专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

WO2014037053A1 PROTECTION OF A WIRELESS COMMUNICATIONS DEVICE AGAINST UNAUTHORIZED USE 审中-公开
标题翻译：保护无线通信设备，防止未经授权的使用
公开(公告)号：WO2014037053A1
公开(公告)日：2014-03-13
申请号：PCT/EP2012/067590
申请日：2012-09-07
申请人： TELEFONAKTIEBOLAGET L M ERICSSON (PUBL) , BERNARD, Smeets , ROLF, Blom
发明人： BERNARD, Smeets , ROLF, Blom
IPC分类号： H04W8/18 , H04W12/06
CPC分类号： H04M1/72577 , H04B1/3816 , H04W12/06 , H04W12/12
摘要： A method for protecting a wireless communications device against unauthorized use of functionality provided by the wireless communications device, the method comprising: receiving a binding command to bind the wireless communications device to a subscription identification module operationally coupled to the wireless communications device and associated with a subscription to a communications service; responsive to the received command, storing a module identifier identifying the subscription identification module; and storing a device identifier identifying the wireless communications device; obtaining an unbind code and storing the obtained unbind code; performing a module verification verifying that a subscription identification module identified by a stored module identifier is operationally coupled to the wireless communications device, performing a device verification verifying whether a wireless communications device identified by a stored device identifier is operationally coupled to the subscription identification module; and preventing operation of at least a part of said functionality unless the module verification and the device verification have been performed successfully.
摘要翻译：一种用于保护无线通信设备以防止由所述无线通信设备提供的功能的未经授权的使用的方法，所述方法包括：接收绑定命令以将所述无线通信设备绑定到可操作地耦合到所述无线通信设备并与其相关联的订阅识别模块订阅通信服务; 响应于所接收的命令，存储标识订阅识别模块的模块标识符; 以及存储识别所述无线通信设备的设备标识符; 获得取消绑定代码并存储所获得的解绑定代码; 执行验证验证由存储的模块标识符识别的订阅识别模块是否可操作地耦合到所述无线通信设备的模块验证，执行验证由存储的设备标识符识别的无线通信设备是否可操作地耦合到所述订阅识别模块的设备验证; 并且防止所述功能的至少一部分的操作，除非已经成功地执行了模块验证和设备验证。

2. 发明授权

US09407616B2 Authenticating a device in a network 有权
标题翻译：验证网络中的设备
公开(公告)号：US09407616B2
公开(公告)日：2016-08-02
申请号：US14113047
申请日：2011-04-27
申请人： Karl Norrman , Rolf Blom , Mats Näslund
发明人： Karl Norrman , Rolf Blom , Mats Näslund
IPC分类号： G06F7/04 , G06F15/16 , G06F17/30 , H04L29/06 , H04W12/06
CPC分类号： H04L63/08 , H04L63/062 , H04L63/0876 , H04L63/20 , H04W12/04 , H04W12/06
摘要： There is disclosed a system for authentication of a device in a network by establishing a second security context between the device and a serving network node when a first security context has previously been established, assisted by an authentication server, based on a random value and a secret shared between an identity module associated with the device and the authentication server. First re-use information from the establishment of the first security context is stored at the authentication server and at the device, the first re-use information enabling secure generation of the second security context from the random value and the secret. Second re-use information may be generated or stored at the device. A context regeneration request is generated at the device, the context regeneration request authenticated at least partly based on the secret. The context regeneration request is sent to the serving network node. The context regeneration request is sent from the serving network node to the authentication server. The context regeneration request is verified at the authentication server. The second security context is generated at the authentication server based on at least the secret, the random value, and the first and second re-use information. The second security context is communicated from the authentication server to the serving network node.
摘要翻译：公开了一种用于通过基于随机值和由认证服务器辅助的先前建立第一安全上下文而在设备和服务网络节点之间建立第二安全上下文的网络中的设备的认证系统。在与设备相关联的身份模块和认证服务器之间共享秘密。来自建立第一安全上下文的第一重新使用信息被存储在认证服务器和设备处，第一重用信息使得能够从随机值和秘密安全地生成第二安全上下文。可以在设备处生成或存储第二重用信息。在设备上生成上下文再生请求，上下文再生请求至少部分地基于秘密进行认证。上下文再生请求被发送到服务网络节点。上下文再生请求从服务网络节点发送到认证服务器。认证服务器验证上下文再生请求。至少基于秘密，随机值以及第一和第二再利用信息，在认证服务器产生第二安全上下文。第二安全上下文从认证服务器传送到服务网络节点。

