-
公开(公告)号:US08095179B2
公开(公告)日:2012-01-10
申请号:US10965643
申请日:2004-10-14
申请人: Henry Haverinen , Pasi Eronen
发明人: Henry Haverinen , Pasi Eronen
CPC分类号: H04L63/061 , H04L63/08 , H04L63/0853 , H04L63/162 , H04L67/04
摘要: A system and method for the implementation of a proxy smart card application in a mobile telephone. The mobile telephone receives a smart card related message from a remote terminal. If the smart card related message is related to a function implemented by electronic device software within the mobile telephone, the electronic device software processes the message. If the smart card related message is not related to a function implemented by the electronic device software, the message is transmitted to the smart card.
摘要翻译: 一种用于在移动电话中实现代理智能卡应用的系统和方法。 移动电话从远程终端接收与智能卡相关的消息。 如果智能卡相关消息与由移动电话内的电子设备软件实现的功能有关,则电子设备软件处理消息。 如果智能卡相关消息与电子设备软件实现的功能无关,则将该消息发送到智能卡。
-
公开(公告)号:US20070140159A1
公开(公告)日:2007-06-21
申请号:US11508818
申请日:2006-08-24
申请人: Pasi Eronen , Lauri Tarkkala , Henry Haverinen
发明人: Pasi Eronen , Lauri Tarkkala , Henry Haverinen
CPC分类号: H04L12/12 , H04L29/12009 , H04L29/12471 , H04L61/2553 , H04L69/16 , H04L69/165 , H04L69/28 , Y02D30/30 , Y02D50/40
摘要: The present invention relates to a method, system, client device, gateway device and computer program product for maintaining a state information in an intermediate network function, wherein the state information expires after a predetermined idle period. Detecting means are provided for detecting an idle state of a connection. In response to the detecting means, a transport protocol used for encapsulating data is changed from a first protocol with a first predetermined idle period to a second protocol with a second predetermined idle period, said second predetermined idle period being longer than said first predetermined idle period. Alternatively, a connection parameter is provided to a device for a parallel second connection in a set-up negotiation via said first connection. This connection parameter is then used for setting up a parallel second connection to the device based on the second transport protocol used for encapsulating data with the second predetermined idle period. Then, an information linking the first and second connections is transmitted from the device to the data network, wherein the second connection is used for transmitting a wake-up notification to the device in response a detected idle state. Both alternatives provide the advantage of reduced keep-alive signaling and thus enhanced battery efficiency.
摘要翻译: 本发明涉及一种在中间网络功能中维持状态信息的方法,系统,客户端设备,网关设备和计算机程序产品,其中状态信息在预定的空闲时段之后到期。 提供用于检测连接的空闲状态的检测装置。 响应于检测装置,用于封装数据的传输协议从具有第一预定空闲周期的第一协议改变为具有第二预定空闲周期的第二协议,所述第二预定空闲周期长于所述第一预定空闲周期 。 或者,在经由所述第一连接的建立协商中,将连接参数提供给用于并行第二连接的设备。 然后,该连接参数用于基于用于封装具有第二预定空闲周期的数据的第二传输协议来设置到设备的并行第二连接。 然后,将连接第一和第二连接的信息从设备发送到数据网络,其中第二连接用于响应于检测到的空闲状态向设备发送唤醒通知。 两种替代方案都提供减少保活信号的优点,从而提高电池效率。
-
公开(公告)号:US20050195780A1
公开(公告)日:2005-09-08
申请号:US11066175
申请日:2005-02-25
申请人: Henry Haverinen , Heikki Riittinen , Pasi Eronen
发明人: Henry Haverinen , Heikki Riittinen , Pasi Eronen
CPC分类号: H04L63/0272 , H04L63/164 , H04W8/26 , H04W80/04
摘要: The present invention relates to arranging data transmission for a mobile node in a telecommunications system comprising a secure network and an insecure network. A connection to a secure network for a mobile node may be arranged by a home agent if the mobile node is accessing the secure network directly or via a third network other than the insecure network, or a connection to the secure network may be arranged by a VPN node if the mobile node is accessing the secure network via the insecure network. According to a first aspect of the invention, the VPN node and the home agent are configured to allocate the same IP address as an internal IP address and as a home address.
摘要翻译: 本发明涉及在包括安全网络和不安全网络的电信系统中布置移动节点的数据传输。 如果移动节点直接或经由除了不安全网络之外的第三网络访问安全网络,则归属代理可以由归属代理安排到用于移动节点的安全网络的连接,或者可以通过安全网络 VPN节点,如果移动节点正在通过不安全的网络访问安全网络。 根据本发明的第一方面,VPN节点和归属代理被配置为分配与内部IP地址相同的IP地址和家庭地址。
-
公开(公告)号:US07617524B2
公开(公告)日:2009-11-10
申请号:US11256157
申请日:2005-10-24
申请人: Henry Haverinen , Pasi Eronen
发明人: Henry Haverinen , Pasi Eronen
IPC分类号: H04L29/06
CPC分类号: H04L9/3242 , H04L9/3273 , H04L63/1458 , H04L2209/42 , H04L2209/80
摘要: The invention proposes a method for handling authentication requests in a network, wherein the authentication requests may have different types, the method comprising the steps of determining (S1, S3, S4) types of the authentication requests, and applying (S5-S7) a policy for handling the received authentication requests based on the determined types of authentication requests. The invention also proposes a corresponding network control element and a computer program product.
