-
公开(公告)号:US20050195780A1
公开(公告)日:2005-09-08
申请号:US11066175
申请日:2005-02-25
申请人: Henry Haverinen , Heikki Riittinen , Pasi Eronen
发明人: Henry Haverinen , Heikki Riittinen , Pasi Eronen
CPC分类号: H04L63/0272 , H04L63/164 , H04W8/26 , H04W80/04
摘要: The present invention relates to arranging data transmission for a mobile node in a telecommunications system comprising a secure network and an insecure network. A connection to a secure network for a mobile node may be arranged by a home agent if the mobile node is accessing the secure network directly or via a third network other than the insecure network, or a connection to the secure network may be arranged by a VPN node if the mobile node is accessing the secure network via the insecure network. According to a first aspect of the invention, the VPN node and the home agent are configured to allocate the same IP address as an internal IP address and as a home address.
摘要翻译: 本发明涉及在包括安全网络和不安全网络的电信系统中布置移动节点的数据传输。 如果移动节点直接或经由除了不安全网络之外的第三网络访问安全网络,则归属代理可以由归属代理安排到用于移动节点的安全网络的连接,或者可以通过安全网络 VPN节点,如果移动节点正在通过不安全的网络访问安全网络。 根据本发明的第一方面,VPN节点和归属代理被配置为分配与内部IP地址相同的IP地址和家庭地址。
-
2.发明申请Method and system for maintaining a secure tunnel in a packet-based communication system 有权用于在基于分组的通信系统中维护安全隧道的方法和系统公开(公告)号:US20070053328A1
公开(公告)日:2007-03-08
申请号:US10583853
申请日:2003-12-22
申请人: Heikki Riittinen , Juha Savolainen
发明人: Heikki Riittinen , Juha Savolainen
IPC分类号: H04Q7/24
CPC分类号: H04L63/0272 , H04L63/0428 , H04L63/164 , H04W8/26 , H04W76/10
摘要: The invention relates to a mechanism for maintaining a secure tunnel in a packet-based communication system. A secure tunnel is established between a security gateway and a mobile terminal being located at a first address in a first network, wherein the security gateway connects the first network to a second network and the mobile terminal has a second address that identifies the mobile terminal in the second network. In the gateway, the tunnel is identified based on the second address in packets destined for the mobile terminal from the second network. A change is detected in the first address of the mobile terminal and an update message including a new address value of the first address is sent to the security gateway. Based on the update message, the first address associated with the secure tunnel is updated in the security gateway.
摘要翻译: 本发明涉及一种用于在基于分组的通信系统中维护安全隧道的机制。 在安全网关和位于第一网络中的第一地址处的移动终端之间建立安全隧道,其中所述安全网关将所述第一网络连接到第二网络,并且所述移动终端具有标识所述移动终端的第二地址 第二个网络。 在网关中,基于来自第二网络的去往移动终端的分组中的第二地址来识别隧道。 在移动终端的第一地址中检测到改变,并且将包括第一地址的新地址值的更新消息发送到安全网关。 基于更新消息,在安全网关中更新与安全隧道相关联的第一地址。
-
3.发明授权Method and system for maintaining a secure tunnel in a packet-based communication system 有权用于在基于分组的通信系统中维护安全隧道的方法和系统公开(公告)号:US07623500B2
公开(公告)日:2009-11-24
申请号:US10583853
申请日:2003-12-22
CPC分类号: H04L63/0272 , H04L63/0428 , H04L63/164 , H04W8/26 , H04W76/10
摘要: The invention relates to a mechanism for maintaining a secure tunnel in a packet-based communication system. A secure tunnel is established between a security gateway and a mobile terminal being located at a first address in a first network, wherein the security gateway connects the first network to a second network and the mobile terminal has a second address that identifies the mobile terminal in the second network. In the gateway, the tunnel is identified based on the second address in packets destined for the mobile terminal from the second network. A change is detected in the first address of the mobile terminal and an update message including a new address value of the first address is sent to the security gateway. Based on the update message, the first address associated with the secure tunnel is updated in the security gateway.
