请求者基于共享密钥生成第二认证密钥; 并且让请求者和认证者利用生成的第一和第二密钥进行通信。 短认证方法在请求方从认证方切换到另一方的情况下特别有用。
-
5.发明授权Method and system for automated and secure provisioning of service access credentials for on-line services to users of mobile communication terminals 有权用于为移动通信终端的用户提供在线服务的服务访问凭证的自动和安全提供的方法和系统公开(公告)号:US09015473B2
公开(公告)日:2015-04-21
申请号:US12085768
申请日:2005-11-30
申请人: Luciana Costa , Paolo De Lutiis , Federico Frosali
发明人: Luciana Costa , Paolo De Lutiis , Federico Frosali
CPC分类号: H04L63/0442 , H04L63/062 , H04L63/0823 , H04L63/10
摘要: In a communications network including at least one authentication entity adapted to authenticating a network access requestor in order to conditionally grant thereto access to the communications network, wherein the authenticating is based on public key cryptography, a method for automatically provisioning the network access requestor with service access credentials for accessing an on-line service offered by an on-line service provider accessible through the communications network. The method includes: during the authenticating the network access requestor, having an authentication entity request to the on-line service provider the generation of the service access credentials; at the on-line service provider, generating the service access credentials, encrypting the service access credentials by exploiting a public encryption key of the network access requestor and providing the encrypted service access credentials to the authentication entity; and having the authentication entity cause the network access requestor to be provided with the encrypted service access credentials.
摘要翻译: 在包括适于认证网络访问请求者的至少一个认证实体的通信网络中,以有条件地向其通知对通信网络的访问,其中所述认证是基于公开密钥密码术的方法,用于使用服务自动地配置网络接入请求者的方法 用于访问通过通信网络访问的在线服务提供商提供的在线服务的访问凭证。 该方法包括:在认证网络接入请求者期间,向在线服务提供商发送认证实体请求产生业务接入证书; 在在线服务提供商处,生成服务访问凭证,通过利用网络访问请求者的公共加密密钥来加密服务访问凭证,并将加密的服务访问凭证提供给认证实体; 并且使认证实体使网络访问请求者被提供加密的服务访问凭证。
-
6.发明申请Method and System for Automated and Secure Provisioning of Service Access Credentials for On-Line Services to Users of Mobile Communication Terminals 有权为移动通信终端的用户提供在线服务的服务访问凭证的自动和安全配置的方法和系统公开(公告)号:US20090158032A1
公开(公告)日:2009-06-18
申请号:US12085768
申请日:2005-11-30
申请人: Luciana Costa , Paolo De Lutiis , Federico Frosali
发明人: Luciana Costa , Paolo De Lutiis , Federico Frosali
CPC分类号: H04L63/0442 , H04L63/062 , H04L63/0823 , H04L63/10
摘要: In a communications network including at least one authentication entity adapted to authenticating a network access requestor in order to conditionally grant thereto access to the communications network, wherein the authenticating is based on public key cryptography, a method for automatically provisioning the network access requestor with service access credentials for accessing an on-line service offered by an on-line service provider accessible through the communications network. The method includes: during the authenticating the network access requestor, having an authentication entity request to the on-line service provider the generation of the service access credentials; at the on-line service provider, generating the service access credentials, encrypting the service access credentials by exploiting a public encryption key of the network access requestor and providing the encrypted service access credentials to the authentication entity; and having the authentication entity cause the network access requestor to be provided with the encrypted service access credentials.
摘要翻译: 在包括适于认证网络访问请求者的至少一个认证实体的通信网络中,以有条件地向其通知对通信网络的访问,其中所述认证是基于公开密钥密码术的方法,用于使用服务自动地配置网络接入请求者的方法 用于访问通过通信网络访问的在线服务提供商提供的在线服务的访问凭证。 该方法包括:在认证网络接入请求者期间,向在线服务提供商发送认证实体请求产生业务接入证书; 在在线服务提供商处,生成服务访问凭证,通过利用网络访问请求者的公共加密密钥来加密服务访问凭证,并将加密的服务访问凭证提供给认证实体; 并且使认证实体使网络访问请求者被提供加密的服务访问凭证。
-
公开(公告)号:US08621201B2
公开(公告)日:2013-12-31
申请号:US11922781
申请日:2005-06-29
申请人: Luciana Costa , Giorgio Freguglia , Federico Frosali , Romano Fantacci , Leonardo Maccari , Tommaso Pecorella
发明人: Luciana Costa , Giorgio Freguglia , Federico Frosali , Romano Fantacci , Leonardo Maccari , Tommaso Pecorella
IPC分类号: H04M1/68
CPC分类号: H04L63/08 , H04L63/0807 , H04L63/162 , H04W12/04 , H04W12/06 , H04W84/12
摘要: In a wireless communications network including at least one authenticator and at least one authentication server, wherein the authenticator is adapted to interact with the authentication server for authenticating supplicants in order to conditionally grant thereto access to the wireless communications network, a short authentication method for authenticating a supplicant, the method including: providing a shared secret, shared by and available at the supplicant and the authentication server; having the supplicant provide to the authenticator an authentication token, wherein the authentication token is based on the shared secret available thereat; having the authenticator forward the authentication token to the authentication server; having the authentication server ascertain an authenticity of the received authentication token based on the shared secret available thereat; in case the authenticity of the authentication token is ascertained, having the authentication server generate a first authentication key based on the shared secret available thereat, and provide the generated authentication key to the authenticator; having the supplicant generate a second authentication key based on the shared secret; and having the supplicant and the authenticator exploit the generated first and the second keys for communicating with each other. The short authentication method is particularly useful in situations of handoff of the supplicant from an authenticator to another.
