公开(公告)号：WO2008074620A3

公开(公告)日：2008-11-20

申请号：PCT/EP2007063152

申请日：2007-12-03

Applicant: NOKIA SIEMENS NETWORKS GMBH ,  FALK RAINER ,  KOHLMAYER FLORIAN ,  KROESELBERG DIRK

Inventor： FALK RAINER ,  KOHLMAYER FLORIAN ,  KROESELBERG DIRK

IPC: H04L29/06 ,  H04L9/08 ,  H04W12/04 ,  H04W84/12

CPC classification number: H04W12/04 ,  H04L9/0827 ,  H04L63/062 ,  H04L63/0892 ,  H04L63/162 ,  H04L2209/76 ,  H04L2209/80 ,  H04L2463/061 ,  H04W12/06 ,  H04W84/12

Abstract: The invention relates to a method for providing a special-purpose key for securing a data link between a mobile terminal (MS) and a network access server (NWZS) of an access network (ZNW). According to said method, once the mobile terminal (MS) is successfully authenticated via the network access server (NWZS) and via at least one authentication proxy server of an authentication signal path (ASP) a non-special purpose universal key (K) is generated by an authentication server (AS) of the mobile terminal (MS). A derived key is derived from said universal key by at least one authentication proxy server along the authentication signal path (ASP) or by the network access server (NWZS) depending on a character string (ZK), which has at least one respective binding criterion (BK). Said derived key forms the special-purpose key that has a special purpose defined by the binding criterion (BK).

Abstract translation: 一种用于保护移动终端MS和网络接入服务器之间的数据连接提供专用密钥的方法NWZS接入网络ZNW，其中，经由所述网络接入服务器NWZS和认证信号路径ASP的至少一认证的代理服务器移动终端MS的认证成功后，由 作为移动终端MS的认证服务器，响应于字符串ZK其中至少一个限制性非专用的通用密钥K的生成，从其通过沿所述认证信号路径ASP至少一个认证代理服务器或通过网络接入服务器NWZS 具有结合标准BK，导出密钥导出在其预期用途的结合标准BK专用密钥对应的形式。

公开(公告)号：WO2010127697A1

公开(公告)日：2010-11-11

申请号：PCT/EP2009/055494

申请日：2009-05-06

Applicant: NOKIA SIEMENS NETWORKS OY ,  ZHANG, Yi ,  KROESELBERG, Dirk

Inventor： ZHANG, Yi ,  KROESELBERG, Dirk

IPC: H04W12/08

CPC classification number: H04W12/08 ,  H04L63/0892 ,  H04W84/045

Abstract: It is described a method for controlling an admission of a mobile station (MS) (220) to a femto access point (FAP) (210). The method comprises (a) receiving an access request message by an AAA server (250), wherein the access request message comprises a closed subscriber group (CSG) information being assigned to the FAP and wherein the access request message is indicative for an access request of the MS to the FAP, which is connected via a femto gateway (234) and/or via a FAP management system (132) to the AAA server, (b) performing an admission control by the AAA server, whereby the CSG information of the access request message is compared with admission control data being stored in the AAA, (c) returning a first access message from the AAA server to the femto gateway and/or to the FAP management system, wherein the first access message is indicative for a match or a missing match between the CSG information and the admission control data, (d) transmitting a second access message from the femto gateway and/or from the FAP management system to the FAP based on first access message, and (e) granting or refusing the access request to the MS by the FAP based on the second access message. It is further described an AAA server and a computer program for executing the described admission control method.

Abstract translation: 描述了一种用于控制移动台（MS）（220）接纳到毫微微接入点（FAP）（210）的方法。 该方法包括（a）由AAA服务器（250）接收访问请求消息，其中所述访问请求消息包括分配给所述FAP的封闭用户组（CSG）信息，并且其中所述访问请求消息指示访问请求 MS经由Femto网关（234）和/或经由FAP管理系统（132）与AAA服务器连接的FAP，（b）执行AAA服务器的接纳控制，由此，CSG信息 将访问请求消息与存储在AAA中的准入控制数据进行比较，（c）将第一访问消息从AAA服务器返回到毫微微网关和/或FAP管理系统，其中第一访问消息指示一个 （d）基于第一接入消息，从毫微微网关和/或从FAP管理系统向FAP发送第二接入消息，以及（e）授权或 REF 使用基于第二访问消息的FAP对MS的访问请求。 进一步描述用于执行所述准入控制方法的AAA服务器和计算机程序。

公开(公告)号：WO2007080050A2

公开(公告)日：2007-07-19

申请号：PCT/EP2006070011

申请日：2006-12-20

Applicant: SIEMENS AG ,  KROESELBERG DIRK ,  PREMEC DOMAGOJ ,  TSCHOFENIG HANNES ,  WISENOECKER RICHARD

Inventor： KROESELBERG DIRK ,  PREMEC DOMAGOJ ,  TSCHOFENIG HANNES ,  WISENOECKER RICHARD

IPC: H04W4/24 ,  H04W12/06 ,  H04W28/24

CPC classification number: H04W72/087 ,  H04L63/08 ,  H04L63/0892 ,  H04L63/20 ,  H04W4/24 ,  H04W12/06 ,  H04W28/24

