公开(公告)号：US11902270B2

公开(公告)日：2024-02-13

申请号：US17044738

申请日：2019-04-10

Applicant: Orange

Inventor： Vincent Messié ,  Gaël Fromentoux ,  Nathalie Omnes

IPC: H04L29/06 ,  H04L9/40 ,  H04L9/32 ,  H04L43/0876

CPC classification number: H04L63/0823 ,  H04L9/3247 ,  H04L9/3263 ,  H04L43/0876 ,  H04L63/126

Abstract: A method for preparing usage data for a relay implemented in a computer network is disclosed. In one aspect, the network comprises at least one source device, one destination device, and at least one relay constituting a circuit to set up a communication between the source device and the destination device. The source device first of all retrieves the identifiers of the relays constituting the circuit and sends a proof of use (PoU) frame addressed to the destination device, each relay of the circuit adding to the PoU frame, at the time of passage, a signature made from a challenge and a key proper to the relay. The source device retrieves at least the signatures of each relay, and verifies the signatures received by using the public keys of the relays, the authentication of the signatures triggering the following steps: preparing, from the data received, an ordered list of identifiers of the relays used to set up the communication, sending transaction frames addressed to each relay identified in the list to generate proofs of use comprising at least the signatures contained in the PoU frame, the transaction frames being designed to trigger the sending by each relay of a proof of use recorded in a shared memory.

公开(公告)号：US20170195290A1

公开(公告)日：2017-07-06

申请号：US15313929

申请日：2015-05-26

Applicant: Orange

Inventor： Nathalie Omnes ,  Emile Stephan ,  Romuald Corbel

IPC: H04L29/06 ,  H04L12/725

CPC classification number: H04L63/0236 ,  H04L41/0893 ,  H04L45/306 ,  H04L63/0281 ,  H04L63/0823 ,  H04L63/0876

Abstract: One embodiment relates to a method for obtaining, in a communication network, a routing policy indicating rules for routing requests emitted by a software module running on a client device. The method comprises sending, by the client device, a connection request to an authentication server of the communication network in order to attach the client device to the communications network- and receiving, by the client device, a connection context response from the authentication server. The context comprises an identifier of a system for managing routing rules. The software module obtains the routing policy in accordance with at least one first rule for routing to a proxy system certified by the operator of the communications network obtained by means of the identifier.

公开(公告)号：US10924463B2

公开(公告)日：2021-02-16

申请号：US15525187

申请日：2015-10-28

Applicant: Orange

Inventor： Emile Stephan ,  Nathalie Omnes

IPC: H04L29/06 ,  H04L29/08

Abstract: A method, a device and a program are provided for processing data. The method is implemented within an intermediary module. The data is transmitted between a customer module and a server module connected through a communications network. The method includes: receiving, from one among the customer and server modules, an intermediation request identifying an operation of intermediation to be performed relative to a stream of encrypted data exchanged between the customer module and the server module; and processing relative to said encrypted data as a function of said operation of intermediation.

公开(公告)号：US10305857B2

公开(公告)日：2019-05-28

申请号：US15313929

申请日：2015-05-26

Applicant: Orange

Inventor： Nathalie Omnes ,  Emile Stephan ,  Romuald Corbel

IPC: H04L29/06 ,  H04L12/725 ,  H04L12/24

Abstract: One embodiment relates to a method for obtaining, in a communication network, a routing policy indicating rules for routing requests emitted by a software module running on a client device. The method comprises sending, by the client device, a connection request to an authentication server of the communication network in order to attach the client device to the communications network- and receiving, by the client device, a connection context response from the authentication server. The context comprises an identifier of a system for managing routing rules. The software module obtains the routing policy in accordance with at least one first rule for routing to a proxy system certified by the operator of the communications network obtained by means of the identifier.

公开(公告)号：US20170272789A1

公开(公告)日：2017-09-21

申请号：US15529062

申请日：2015-12-03

Applicant: ORANGE

Inventor： Gael Fromentoux ,  Frederic Fieau ,  Nathalie Omnes

IPC: H04N21/234 ,  G06F17/30 ,  G06F9/455

CPC classification number: H04N21/23418 ,  G06F9/45558 ,  G06F16/188 ,  G06F2009/45595 ,  H04L65/4069 ,  H04L65/602 ,  H04L67/10 ,  H04L67/2814 ,  H04W4/60

Abstract: The invention relates to a method for managing contents in a contents distribution network (2) comprising physical resources (30, 40) able to host at least one virtualized delivery resource (31, 32, 41), the method comprising the following steps implemented by a management entity for a contents delivery service (10): obtaining (E2) of a listening parameter in relation to a content at the level of at least one of said physical resources able to host a virtualized delivery resource storing at least one fragment (61-64, 71) of said content; issuing (E4) of a command for adaptation of at least one virtualized delivery resource hosted by one of said physical resources as a function of said listening parameter.

