-
公开(公告)号:US08650619B2
公开(公告)日:2014-02-11
申请号:US12859503
申请日:2010-08-19
IPC分类号: G06F7/04
CPC分类号: H04L63/0869 , H04L63/10 , H04W4/00 , H04W4/50 , H04W4/70
摘要: An automated method is provided for mutual discovery between a network entity and a client entity that cooperate for providing a service in a machine-to-machine environment. In an embodiment, the network entity receives an identifier in a communication from a server on behalf of the client entity. At some point in time, the network entity receives a communication containing the identifier from the client entity. Before or after receiving the client entity communication, the network entity discovers itself to the client entity. Some time after receiving the client entity communication, the network entity authenticates the client entity, establishes a permanent security association with the client entity, and initiates the service.
摘要翻译: 提供了一种自动化方法,用于网络实体和协作用于在机器到机器环境中提供服务的客户端实体之间的相互发现。 在一个实施例中,网络实体代表客户实体从服务器接收通信中的标识符。 在某个时间点,网络实体从客户实体接收包含标识符的通信。 在接收到客户端实体通信之前或之后,网络实体发现自己到客户端实体。 网络实体收到客户端实体一段时间后,对客户端实体进行身份认证,与客户端实体建立永久安全关联,并启动业务。
-
公开(公告)号:US20120047558A1
公开(公告)日:2012-02-23
申请号:US12859503
申请日:2010-08-19
CPC分类号: H04L63/0869 , H04L63/10 , H04W4/00 , H04W4/50 , H04W4/70
摘要: An automated method is provided for mutual discovery between a network entity and a client entity that cooperate for providing a service in a machine-to-machine environment. In an embodiment, the network entity receives an identifier in a communication from a server on behalf of the client entity. At some point in time, the network entity receives a communication containing the identifier from the client entity. Before or after receiving the client entity communication, the network entity discovers itself to the client entity. Some time after receiving the client entity communication, the network entity authenticates the client entity, establishes a permanent security association with the client entity, and initiates the service.
摘要翻译: 提供了一种自动化方法,用于网络实体和协作用于在机器到机器环境中提供服务的客户端实体之间的相互发现。 在一个实施例中,网络实体代表客户实体从服务器接收通信中的标识符。 在某个时间点,网络实体从客户实体接收包含标识符的通信。 在接收到客户端实体通信之前或之后,网络实体发现自己到客户端实体。 网络实体收到客户端实体一段时间后,对客户端实体进行身份认证,与客户端实体建立永久安全关联,并启动业务。
-
公开(公告)号:US20140004796A1
公开(公告)日:2014-01-02
申请号:US13534976
申请日:2012-06-27
摘要: A method of providing peer to peer discovery for a plurality of mobiles on a communications network, the plurality of mobiles including at least a first mobile and a second mobile, includes detecting, at a network element, that the first and second mobiles are in proximity with respect to one another; generating a determination result at the network element after the detecting, the determination result indicating whether the first and second mobiles are capable of establishing a direct device to device (D2D) link with one another based on signal reception qualities of the first and second mobiles; and generating a D2D capability message at the network element based on the determination result, the D2D capability message indicating that the first and second mobiles are capable of establishing a D2D link with one another.
摘要翻译: 一种在通信网络上为多个移动台提供对等点发现的方法,所述多个移动站包括至少第一移动站和第二移动站,包括在网络单元处检测到第一和第二移动站处于邻近 相互之间; 在所述检测之后,在所述网元生成确定结果,所述确定结果指示所述第一移动台和所述第二移动台是否能够基于所述第一和第二移动台的信号接收质量彼此链接到设备(D2D); 以及基于所述确定结果在所述网元处生成D2D能力消息,所述D2D能力消息指示所述第一和第二移动台能够彼此建立D2D链路。
-
公开(公告)号:US08849203B2
公开(公告)日:2014-09-30
申请号:US13534976
申请日:2012-06-27
IPC分类号: H04B7/00
摘要: A method of providing peer to peer discovery for a plurality of mobiles on a communications network, the plurality of mobiles including at least a first mobile and a second mobile, includes detecting, at a network element, that the first and second mobiles are in proximity with respect to one another; generating a determination result at the network element after the detecting, the determination result indicating whether the first and second mobiles are capable of establishing a direct device to device (D2D) link with one another based on signal reception qualities of the first and second mobiles; and generating a D2D capability message at the network element based on the determination result, the D2D capability message indicating that the first and second mobiles are capable of establishing a D2D link with one another.
