-
1.发明授权Mechanism for authentication of caller and callee using otoacoustic emissions 有权使用耳声发射的呼叫者和被呼叫者认证机制公开(公告)号:US08102838B2
公开(公告)日:2012-01-24
申请号:US11653980
申请日:2007-01-17
IPC分类号: H04L12/66
CPC分类号: G07C9/00158 , G06F21/32 , H04L63/0861 , H04L65/1006 , H04L65/1069
摘要: A method and apparatus are provided for authenticating a user attempting to establish a service which uses SIP. The user registers with the SIP server by providing the digital otoacoustic signature of the user. Thereafter, when the user attempts to initiate a session through the SIP server, the SIP server sends an Authorization Request message to the SIP client of the user. The SIP client reads the user's digital otoacoustic signature, generates a response based on the digital otoacoustic signature, and embeds the response in a second Invite message sent back to the SIP server. Meanwhile, the SIP server determines an expected response, based on the digital otoacoustic signature registered by the user. If the response provided by the SIP client matches the response expected by the SIP server, the SIP server allows establishment of the server. The invention is of particular use with IP telephony services, since end user devices used with such services are ergonomically well suited for reading of otoacoustic signatures. The invention may also be used to authenticate an intended recipient of an SIP call.
摘要翻译: 提供了一种用于认证尝试建立使用SIP的服务的用户的方法和装置。 用户通过提供用户的数字耳声签名向SIP服务器注册。 此后,当用户尝试通过SIP服务器发起会话时,SIP服务器向用户的SIP客户端发送授权请求消息。 SIP客户端读取用户的数字耳声签名,基于数字耳声签名产生响应,并将响应嵌入到发送回SIP服务器的第二个邀请消息中。 同时,SIP服务器基于用户登记的数字耳声标签来确定预期响应。 如果SIP客户端提供的响应与SIP服务器预期的响应匹配,则SIP服务器允许建立服务器。 本发明特别用于IP电话业务,因为与此类服务一起使用的终端用户设备符合人体工程学非常适合于读取耳声特征。 本发明还可以用于认证SIP呼叫的预期接收者。
-
2.发明申请Mobile phone locking system using multiple biometric factors for owner authentication 审中-公开手机锁定系统使用多个生物识别因子进行业主验证公开(公告)号:US20080005575A1
公开(公告)日:2008-01-03
申请号:US11477613
申请日:2006-06-30
IPC分类号: H04L9/00
CPC分类号: G07C9/00158 , H04M1/66 , H04M1/67 , H04M2201/41
摘要: A method and apparatus are provided for authenticating a user of a mobile phone. While the user holds the phone to his or her ear, a microphone near the earpiece emits clicks into the user's ear. The speaker of the phone measures the response from the ear as an otoacoustic signal. A processor digitizes the measured otoacoustic signal to produce a received digital otoacoustic signature, and compares this with a stored digital otoacoustic signature of a legitimate user. If the signatures match, the phone is enabled. The invention allows secure authentication of mobile phones in a manner very natural and convenient to users.
摘要翻译: 提供了一种用于认证移动电话的用户的方法和装置。 当用户将手机保持在他或她的耳朵时,耳机附近的麦克风发出点击进入用户的耳朵。 手机的扬声器测量耳朵的响应作为耳声信号。 处理器将测量的耳声信号数字化,以产生接收的数字耳声特征,并将其与合法用户的存储数字耳声特征进行比较。 如果签名匹配,手机启用。 本发明允许以对用户非常自然和方便的方式对移动电话进行安全认证。
-
公开(公告)号:US07783756B2
公开(公告)日:2010-08-24
申请号:US11143620
申请日:2005-06-03
IPC分类号: G06F15/173
CPC分类号: H04L29/12009 , H04L9/3228 , H04L29/12783 , H04L61/35 , H04L63/1466 , H04L2209/80 , H04W8/26 , H04W12/12 , H04W48/20
摘要: Mechanisms and methods for providing a mobile/wireless device with protection against false access-point/base-station attacks using MAC address protection are presented. The mobile/wireless device known as mobile client (MC) gains access to wireless network by discovering and selectively associating with an access point (AP). The MAC addresses of both the AP and the MC are protected during all communications between the AP and MC during the discovery phase. This protection mitigates MAC address spoofing type attacks on both the AP and the MC.