公开(公告)号：US20180288017A1

公开(公告)日：2018-10-04

申请号：US15525187

申请日：2015-10-28

Applicant: Orange

Inventor： Emile Stephan ,  Nathalie Omnes

IPC: H04L29/06 ,  H04L29/08

Abstract: A method, a device and a program are provided for processing data. The method is implemented within an intermediary module. The data is transmitted between a customer module and a server module connected through a communications network. The method includes: receiving, from one among the customer and server modules, an intermediation request identifying an operation of intermediation to be performed relative to a stream of encrypted data exchanged between the customer module and the server module; and processing relative to said encrypted data as a function of said operation of intermediation.

公开(公告)号：US09774595B2

公开(公告)日：2017-09-26

申请号：US14569059

申请日：2014-12-12

Applicant: Orange

Inventor： Nathalie Omnes ,  Frederic Loras ,  Pascal Belin ,  Gerald Huet

IPC: H04L29/06 ,  H04W12/08

CPC classification number: H04L63/0853 ,  H04L63/0807 ,  H04L63/0876 ,  H04L63/107 ,  H04W12/08

Abstract: A method is provided for authentication by token for accessing a service from a terminal. The method includes, on receipt of a service access authorization request including at least one unique identifier of the terminal, steps of determining a network access context of the terminal; checking validity of the service access rights, including at least checking an access right associated with the network access context of the terminal; and, if the access rights are valid, generating a valid authentication token on the basis of the unique identifier of the terminal and the network access context, and transmitting the token to the terminal.

公开(公告)号：US20210092110A1

公开(公告)日：2021-03-25

申请号：US17044738

申请日：2019-04-10

Applicant: Orange

Inventor： Vincent Messié ,  Gaël Fromentoux ,  Nathalie Omnes

IPC: H04L29/06 ,  H04L12/26 ,  H04L9/32

Abstract: A method for preparing usage data for a relay implemented in a computer network is disclosed. In one aspect, the network comprises at least one source device, one destination device, and at least one relay constituting a circuit to set up a communication between the source device and the destination device. The source device first of all retrieves the identifiers of the relays constituting the circuit and sends a proof of use (PoU) frame addressed to the destination device, each relay of the circuit adding to the PoU frame, at the time of passage, a signature made from a challenge and a key proper to the relay. The source device retrieves at least the signatures of each relay, and verifies the signatures received by using the public keys of the relays, the authentication of the signatures triggering the following steps: preparing, from the data received, an ordered list of identifiers of the relays used to set up the communication, sending transaction frames addressed to each relay identified in the list to generate proofs of use comprising at least the signatures contained in the PoU frame, the transaction frames being designed to trigger the sending by each relay of a proof of use recorded in a shared memory.

公开(公告)号：US20150172283A1

公开(公告)日：2015-06-18

申请号：US14569059

申请日：2014-12-12

Applicant: Orange

Inventor： Nathalie Omnes ,  Frederic Loras ,  Pascal Belin ,  Gerald Huet

IPC: H04L29/06 ,  H04W12/08

CPC classification number: H04L63/0853 ,  H04L63/0807 ,  H04L63/0876 ,  H04L63/107 ,  H04W12/08

Abstract: A method is provided for authentication by token for accessing a service from a terminal. The method includes, on receipt of a service access authorization request including at least one unique identifier of the terminal, steps of determining a network access context of the terminal; checking validity of the service access rights, including at least checking an access right associated with the network access context of the terminal; and, if the access rights are valid, generating a valid authentication token on the basis of the unique identifier of the terminal and the network access context, and transmitting the token to the terminal.

Abstract translation: 提供了一种用于通过令牌进行身份验证以从终端访问服务的方法。 该方法包括在接收到包括终端的至少一个唯一标识符的服务访问授权请求时，确定终端的网络访问上下文的步骤; 检查服务访问权限的有效性，包括至少检查与终端的网络访问上下文相关联的访问权限; 并且如果访问权限有效，则基于终端的唯一标识符和网络访问上下文生成有效的认证令牌，并将该令牌发送到终端。