公开(公告)号：US20130340047A1

公开(公告)日：2013-12-19

申请号：US13866259

申请日：2013-04-19

Applicant: ST-ERICSSON SA

Inventor： Stefan RUNESON ,  Per STAHL

IPC: H04W12/06

CPC classification number: H04W12/06 ,  G06F21/44 ,  H04L63/08 ,  H04L65/1006 ,  H04L65/1016 ,  H04L65/1073

Abstract: Systems and methods are provided for authenticating Internet Protocol (IP) Multimedia Subsystem (IMS) applications in a User Equipment (UE). A method includes: receiving a first Session Initiation Protocol (SIP) REGISTER message from an IMS application operating on the UE; transmitting a response message to the IMS application based on the received first SIP REGISTER message; receiving a second SIP REGISTER message from the IMS application operating on the UE; determining authentication for the IMS application based on the received second SIP REGISTER message from the IMS application operating on the UE; and based on the step of determining authentication for the IMS application, if the IMS application is authorized, then transmitting information associated with the first and second SIP REGISTER messages toward a SIP node or if the IMS application is unauthorized, then discarding data associated with the first and second SIP REGISTER messages.

Abstract translation: 提供了用于在用户设备（UE）中验证因特网协议（IP）多媒体子系统（IMS）应用的系统和方法。 一种方法包括：从在UE上操作的IMS应用接收第一会话发起协议（SIP）REGISTER消息; 基于所接收的第一SIP REGISTER消息向IMS应用发送响应消息; 从在UE上操作的IMS应用接收第二SIP REGISTER消息; 基于从UE上运行的IMS应用接收的第二SIP REGISTER消息确定IMS应用的认证; 并且基于为IMS应用确定认证的步骤，如果IMS应用被授权，则向SIP节点发送与第一和第二SIP注册消息相关联的信息，或者如果IMS应用未授权，则丢弃与 第一和第二SIP注册消息。

公开(公告)号：US20150326402A1

公开(公告)日：2015-11-12

申请号：US14651042

申请日：2014-01-03

Applicant: ST-ERICSSON SA

Inventor： Herve SIBERT ,  Per STAHL

IPC: H04L9/32 ,  H04L29/06

CPC classification number: H04L9/3271 ,  G06F21/305 ,  G06F21/44 ,  G06F2221/2103 ,  H04L9/3228 ,  H04L9/3236 ,  H04L9/3247 ,  H04L63/08 ,  H04W4/80 ,  H04W12/0023

Abstract: A method of authenticating an agent to a secure environment of a device, in a challenge-response authentication sys tem comprising the device, a remote authentication server and a connection path between the device and the remote authentication server, the method comprising: while the connection path is not established:—obtaining a predictable challenge based on at least a current value of a counter;—obtaining a response for the challenge; and,—authenticating the agent to the secure environment based on at least the response; and, wherein, upon successful authentication, the value of the counter is incremented. A challenge-response authentication system and an apparatus are also claimed.

Abstract translation: 一种将代理认证到设备的安全环境的方法，所述方法包括：在所述设备和所述远程认证服务器之间的远程认证服务器和所述远程认证服务器之间的连接路径中的所述设备，质询 - 响应认证系统，所述方法包括： 路径未建立： - 至少基于计数器的当前值获得可预测的挑战; - 获得挑战的响应; 以及 - 至少基于所述响应来将所述代理验证到所述安全环境; 并且其中，在成功认证时，增加计数器的值。 还要求一种质询 - 响应认证系统和装置。