公开(公告)号：WO2017134449A1

公开(公告)日：2017-08-10

申请号：PCT/GB2017/050268

申请日：2017-02-03

Applicant: VODAFONE IP LICENSING LIMITED

Inventor： BONE, Nicholas ,  SNAPE, Timothy ,  DERAKHSHAN, Peyman

IPC: H04L29/06 ,  H04W12/02

CPC classification number: H04L63/205 ,  H04L67/12 ,  H04L69/24 ,  H04W12/02

Abstract: There are provided methods, systems and apparatus for identifying and/or changing the level of bearer security provided for a communications connection (315) between a terminal (310) and a serving network (320). An example method comprises the steps of communicating from the terminal (310) to a telecommunications network entity (324) in the serving network a security demand comprising at least one request for at least one particular security setting to be applied to a corresponding security parameter of the communications connection, wherein the security parameter defines an aspect of the security of the communications connection. If at least one of the requested particular security settings can be applied to the corresponding security parameter, the telecommunications network entity applies the requested security setting to the corresponding security parameter.

Abstract translation: 提供了用于识别和/或改变为终端（310）和服务网络（320）之间的通信连接（315）提供的承载安全等级的方法，系统和装置。 一种示例方法包括以下步骤：从服务网络中的终端（310）向电信网络实体（324）传送包括至少一个对至少一个特定安全设置的请求的安全需求，所述至少一个特定安全设置将被应用于相应的安全参数 所述通信连接，其中所述安全参数定义所述通信连接的安全性的方面。 如果所请求的特定安全设置中的至少一个可以应用于相应的安全参数，则电信网络实体将所请求的安全设置应用于相应的安全参数。

公开(公告)号：WO2017132277A1

公开(公告)日：2017-08-03

申请号：PCT/US2017/014971

申请日：2017-01-25

Applicant: BLACKBERRY LIMITED ,  BUCKLEY, Adrian ,  ALLEN, Andrew Michael ,  BUCKLEY, Michael Eoin

Inventor： BUCKLEY, Adrian ,  ALLEN, Andrew Michael ,  BUCKLEY, Michael Eoin

IPC: H04L29/06

CPC classification number: H04L63/08 ,  H04L63/205

Abstract: The present disclosure describes methods and systems for establishing a Session Initiation Protocol Session. One method includes transmitting a first message requesting authentication configuration information; in response to the first message, receiving a second message that includes the authentication configuration information; transmitting a third message that includes authentication information based upon the received authentication configuration information; receiving an authentication challenge request that is formatted according to the second protocol; and in response to receiving the authentication challenge request, transmitting an authentication response to the second network node.

Abstract translation: 本公开描述了用于建立会话发起协议会话的方法和系统。 一种方法包括发送请求认证配置信息的第一消息; 响应于所述第一消息，接收包括所述认证配置信息的第二消息; 基于所接收的认证配置信息发送包括认证信息的第三消息; 接收根据第二协议格式化的认证挑战请求; 并且响应于接收到认证询问请求，向第二网络节点发送认证响应。

公开(公告)号：WO2017121854A1

公开(公告)日：2017-07-20

申请号：PCT/EP2017/050675

申请日：2017-01-13

Applicant: NOKIA SOLUTIONS AND NETWORKS OY

Inventor： HORN, Guenther

IPC: H04L29/06 ,  H04W12/02 ,  H04W12/10

CPC classification number: H04L63/205 ,  H04L63/0428 ,  H04L63/123 ,  H04L63/162 ,  H04L63/164 ,  H04W12/02 ,  H04W12/10

Abstract: Various communication systems may benefit from appropriate security measures. For example, mobile networks may benefit from the flexible selection of security features. A method can include receiving an attach request. The method can also include sending a response to the request. The response can include information configured to allow selection of a control plane integrity algorithm independently of a user plane integrity algorithm.

Abstract translation:

各种通信系统可能受益于适当的安全措施。 例如，移动网络可能受益于安全功能的灵活选择。 一种方法可以包括接收附着请求。 该方法还可以包括发送对请求的响应。 响应可以包括配置为允许独立于用户面完整性算法来选择控制面完整性算法的信息。

公开(公告)号：WO2017082527A1

公开(公告)日：2017-05-18

申请号：PCT/KR2016/009761

申请日：2016-09-01

Applicant: SAMSUNG ELECTRONICS CO., LTD.

Inventor： KANG, Ki Seok ,  PARK, Hong Chan ,  KIM, Gi Beom ,  PARK, Sung Soo ,  LEE, Young Kow ,  KANG, Hyuk ,  JIN, In Ji

IPC: H04W76/02 ,  H04W12/06 ,  H04W88/06

CPC classification number: H04W12/06 ,  H04L63/083 ,  H04L63/0876 ,  H04L63/205 ,  H04W76/14 ,  H04W88/04 ,  H04W88/06

Abstract: An electronic device is provided. The electronic device includes at least one communication module and a processor configured to control the at least one communication module. The processor is configured to verify properties of at least one communication network accessed by the electronic device through the at least one communication module, to determine an authentication scheme to be applied to a communication connection between the electronic device and an external electronic device and to establish the communication connection such that the external electronic device accesses the at least one communication network through the electronic device based on the authentication scheme.