3. 发明申请

US20150350411A1 Protection of a Wireless Communications Device Against Unauthorized Use 有权
标题翻译：保护无线通信设备免受未经授权的使用
公开(公告)号：US20150350411A1
公开(公告)日：2015-12-03
申请号：US14421192
申请日：2012-09-07
申请人： ROLF BLOM , BERNARD SMEETS
发明人： ROLF BLOM , BERNARD SMEETS
IPC分类号： H04M1/725 , H04W12/06 , H04W12/12 , H04B1/3816
CPC分类号： H04M1/72577 , H04B1/3816 , H04W12/06 , H04W12/12
摘要： A method for protecting a wireless communications device against unauthorized use of functionality provided by the wireless communications device, the method comprising: receiving a binding command to bind the wireless communications device to a subscription identification module operationally coupled to the wireless communications device and associated with a subscription to a communications service; responsive to the received command, storing a module identifier identifying the subscription identification module; and storing a device identifier identifying the wireless communications device; obtaining an unbind code and storing the obtained unbind code; performing a module verification verifying that a subscription identification module identified by a stored module identifier is operationally coupled to the wireless communications device, performing a device verification verifying whether a wireless communications device identified by a stored device identifier is operationally coupled to the subscription identification module; and preventing operation of at least a part of said functionality unless the module verification and the device verification have been performed successfully.
摘要翻译：一种用于保护无线通信设备以防止由所述无线通信设备提供的功能的未经授权的使用的方法，所述方法包括：接收绑定命令以将所述无线通信设备绑定到可操作地耦合到所述无线通信设备并与其相关联的订阅识别模块订阅通信服务; 响应于所接收的命令，存储标识订阅识别模块的模块标识符; 以及存储识别所述无线通信设备的设备标识符; 获得取消绑定代码并存储所获得的解绑定代码; 执行验证验证由存储的模块标识符识别的订阅识别模块是否可操作地耦合到所述无线通信设备的模块验证，执行验证由存储的设备标识符识别的无线通信设备是否可操作地耦合到所述订阅识别模块的设备验证; 并且防止所述功能的至少一部分的操作，除非已经成功地执行了模块验证和设备验证。

4. 发明授权

US08875232B2 User authentication 有权
标题翻译：用户认证
公开(公告)号：US08875232B2
公开(公告)日：2014-10-28
申请号：US13201694
申请日：2009-02-18
申请人： Rolf Blom , Luis Barriga , Karl Norrman
发明人： Rolf Blom , Luis Barriga , Karl Norrman
IPC分类号： H04L29/06 , H04W12/06 , H04L29/08
CPC分类号： H04W12/06 , H04L63/0492 , H04L63/18 , H04L67/04
摘要： A method of authenticating access to a service comprises: a) receiving at a mobile terminal, over a bi-directional near-field communication channel between the mobile terminal and a browser, at least part of the identifier of a service; b) comparing, at the mobile terminal, at least part of the identifier received at the mobile terminal with a set of identifiers stored in the mobile device; and c) authenticating access to the service on the basis of whether at least part of the identifier received at the mobile terminal matches an identifier in the set. The mobile terminal may stored a set of URLs, and may compare a received URL (or part URL) with the set of stored URLs. It may generate an alert to the user if at least part of the URL received at the mobile terminal does not match a stored URL. User names and keys are not required to be stored on the web-browser, so the web-browser does not need to maintain a password database. This improves security, since a password database would be vulnerable to malicious code.
摘要翻译：认证对服务的访问的方法包括：a）在移动终端处通过移动终端和浏览器之间的双向近场通信信道，至少部分服务的标识符进行接收; b）在移动终端处将在移动终端处接收到的标识符的至少一部分与存储在移动设备中的一组标识符进行比较; 以及c）基于在所述移动终端中接收到的所述标识符的至少一部分是否匹配所述集合中的标识符来认证对所述服务的访问。移动终端可以存储一组URL，并且可以将接收到的URL（或部分URL）与存储的URL集合进行比较。如果在移动终端处接收到的URL的至少一部分与存储的URL不匹配，则它可以向用户生成警报。用户名和密钥不需要存储在Web浏览器上，因此Web浏览器不需要维护密码数据库。这提高了安全性，因为密码数据库将容易受到恶意代码的攻击。

