-
公开(公告)号:US07966000B2
公开(公告)日:2011-06-21
申请号:US12728746
申请日:2010-03-22
IPC分类号: H04M1/66
CPC分类号: H04L63/0869 , H04L63/0853 , H04W12/06
摘要: A mutual authentication method is provided for securely agreeing application-security keys with mobile terminals supporting legacy Subscriber Identity Modules (e.g., GSM SIM and CDMA2000 R-UIM, which do not support 3G AKA mechanisms). A challenge-response key exchange is implemented between a bootstrapping server function (BSF) and mobile terminal (MT). The BSF generates an authentication challenge and sends it to the MT under a server-authenticated public key mechanism. The MT receives the challenge and determines whether it originates from the BSF based on a bootstrapping server certificate. The MT formulates a response to the authentication challenge based on keys derived from the authentication challenge and a pre-shared secret key. The BSF receives the authentication response and verifies whether it originates from the MT. Once verified, the BSF and MT independently calculate an application security key that the BSF sends to a requesting network application function to establish secure communications with the MT.
摘要翻译: 提供了相互认证方法,用于与支持传统用户识别模块(例如,不支持3G AKA机制的GSM SIM和CDMA2000 R-UIM)的移动终端安全地同意应用安全密钥。 在引导服务器功能(BSF)和移动终端(MT)之间实现质询 - 响应密钥交换。 BSF生成认证挑战,并通过服务器认证的公钥机制将其发送给MT。 MT接收到挑战,并根据引导服务器证书确定它是从BSF发起的。 MT基于从认证挑战导出的密钥和预共享密钥来形成对认证挑战的响应。 BSF接收认证响应,并验证其是否来自MT。 一旦验证,BSF和MT独立地计算BSF发送到请求网络应用功能的应用安全密钥,以建立与MT的安全通信。
-
公开(公告)号:US20100174907A1
公开(公告)日:2010-07-08
申请号:US12728746
申请日:2010-03-22
CPC分类号: H04L63/0869 , H04L63/0853 , H04W12/06
摘要: A mutual authentication method is provided for securely agreeing application-security keys with mobile terminals supporting legacy Subscriber Identity Modules (e.g., GSM SIM and CDMA2000 R-UIM, which do not support 3G AKA mechanisms). A challenge-response key exchange is implemented between a bootstrapping server function (BSF) and mobile terminal (MT). The BSF generates an authentication challenge and sends it to the MT under a server-authenticated public key mechanism. The MT receives the challenge and determines whether it originates from the BSF based on a bootstrapping server certificate. The MT formulates a response to the authentication challenge based on keys derived from the authentication challenge and a pre-shared secret key. The BSF receives the authentication response and verifies whether it originates from the MT. Once verified, the BSF and MT independently calculate an application security key that the BSF sends to a requesting network application function to establish secure communications with the MT.
摘要翻译: 提供了相互认证方法,用于与支持传统用户识别模块(例如,不支持3G AKA机制的GSM SIM和CDMA2000 R-UIM)的移动终端安全地同意应用安全密钥。 在引导服务器功能(BSF)和移动终端(MT)之间实现质询 - 响应密钥交换。 BSF生成认证挑战,并通过服务器认证的公钥机制将其发送给MT。 MT接收到挑战,并根据引导服务器证书确定它是从BSF发起的。 MT基于从认证挑战导出的密钥和预共享密钥来形成对认证挑战的响应。 BSF接收认证响应,并验证其是否来自MT。 一旦验证,BSF和MT独立地计算BSF发送到请求网络应用功能的应用安全密钥,以建立与MT的安全通信。
-
公开(公告)号:US08391841B2
公开(公告)日:2013-03-05
申请号:US13113846
申请日:2011-05-23
IPC分类号: H04M1/66
CPC分类号: H04L63/0869 , H04L63/0853 , H04W12/06
摘要: A mutual authentication method is provided for securely agreeing application-security keys with mobile terminals supporting legacy Subscriber Identity Modules (e.g., GSM SIM and CDMA2000 R-UIM, which do not support 3G AKA mechanisms). A challenge-response key exchange is implemented between a bootstrapping server function (BSF) and mobile terminal (MT). The BSF generates an authentication challenge and sends it to the MT under a server-authenticated public key mechanism. The MT receives the challenge and determines whether it originates from the BSF based on a bootstrapping server certificate. The MT formulates a response to the authentication challenge based on keys derived from the authentication challenge and a pre-shared secret key. The BSF receives the authentication response and verifies whether it originates from the MT. Once verified, the BSF and MT independently calculate an application security key that the BSF sends to a requesting network application function to establish secure communications with the MT.