Abstract translation:

提供了一种电子设备。 该电子设备包括至少一个通信模块和被配置为控制至少一个通信模块的处理器。 处理器被配置为通过至少一个通信模块来验证由电子设备访问的至少一个通信网络的属性，以确定要应用于电子设备与外部电子设备之间的通信连接的认证方案并且建立 所述通信连接使得所述外部电子设备基于所述认证方案通过所述电子设备访问所述至少一个通信网络。

公开(公告)号：WO2017025149A1

公开(公告)日：2017-02-16

申请号：PCT/EP2015/068686

申请日：2015-08-13

Applicant: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)

Inventor： SALMELA, Patrik ,  AMIN, Parth ,  SLAVOV, Kristian ,  SETHI, Mohit

IPC: H04L29/06

CPC classification number: H04W12/06 ,  H04L63/08 ,  H04L63/0892 ,  H04L63/162 ,  H04L63/205 ,  H04W84/12

Abstract: A method (100), performed by an Extensible Authentication Protocol (EAP) authenticator in a communication network, is disclosed. The method comprises obtaining an identification of at least one EAP method supported by an EAP authentication server providing an EAP authentication service to the EAP authenticator (110), wherein the identification is obtained from a network entity of the communication network or from inspection of traffic through the EAP authenticator. The method also comprises providing the identification of at least one EAP method to a device operable to request communication network access from the EAP authenticator (120). Also disclosed is a method (300), performed in an EAP authentication server in a communication network, the method comprising receiving a request for identification of EAP methods supported by the EAP authentication server (310), and sending a response to the request identifying at least one EAP method supported by the EAP authentication server (320). An EAP authenticator (500, 700, 900), EAP authentication server (600, 800, 1000) and computer program configured to carry out methods performed in an EAP authenticator and EAP authentication server are also disclosed.

Abstract translation: 公开了一种由通信网络中的可扩展认证协议（EAP）认证器执行的方法（100）。 所述方法包括：获得由EAP认证服务器向所述EAP认证器（110）提供EAP认证服务的EAP认证服务器所支持的至少一个EAP方法的标识，其中所述标识是从所述通信网络的网络实体获得的， EAP验证器。 该方法还包括向可操作以从EAP认证器（120）请求通信网络接入的设备提供至少一种EAP方法的识别。 还公开了一种在通信网络中的EAP认证服务器中执行的方法（300），所述方法包括：接收由所述EAP认证服务器（310）支持的EAP方法的识别请求，并发送对所述请求的响应 由EAP认证服务器支持的至少一种EAP方法（320）。 还公开了EAP认证器（500,700,900），EAP认证服务器（600,800,1000）和被配置为执行在EAP认证器和EAP认证服务器中执行的方法的计算机程序。

公开(公告)号：WO2017023813A1

公开(公告)日：2017-02-09

申请号：PCT/US2016/044906

申请日：2016-07-29

Applicant: WYFI, INC.

Inventor： DIMATTEO, Lawrence A., III ,  CLEMENSON, Matthew A.

IPC: G06F7/04

CPC classification number: H04L63/101 ,  G06F3/0482 ,  G06F3/04847 ,  H04L41/0266 ,  H04L41/0886 ,  H04L41/22 ,  H04L63/0428 ,  H04L63/105 ,  H04L63/107 ,  H04L63/205 ,  H04L67/306 ,  H04W12/04 ,  H04W12/08 ,  H04W48/08 ,  H04W76/38 ,  H04W84/12

Abstract: A WiFi access management system and methods of operation are disclosed. In one embodiment, a method comprises receiving, at a server, a wireless access profile and a wireless access list from a securing client device; transmitting an invitation message to an accessing client device associated with the wireless access list; receiving, at the server, a request from the accessing client device to connect to a wireless network associated with the wireless access profile in response to the invitation message; determining, using a processing unit of the server, an operating system of the accessing client device; creating, using the processing unit, a customized configuration file associated with the wireless network based on the operating system of the accessing client device, the wireless access profile, and the wireless access list; and transmitting the customized configuration file using a second encryption protocol to the accessing client device through the server communication unit.

Abstract translation: 公开了WiFi接入管理系统和操作方法。 在一个实施例中，一种方法包括在服务器处从安全客户端设备接收无线接入简档和无线接入列表; 向与所述无线接入列表相关联的接入客户端设备发送邀请消息; 在所述服务器处接收来自所述访问客户端设备的响应于所述邀请消息连接到与所述无线接入简档相关联的无线网络的请求; 使用所述服务器的处理单元确定所述访问客户端设备的操作系统; 基于所述访问客户端设备的操作系统，所述无线接入简档和所述无线接入列表，使用所述处理单元创建与所述无线网络相关联的定制配置文件; 以及通过所述服务器通信单元使用第二加密协议向所述访问客户端设备发送所述定制配置文件。

