公开(公告)号：US20070074275A1

公开(公告)日：2007-03-29

申请号：US11397837

申请日：2006-04-04

Applicant: Gabor Bajko ,  Tat Chan

Inventor： Gabor Bajko ,  Tat Chan

IPC: H04L9/32 ,  G06K9/00 ,  G06F17/30 ,  G06F15/16 ,  G06F7/04 ,  G06F7/58 ,  G06K19/00

CPC classification number: H04L9/0891 ,  H04L9/3271 ,  H04L63/067 ,  H04L63/068 ,  H04L2209/56 ,  H04L2209/80 ,  H04W12/04

Abstract: An approach is provided for refreshing keys in a communication system. An application request is transmitted to a network element configured to provide secure services. A message is received, in response to the application request, indicating refreshment of a key that is used to provide secure communications with the network element. A refreshed key is derived based on the received message.

Abstract translation: 提供了一种用于在通信系统中刷新密钥的方法。 将应用请求发送到被配置为提供安全服务的网元。 响应于应用请求，接收到指示用于提供与网络元件的安全通信的密钥的刷新的消息。 基于接收到的消息导出刷新密钥。

公开(公告)号：US20060282882A1

公开(公告)日：2006-12-14

申请号：US11232494

申请日：2005-09-21

Applicant: Gabor Bajko ,  Tat Chan

Inventor： Gabor Bajko ,  Tat Chan

IPC: H04L9/32

CPC classification number: H04L9/0844 ,  H04L9/3271 ,  H04L63/08 ,  H04L63/14 ,  H04L63/1466 ,  H04L63/20 ,  H04L63/205 ,  H04L69/18 ,  H04L2209/80

Abstract: In one exemplary and non-limiting aspect thereof this invention provides a method to execute a bootstrapping procedure between a node, such as a MN, and a wireless network (WN). The method includes sending the WN a first message that contains a list of authentication mechanisms supported by the MN; determining in the WN an authentication mechanism to be used for bootstrapping, based at least on the list received from the MN, and including in a first response message to the MN information pertaining to the determined authentication mechanism; and sending a second message to the WN that is at least partially integrity, the second message containing the list of authentication mechanisms that the MN supports in an integrity protected form. If authentication is successful, and if the list received in the second message matches the list received in the first message, the method further includes responding to the MN with a second response message that is at least partially integrity protected, where the second response message contains an indication of the selected authentication mechanism in an integrity protected form; and receiving the successful response message and verifying that the authentication mechanism used by the MN matches the authentication mechanism selected by the WN.

Abstract translation: 在其一个示例性和非限制性方面，本发明提供了一种在诸如MN的节点与无线网络（WN）之间执行自举过程的方法。 该方法包括向WN发送包含由MN支持的认证机制的列表的第一消息; 至少基于从MN接收到的列表，在WN中确定要用于引导的认证机制，并且在与所确定的认证机制有关的MN的第一响应消息中包括MN信息; 以及向所述WN发送至少部分完整性的第二消息，所述第二消息包含所述MN以完整性保护形式支持的认证机制的列表。 如果认证成功，并且如果在第二消息中接收到的列表与第一消息中接收的列表匹配，则该方法还包括用至少部分完整性保护的第二响应消息来响应MN，其中第二响应消息包含 所选认证机制以完整性保护形式的指示; 并且接收到成功的响应消息并且验证由MN使用的认证机制与由WN选择的认证机制相匹配。

公开(公告)号：US20070204160A1

公开(公告)日：2007-08-30

申请号：US11606910

申请日：2006-12-01

Applicant: Tat Chan ,  Gabor Bajko

Inventor： Tat Chan ,  Gabor Bajko

IPC: H04L9/00

CPC classification number: H04L9/0838 ,  H04L9/08 ,  H04L9/0841 ,  H04L9/3247 ,  H04L9/3265 ,  H04L9/3271 ,  H04L63/061 ,  H04L63/062 ,  H04L63/08 ,  H04L63/0823 ,  H04L63/0869 ,  H04L63/205 ,  H04L2209/38 ,  H04L2209/56 ,  H04L2209/80 ,  H04L2463/061 ,  H04W12/04 ,  H04W12/06 ,  H04W88/02

Abstract: The invention relates to a method of authenticating a user equipment in a communications network. The method involves sending a message from a network entity to the user equipment. This message includes a set of options for an authentication procedure for authenticating an internet protocol communication over a first interface between the user equipment and the network entity; said options including a “shared key”-based authentication procedure. The method also involves selecting an option from the set. In the event that the “shared-key”-based authentication procedure is selected, a shared secret from a security key established in a generic bootstrapping architecture (GBA) is generated over a second interface between the user equipment and a bootstrapping service function. The shared secret is then used to compute and verify authentication payloads in the key-based authentication procedure for the communication over the first interface.