摘要翻译: 提供了相互认证方法,用于与支持传统用户识别模块(例如,不支持3G AKA机制的GSM SIM和CDMA2000 R-UIM)的移动终端安全地同意应用安全密钥。 在引导服务器功能(BSF)和移动终端(MT)之间实现质询 - 响应密钥交换。 BSF生成认证挑战,并通过服务器认证的公钥机制将其发送给MT。 MT接收到挑战,并根据引导服务器证书确定它是从BSF发起的。 MT基于从认证挑战导出的密钥和预共享密钥来形成对认证挑战的响应。 BSF接收认证响应,并验证其是否来自MT。 一旦验证,BSF和MT独立地计算BSF发送到请求网络应用功能的应用安全密钥,以建立与MT的安全通信。
-
公开(公告)号:US20110238972A1
公开(公告)日:2011-09-29
申请号:US13113846
申请日:2011-05-23
IPC分类号: G06F15/177
CPC分类号: H04L63/0869 , H04L63/0853 , H04W12/06
摘要: A mutual authentication method is provided for securely agreeing application-security keys with mobile terminals supporting legacy Subscriber Identity Modules (e.g., GSM SIM and CDMA2000 R-UIM, which do not support 3G AKA mechanisms). A challenge-response key exchange is implemented between a bootstrapping server function (BSF) and mobile terminal (MT). The BSF generates an authentication challenge and sends it to the MT under a server-authenticated public key mechanism. The MT receives the challenge and determines whether it originates from the BSF based on a bootstrapping server certificate. The MT formulates a response to the authentication challenge based on keys derived from the authentication challenge and a pre-shared secret key. The BSF receives the authentication response and verifies whether it originates from the MT. Once verified, the BSF and MT independently calculate an application security key that the BSF sends to a requesting network application function to establish secure communications with the MT.
摘要翻译: 提供了相互认证方法,用于与支持传统用户识别模块(例如,不支持3G AKA机制的GSM SIM和CDMA2000 R-UIM)的移动终端安全地同意应用安全密钥。 在引导服务器功能(BSF)和移动终端(MT)之间实现质询 - 响应密钥交换。 BSF生成认证挑战,并通过服务器认证的公钥机制将其发送给MT。 MT接收到挑战,并根据引导服务器证书确定它是从BSF发起的。 MT基于从认证挑战导出的密钥和预共享密钥来形成对认证挑战的响应。 BSF接收认证响应,并验证其是否来自MT。 一旦验证,BSF和MT独立地计算BSF发送到请求网络应用功能的应用安全密钥,以建立与MT的安全通信。
-
5.发明授权Apparatus and method for facilitating priority indication and queuing for an access terminal 有权用于促进接入终端的优先级指示和排队的装置和方法公开(公告)号:US09451628B2
公开(公告)日:2016-09-20
申请号:US12793198
申请日:2010-06-03
CPC分类号: H04W72/10
摘要: A method and apparatus facilitating priority indication and queuing for an access terminal is provided. The method may comprise receiving an access request from an access terminal (AT), determining that the AT is a priority AT and that no resources are available in response to the access request, transmitting an access deny message to the priority AT, queuing the access request until a resource becomes available, and transmitting a resource available message to the priority AT upon a determination that a resource has become available.