摘要翻译: 提出了使用MAC地址保护为移动/无线设备提供防止虚假接入点/基站攻击的机制和方法。 称为移动客户端(MC)的移动/无线设备通过发现和选择性地与接入点(AP)关联来获得对无线网络的接入。 在发现阶段,在AP和MC之间的所有通信期间,AP和MC两者的MAC地址都受到保护。 这种保护可以减轻AP和MC两者的MAC地址欺骗类型攻击。
-
4.发明申请Mechanism for authentication of caller and callee using otoacoustic emissions 有权使用耳声发射的呼叫者和被呼叫者认证机制公开(公告)号:US20080172728A1
公开(公告)日:2008-07-17
申请号:US11653980
申请日:2007-01-17
CPC分类号: G07C9/00158 , G06F21/32 , H04L63/0861 , H04L65/1006 , H04L65/1069
摘要: A method and apparatus are provided for authenticating a user attempting to establish a service which uses SIP. The user registers with the SIP server by providing the digital otoacoustic signature of the user. Thereafter, when the user attempts to initiate a session through the SIP server, the SIP server sends an Authorization Request message to the SIP client of the user. The SIP client reads the user's digital otoacoustic signature, generates a response based on the digital otoacoustic signature, and embeds the response in a second Invite message sent back to the SIP server. Meanwhile, the SIP server determines an expected response, based on the digital otoacoustic signature registered by the user. If the response provided by the SIP client matches the response expected by the SIP server, the SIP server allows establishment of the server. The invention is of particular use with IP telephony services, since end user devices used with such services are ergonomically well suited for reading of otoacoustic signatures. The invention may also be used to authenticate an intended recipient of an SIP call.
摘要翻译: 提供了一种用于认证尝试建立使用SIP的服务的用户的方法和装置。 用户通过提供用户的数字耳声签名向SIP服务器注册。 此后,当用户尝试通过SIP服务器发起会话时,SIP服务器向用户的SIP客户端发送授权请求消息。 SIP客户端读取用户的数字耳声签名,基于数字耳声签名产生响应,并将响应嵌入到发送回SIP服务器的第二个邀请消息中。 同时,SIP服务器基于用户登记的数字耳声标签来确定预期响应。 如果SIP客户端提供的响应与SIP服务器预期的响应匹配,则SIP服务器允许建立服务器。 本发明特别用于IP电话业务,因为与此类服务一起使用的终端用户设备符合人体工程学非常适合于读取耳声特征。 本发明还可以用于认证SIP呼叫的预期接收者。
-
5.发明授权System and method of network access security policy management by user and device 有权用户和设备进行网络访问安全策略管理的系统和方法公开(公告)号:US08856890B2
公开(公告)日:2014-10-07
申请号:US11704354
申请日:2007-02-09
IPC分类号: H04L29/06
CPC分类号: H04L63/0263 , H04L63/20
摘要: A system and method are provided for management of access security by user and device. A security policy enforcement point is provided with a user policy module to receive user credentials from an access device of the user and a point for setting device dependent security policy to receive device credentials from the access device. A user policy is retrieved from a user database with use of the user credentials while a device policy is retrieved from a device database with use of the device credentials. The user policy and device policy are combined and used in the SPEP to enforce a user and device based security policy.
摘要翻译: 提供了一种用于管理用户和设备的访问安全性的系统和方法。 用户策略模块提供安全策略执行点,以从用户的接入设备接收用户凭证,以及用于设置依赖于设备的安全策略以从接入设备接收设备凭证的点。 在使用设备凭证从设备数据库检索设备策略时,使用用户凭据从用户数据库中检索用户策略。 SPEP中组合使用用户策略和设备策略,强制执行基于用户和设备的安全策略。
-
6.发明授权System and method of network access security policy management for multimodal device 有权多模式设备的网络访问安全策略管理系统和方法公开(公告)号:US08191106B2
公开(公告)日:2012-05-29
申请号:US11808236
申请日:2007-06-07
摘要: A system and method are provided for management of access security for access by a multimodal device to a converged fixed/mobile network. An inter-technology change-off monitoring entity (ICME) is provided to monitor an inter-technology change-off of the multimodal device and to notify a policy manager of the inter-technology change-off. The policy manager looks up in a policy database, security policies applicable to the user of the multimodal device and the particular technology being used by the multimodal device. The policy manager conveys to various policy enforcement points throughout the converged fixed/mobile network the applicable security policies which take into account the user's identity and the access technology being used.
摘要翻译: 提供了一种系统和方法,用于管理由多模式设备访问融合的固定/移动网络的访问安全性。 提供了一个技术间切换监控实体(ICME)来监控多模态设备的技术间切换,并向策略管理员通知技术间的切换。 策略管理器查找策略数据库,适用于多模态设备的用户的安全策略以及多模式设备正在使用的特定技术。 政策主管向整合的固定/移动网络传达各种政策执行点,考虑到用户的身份和正在使用的访问技术的适用的安全策略。
-
公开(公告)号:US07613920B2
公开(公告)日:2009-11-03
申请号:US11207801
申请日:2005-08-22
IPC分类号: H04L29/06
CPC分类号: H04L63/0272 , H04L63/0281 , H04L63/0464 , H04L63/0471 , H04L63/164 , H04W12/02
摘要: A method for enabling a mobile node to transmit encrypted data over a path including a wireless link and an untrusted link, while avoiding double encryption on any link. The data on the end-to-end path is encrypted using an application specific security mechanism, or an L2 mechanism is used for encrypting the data on the wireless link as mandated by the wireless standards, and an application specific security mechanism is used for encrypting the data on the untrusted link. By avoiding redundant double encryption, the method of the invention results in optimizing the use of network resources in bandwidth-limited wireless networks and increases the life of the mobile node battery.
