-
1.发明申请Security Key Management In IMS-Based Multimedia Broadcast And Multicast Services (MBMS) 有权基于IMS的多媒体广播和组播服务(MBMS)中的安全密钥管理公开(公告)号:US20120027211A1
公开(公告)日:2012-02-02
申请号:US13262685
申请日:2010-03-31
申请人: Vesa Lehtovirta , Fredrik Lindholm
发明人: Vesa Lehtovirta , Fredrik Lindholm
IPC分类号: H04K1/00
CPC分类号: H04L63/062 , H04L12/189 , H04L65/1016 , H04L65/4076 , H04W12/04 , H04W88/14
摘要: A system, method, and nodes for managing shared security keys between a User Equipment, UE, an authentication node such as an SCF/NAF, and a service node such as a BM-SC or AS. The SCF/NAF allocates to each BM-SC, a different SCF/NAF identifier such as a fully qualified domain name, FQDN, from the FQDN space the SCF/NAF administers. The SCF/NAF then locally associates these allocated FQDNs with the connected BM-SCs and with different services. The network sends the correct FQDN to the UE in a service description for a desired service, and the UE is able to derive a security key using the FQDN. When the UE requests the desired service, the SCF/NAF is able to associate the service identifier with the correct FQDN and an associated BM-SC. The SCF/NAF uses the FQDN to obtain the security key from a bootstrapping server and sends it to the associated BM-SC. As a result, the UE and the associated BM-SC share a specific security key.
摘要翻译: 用于在用户设备,UE,诸如SCF / NAF的认证节点和诸如BM-SC或AS之类的服务节点之间管理共享安全密钥的系统,方法和节点。 SCF / NAF从SCF / NAF管理的FQDN空间向每个BM-SC分配不同的SCF / NAF标识符,例如完全限定域名FQDN。 然后,SCF / NAF将这些分配的FQDN与所连接的BM-SC和不同的服务本地关联。 网络在所需服务的服务描述中向UE发送正确的FQDN,并且UE能够使用FQDN导出安全密钥。 当UE请求所需服务时,SCF / NAF能够将服务标识符与正确的FQDN和相关联的BM-SC相关联。 SCF / NAF使用FQDN从引导服务器获取安全密钥,并将其发送到相关的BM-SC。 结果,UE和相关联的BM-SC共享特定的安全密钥。
-
2.发明授权Security key management in IMS-based multimedia broadcast and multicast services (MBMS) 有权基于IMS的多媒体广播和组播业务(MBMS)中的安全密钥管理公开(公告)号:US09344412B2
公开(公告)日:2016-05-17
申请号:US13262685
申请日:2010-03-31
申请人: Vesa Lehtovirta , Fredrik Lindholm
发明人: Vesa Lehtovirta , Fredrik Lindholm
CPC分类号: H04L63/062 , H04L12/189 , H04L65/1016 , H04L65/4076 , H04W12/04 , H04W88/14
摘要: A system, method, and nodes for managing shared security keys between a User Equipment, UE, an authentication node such as an SCF/NAF, and a service node such as a BM-SC or AS. The SCF/NAF allocates to each BM-SC, a different SCF/NAF identifier such as a fully qualified domain name, FQDN, from the FQDN space the SCF/NAF administers. The SCF/NAF then locally associates these allocated FQDNs with the connected BM-SCs and with different services. The network sends the correct FQDN to the UE in a service description for a desired service, and the UE is able to derive a security key using the FQDN. When the UE requests the desired service, the SCF/NAF is able to associate the service identifier with the correct FQDN and an associated BM-SC. The SCF/NAF uses the FQDN to obtain the security key from a bootstrapping server and sends it to the associated BM-SC. As a result, the UE and the associated BM-SC share a specific security key.