摘要翻译: 提供一种促进接入终端的优先级指示和排队的方法和装置。 该方法可以包括从接入终端(AT)接收接入请求,确定AT是优先级AT,并且响应于接入请求没有资源可用,向优先级AT发送接入拒绝消息,排队接入 请求,直到资源变得可用,并且在确定资源已经可用时,将资源可用消息发送到优先级AT。
-
公开(公告)号:US20120307742A1
公开(公告)日:2012-12-06
申请号:US13587349
申请日:2012-08-16
申请人: John W. Nasielski , Raymond T. Hsu
发明人: John W. Nasielski , Raymond T. Hsu
IPC分类号: H04W8/04
摘要: IIF architectures and corresponding call flows are provided for CDMA2000/GPRS roaming scenarios such as GPRS foreign mode with Mobile IPv4, GPRS foreign mode with Simple IPv4 or IPv6, CDMA2000 packet data foreign mode with Mobile IPv4, and CDMA2000 packet data foreign mode with Simple IPv4 or IPv6.
摘要翻译: IIF架构和相应的呼叫流程为CDMA2000 / GPRS漫游场景提供,例如具有移动IPv4的GPRS外来模式,具有简单IPv4或IPv6的GPRS外部模式,具有移动IPv4的CDMA2000分组数据外部模式和具有简单IPv4的CDMA2000分组数据外部模式 或IPv6。
-
公开(公告)号:US20100157946A1
公开(公告)日:2010-06-24
申请号:US12690584
申请日:2010-01-20
申请人: John W. Nasielski , Raymond T. Hsu
发明人: John W. Nasielski , Raymond T. Hsu
IPC分类号: H04W36/00
摘要: IIF architectures and corresponding call flows are provided for CDMA2000/GPRS roaming scenarios such as GPRS foreign mode with Mobile IPv4, GPRS foreign mode with Simple IPv4 or IPv6, CDMA2000 packet data foreign mode with Mobile IPv4, and CDMA2000 packet data foreign mode with Simple IPv4 or IPv6.
摘要翻译: IIF架构和相应的呼叫流程为CDMA2000 / GPRS漫游场景提供,例如具有移动IPv4的GPRS外来模式,具有简单IPv4或IPv6的GPRS外部模式,具有移动IPv4的CDMA2000分组数据外部模式和具有简单IPv4的CDMA2000分组数据外部模式 或IPv6。
-
公开(公告)号:US07415026B2
公开(公告)日:2008-08-19
申请号:US10067586
申请日:2002-02-04
申请人: Raymond T. Hsu , John W. Nasielski
发明人: Raymond T. Hsu , John W. Nasielski
IPC分类号: H04L12/28
CPC分类号: H04L65/4076 , H04L29/06 , H04L29/06027 , H04L65/1006 , H04L65/1069 , H04L65/80 , H04L67/14
摘要: A method and apparatus for session release in a communication system supporting Internet Protocol (IP) communications. In one embodiment, when the MS has lost a bearer connection (i.e., PPP session), the notification is provided by a Packet Data Service Node (PDSN) to the serving Session control Manager (SCM) via IP multicast. If two PPP sessions are active for a given IP communication, and one PPP session is not lost, the PDSN associated with the active PPP session sends a correction message to ignore any notification message sent by the other PDSN. In an alternate embodiment, the Authentication Authorization Accounting (AAA) server uses start and stop accounting requests, received from PDSNs, to determine when to notify the serving SCM to terminate an IP communication.