摘要翻译: 本发明涉及一种用于在基于分组的通信系统中维护安全隧道的机制。 在安全网关和位于第一网络中的第一地址处的移动终端之间建立安全隧道,其中所述安全网关将所述第一网络连接到第二网络,并且所述移动终端具有标识所述移动终端的第二地址 第二个网络。 在网关中,基于来自第二网络的去往移动终端的分组中的第二地址来识别隧道。 在移动终端的第一地址中检测到改变,并且将包括第一地址的新地址值的更新消息发送到安全网关。 基于更新消息,在安全网关中更新与安全隧道相关联的第一地址。
-
4.发明申请System, terminal, network entity, method and computer program product for authorizing communication messages 失效系统,终端,网络实体,方法和计算机程序产品,用于授权通信消息公开(公告)号:US20070005976A1
公开(公告)日:2007-01-04
申请号:US11169376
申请日:2005-06-29
申请人: Heikki Riittinen
发明人: Heikki Riittinen
IPC分类号: H04L9/00
CPC分类号: H04L9/3263 , H04L9/3247 , H04L51/12 , H04L63/126 , H04L2209/60 , H04L2209/80
摘要: A system, terminal, method, and computer program product use a capability certificate to authorize a sender to send a communication message to a recipient, such that the recipient can quickly and easily determine whether to receive the message. In this regard, a system for controlling receipt of a communication message by a recipient comprises a sending terminal and a receiving terminal. The sending terminal may be capable of sending the communication message from a sender. The receiving terminal may be capable of determining if the communication message is cryptographically bound to a capability certificate, such that the receiving terminal receives the communication message if the communication message is cryptographically bound to the capability certificate. Determining if the communication message is cryptographically bound to a capability certificate may comprise determining if the communication message is signed by the sender using a private encryption key of the sender.
摘要翻译: 系统,终端,方法和计算机程序产品使用能力证书来授权发送者向接收者发送通信消息,使得接收者可以快速且容易地确定是否接收消息。 在这方面,用于控制接收者的通信消息的接收的系统包括发送终端和接收终端。 发送终端可能能够发送来自发送者的通信消息。 接收终端可以能够确定通信消息是否被加密地绑定到能力证书,使得如果通信消息被密码地绑定到能力证书,则接收终端接收通信消息。 确定通信消息是否加密地绑定到能力证书可以包括确定发送者是否使用发送者的专用加密密钥来签署通信消息。
-
5.发明授权System, terminal, network entity, method and computer program product for authorizing communication message 失效系统,终端,网络实体,方法和计算机程序产品,用于授权通信消息公开(公告)号:US07814313B2
公开(公告)日:2010-10-12
申请号:US11169376
申请日:2005-06-29
申请人: Heikki Riittinen
发明人: Heikki Riittinen
CPC分类号: H04L9/3263 , H04L9/3247 , H04L51/12 , H04L63/126 , H04L2209/60 , H04L2209/80
摘要: A system, terminal, method, and computer program product use a capability certificate to authorize a sender to send a communication message to a recipient, such that the recipient can quickly and easily determine whether to receive the message. In this regard, a system for controlling receipt of a communication message by a recipient comprises a sending terminal and a receiving terminal. The sending terminal may be capable of sending the communication message from a sender. The receiving terminal may be capable of determining if the communication message is cryptographically bound to a capability certificate, such that the receiving terminal receives the communication message if the communication message is cryptographically bound to the capability certificate. Determining if the communication message is cryptographically bound to a capability certificate may comprise determining if the communication message is signed by the sender using a private encryption key of the sender.
摘要翻译: 系统,终端,方法和计算机程序产品使用能力证书来授权发送者向接收者发送通信消息,使得接收者可以快速且容易地确定是否接收消息。 在这方面,用于控制接收者的通信消息的接收的系统包括发送终端和接收终端。 发送终端可能能够发送来自发送者的通信消息。 接收终端可以能够确定通信消息是否被加密地绑定到能力证书,使得如果通信消息被密码地绑定到能力证书,则接收终端接收通信消息。 确定通信消息是否加密地绑定到能力证书可以包括确定发送者是否使用发送者的专用加密密钥来签署通信消息。
-
-
-
-
搜索结果
5 条记录 (耗时 0.019 秒)