摘要翻译: 用于在用户设备,UE,诸如SCF / NAF的认证节点和诸如BM-SC或AS之类的服务节点之间管理共享安全密钥的系统,方法和节点。 SCF / NAF从SCF / NAF管理的FQDN空间向每个BM-SC分配不同的SCF / NAF标识符,例如完全限定域名FQDN。 然后,SCF / NAF将这些分配的FQDN与所连接的BM-SC和不同的服务本地关联。 网络在所需服务的服务描述中向UE发送正确的FQDN,并且UE能够使用FQDN导出安全密钥。 当UE请求所需服务时,SCF / NAF能够将服务标识符与正确的FQDN和相关联的BM-SC相关联。 SCF / NAF使用FQDN从引导服务器获取安全密钥,并将其发送到相关的BM-SC。 结果,UE和相关联的BM-SC共享特定的安全密钥。
-
公开(公告)号:US20110009094A1
公开(公告)日:2011-01-13
申请号:US12919415
申请日:2008-02-26
申请人: Vesa Lehtovirta
发明人: Vesa Lehtovirta
CPC分类号: H04W76/002 , H04L12/1863 , H04L12/189 , H04W4/06 , H04W8/18 , H04W60/00 , H04W76/40 , H04W80/04
摘要: A method is provided for use by a user terminal (20) operating an IP-based multimedia broadcast/multicast service. The method comprises storing (S3) information relating to user service registrations performed (S2) using an IP connection such as a Packet Data Protocol, PDP, context established to enable connectivity between the user terminal (20) and a service node (40) for the broadcast/multicast service. The information is of a type to enable re-registration (S7) of at least some of any of the user services affected by a loss of the IP connection. In one embodiment, the multimedia broadcast/multicast service is a 3GPP Multimedia Broadcast/Multicast Service, MBMS, the user terminal (20) is a User Equipment, UE, and the service node (40) is a Broadcast/Multicast Service Center, BM-SC. In another embodiment, the multimedia broadcast/multicast service is an Open Mobile Alliance Broadcast, OMA BCAST, service, the user terminal (20) is a Terminal, and the service node (40) is an OMA BCAST Subscription Management, BSM, node.
摘要翻译: 提供了一种用于操作基于IP的多媒体广播/多播服务的用户终端(20)使用的方法。 该方法包括使用诸如分组数据协议等的IP连接(PDP),建立用于使用户终端(20)和服务节点(40)之间的连接的上下文的IP连接(S3)存储与所执行的用户服务注册有关的信息(S2) 广播/组播服务。 所述信息是能够重新注册(S7)至少部分受IP连接丢失影响的用户服务的信息。 在一个实施例中,多媒体广播/组播服务是3GPP多媒体广播/组播服务MBMS,用户终端(20)是用户设备,UE,服务节点(40)是广播/组播服务中心,BM -SC。 在另一实施例中,多媒体广播/组播服务是开放移动联盟广播,OMA BCAST,服务,用户终端(20)是终端,服务节点(40)是OMA BCAST订阅管理BSM节点。
-
公开(公告)号:US20070113085A1
公开(公告)日:2007-05-17
申请号:US11470554
申请日:2006-09-06
申请人: Mats Naslund , Karl Norrman , Vesa Lehtovirta , Alex Raith
发明人: Mats Naslund , Karl Norrman , Vesa Lehtovirta , Alex Raith
IPC分类号: H04L9/00
CPC分类号: H04L9/12 , H04L9/0861 , H04L9/16
摘要: Methods for cryptographic synchronization of data packets. A roll-over counter (ROC) value is periodically appended to and transmitted with a data packet when a function of the packet sequence number equals a predetermined value. The ROC effectively synchronizes the cryptographic transformation of the data packets. Although the disclosed methods are generally applicable to many transmission protocols, they are particularly adaptable for use in systems wherein the data packets are transmitted to a receiver using the Secure Real-Time Transport Protocol (SRTP) as defined in Internet Engineering Task Force (IETF) Request for Comments (RFC) 3711.