摘要翻译: 一种用于支持因特网协议(IP)通信的通信系统中的会话释放的方法和装置。 在一个实施例中,当MS已经丢失承载连接(即,PPP会话)时,通过IP多播将分组数据服务节点(PDSN)提供给服务会话控制管理器(SCM)。 如果两个PPP会话对于给定的IP通信是活动的,并且一个PPP会话不丢失,则与活动PPP会话相关联的PDSN发送校正消息以忽略由另一个PDSN发送的任何通知消息。 在替代实施例中,认证授权计费(AAA)服务器使用从PDSN接收的开始和结束计费请求来确定何时通知服务SCM以终止IP通信。
-
9.发明申请SYSTEM AND METHOD FOR HANDOFF FROM A MACRO ACCESS NETWORK TO A FEMTO ACCESS POINT 有权从MACAccess网络到FEMTO接入点的切换的系统和方法公开(公告)号:US20100048216A1
公开(公告)日:2010-02-25
申请号:US12544884
申请日:2009-08-20
申请人: Chandrasekhar T. Sundarraman , Haipeng Jin , John W. Nasielski , Peerapol Tinnakomsrisuphap , Jun Wang , Arungundram C. Mahendran
发明人: Chandrasekhar T. Sundarraman , Haipeng Jin , John W. Nasielski , Peerapol Tinnakomsrisuphap , Jun Wang , Arungundram C. Mahendran
IPC分类号: H04W36/00
CPC分类号: H04L65/1006 , H04L65/1016 , H04W36/0011 , H04W80/10
摘要: Devices and methods are provided for handing off an access terminal from a macro base station to a femto access point (AP). In one embodiment, the method involves receiving a facilities directive or the like from a communication network entity, such as, for example, a serving mobile switching center (MSC). The method may involve selecting the femto AP based at least in part on femto configuration information, which may include at least one global identifier of the femto AP. The method may involve determining a uniform resource identifier of the femto AP based at least in part on at least one global identifier (e.g., MSC identifier and/or cell identifier).
摘要翻译: 提供了用于将接入终端从宏基站切换到毫微微接入点(AP)的设备和方法。 在一个实施例中,该方法涉及从通信网络实体(例如,服务移动交换中心(MSC))接收设施指令等。 该方法可以包括至少部分地基于毫微微配置信息来选择毫微微AP,该毫微微配置信息可以包括毫微微AP的至少一个全局标识符。 该方法可以包括至少部分地基于至少一个全局标识符(例如,MSC标识符和/或小区标识符)来确定毫微微AP的统一资源标识符。
-
公开(公告)号:US20090268668A1
公开(公告)日:2009-10-29
申请号:US12427178
申请日:2009-04-21
申请人: Peerapol Tinnakornsrisuphap , Fatih Ulupinar , John W. Nasielski , Jun Wang , Parag A. Agashe , Rajarshi Gupta , Ramin Rezaiifar
发明人: Peerapol Tinnakornsrisuphap , Fatih Ulupinar , John W. Nasielski , Jun Wang , Parag A. Agashe , Rajarshi Gupta , Ramin Rezaiifar
CPC分类号: H04W40/02 , H04L12/2889 , H04L29/12028 , H04L29/12952 , H04L45/741 , H04L61/103 , H04L61/6077 , H04W8/082 , H04W48/18 , H04W80/04 , H04W84/045 , H04W88/08
摘要: Local IP access is provided in a wireless network to facilitate access to one or more local services. In some implementations, different IP interfaces are used for accessing different services (e.g., local services and operator network services). A list that maps packet destinations to IP interfaces may be employed to determine which IP interface is to be used for sending a given packet. In some implementations an access point provides a proxy function (e.g., a proxy ARP function) for an access terminal. In some implementations an access point provides an agent function (e.g., a DHCP function) for an access terminal. NAT operations may be performed at an access point to enable the access terminal to access local services. In some aspects, an access point may determine whether to send a packet from an access terminal via a protocol tunnel based on the destination of the packet.
摘要翻译: 在无线网络中提供本地IP接入以便于访问一个或多个本地服务。 在一些实现中,不同的IP接口用于访问不同的服务(例如,本地服务和运营商网络服务)。 可以使用将分组目的地映射到IP接口的列表来确定将哪个IP接口用于发送给定分组。 在一些实现中,接入点为接入终端提供代理功能(例如,代理ARP功能)。 在一些实现中,接入点为接入终端提供代理功能(例如,DHCP功能)。 可以在接入点执行NAT操作,以使得接入终端能够访问本地业务。 在一些方面,接入点可以基于分组的目的地来确定是否经由协议隧道从接入终端发送分组。
-
-
-
-
-
-
-
-
-
搜索结果
16 条记录 (耗时 0.022 秒)