Abstract translation: 本发明涉及一种在通信网络中认证用户设备的方法。 该方法涉及将消息从网络实体发送到用户设备。 该消息包括用于通过用户设备和网络实体之间的第一接口认证互联网协议通信的认证过程的一组选项; 所述选项包括基于“共享密钥”的认证过程。 该方法还涉及从集合中选择一个选项。 在选择基于“共享密钥”的认证过程的情况下，通过在通用引导体系结构（GBA）中建立的安全密钥的共享密钥在用户设备和引导服务功能之间的第二接口上生成。 然后，共享秘密用于在基于密钥的认证过程中通过第一接口进行通信的计算和验证认证有效载荷。

公开(公告)号：US20080195867A1

公开(公告)日：2008-08-14

申请号：US11672900

申请日：2007-02-08

Applicant: Nadarajah Asokan ,  Govind Krishnamurthi ,  Tat Chan

Inventor： Nadarajah Asokan ,  Govind Krishnamurthi ,  Tat Chan

IPC: H04L9/00

CPC classification number: H04L63/126 ,  G06F21/32 ,  H04L63/0861 ,  H04L63/0869 ,  H04L63/1441 ,  H04L63/1466 ,  H04W12/06 ,  H04W12/08

Abstract: A method for authenticating communicating parties is disclosed. In the method biometric information associated with a first party is generated based on a recording of the first party presenting a predefined input parameter. Said biometric information may then be transmitted to a second party. Authenticity of a security parameter associated with the first party can then be verified based on said biometric information.

Abstract translation: 公开了一种认证通信方的方法。 在该方法中，基于呈现预定义的输入参数的第一方的记录来生成与第一方相关联的生物特征信息。 然后可以将所述生物特征信息传送给第二方。 然后可以基于所述生物特征信息来验证与第一方相关联的安全参数的真实性。

公开(公告)号：US20070150943A1

公开(公告)日：2007-06-28

申请号：US11566894

申请日：2006-12-05

Applicant: Yile Guo ,  Tat Chan

Inventor： Yile Guo ,  Tat Chan

IPC: H04L9/32

CPC classification number: G06F21/34 ,  G06F21/31 ,  G06F2221/2103 ,  G06F2221/2115 ,  G06F2221/2119 ,  H04L63/083 ,  H04L63/0853 ,  H04L63/123 ,  H04L63/168 ,  H04M1/72561 ,  H04W12/06 ,  H04W12/10

Abstract: A mobile terminal for securely communicating with a network includes a user identity module (UIM) and a user equipment module. The user equipment module includes a client application. The UIM is in operable communication with the user equipment and includes a password provisioning module (PPM), a password generating module, a response verification module (RVM) and a response generation module (RGM). The PPM is configured to store a password. The password generating module is in operable communication with the PPM and configured to generate the password. The RGM and RVM are in operable communication with both the client application and the PPM. The RGM is configured to generate an authentication response from the password in response to a request from the client application. The RVM is configured to verify a request for a server digest response and generate a verification result in response to a request from the client application.

Abstract translation: 用于与网络安全通信的移动终端包括用户身份模块（UIM）和用户设备模块。 用户设备模块包括客户端应用。 UIM与用户设备可操作地通信，包括口令提供模块（PPM），密码生成模块，响应验证模块（RVM）和响应生成模块（RGM）。 PPM配置为存储密码。 密码生成模块与PPM可操作地通信并被配置为生成密码。 RGM和RVM可以与客户端应用程序和PPM进行可操作的通信。 RGM被配置为响应于来自客户端应用的请求从密码生成认证响应。 RVM被配置为验证对服务器摘要响应的请求，并响应于来自客户端应用的请求生成验证结果。

公开(公告)号：US20070127591A1

公开(公告)日：2007-06-07

申请号：US11670791

申请日：2007-02-02

Applicant: Tat Chan ,  Songly Mu

Inventor： Tat Chan ,  Songly Mu

IPC: H04L25/03 ,  H04L25/49 ,  H04K1/02

CPC classification number: H04B3/54 ,  H04B3/542 ,  H04B3/544 ,  H04B3/56 ,  H04B2203/5408 ,  H04B2203/5441 ,  H04B2203/5445 ,  H04B2203/5466 ,  H04B2203/5483 ,  H04L25/0272 ,  H04L27/2601