摘要翻译: 一种使得移动节点能够在包括无线链路和不可信链路的路径上传送加密数据的方法,同时避免在任何链路上的双重加密。 端到端路径上的数据使用特定于应用的安全机制进行加密,或者根据无线标准规定使用L2机制来加密无线链路上的数据,并且使用特定于应用的安全机制进行加密 不可信链接上的数据。 通过避免冗余双重加密,本发明的方法导致优化在带宽受限的无线网络中的网络资源的使用,并且增加了移动节点电池的寿命。
-
8.发明申请System and method of securely processing lawfully intercepted network traffic 有权安全处理合法拦截的网络流量的系统和方法公开(公告)号:US20080127335A1
公开(公告)日:2008-05-29
申请号:US11522462
申请日:2006-09-18
CPC分类号: H04L63/1425 , H04L63/00 , H04L63/30 , H04L63/306
摘要: A system and method are provided for supporting storage and analysis by law enforcement agency premises equipment of intercepted network traffic. The system and method provide integrity of the intercepted network traffic stored in an archive in accordance with lawful intercept requirements by storing all of the intercepted traffic, both benign and malicious, in the archive in its original form. The system and method furthermore provide for security from any malicious data packets of the archive by separating the malicious packets from the benign packets and forwarding only the benign packets to analysis applications of the law enforcement agency premises equipment.
摘要翻译: 提供了一种系统和方法,用于支持被执行机构驻地设备的拦截网络流量的存储和分析。 该系统和方法通过以原始形式将归档中的所有截获的流量存储在良性和恶意中,从而根据合法拦截要求来提供存储在归档中的被拦截的网络流量的完整性。 该系统和方法还通过将恶意数据包与良性数据包进行分离,并将唯一的数据包转发给执法机构驻地设备的分析应用程序,进一步提供了归档的任何恶意数据包的安全性。
-
公开(公告)号:US07339928B2
公开(公告)日:2008-03-04
申请号:US10068525
申请日:2002-02-04
IPC分类号: H04B7/00
CPC分类号: H04W8/087 , H04L45/00 , H04W8/085 , H04W36/18 , H04W40/248 , H04W40/26 , H04W40/36 , H04W80/04
摘要: A micro-mobility network routing system and method implementing a protocol that extends the macro mobility support of Mobile IP to support micro mobility is disclosed which permits a more efficient and easily implemented Internet routing protocol for network devices to be affected. The macro mobility feature herein refers to the notion in which the mobile node gains access to the Internet, while retaining the same IP address. This concept is used only once when the mobile node enters the coverage area of a foreign domain (eventually its home domain). The concept of micro mobility within this context eases routing packets to the mobile node while its moves within the foreign network. The present invention implements these new features via the use of message compositions and protocol extensions that extend the prior art Mobile IP protocols.
摘要翻译: 公开了一种实现扩展移动IP的宏移动性支持以支持微移动性的协议的微移动网络路由系统和方法,其允许影响网络设备的更有效且容易实现的因特网路由协议。 这里的宏移动性特征是指移动节点在保留相同IP地址的同时获得对因特网的访问的概念。 当移动节点进入外部域(最终到其归属域)的覆盖区域时,该概念仅使用一次。 在这种情况下,微移动性的概念在外部网络中移动时,将路由分组简化为移动节点。 本发明通过使用扩展现有技术移动IP协议的消息组合和协议扩展来实现这些新特征。
-
10.发明授权公开(公告)号:US07409715B2
公开(公告)日:2008-08-05
申请号:US10731029
申请日:2003-12-10
CPC分类号: H04W12/12 , H04L63/1408 , H04L63/1466
摘要: An impersonation detection system for a wireless node of a wireless communication network is described. The system comprises an intrusion detection module for correlating the original data frames transmitted by the wireless node with incoming data frames received over the air interface. The wireless node is connected to the intrusion detection module over a secure link, for receiving a copy of the original data frames. A method for detecting impersonation based attacks at a wireless node is also disclosed.
摘要翻译: 描述了一种用于无线通信网络的无线节点的模拟检测系统。 该系统包括入侵检测模块,用于将由无线节点发送的原始数据帧与通过空中接口接收的输入数据帧相关联。 无线节点通过安全链路连接到入侵检测模块,用于接收原始数据帧的副本。 还公开了一种用于在无线节点处检测基于模拟的攻击的方法。
-
-
-
-
-
-
-
-
-
搜索结果
20 条记录 (耗时 0.019 秒)