Abstract: The invention relates to a method for providing service quality in a WiMAX communication network, and a method for selecting an access transport resource control function by means of a guideline decision-making function in a communication network. According to a method for providing service quality on an air interface (R1) of an access network (ASN) in a WiMAX communication network by means of an application function (AF), the application function aims to provide a user of the WiMAX communication network with a service quality-related application. The desired service quality is signalled by means of an authentication, authorisation and accounting infrastructure of the WiMAX communication network.

Abstract translation: 一种用于提供服务的在WiMAX通信网络用于通过一个通信网络中的方法的策略决策功能的装置，用于通过在WiMAX通信网络的接入网络（ASN）的空中接口（R1）上提供的服务质量选择接入传输资源控制功能的质量和方法的方法 应用功能（AF）想提供WiMAX通信网络的一个用户ZER一个dienstqualitätbe-早期应用的应用功能（AF）。 期望的服务质量是通过WiMAX通信网络的鉴权，授权和计费基础设施发出信号。

公开(公告)号：WO2007137987A3

公开(公告)日：2008-02-07

申请号：PCT/EP2007055045

申请日：2007-05-24

Applicant: SIEMENS AG ,  FALK RAINER ,  KROESELBERG DIRK

Inventor： FALK RAINER ,  KROESELBERG DIRK

IPC: H04L29/06

CPC classification number: H04L63/06 ,  H04L63/08 ,  H04L63/0892 ,  H04W12/04 ,  H04W12/06 ,  H04W80/04

Abstract: Method for providing an IP key, for encoding messages between a user terminal MS or a PMIP client and a home agent HA, wherein an authentication server only provides the mobile IP key when the authentication server recognises, by means of a correspondingly encoded parameter, that the user terminal MS itself is not using mobile IP (PMIP).

Abstract translation: 一种用于提供移动IP密钥，它提供了一种用于用户终端MS或者PMIP客户机和归属代理HA，其特征在于，认证服务器移动IP密钥只提供之间的消息进行加密，方法，如果一个相应的编码参数的基础上的认证服务器 认识到，用户终端MS本身不使用移动IP PMIP。

公开(公告)号：WO2007080050A9

公开(公告)日：2007-11-08

申请号：PCT/EP2006070011

申请日：2006-12-20

Applicant: SIEMENS AG ,  KROESELBERG DIRK ,  PREMEC DOMAGOJ ,  TSCHOFENIG HANNES ,  WISENOECKER RICHARD

Inventor： KROESELBERG DIRK ,  PREMEC DOMAGOJ ,  TSCHOFENIG HANNES ,  WISENOECKER RICHARD

IPC: H04W4/24 ,  H04W12/06 ,  H04W28/24

CPC classification number: H04W72/087 ,  H04L63/08 ,  H04L63/0892 ,  H04L63/20 ,  H04W4/24 ,  H04W12/06 ,  H04W28/24

Abstract: The invention relates to a method for providing service quality in a WiMAX communication network, and a method for selecting an access transport resource control function by means of a guideline decision-making function in a communication network. According to a method for providing service quality on an air interface (R1) of an access network (ASN) in a WiMAX communication network by means of an application function (AF), the application function aims to provide a user of the WiMAX communication network with a service quality-related application. The desired service quality is signalled by means of an authentication, authorisation and accounting infrastructure of the WiMAX communication network.

Abstract translation: 一种用于提供服务的在WiMAX通信网络用于通过一个通信网络中的方法的策略决策功能的装置，用于通过在WiMAX通信网络的接入网络（ASN）的空中接口（R1）上提供的服务质量选择接入传输资源控制功能的质量和方法的方法 应用功能（AF）想提供WiMAX通信网络的一个用户ZER服务相关的应用的质量的应用功能（AF）。 期望的服务质量是通过WiMAX通信网络的鉴权，授权和计费基础设施发出信号。

公开(公告)号：WO2011151095A1

公开(公告)日：2011-12-08

申请号：PCT/EP2011/055400

申请日：2011-04-07

Applicant: NOKIA SIEMENS NETWORKS OY ,  KROESELBERG, Dirk ,  RIEGEL, Maximilian

Inventor： KROESELBERG, Dirk ,  RIEGEL, Maximilian

IPC: H04W92/02 ,  H04L12/46 ,  H04L12/06

CPC classification number: G06F21/31 ,  H04W12/06 ,  H04W92/02

Abstract: A method of connecting a mobile station to a communications network is provided. The method includes performing an authentication of the mobile station at the network. A secure identifier is received at a gateway node of the network and at an access node from an authentication node of the network if it is determined by the authentication that the mobile station is a subscriber to the network. The secure identifier is generated at the mobile station if it is determined by the authentication that the mobile station is a subscriber to the network. A first secure communications tunnel is established from the access node to the mobile station using a value of the secure identifier and a second secure communications tunnel is established from the access node to the gateway node of the network using the value of the secure identifier. The first and second communications tunnels are bound together to form a communications path between the mobile station and the network