5. 发明授权

US08868912B2 Method and apparatus for establishing a security association 有权
标题翻译：用于建立安全关联的方法和装置
公开(公告)号：US08868912B2
公开(公告)日：2014-10-21
申请号：US13348343
申请日：2012-01-11
申请人： Rolf Blom , Karl Norrman
发明人： Rolf Blom , Karl Norrman
IPC分类号： H04L29/06 , H04W12/04 , H04L29/08 , H04L9/32 , H04L9/08 , H04W84/04
CPC分类号： H04W12/04 , H04L9/0841 , H04L9/3271 , H04L63/0435 , H04L63/062 , H04L67/26 , H04L2209/56 , H04L2209/80 , H04W84/042
摘要： A method for establishing a security association between a client and a service node for the purpose of pushing information from the service node to the client, where the client and a key server share a base secret. The method comprises sending a request for generation and provision of a service key from the service node to a key server, the request identifying the client and the service node, generating a service key at the key server using the identities of the client and the service node, the base secret, and additional information, and sending the service key to the service node together with said additional information, forwarding said additional information from the service node to the client, and at the client, generating said service key using the received additional information and the base key. A similar approach may be used to provide p2p key management.
摘要翻译：一种用于在客户机和服务节点之间建立安全关联以便将信息从服务节点推送到客户端的方法，其中客户端和密钥服务器共享基本秘密。该方法包括从服务节点向密钥服务器发送生成和提供服务密钥的请求，所述请求标识客户端和服务节点，使用客户端和服务的身份在密钥服务器生成服务密钥节点，基本秘密和附加信息，以及将服务密钥与所述附加信息一起发送到服务节点，将所述附加信息从服务节点转发到客户端，并且在客户端处，使用接收到的附加信息生成所述服务密钥信息和基本键。可以使用类似的方法来提供p2p密钥管理。

6. 发明授权

US08811987B2 Method and arrangement for creation of association between user equipment and an access point 有权
标题翻译：用于创建用户设备和接入点之间的关联的方法和装置
公开(公告)号：US08811987B2
公开(公告)日：2014-08-19
申请号：US13140818
申请日：2008-12-19
申请人： Göran Selander , Jari Vikberg , Karl Norrman , Rolf Blom , Mats Näslund
发明人： Göran Selander , Jari Vikberg , Karl Norrman , Rolf Blom , Mats Näslund
IPC分类号： H04M1/66 , H04M3/00 , H04W4/00
CPC分类号： H04W12/08 , H04L63/101 , H04W84/045
摘要： Methods, apparatus, and computer program products for creating an association between a first user equipment and at least one access point assisted by a registration server in a telecommunication network are disclosed. The registration server responds to a first contact request carried out using a first association number for the access point, provided by the first user equipment, receives a first association request for the association with the access point, provided by the first user equipment, authorizes the first association request based on a first authorization information provided by the first user equipment; registers the association between the first user equipment and the access point responsive to authorization of the first association request. The first user equipment is associated with the access point and the association is administered by the registration server.
摘要翻译：公开了用于在第一用户设备和由电信网络中的注册服务器辅助的至少一个接入点之间建立关联的方法，设备和计算机程序产品。注册服务器响应由第一用户设备提供的接入点的第一关联号码执行的第一联系请求，接收由第一用户设备提供的与接入点的关联的第一关联请求，授权基于由第一用户设备提供的第一授权信息的第一关联请求; 响应于第一关联请求的授权，注册第一用户设备和接入点之间的关联。第一用户设备与接入点相关联，该关联由注册服务器管理。

