公开(公告)号：US08914636B2

公开(公告)日：2014-12-16

申请号：US13535563

申请日：2012-06-28

Applicant: Inhyok Cha ,  Andreas Leicher ,  Andreas Schmidt ,  Louis J. Guccione ,  Yogendra C. Shah ,  Yousif Targali

Inventor： Inhyok Cha ,  Andreas Leicher ,  Andreas Schmidt ,  Louis J. Guccione ,  Yogendra C. Shah ,  Yousif Targali

IPC: H04L29/06 ,  H04W12/06 ,  H04L9/32 ,  H04L12/28

CPC classification number: H04L63/08 ,  H04L9/0816 ,  H04L9/32 ,  H04L12/2856 ,  H04L63/0815 ,  H04L63/102 ,  H04L63/205 ,  H04W12/06

Abstract: Wireless telecommunications networks may implement various forms of authentication. There are a variety of different user and device authentication protocols that follow a similar network architecture, involving various network entities such as a user equipment (UE), a service provider (SP), and an authentication endpoint (AEP). To select an acceptable authentication protocol or credential for authenticating a user or UE, authentication protocol negotiations may take place between various network entities. For example, negotiations may take place in networks implementing a single-sign on (SSO) architecture and/or networks implementing a Generic Bootstrapping Architecture (GBA).

Abstract translation: 无线电信网络可以实现各种形式的认证。 存在各种不同的用户和设备认证协议，其遵循类似的网络架构，涉及诸如用户设备（UE），服务提供商（SP）和认证端点（AEP）的各种网络实体。 为了选择用于验证用户或UE的可接受的认证协议或凭证，认证协议协商可以在各种网络实体之间进行。 例如，可以在实现单点登录（SSO）架构和/或实现通用引导架构（GBA）的网络的网络中进行协商。

公开(公告)号：US20130174241A1

公开(公告)日：2013-07-04

申请号：US13535563

申请日：2012-06-28

Applicant: Inhyok Cha ,  Andreas Leicher ,  Andreas Schmidt ,  Louis J. Guccione ,  Yogendra C. Shah ,  Yousif Targali

Inventor： Inhyok Cha ,  Andreas Leicher ,  Andreas Schmidt ,  Louis J. Guccione ,  Yogendra C. Shah ,  Yousif Targali

IPC: H04L29/06

CPC classification number: H04L63/08 ,  H04L9/0816 ,  H04L9/32 ,  H04L12/2856 ,  H04L63/0815 ,  H04L63/102 ,  H04L63/205 ,  H04W12/06

Abstract: Wireless telecommunications networks may implement various forms of authentication. There are a variety of different user and device authentication protocols that follow a similar network architecture, involving various network entities such as a user equipment (UE), a service provider (SP), and an authentication endpoint (AEP). To select an acceptable authentication protocol or credential for authenticating a user or UE, authentication protocol negotiations may take place between various network entities. For example, negotiations may take place in networks implementing a single-sign on (SSO) architecture and/or networks implementing a Generic Bootstrapping Architecture (GBA).

公开(公告)号：US20070072611A1

公开(公告)日：2007-03-29

申请号：US11237722

申请日：2005-09-29

Applicant: Peretz Feder ,  Ajay Rajkumar ,  Sampath Rangarajan ,  Yousif Targali

Inventor： Peretz Feder ,  Ajay Rajkumar ,  Sampath Rangarajan ,  Yousif Targali

IPC: H04Q7/20

CPC classification number: H04W36/005 ,  H04W36/30

Abstract: At least data link information generated at a medium access control layer or physical link information generated at a physical layer is used to send information to a media independent handover layer.

Abstract translation: 至少在介质访问控制层产生的数据链路信息或在物理层产生的物理链路信息被用于向媒体独立的切换层发送信息。

公开(公告)号：US20130084829A1

公开(公告)日：2013-04-04

申请号：US13630523

申请日：2012-09-28

Applicant: Xavier De Foy ,  Yousif Targali ,  Kamel M. Shaheen ,  Hang Liu ,  Milan Patel ,  Osama Lotfallah

Inventor： Xavier De Foy ,  Yousif Targali ,  Kamel M. Shaheen ,  Hang Liu ,  Milan Patel ,  Osama Lotfallah

IPC: H04W12/06

CPC classification number: H04L63/0815 ,  H04L41/0893 ,  H04L41/5054 ,  H04L61/1588 ,  H04L63/102 ,  H04W4/50 ,  H04W4/70 ,  H04W8/04 ,  H04W8/20 ,  H04W12/06 ,  H04W12/08

Abstract: A method and apparatus for interworking between a mobile network operator and an application provider are disclosed. A network application function (NAF) may be co-located with an OpenID provider such that an application server may communicate with the NAF to access a home subscriber server (HSS) via a bootstrapping server function (BSF). The interfaces between BSF and HSS, and between BSF and NAF may be enhanced to carry information that is available through Sh interface between the application server and the HSS. When the WTRU is roaming in a visited network, the application server may communicate with the visited network for charging and policing for serving the service request from the WTRU. The application server may be co-located with an NAF, and may authenticate the WTRU using Generic Bootstrapping Architecture, and may communicate with a BSF in a home network via an eZn-proxy function to access an HSS.