Abstract translation: 提供了一种将移动台连接到通信网络的方法。 该方法包括在网络中执行移动台的认证。 如果通过认证确定移动站是网络的订户，则在网络的网关节点处和在来自网络的认证节点的接入节点处接收安全标识符。 如果通过认证确定移动台是网络的订户，则在移动台产生安全标识符。 使用安全标识符的值从接入节点到移动台建立第一安全通信隧道，并且使用安全标识符的值从接入节点到网络的网关节点建立第二安全通信隧道。 第一和第二通信隧道绑定在一起以形成移动台和网络之间的通信路径

公开(公告)号：WO2011116821A1

公开(公告)日：2011-09-29

申请号：PCT/EP2010/053907

申请日：2010-03-25

Applicant: NOKIA SIEMENS NETWORKS OY ,  KROESELBERG, Dirk

Inventor： KROESELBERG, Dirk

IPC: H04W12/02 ,  H04L29/06 ,  H04W36/00

CPC classification number: H04W12/02 ,  H04L63/0407 ,  H04W84/12

Abstract: A method of protecting an identity of a mobile station in a communications network is provided, where the communications network includes an access node and a gateway node. The method includes receiving a first mobile station identifier value at the access node, storing the first value in the access node, receiving a second mobile station identifier value, correlating the second identifier value with the first identifier value in the access node, sending the first and second identifier values from the access node to the gateway node over an interface, storing the first identifier value and the second identifier value in the gateway node, and correlating the second identifier value with the first identifier value in the gateway node.

Abstract translation: 提供一种在通信网络中保护移动台的身份的方法，其中通信网络包括接入节点和网关节点。 该方法包括在接入节点接收第一移动台标识符值，将第一值存储在接入节点中，接收第二移动台标识符值，将第二标识符值与接入节点中的第一标识符值相关联，发送第一移动台标识符值 以及通过接口从接入节点到网关节点的第二标识符值，将第一标识符值和第二标识符值存储在网关节点中，并且将第二标识符值与网关节点中的第一标识符值相关联。

公开(公告)号：WO2010121655A1

公开(公告)日：2010-10-28

申请号：PCT/EP2009/054815

申请日：2009-04-22

Applicant: NOKIA SIEMENS NETWORKS OY ,  ZHANG, Yi ,  ZHANG, Shun Liang ,  ZHOU, Wei Hua ,  BRANDT, Achim von ,  KROESELBERG, Dirk

Inventor： ZHANG, Yi ,  ZHANG, Shun Liang ,  ZHOU, Wei Hua ,  BRANDT, Achim von ,  KROESELBERG, Dirk

IPC: H04W12/00

CPC classification number: H04L63/20 ,  H04L63/101 ,  H04L63/104 ,  H04W12/06 ,  H04W12/08 ,  H04W84/045

Abstract: It is described a method for performing an update of a closed subscriber group being assigned to a femto access point (210) of a telecommunication network, wherein the femto access point (210) is coupled to a femto access point management system (232). The method comprises (a) receiving by the femto access point management system (232) an update request for updating the closed subscriber group, (b) transmitting from the femto access point management system (232) an authorization request for updating the closed subscriber group to an authentication, authorization and accounting server (252, 254) or to a data base, (c) receiving by the femto access point management system (232) an authorization message for updating the closed subscriber group from the authentication, authorization and accounting server (252, 254) or from a data base, and (d) informing a mobile station (220) being connected to the femto access point (210) or to a macro base station (234) of the telecommunication network about a successful update of the closed subscriber group. It is further described a femto access point management system (232) for managing at least one femto access point (210).

Abstract translation: 描述了一种用于执行分配给电信网络的毫微微接入点（210）的封闭用户组的更新的方法，其中所述毫微微接入点（210）耦合到毫微微接入点管理系统（232）。 所述方法包括：（a）由所述毫微微接入点管理系统（232）接收更新所述封闭用户组的更新请求，（b）从所述毫微微接入点管理系统（232）发送用于更新所述封闭用户组 授权和计费服务器（252,254）或数据库，（c）由毫微微接入点管理系统（232）接收用于从认证授权和计费服务器更新封闭用户组的授权消息 （252,254）或数据库，以及（d）通知移动站（220）连接到所述电信网络的毫微微接入点（210）或宏基站（234），关于成功更新 封闭用户组。 进一步描述用于管理至少一个毫微微接入点（210）的毫微微接入点管理系统（232）。