摘要翻译: 一种在通信网络上为多个移动台提供对等点发现的方法,所述多个移动站包括至少第一移动站和第二移动站,包括在网络单元处检测到第一和第二移动站处于邻近 相互之间; 在所述检测之后,在所述网元生成确定结果,所述确定结果指示所述第一移动台和所述第二移动台是否能够基于所述第一和第二移动台的信号接收质量彼此链接到设备(D2D); 以及基于所述确定结果在所述网元处生成D2D能力消息,所述D2D能力消息指示所述第一和第二移动台能够彼此建立D2D链路。
-
5.发明授权Session key generation and distribution with multiple security associations per protocol instance 有权每个协议实例具有多个安全关联的会话密钥生成和分发公开(公告)号:US08774411B2
公开(公告)日:2014-07-08
申请号:US12474764
申请日:2009-05-29
CPC分类号: H04L9/0819 , H04L9/0844 , H04L63/0428 , H04L2209/80 , H04W12/08
摘要: A single instance of a session key generation protocol is executed in a manner that generates a plurality of security associations between user equipment and a first network element of a communication system. In one aspect, a first one of the security associations is utilized to secure data sent between the user equipment and the first network element in an ongoing communication. In conjunction with a handoff of the ongoing communication from the first network element to a second network element of the communication system, another one of the security associations is selected, and the other selected security association is utilized to secure data sent between the user equipment and the second network element in the ongoing communication. The security associations may comprise respective sets of session keys derived from a single pairwise master key.
摘要翻译: 执行会话密钥生成协议的单个实例,以便在用户设备和通信系统的第一网络元件之间生成多个安全关联。 在一个方面,安全关联中的第一个被用于在正在进行的通信中保护在用户设备和第一网络元件之间发送的数据。 结合从第一网络元件到通信系统的第二网络元件的正在进行的通信的切换,选择另一个安全关联,并且使用另一个选择的安全关联来保护在用户设备和 正在进行的通信中的第二个网络元素。 安全关联可以包括从单个成对主密钥导出的各组会话密钥。
-
6.发明授权公开(公告)号:US08230212B2
公开(公告)日:2012-07-24
申请号:US11740152
申请日:2007-04-25
IPC分类号: H04L29/06
CPC分类号: H04L9/321 , H04L63/0892 , H04L2209/76 , H04L2209/80 , H04W12/04 , H04W12/06 , H04W80/04
摘要: The present invention provides a method involving a mobile node, a home agent, and an authentication server in a wireless communication system. The method includes generating, at the authentication server, a first security key that indicates a secure association between the home agent and the mobile node based on a second security key that indicates a secure association between the mobile node and the authentication server. The method also includes generating, at the authentication server, at least one first index associated with the first security key. The first index is also generated by the mobile node. The method also includes storing, at the authentication server, the first index and the first security key.
摘要翻译: 本发明提供一种在无线通信系统中涉及移动节点,归属代理和认证服务器的方法。 该方法包括在认证服务器处基于指示移动节点和认证服务器之间的安全关联的第二安全密钥,生成指示归属代理和移动节点之间的安全关联的第一安全密钥。 该方法还包括在认证服务器处生成与第一安全密钥相关联的至少一个第一索引。 第一个索引也是由移动节点生成的。 该方法还包括在认证服务器处存储第一索引和第一安全密钥。
-
公开(公告)号:US08189544B2
公开(公告)日:2012-05-29
申请号:US11474591
申请日:2006-06-26
IPC分类号: H04W4/00
CPC分类号: H04L63/0428 , H04L63/061 , H04L63/062 , H04W12/04 , H04W80/04
摘要: A key distribution scheme is provided, which is useful for establishing, distributing, and maintaining security associations in a Mobile IP network. An authentication server performs an initial validation of a new session and generates a root key which it delivers to the initial access gateway and to the home agent. The initial access gateway and the home agent each independently compute a derivative key available only to themselves. The initial access gateway, acting as proxy for the mobile station, uses the derivative key to sign the Mobile IP registration or binding update transactions, and sends the signed registration or binding update to the home agent for validation. Once the session is established between the mobile station and the home agent, the access gateways act as proxies on behalf of the mobile station to maintain the session mobility. In handoff, the new access gateway acquires the root key as part of the transferred session context. The new access gateway, acting as proxy for the mobile station, computes a new derivative key from the root key and uses it to sign a binding update.