摘要翻译: 本发明提出了一种用于处理网络中的认证请求的方法,其中认证请求可以具有不同的类型,该方法包括以下步骤:确定(S1,S3,S4)类型的认证请求,并应用(S5-S7)a 基于所确定的认证请求类型来处理接收到的认证请求的策略。 本发明还提出了相应的网络控制元件和计算机程序产品。
-
5.发明申请公开(公告)号:US20070006295A1
公开(公告)日:2007-01-04
申请号:US11472996
申请日:2006-06-23
申请人: Henry Haverinen , Sandro Grech , Pasi Eronen
发明人: Henry Haverinen , Sandro Grech , Pasi Eronen
IPC分类号: G06F15/16
CPC分类号: H04L63/0428 , H04L63/0272 , H04L63/164 , H04W12/001 , H04W80/04
摘要: Disclosed is a method providing secure mobility for a terminal in a mobile system comprising at least two IP based sub-networks. The method comprises to detect a change of the IP based sub-network by the terminal. The connection parameters of the terminal are updated so as to be connected with a new IP based sub-network. Further, the security requirements of the new IP based sub-network are detected, and the security associations of the terminal to the new IP based sub-network are adapted to the security requirements of the new IP based sub-network.
摘要翻译: 公开了一种为包括至少两个基于IP的子网络的移动系统中的终端提供安全移动性的方法。 该方法包括:通过终端检测基于IP的子网的变化。 更新终端的连接参数,以便与新的基于IP的子网连接。 此外,检测到新的基于IP的子网的安全性要求,并且终端与新的基于IP的子网的安全关联适应于基于新的基于IP的子网的安全性要求。
-
公开(公告)号:US20060282880A1
公开(公告)日:2006-12-14
申请号:US11256157
申请日:2005-10-24
申请人: Henry Haverinen , Pasi Eronen
发明人: Henry Haverinen , Pasi Eronen
IPC分类号: H04L9/32
CPC分类号: H04L9/3242 , H04L9/3273 , H04L63/1458 , H04L2209/42 , H04L2209/80
摘要: The invention proposes a method for handling authentication requests in a network, wherein the authentication requests may have different types, the method comprising the steps of determining (S1, S3, S4) types of the authentication requests, and applying (S5-S7) a policy for handling the received authentication requests based on the determined types of authentication requests. The invention also proposes a corresponding network control element and a computer program product.
摘要翻译: 本发明提出了一种用于处理网络中的认证请求的方法,其中认证请求可以具有不同类型,该方法包括以下步骤:确定(S1,S3,S4)类型的认证请求,并应用(S 5 -S7)基于所确定的认证请求类型来处理接收到的认证请求的策略。 本发明还提出了相应的网络控制元件和计算机程序产品。
-
公开(公告)号:US20050149734A1
公开(公告)日:2005-07-07
申请号:US10751300
申请日:2004-01-02
申请人: Pasi Eronen , Henry Haverinen , Kaisa Nyberg
发明人: Pasi Eronen , Henry Haverinen , Kaisa Nyberg
CPC分类号: H04L9/002 , H04L9/3236 , H04L9/3271 , H04L2209/80 , H04W12/06
摘要: A method for use by a telecommunication terminal (10) in checking whether a candidate RAND in an EAP/SIM RAND challenge is likely a replay, based on using a Bloom filter including a vector data structure (21) for determining (admittedly sometimes erroneously) whether the candidate RAND is in a set of previously used RAND values. The components of the vector data structure (21) are set to one or left at zero depending on whether pointers corresponding to the previously used RAND values point to them. The pointers can be hash functions or can be constructed from the previously used RAND values. To provide for smooth filter performance at points in time when the Bloom filter is full and cannot hold information for any new previously used RAND values, the vector data structure (21) is partitioned into more than one part, and only one part is reset and re-initialized at a time.