公开(公告)号：WO2016209780A2

公开(公告)日：2016-12-29

申请号：PCT/US2016/038447

申请日：2016-06-21

Applicant: MICROSOFT TECHNOLOGY LICENSING, LLC

Inventor： BAILEY, Guillaume ,  MAHENDRU, Kshitij ,  WU, Jun ,  ZARIC, Vlado

IPC: H04L29/06 ,  H04W12/06

CPC classification number: H04L63/08 ,  H04L63/102 ,  H04L63/205 ,  H04L2463/082 ,  H04W12/06

Abstract: Disclosed herein are systems and methods for determining learned associations between authentication credentials and network contextual data, such as may be utilized in a network that supports network roving. A mobile device attempts to rove to a visited network using authentication credentials associated with another network, based at least in part on first contextual information associated with the other network and second contextual information associated with the visited network indicating that the visited network is part of a common association of networks that supports roving internetworking between the networks of the common association.

Abstract translation: 这里公开了用于确定认证证书和网络上下文数据之间的学习关联的系统和方法，诸如可以在支持网络漫游的网络中使用。 移动设备至少部分地基于与另一网络相关联的第一上下文信息和与所访问网络相关联的第二上下文信息，尝试使用与另一网络相关联的认证凭证，到访问网络进行访问，指示所访问网络是 支持普通关联网络间漫游互联的网络通用关联。

公开(公告)号：WO2016173750A1

公开(公告)日：2016-11-03

申请号：PCT/EP2016/054869

申请日：2016-03-08

Applicant: LONGSAND LIMITED

Inventor： GUPTA, Saurabh ,  BABU, Reuti Raman

IPC: H04L29/06 ,  H04L9/12 ,  G06F21/60

CPC classification number: H04L63/205 ,  G06F21/606

Abstract: An example disclosed herein involves receiving (410), via a network, a request to initiate a data session between a client and a server; analyzing (420) characteristics of the network; and selecting (430) an encryption technology for the data session based on the characteristics of the network.

Abstract translation: 本文公开的示例涉及经由网络接收（410）发起客户端和服务器之间的数据会话的请求; 分析（420）网络特征; 以及基于所述网络的特性来选择（430）所述数据会话的加密技术。

公开(公告)号：WO2016168366A1

公开(公告)日：2016-10-20

申请号：PCT/US2016/027373

申请日：2016-04-13

Applicant: CLOUD RAXAK, INC.

Inventor： MULGAONKAR, Prasanna ,  MURTHY, Seshashayee

IPC: G06F11/30

CPC classification number: H04L63/205 ,  G06F21/57 ,  G06F21/577 ,  H04L41/0893 ,  H04L41/28 ,  H04L63/1425

Abstract: Systems and methods for compute resource configuration, verification, and remediation are provided herein. An example method includes verifying compliance of an operating system and compute assets provisioned configured within a middleware of a computing device using a pre-defined configuration profile, the compliance being determined by comparison of run-time hardware and software attributes of the compute assets to the pre-defined configuration profile comprising hardware and software requirements for the client.

Abstract translation: 本文提供了计算资源配置，验证和修复的系统和方法。 示例性方法包括使用预定义的配置简档来验证操作系统的合规性以及在计算设备的中间件内配置的计算资产，通过将计算资产的运行时硬件和软件属性与 预定义的配置配置文件包括客户端的硬件和软件要求。

公开(公告)号：WO2016112219A1

公开(公告)日：2016-07-14

申请号：PCT/US2016/012533

申请日：2016-01-07

Applicant: COUNTERTACK, INC.

Inventor： SZEKELY, Amir

IPC: H04L29/06 ,  G06F9/445 ,  G06F21/55 ,  G06F9/45 ,  G06F9/30

CPC classification number: H04L63/1416 ,  G06F8/41 ,  G06F9/30189 ,  G06F9/45508 ,  G06F21/55 ,  G06F2221/2127 ,  H04L63/14 ,  H04L63/145 ,  H04L63/205

Abstract: A computer implemented method of monitoring a collector computer system includes receiving machine interpretable code that is configured for interpretation by the interpreter that includes: information identifying a first set of one or more monitoring targets within the collector computer system, a method for monitoring the first set of one or more monitoring targets, and predefined reporting criteria. The method also includes interpreting the machine interpretable code with an interpreter; monitoring at least a subset of the first set of one or more monitoring targets for candidate activity that satisfies the predefined reporting criteria by executing compiled instructions that correspond to the method for monitoring the first set of one or more monitoring targets; obtaining candidate event information that is associated with the candidate activity; and reporting the candidate event information to a computer system that is distinct from the collector computer system.

Abstract translation: 监测收集器计算机系统的计算机实现的方法包括接收机可解释代码，其被配置为由解释器进行解释，其包括：标识收集器计算机系统内的一个或多个监视目标的第一组的信息，用于监视第一组 一个或多个监控目标和预定义的报告标准。 该方法还包括用解释器解释机器可解释代码; 通过执行与用于监视第一组一个或多个监视目标的方法对应的编译指令来监视满足预定报告准则的候选活动的第一组一个或多个监视目标的至少一个子集; 获取与候选活动相关联的候选事件信息; 并将候选事件信息报告给与收集器计算机系统不同的计算机系统。