Abstract translation: 公开了一种用于移动网络运营商和应用提供商之间的互通的方法和装置。 网络应用功能（NAF）可以与OpenID提供者共同定位，使得应用服务器可以通过自举服务器功能（BSF）与NAF进行通信以访问归属订户服务器（HSS）。 可以增强BSF与HSS之间以及BSF与NAF之间的接口，以承载通过应用服务器与HSS之间的Sh接口可用的信息。 当WTRU在被访问网络中漫游时，应用服务器可以与拜访网络进行通信以进行计费和监管，以从WTRU服务服务请求。 应用服务器可以与NAF共同定位，并且可以使用通用引导架构认证WTRU，并且可以经由eZn代理功能与家庭网络中的BSF进行通信以访问HSS。

公开(公告)号：US20130007858A1

公开(公告)日：2013-01-03

申请号：US13341670

申请日：2011-12-30

Applicant: Yogendra C. SHAH ,  Inhyok CHA ,  Andreas SCHMIDT ,  Louis J. GUCCIONE ,  Lawrence CASE ,  Andreas LEICHER ,  Yousif TARGALI

Inventor： Yogendra C. SHAH ,  Inhyok CHA ,  Andreas SCHMIDT ,  Louis J. GUCCIONE ,  Lawrence CASE ,  Andreas LEICHER ,  Yousif TARGALI

IPC: H04W12/06

CPC classification number: H04L63/08 ,  H04L63/0209 ,  H04L63/0815 ,  H04L63/0892 ,  H04L63/10 ,  H04L63/18 ,  H04W12/04 ,  H04W12/06 ,  H04W12/08 ,  H04W36/0038

Abstract: Persistent communication layer credentials generated on a persistent communication layer at one network may be leveraged to perform authentication on another. For example, the persistent communication layer credentials may include application-layer credentials derived on an application layer. The application-layer credentials may be used to establish authentication credentials for authenticating a mobile device for access to services at a network server. The authentication credentials may be derived from the application-layer credentials of another network to enable a seamless handoff from one network to another. The authentication credentials may be derived from the application-layer credentials using reverse bootstrapping or other key derivation functions. The mobile device and/or network entity to which the mobile device is being authenticated may enable communication of authentication information between the communication layers to enable authentication of a device using multiple communication layers.

Abstract translation: 可以利用在一个网络上的持久通信层上生成的持久通信层凭证来执行对另一个网络的认证。 例如，持久通信层凭证可以包括在应用层上导出的应用层凭证。 应用层凭证可以用于建立认证凭证，用于认证移动设备以访问网络服务器处的服务。 认证证书可以从另一网络的应用层凭证导出，以实现从一个网络到另一个网络的无缝切换。 认证证书可以使用反向引导或其他密钥导出功能从应用层凭证中导出。 移动设备和/或网络实体对移动设备进行身份验证可以实现通信层之间的认证信息的通信，从而能够使用多个通信层对设备进行认证。

公开(公告)号：US09009801B2

公开(公告)日：2015-04-14

申请号：US13341670

申请日：2011-12-30

Applicant: Yogendra C. Shah ,  Inhyok Cha ,  Andreas Schmidt ,  Louis J. Guccione ,  Lawrence Case ,  Andreas Leicher ,  Yousif Targali

Inventor： Yogendra C. Shah ,  Inhyok Cha ,  Andreas Schmidt ,  Louis J. Guccione ,  Lawrence Case ,  Andreas Leicher ,  Yousif Targali

IPC: G06F21/00 ,  H04L29/06 ,  H04W36/00 ,  H04W12/06

CPC classification number: H04L63/08 ,  H04L63/0209 ,  H04L63/0815 ,  H04L63/0892 ,  H04L63/10 ,  H04L63/18 ,  H04W12/04 ,  H04W12/06 ,  H04W12/08 ,  H04W36/0038

Abstract: Persistent communication layer credentials generated on a persistent communication layer at one network may be leveraged to perform authentication on another. For example, the persistent communication layer credentials may include application-layer credentials derived on an application layer. The application-layer credentials may be used to establish authentication credentials for authenticating a mobile device for access to services at a network server. The authentication credentials may be derived from the application-layer credentials of another network to enable a seamless handoff from one network to another. The authentication credentials may be derived from the application-layer credentials using reverse bootstrapping or other key derivation functions. The mobile device and/or network entity to which the mobile device is being authenticated may enable communication of authentication information between the communication layers to enable authentication of a device using multiple communication layers.

Abstract translation: 可以利用在一个网络上的持久通信层上生成的持久通信层凭证来执行对另一个网络的认证。 例如，持久通信层凭证可以包括在应用层上导出的应用层凭证。 应用层凭证可以用于建立认证凭证，用于认证移动设备以访问网络服务器处的服务。 认证证书可以从另一网络的应用层凭证导出，以实现从一个网络到另一个网络的无缝切换。 认证证书可以使用反向引导或其他密钥导出功能从应用层凭证中导出。 移动设备和/或网络实体对移动设备进行身份验证可以实现通信层之间的认证信息的通信，从而能够使用多个通信层对设备进行认证。

公开(公告)号：US20060221899A1

公开(公告)日：2006-10-05

申请号：US11094432

申请日：2005-03-31

Applicant: Peretz Feder ,  Ajay Rajkumar ,  Sampath Rangarajan ,  Yousif Targali

Inventor： Peretz Feder ,  Ajay Rajkumar ,  Sampath Rangarajan ,  Yousif Targali

IPC: H04Q7/00

CPC classification number: H04W36/0011

Abstract: At least one trigger at a point-to-point protocol layer indicating a status of a point-to-point link is generated and sent to a media independent handover entity.

Abstract translation: 在指向点对点链路的状态的点到点协议层上的至少一个触发器被产生并发送到媒体独立的切换实体。