摘要翻译: 基于使用包括矢量数据结构(21)的布隆过滤器来确定(确实有时是错误的)的方式,由通信终端(10)用于检查EAP / SIM RAND质询中的候选RAND是否可能是重播, 候选RAND是否是一组先前使用的RAND值。 取决于与先前使用的RAND值相对应的指针是否指向矢量数据结构(21)的分量被设置为一个或左边为零。 指针可以是散列函数,也可以从先前使用的RAND值构造。 为了在布隆过滤器已满并且不能保存任何新的先前使用的RAND值的信息的时间点提供平稳的滤波器性能,向量数据结构(21)被划分成多于一个部分,并且只有一个部分被重置,并且 一次重新初始化。
-
公开(公告)号:US07418595B2
公开(公告)日:2008-08-26
申请号:US10751300
申请日:2004-01-02
申请人: Pasi Eronen , Henry Haverinen , Kaisa Nyberg
发明人: Pasi Eronen , Henry Haverinen , Kaisa Nyberg
IPC分类号: H04L9/00
CPC分类号: H04L9/002 , H04L9/3236 , H04L9/3271 , H04L2209/80 , H04W12/06
摘要: A method for use by a telecommunication terminal (10) in checking whether a candidate RAND in an EAP/SIM RAND challenge is likely a replay, based on using a Bloom filter including a vector data structure (21) for determining (admittedly sometimes erroneously) whether the candidate RAND is in a set of previously used RAND values. The components of the vector data structure (21) are set to one or left at zero depending on whether pointers corresponding to the previously used RAND values point to them. The pointers can be hash functions or can be constructed from the previously used RAND values. To provide for smooth filter performance at points in time when the Bloom filter is full and cannot hold information for any new previously used RAND values, the vector data structure (21) is partitioned into more than one part, and only one part is reset and re-initialized at a time.
摘要翻译: 基于使用包括矢量数据结构(21)的布隆过滤器来确定(确实有时是错误的)的方式,由通信终端(10)用于检查EAP / SIM RAND质询中的候选RAND是否可能是重播, 候选RAND是否是一组先前使用的RAND值。 取决于与先前使用的RAND值相对应的指针是否指向矢量数据结构(21)的分量被设置为一个或左边为零。 指针可以是散列函数,也可以从先前使用的RAND值构造。 为了在布隆过滤器已满并且不能保存任何新的先前使用的RAND值的信息的时间点提供平稳的滤波器性能,向量数据结构(21)被划分成多于一个部分,并且只有一个部分被重置,并且 一次重新初始化。
-
公开(公告)号:US20060092953A1
公开(公告)日:2006-05-04
申请号:US10965643
申请日:2004-10-14
申请人: Henry Haverinen , Pasi Eronen
发明人: Henry Haverinen , Pasi Eronen
IPC分类号: H04L12/56
CPC分类号: H04L63/061 , H04L63/08 , H04L63/0853 , H04L63/162 , H04L67/04
摘要: A system and method for the implementation of a proxy smart card application in a mobile telephone. The mobile telephone receives a smart card related message from a remote terminal. If the smart card related message is related to a function implemented by electronic device software within the mobile telephone, the electronic device software processes the message. If the smart card related message is not related to a function implemented by the electronic device software, the message is transmitted to the smart card.
摘要翻译: 一种用于在移动电话中实现代理智能卡应用的系统和方法。 移动电话从远程终端接收与智能卡相关的消息。 如果智能卡相关消息与由移动电话内的电子设备软件实现的功能有关,则电子设备软件处理消息。 如果智能卡相关消息与电子设备软件实现的功能无关,则将该消息发送到智能卡。
-
10.发明申请Selection of wireless local area network (WLAN) with a split WLAN user equipment 审中-公开使用分离的WLAN用户设备选择无线局域网(WLAN)公开(公告)号:US20050272466A1
公开(公告)日:2005-12-08
申请号:US11120831
申请日:2005-05-03
申请人: Henry Haverinen , Pasi Eronen
发明人: Henry Haverinen , Pasi Eronen
IPC分类号: H04L12/28 , H04L12/56 , H04M1/66 , H04W12/06 , H04W28/18 , H04W48/16 , H04W48/18 , H04W84/12 , H04W88/06
CPC分类号: H04L12/2801 , H04L63/162 , H04W12/06 , H04W28/18 , H04W48/16 , H04W48/18 , H04W84/12 , H04W88/04 , H04W88/06
摘要: A method, program product and system of selecting a wireless local area network (WLAN) using split user equipment. The method comprising the following steps: a first user equipment obtains relevant network selection parameters from a second user equipment and obtains an undecorated root network access identifier from the second user equipment, the first user equipment performs network discovery and selection, and, upon initiation of final EAP authentication, the first user equipment decorates said network access identifier and transmits it to the WLAN.
摘要翻译: 一种使用分割用户设备选择无线局域网(WLAN)的方法,程序产品和系统。 该方法包括以下步骤:第一用户设备从第二用户设备获取相关网络选择参数,并从第二用户设备获取未装饰的根网络接入标识符,第一用户设备执行网络发现和选择, 最终EAP认证,第一用户设备装饰所述网络接入标识符并将其发送到WLAN。
-
-
-
-
-
-
-
-
-
搜索结果
59 条记录 (耗时 0.018 秒)