摘要翻译: 提供了一种密钥分配方案,对于在移动IP网络中建立,分发和维护安全关联是有用的。 认证服务器执行新会话的初始验证,并生成一个根密钥,该密钥将传递给初始接入网关和归属代理。 初始接入网关和归属代理各自独立地计算可用于其自身的导数密钥。 作为移动台的代理的初始接入网关使用派生密钥对移动IP注册或绑定更新事务进行签名,并将签名的注册或绑定更新发送到归属代理进行验证。 一旦在移动台和归属代理之间建立了会话,则接入网关代表移动台充当代理以维持会话移动性。 在切换中,新的接入网关获取根密钥作为传送的会话上下文的一部分。 新的接入网关作为移动台的代理,从根密钥计算新的派生密钥,并使用它来签署绑定更新。
-
公开(公告)号:US20080137853A1
公开(公告)日:2008-06-12
申请号:US11682516
申请日:2007-03-06
IPC分类号: H04K1/00
CPC分类号: H04L63/0876 , H04L9/0631 , H04L9/0836 , H04L9/0844 , H04L9/3242 , H04L63/061 , H04L2209/80
摘要: The present invention provides a method of operating a mobile unit in a wireless communication system. Embodiments of the method may include providing access request message(s) including information indicative of a first counter and a message authentication code formed using a first key. The first key is derived from a second key and the first counter. The second key is derived from a third key established for a security session between the mobile unit and an authenticator. The first counter is incremented in response to each access request provided by the mobile unit.
摘要翻译: 本发明提供一种在无线通信系统中操作移动单元的方法。 该方法的实施例可以包括提供包括指示第一计数器的信息和使用第一密钥形成的消息认证码的访问请求消息。 第一个键是从第二个键和第一个计数器派生出来的。 第二个密钥是从为移动单元和认证者之间的安全会话建立的第三个密钥导出的。 响应于由移动单元提供的每个访问请求,第一个计数器递增。
-
公开(公告)号:US20070297377A1
公开(公告)日:2007-12-27
申请号:US11474591
申请日:2006-06-26
IPC分类号: H04Q7/24
CPC分类号: H04L63/0428 , H04L63/061 , H04L63/062 , H04W12/04 , H04W80/04
摘要: A key distribution scheme is provided, which is useful for establishing, distributing, and maintaining security associations in a Mobile IP network. An authentication server performs an initial validation of a new session and generates a root key which it delivers to the initial access gateway and to the home agent. The initial access gateway and the home agent each independently compute a derivative key available only to themselves. The initial access gateway, acting as proxy for the mobile station, uses the derivative key to sign the Mobile IP registration or binding update transactions, and sends the signed registration or binding update to the home agent for validation. Once the session is established between the mobile station and the home agent, the access gateways act as proxies on behalf of the mobile station to maintain the session mobility. In handoff, the new access gateway acquires the root key as part of the transferred session context. The new access gateway, acting as proxy for the mobile station, computes a new derivative key from the root key and uses it to sign a binding update.
摘要翻译: 提供了一种密钥分配方案,对于在移动IP网络中建立,分发和维护安全关联是有用的。 认证服务器执行新会话的初始验证,并生成一个根密钥,该密钥将传递给初始接入网关和归属代理。 初始接入网关和归属代理各自独立地计算可用于其自身的导数密钥。 作为移动台的代理的初始接入网关使用派生密钥对移动IP注册或绑定更新事务进行签名,并将签名的注册或绑定更新发送到归属代理进行验证。 一旦在移动台和归属代理之间建立了会话,则接入网关代表移动台充当代理以维持会话移动性。 在切换中,新的接入网关获取根密钥作为传送的会话上下文的一部分。 新的接入网关作为移动台的代理,从根密钥计算新的派生密钥,并使用它来签署绑定更新。
-
公开(公告)号:US06941142B2
公开(公告)日:2005-09-06
申请号:US10095625
申请日:2002-03-12
摘要: A selective Global Service Redirection mechanism allows a service provider, for instance, to instruct only CDMA2000 (MOB_P_REV=6) mobiles to access specific carrier that is deployed to support advanced services known as 3G services. In another embodiment, data-only CDMA2000 mobiles are instructed to access specific carrier that is optimized to support high speed data services. Additionally, data-only CDMA2000 mobiles may be instructed to access a specific carrier that is optimized to support high speed data services. Pre-CDMA2000 mobiles (MOB_P_REV
摘要翻译: 选择性全球服务重定向机制允许服务提供商例如仅指示CDMA2000(MOB_P_REV = 6)移动台访问被部署以支持被称为3G服务的高级服务的特定运营商。 在另一个实施例中,仅数据的CDMA2000移动台被指示访问被优化以支持高速数据服务的特定载波。 此外,可以指示仅数据的CDMA2000移动台访问被优化以支持高速数据服务的特定载波。 CDMA2000手机(MOB_P_REV <6)被传统的全球服务重定向消息重定向到另一个载波,而CDMA2000手机(MOB_P_REV = <6)被指示忽略该重定向。
-
-
-
-
-
-
-
-
-
搜索结果
67 条记录 (耗时 0.02 秒)