Abstract: A powerline network system. The system includes a power transformer device at a public utility facility. The system has a powerline box coupled to the transformer device. In a preferred embodiment, the powerline box comprises at least three lines including a first phase, a second phase, and a third phase. The first phase, the second phase, and the third phase are derived from the power transformer device. The system has a powerline coupler coupled to the first phase, the second phase, and the third phase and a multichannel data communication device coupled to the powerline coupler. In a preferred embodiment, the multichannel data communication device includes N channels, whereupon N is an integer greater than 8. The system has a first capacitor and a second capacitor coupled to the first phase and a first length of wiring between the first capacitor and the second capacitor. Preferably, the first length of wire is inductively coupled to one or more power line communication devices. The system has a third capacitor and a fourth capacitor coupled to the second phase and a second length of wiring between the third capacitor and the fourth capacitor. Preferably, the second length of wiring is inductively coupled to one or more power line communication devices. The system has a fifth capacitor and a sixth capacitor coupled to the third phase and a third length of wiring between the fifth capacitor and the sixth capacitor. Preferably, the third length of wiring is inductively coupled to one or more powerline communication devices.

Abstract translation: 电力线网络系统。 该系统在公共设施中包括电力变压器装置。 该系统具有耦合到变压器装置的电力线盒。 在优选实施例中，电力线盒包括至少三条线，包括第一相，第二相和第三相。 第一相，第二相和第三相源自电力变压器装置。 该系统具有耦合到第一相位，第二相位和第三相位的电力线耦合器以及耦合到电力线耦合器的多通道数据通信设备。 在优选实施例中，多通道数据通信设备包括N个通道，因此N是大于8的整数。该系统具有耦合到第一相的第一电容器和第二电容器以及第一电容器与第一电容器之间的第一布线长度 第二电容器。 优选地，第一长度的导线感应耦合到一个或多个电力线通信装置。 该系统具有耦合到第二相的第三电容器和第四电容器以及第三电容器和第四电容器之间的第二布线长度。 优选地，第二长度的布线感应耦合到一个或多个电力线通信装置。 该系统具有耦合到第三相的第五电容器和第六电容器以及第五电容器和第六电容器之间的第三布线长度。 优选地，第三长度的布线感应耦合到一个或多个电力线通信装置。

公开(公告)号：US20060199427A1

公开(公告)日：2006-09-07

申请号：US11417786

申请日：2006-05-03

Applicant: Tat Chan

Inventor： Tat Chan

IPC: H01R11/00

CPC classification number: H04B3/542 ,  H01R13/6675 ,  H01R31/005 ,  H01R2201/04 ,  H04B3/56 ,  H04B2203/5445 ,  H04B2203/5483

Abstract: A portable connector for power line networking. The connector includes a single AC connector, which has at least a first prong and a second prong (which will be plugged into a conventional connector device). The connector also has at least a first pair of wires coupled to the single AC connector. The first pair of wires includes a first wire coupled to the first prong and a second wire coupled to the second prong. A hardware module is coupled to the first pair of wires, which are adapted to transmit a plurality of AC signals corresponding to AC power from the AC connector and a plurality data signals from the AC connector. A single DC connector is coupled to the hardware module. A single network connector is also coupled to the hardware module.

Abstract translation: 用于电力线网络的便携式连接器。 连接器包括具有至少第一插脚和第二插脚（将插入常规连接器装置）的单个AC连接器。 连接器还具有耦合到单个AC连接器的至少第一对导线。 第一对导线包括耦合到第一插脚的第一线和耦合到第二插脚的第二线。 硬件模块耦合到第一对导线，其适于从AC连接器传输对应于AC电力的多个AC信号和来自AC连接器的多个数据信号。 单个DC连接器耦合到硬件模块。 单个网络连接器也耦合到硬件模块。

公开(公告)号：US20060193110A1

公开(公告)日：2006-08-31

申请号：US11219029

申请日：2005-09-02

Applicant: Tat Chan ,  Songly Mu

Inventor： Tat Chan ,  Songly Mu

IPC: G06F1/16

CPC classification number: G06F1/26 ,  H04B3/542 ,  H04B2203/5454

Abstract: A power supply apparatus and related method. The power supply apparatus has an AC input. The apparatus has a converter for converting AC power into DC power. In a specific embodiment, the converter has an input and an output. In a specific embodiment, the input of the converter is coupled to the AC input. The power supply apparatus has a DC output for voltage ranging. The output of the converter is coupled to the DC output. The apparatus also has a fan operably configured to transfer thermal energy away from the converter and a data input/output port, the data input/output port being coupled to a data signal from a data source. The apparatus has a coupler coupled between the data input/output port and the AC input. A power line module is coupled to the coupler. The power line module is adapted to convert the data signal from a first format to a second format. The second format is capable of transmission to the AC input. An enclosure is provided for the coupler. The enclosure shields the data signal from noise, e.g., high frequency noise, low frequency noise.