摘要翻译: 数据包的密码同步方法。 当分组序列号的功能等于预定值时,翻转计数器(ROC)值周期性地附加到数据分组并与数据分组一起发送。 ROC有效地同步数据包的加密转换。 虽然所公开的方法通常适用于许多传输协议,但是它们特别适用于在使用因特网工程任务组(IETF)中定义的安全实时传输协议(SRTP)将数据分组发送到接收机的系统中, 请求注释(RFC)3711。
-
公开(公告)号:US08621570B2
公开(公告)日:2013-12-31
申请号:US12937008
申请日:2008-11-05
申请人: Mats Naslund , Jari Arkko , Rolf Blom , Vesa Lehtovirta , Karl Norrman , Stefan Rommer , Bengt Sahlin
发明人: Mats Naslund , Jari Arkko , Rolf Blom , Vesa Lehtovirta , Karl Norrman , Stefan Rommer , Bengt Sahlin
CPC分类号: H04W12/06 , G06F21/30 , H04L63/0272 , H04L63/08 , H04L63/0892 , H04L63/1433 , H04L63/162 , H04L63/164 , H04L63/20 , H04W60/00 , H04W72/0493
摘要: When setting up communication from a user equipment UE (1), such as for providing IP access for the UE in order to allow it to use some service, information or an indication or at least one network properly relating to a first network, e.g. the current access network (3, 3′), is sent to the UE from a node (13) in a sue and network such as the home network (5) of the subscriber ask UE. The information or indication can be sent in a first stage of an authentication procedure being part of the setting up of a connection from the UE. In particular, the network property can indicate whether the access network (3, 3′) is trusted or not.
摘要翻译: 当从用户设备UE(1)建立通信时,例如用于为UE提供IP接入,以便允许其使用与第一网络正确相关的至少一个网络的一些服务,信息或指示,例如, 当前接入网络(3,3')从诸如用户询问UE的归属网络(5)的第二网络中的节点(13)发送到UE。 可以在认证过程的第一阶段中发送信息或指示,这是作为来自UE的连接的建立的一部分。 特别地,网络属性可以指示接入网络(3,3')是否被信任。
-
公开(公告)号:US06775542B1
公开(公告)日:2004-08-10
申请号:US09548598
申请日:2000-04-13
申请人: Harri Vilander , Vesa Lehtovirta , Jari Huoppila
发明人: Harri Vilander , Vesa Lehtovirta , Jari Huoppila
IPC分类号: H04Q720
CPC分类号: H04W24/04
摘要: The present invention relates to a method of recovering from a processor fault in a mobile communication network node provided with a plurality of processors. In use, connections are established between the network node and mobile stations for packet data communication between the network node and the mobile station. The connections are classified into priority order on basis of predefined classifying parameters. Working condition of at least one of the processors of the network node is monitored, and in case of detecting a processor fault, user plane connections are relocated within the network node from the faulted processor to another processor in accordance with the classified priority order of the connections. The invention relates further to a network node.
摘要翻译: 本发明涉及从设置有多个处理器的移动通信网络节点中的处理器故障中恢复的方法。 在使用中,在网络节点和移动台之间建立连接,用于网络节点和移动台之间的分组数据通信。 根据预定义的分类参数将连接分为优先级顺序。 监视网络节点的至少一个处理器的工作条件,并且在检测到处理器故障的情况下,根据所分配的优先级顺序,将用户平面连接从故障处理器重新定位到网络节点内。 连接。 本发明进一步涉及网络节点。
-
公开(公告)号:US20110035787A1
公开(公告)日:2011-02-10
申请号:US12937008
申请日:2008-11-05
申请人: Mats Naslund , Jari Arkko , Rolf Blom , Vesa Lehtovirta , Karl Norrman , Stefan Rommer , Bengt Sahlin
发明人: Mats Naslund , Jari Arkko , Rolf Blom , Vesa Lehtovirta , Karl Norrman , Stefan Rommer , Bengt Sahlin
IPC分类号: G06F21/00 , G06F15/177
CPC分类号: H04W12/06 , G06F21/30 , H04L63/0272 , H04L63/08 , H04L63/0892 , H04L63/1433 , H04L63/162 , H04L63/164 , H04L63/20 , H04W60/00 , H04W72/0493
摘要: When setting up communication from a user equipment UE (1), such as for providing IP access for the UE in order to allow it to use some service, information or an indication or at least one network properly relating to a first network, e.g. the current access network (3, 3′), is sent to the UE from a node (13) in a sue and network such as the home network (5) of the subscriber ask UE. The information or indication can be sent in a first stage of an authentication procedure being part of the setting up of a connection from the UE. In particular, the network property can indicate whether the access network (3, 3′) is trusted or not.
