摘要:
An approach is provided for building a scalable service platform by initiating transmission of encrypted data from a public network cache. An access control server platform determines a first authorization key for a user and a second authorization key for a resource, and then encrypts the resource with the second authorization key, and encrypts the second authorization key with the first authorization key. The access control server platform initiates distribution of the encrypted second authorization key with the encrypted resource over a network. The access control server platform further initiates caching the encrypted second authorization key with the encrypted resource that meets a predefined threshold value (e.g., a data size, an access frequency, a modification frequency, or an auditing requirement) in a cache in the network, and initiates transmission of the cached and encrypted second authorization key with the cached and encrypted resource from the cache to at least one authorized entity.
摘要:
An approach is provided for building a scalable service platform by initiating transmission of encrypted data from a public network cache. An access control server platform determines a first authorization key for a user and a second authorization key for a resource, and then encrypts the resource with the second authorization key, and encrypts the second authorization key with the first authorization key. The access control server platform initiates distribution of the encrypted second authorization key with the encrypted resource over a network. The access control server platform further initiates caching the encrypted second authorization key with the encrypted resource that meets a predefined threshold value (e.g., a data size, an access frequency, a modification frequency, or an auditing requirement) in a cache in the network, and initiates transmission of the cached and encrypted second authorization key with the cached and encrypted resource from the cache to at least one authorized entity.
摘要:
A user equipment in a communications system, the user equipment comprising: a memory arranged to store at least one identifier associated with the user equipment; a transceiver arranged to communicate with a node in the communication system, wherein the transceiver is arranged to receive the at least one identifier from the node in the communications system, wherein the at least one identifier is used by the user equipment to authenticate the user equipment to at least one further node in the communications system.
摘要:
A method and arrangements for managing user security data stored in a database of a communications system. In the method a user equipment transmits a request to manage the user security data, the user equipment is authenticated, after which an application entity can manage user security data in the database that associates with the user by communicating data between the application entity and the database connected to the communications system.
摘要:
A method in a system for transferring accounting information, a system for transferring accounting information, a method in a terminal, a terminal, a method in an Extensible Authentication Protocol (EAP) service authorization server, an EAP service authorization server, a computer program, an Extensible Authentication Protocol response (EAP-response) packet, wherein the method:meters data related to a service used by at least one terminal,provides the metered data as accounting information to at least one Extensible Authentication Protocol (EAP) service authorization server,sends, by means of an Extensible Authentication Protocol request (EAP-request), a service authorization request from the at least one EAP service authorization server to the at least one terminal,digitally signs accounting information, in the at least one terminal,includes, at the at least one terminal, the digitally signed accounting information in an Extensible Authentication Protocol response (EAP-response), andsends the digitally signed accounting information to an AAA-server.
摘要:
An apparatus for re-keying a mobile terminal in a foreign network includes a processor. The processor is configured to receive, at the apparatus which is physically located in the foreign network, a request for re-keying from the mobile terminal in the foreign network. The processor is also configured to translate the request for transmission to a home network of the mobile terminal and to transmit the translated request to a bootstrapping server function of the home network.
摘要:
A method and apparatus provide generic mechanism for a network application server. A receiver receives a request from a user equipment to provide authentication information to a network application function. A determining unit determines a key of a generic authentication architecture to integrate additional network application servers by extending an existing standard for user security settings. A providing unit provides the authentication information to the network application function.
摘要:
Methods of creating a secure channel over which credit card personalization data can be transmitted over the air (OTA) are provided. In particular, Generic Authentication Architecture (GAA) may be used to establish a secure communication channel between the user equipment (UE) and a personalization application server or bureau acting as a network application function (NAF) server. An user equipment, personalization application service (e.g., a NAF server), a system embodying a personalization application server and an user equipment, and a computer program product are also provided for creating a secure channel, such as via GAA, over which credit card personalization data can be transmitted OTA.
摘要:
A method of authenticating a user seeking access to a service from a service provider in a communication network, the method comprising: allocating to a user a plurality of service-specific identities for accessing respective services; issuing a request from the user, the request identifying the service to be accessed and including a public key of the user; at a certification authority, authenticating the request and issuing a public key certificate for binding the service-specific identity with the public key in the request, and returning the public key certificate to the user.
摘要:
A method for verifying a first identity and a second identity of an entity, said method comprising: receiving first identity information at a checking entity; sending second identity information from the entity to said checking entity; verifying that the first and second identities both belong to said entity; and generating a key using one of said first and second identity information.