摘要翻译: 在包括至少一个认证器和至少一个认证服务器的无线通信网络中,其中所述认证器适于与所述认证服务器交互以认证请求者,以有条件地向其授予对所述无线通信网络的访问,用于认证的短认证方法 一种请求方,该方法包括:提供在请求方和认证服务器共享和可用的共享密钥; 请求者向认证者提供认证令牌,其中认证令牌基于可用的共享秘密; 使认证者将认证令牌转发到认证服务器; 使认证服务器基于可用的共享秘密来确定接收到的认证令牌的真实性; 在确定认证令牌的真实性的情况下,使认证服务器基于可用的共享秘密生成第一认证密钥,并将所生成的认证密钥提供给认证者; 使请求者基于共享密钥生成第二认证密钥; 并且让请求者和认证者利用生成的第一和第二密钥进行通信。 短认证方法在请求方从认证方切换到另一方的情况下特别有用。
-
8.发明授权Method and system for controlling access to communication networks, related network and computer program therefor 有权控制对通信网络的访问,相关网络和计算机程序的方法和系统公开(公告)号:US08561200B2
公开(公告)日:2013-10-15
申请号:US11630415
申请日:2004-06-24
申请人: Luciana Costa , Simone Ruffino , Patrick Stupar
发明人: Luciana Costa , Simone Ruffino , Patrick Stupar
IPC分类号: G06F21/00
CPC分类号: H04L63/162 , H04L63/0853 , H04L63/0892 , H04L63/12 , H04W12/04 , H04W12/06 , H04W12/08 , H04W84/18
摘要: A system for controlling access of a mobile terminal to a communication network including a set of terminals, wherein said mobile terminal obtains access to the network as a result of a successful authentication procedure. The system includes an authenticator module for performing the authentication procedure of the mobile terminal and a communication mechanism configured for making the successful outcome of the authentication procedure known to the terminals in the set. The mobile terminal is thus permitted to access the network via any of the terminals in the set based on the authentication procedure.
摘要翻译: 一种用于控制移动终端对包括一组终端的通信网络的接入的系统,其中所述移动终端由于成功的认证过程而获得对网络的访问。 该系统包括用于执行移动终端的认证过程的认证器模块和被配置用于使该组中的终端已知的认证过程的成功结果的通信机制。 因此,允许移动终端基于认证过程,经由集合中的任何终端访问网络。
-
公开(公告)号:US20110214160A1
公开(公告)日:2011-09-01
申请号:US13127404
申请日:2008-11-03
申请人: Luciana Costa , Roberta D'Amico , Paolo De Lutiis , Manuel Leone , Maurizio Valvo , Paolo Solina
发明人: Luciana Costa , Roberta D'Amico , Paolo De Lutiis , Manuel Leone , Maurizio Valvo , Paolo Solina
IPC分类号: G06F21/00
CPC分类号: H04L63/0869 , H04L63/06 , H04Q11/0067 , H04Q2011/0088
摘要: A method for security in a passive optical network is disclosed. The method includes, at an optical line termination (OLT): detecting an optical termination device and establishing a connection with the device; generating a first authentication message including a first random number; and transmitting the first authentication message through the established connection. At the optical termination device, the method may include: receiving the first authentication message; calculating a first authentication code by using the first random number and a secret code stored at the device; and generating and transmitting to the OLT a second authentication message including the first authentication code. The method may further include, at the OLT: receiving the second authentication message; calculating a second authentication code by using the first random number and a secret code stored at the OLT; and authenticating the optical termination device if the first authentication code matches the second authentication code.
摘要翻译: 公开了一种无源光网络中的安全性方法。 该方法包括:在光线路终端(OLT)处:检测光终端设备并建立与设备的连接; 生成包括第一随机数的第一认证消息; 以及通过建立的连接发送第一认证消息。 在光学终端装置中,该方法可以包括:接收第一认证消息; 通过使用存储在设备中的第一随机数和密码来计算第一认证码; 以及向所述OLT生成并发送包括所述第一认证码的第二认证消息。 该方法还可以包括:在OLT处:接收第二认证消息; 通过使用存储在OLT处的第一随机数和秘密码来计算第二认证码; 以及如果所述第一认证码与所述第二认证码匹配,则认证所述光学终端设备。
-
10.发明申请Method for network selection in communication networks, related network and computer program product therefor 有权通信网络网络选择方法,相关网络及其计算机程序产品公开(公告)号:US20060153135A1
公开(公告)日:2006-07-13
申请号:US10562927
申请日:2003-06-30
申请人: Antonio Ascolese , Luciana Costa , Luca Dell'Uomo , Simone Ruffino , Marco Spini
发明人: Antonio Ascolese , Luciana Costa , Luca Dell'Uomo , Simone Ruffino , Marco Spini
IPC分类号: H04Q7/00
CPC分类号: H04L12/5692 , H04L67/18 , H04W48/18 , H04W48/20
摘要: At least one user is given access to a respective home operator over a communication network such as an IP network, via an access network and through any of a plurality of supported visited networks. The user is communicated a list of the supported visited networks and is thus given the possibility of selecting one of the supported visited networks as the path for reaching the respective home operator.
摘要翻译: 通过诸如IP网络的通信网络经由接入网络以及通过多个受支持的受访网络中的任何一个,给予至少一个用户对相应本地运营商的访问。 向用户传送所支持的受访网络的列表,并且因此被给予选择所支持的受访网络中的一个作为到达相应归属运营商的路径的可能性。
-
-
-
-
-
-
-
-
-
搜索结果
14 条记录 (耗时 0.016 秒)