摘要翻译: 当从用户设备UE(1)建立通信时,例如用于为UE提供IP接入,以便允许其使用与第一网络正确相关的至少一个网络的一些服务,信息或指示,例如, 当前接入网络(3,3')从诸如用户询问UE的归属网络(5)的第二网络中的节点(13)发送到UE。 可以在认证过程的第一阶段中发送信息或指示,这是作为来自UE的连接的建立的一部分。 特别地,网络属性可以指示接入网络(3,3')是否被信任。
-
公开(公告)号:US07715837B2
公开(公告)日:2010-05-11
申请号:US09778960
申请日:2001-02-08
申请人: Vesa Lehtovirta , Alain Maupin
发明人: Vesa Lehtovirta , Alain Maupin
CPC分类号: H04W24/00
摘要: Plural communication connections are established between an external network and subscriber units by way of a an access network. The subscriber unit connection is supported by plural nodes. When a failure is detected in a node, those subscriber unit connections affected by that failure are identified. A message identifying those subscriber unit connections affected by the failure is sent to one or more other nodes. Affected subscriber unit connections identified in the message are released. Those unaffected connections not included in the message are maintained.
摘要翻译: 通过接入网络在外部网络和用户单元之间建立多个通信连接。 用户单元连接由多个节点支持。 当在节点中检测到故障时,识别受该故障影响的那些用户单元连接。 将识别受故障影响的用户单元连接的消息发送到一个或多个其他节点。 在消息中标识的受影响的用户单元连接被释放。 消息中不包括那些未受影响的连接。
-
公开(公告)号:US08611210B2
公开(公告)日:2013-12-17
申请号:US12919415
申请日:2008-02-26
申请人: Vesa Lehtovirta
发明人: Vesa Lehtovirta
IPC分类号: G01R31/08
CPC分类号: H04W76/002 , H04L12/1863 , H04L12/189 , H04W4/06 , H04W8/18 , H04W60/00 , H04W76/40 , H04W80/04
摘要: A method is provided for use by a user terminal (20) operating an IP-based multimedia broadcast/multicast service. The method comprises storing (S3) information relating to user service registrations performed (S2) using an IP connection such as a Packet Data Protocol, PDP, context established to enable connectivity between the user terminal (20) and a service node (40) for the broadcast/multicast service. The information is of a type to enable re-registration (S7) of at least some of any of the user services affected by a loss of the IP connection. In one embodiment, the multimedia broadcast/multicast service is a 3GPP Multimedia Broadcast/Multicast Service, MBMS, the user terminal (20) is a User Equipment, UE, and the service node (40) is a Broadcast/Multicast Service Center, BM-SC. In another embodiment, the multimedia broadcast/multicast service is an Open Mobile Alliance Broadcast, OMA BCAST, service, the user terminal (20) is a Terminal, and the service node (40) is an OMA BCAST Subscription Management, BSM, node.
摘要翻译: 提供了一种用于操作基于IP的多媒体广播/多播服务的用户终端(20)使用的方法。 该方法包括使用诸如分组数据协议等的IP连接(PDP),建立用于使用户终端(20)和服务节点(40)之间的连接的上下文的IP连接(S3)存储与所执行的用户服务注册有关的信息(S2) 广播/组播服务。 所述信息是能够重新注册(S7)至少部分受IP连接丢失影响的用户服务的信息。 在一个实施例中,多媒体广播/组播服务是3GPP多媒体广播/组播服务MBMS,用户终端(20)是用户设备,UE,服务节点(40)是广播/组播服务中心,BM -SC。 在另一实施例中,多媒体广播/组播服务是开放移动联盟广播,OMA BCAST,服务,用户终端(20)是终端,服务节点(40)是OMA BCAST订阅管理BSM节点。
-
-
-
-
-
-
-
-
搜索结果
9 条记录 (耗时 0.014 秒)