Abstract translation: 电源装置及相关方法。 电源装置具有AC输入。 该装置具有用于将AC电力转换为DC电力的转换器。 在具体实施例中，转换器具有输入和输出。 在具体实施例中，转换器的输入耦合到AC输入。 电源装置具有用于电压测距的直流输出。 转换器的输出耦合到直流输出。 该装置还具有可操作地配置成将热能传送离开转换器和数据输入/输出端口的风扇，数据输入/输出端口被耦合到来自数据源的数据信号。 该装置具有耦合在数据输入/输出端口和AC输入端之间的耦合器。 电源线模块耦合到耦合器。 电力线模块适于将数据信号从第一格式转换成第二格式。 第二种格式能够传输到AC输入。 为耦合器提供外壳。 外壳屏蔽数据信号免受噪声，例如高频噪声，低频噪声。

公开(公告)号：US08091122B2

公开(公告)日：2012-01-03

申请号：US11566894

申请日：2006-12-05

Applicant: Yile Guo ,  Tat Chan

Inventor： Yile Guo ,  Tat Chan

IPC: G06F7/04

CPC classification number: G06F21/34 ,  G06F21/31 ,  G06F2221/2103 ,  G06F2221/2115 ,  G06F2221/2119 ,  H04L63/083 ,  H04L63/0853 ,  H04L63/123 ,  H04L63/168 ,  H04M1/72561 ,  H04W12/06 ,  H04W12/10

Abstract: A mobile terminal for securely communicating with a network includes a user identity module (UIM) and a user equipment module. The user equipment module includes a client application. The UIM is in operable communication with the user equipment and includes a password provisioning module (PPM), a password generating module, a response verification module (RVM) and a response generation module (RGM). The PPM is configured to store a password. The password generating module is in operable communication with the PPM and configured to generate the password. The RGM and RVM are in operable communication with both the client application and the PPM. The RGM is configured to generate an authentication response from the password in response to a request from the client application. The RVM is configured to verify a request for a server digest response and generate a verification result in response to a request from the client application.

Abstract translation: 用于与网络安全通信的移动终端包括用户身份模块（UIM）和用户设备模块。 用户设备模块包括客户端应用。 UIM与用户设备可操作地通信，包括口令提供模块（PPM），密码生成模块，响应验证模块（RVM）和响应生成模块（RGM）。 PPM配置为存储密码。 密码生成模块与PPM可操作地通信并被配置为生成密码。 RGM和RVM可以与客户端应用程序和PPM进行可操作的通信。 RGM被配置为响应于来自客户端应用的请求从密码生成认证响应。 RVM被配置为验证对服务器摘要响应的请求，并响应于来自客户端应用的请求生成验证结果。

公开(公告)号：US20070259644A1

公开(公告)日：2007-11-08

申请号：US11689463

申请日：2007-03-21

Applicant: Tat Chan ,  Sonly Mu

Inventor： Tat Chan ,  Sonly Mu

IPC: H04M9/00

CPC classification number: H04B3/54 ,  H04B3/56 ,  H04B2203/5445 ,  H04B2203/5454

Abstract: Method and system for powerline local area network over coaxial cable. According to an embodiment, the present invention provides a powerline communication system. The system includes a data connection that is configured to communicating a first signal in a first format. The data connection includes an input/output port. The system also includes a powerline module coupled to the input/output port of the data connection. The powerline module has a data port. The powerline module is configured to convert the first signal in the first format into a second signal into a second format. The first format is different from the second format. The system additionally includes an analog front end device that coupled to the dataport of the powerline module. The analog front end device is configured to condition the second signal for transmission over one or more powerline and/or one or more coaxial cables. Furthermore, the system includes a coupler device coupled to the analog front end device.

Abstract translation: 电力线局域网同轴电缆的方法与系统。 根据实施例，本发明提供一种电力线通信系统。 该系统包括被配置为以第一格式传送第一信号的数据连接。 数据连接包括输入/​​输出端口。 该系统还包括耦合到数据连接的输入/输出端口的电力线模块。 电力线模块具有数据端口。 电力线模块被配置为将第一格式的第一信号转换成第二信号为第二格式。 第一种格式与第二种格式不同。 该系统还包括耦合到电力线模块的数据端口的模拟前端设备。 模拟前端设备被配置为调节第二信号以便在一个或多个电力线和/或一个或多个同轴电缆上传输。 此外，该系统包括耦合到模拟前端装置的耦合器装置。