7. 发明申请

US20130268681A1 Method and Apparatuses for End-to-Edge Media Protection in ANIMS System 有权
标题翻译： ANIMS系统中端到端媒体保护的方法与设备
公开(公告)号：US20130268681A1
公开(公告)日：2013-10-10
申请号：US13800129
申请日：2013-03-13
申请人： Luis Barriga , Rolf Blom , Yi Cheng , Fredrik Lindholm , Mats Naslund , Karl Norrman
发明人： Luis Barriga , Rolf Blom , Yi Cheng , Fredrik Lindholm , Mats Naslund , Karl Norrman
IPC分类号： H04W76/02
CPC分类号： H04W76/02 , H04L63/0428 , H04L65/1016 , H04L65/1069 , H04W12/02 , H04W12/04 , H04W76/10
摘要： An IMS system includes an IMS initiator user entity. The system includes an IMS responder user entity that is called by the initiator user entity. The system includes a calling side S-CSCF in communication with the caller entity which receives an INVITE having a first protection offer and parameters for key establishment from the caller entity, removes the first protection offer from the INVITE and forwards the INVITE without the first protection offer. The system includes a receiving end S-CSCF in communication with the responder user entity and the calling side S-CSCF which receives the INVITE without the first protection offer and checks that the responder user entity supports the protection, inserts a second protection offer into the INVITE and forwards the INVITE to the responder user entity, wherein the responder user entity accepts the INVITE including the second protection offer and answers with an acknowledgment having a first protection accept. A method for supporting a call by a telecommunications node.
摘要翻译： IMS系统包括IMS发起者用户实体。该系统包括由发起者用户实体调用的IMS应答器用户实体。该系统包括与主叫实体进行通信的主叫侧S-CSCF，其从呼叫方实体接收具有第一保护报价的INVITE和用于密钥建立的参数，从INVITE中移除第一保护报价并转发INVITE而没有第一保护提供。该系统包括与响应者用户实体通信的接收端S-CSCF，以及在没有第一保护提供的情况下接收INVITE的主叫侧S-CSCF，并检查响应者用户实体是否支持保护，将第二保护请求插入到 INVITE并将INVITE转发到响应者用户实体，其中响应者用户实体接受包括第二保护请求的INVITE和具有第一保护接受的确认的应答。一种用于支持电信节点的呼叫的方法。

8. 发明授权

US08429737B2 Method and apparatuses for end-to-edge media protection in an IMS system 有权
公开(公告)号：US08429737B2
公开(公告)日：2013-04-23
申请号：US12744720
申请日：2008-12-01
申请人： Luis Barriga , Rolf Blom , Yi Cheng , Fredrik Lindholm , Mats Naslund , Karl Norrman
发明人： Luis Barriga , Rolf Blom , Yi Cheng , Fredrik Lindholm , Mats Naslund , Karl Norrman
IPC分类号： H04L29/06 , G06F15/16
摘要： An IMS system includes an IMS initiator user entity. The system includes an IMS responder user entity that is called by the initiator user entity. The system includes a calling side S-CSCF in communication with the caller entity which receives an INVITE having a first protection offer and parameters for key establishment from the caller entity, removes the first protection offer from the INVITE and forwards the INVITE without the first protection offer. The system includes a receiving end S-CSCF in communication with the responder user entity and the calling side S-CSCF which receives the INVITE without the first protection offer and checks that the responder user entity supports the protection, inserts a second protection offer into the INVITE and forwards the INVITE to the responder user entity, wherein the responder user entity accepts the INVITE including the second protection offer and answers with an acknowledgment having a first protection accept. A method for supporting a call by a telecommunications node.

9. 发明授权

US08275403B2 Security in a mobile communication system 有权
标题翻译：移动通信系统中的安全
公开(公告)号：US08275403B2
公开(公告)日：2012-09-25
申请号：US12838056
申请日：2010-07-16
申请人： Rolf Blom , Mats Näslund
发明人： Rolf Blom , Mats Näslund
IPC分类号： H04W88/02
CPC分类号： H04L9/0838 , H04L9/3273 , H04L63/0428 , H04L63/0853 , H04L2209/80 , H04W12/04 , H04W12/06 , H04W88/06
摘要： When a mobile terminal (10), having a basic identity module (12) operative according to a first security standard, initiates a service access, the home network (30) determines whether the mobile terminal has an executable program (14) configured to interact with the basic identity module for emulating an identity module according to the second security standard. If it is concluded that the mobile terminal has such an executable program, a security algorithm is executed at the home network (30) to provide security data according to the second security standard. At least part of these security data are then transferred, transparently to a visited network (20), to the mobile terminal (10). On the mobile terminal side, the executable program (14) is executed for emulating an identity module according to the second security standard using at least part of the transferred security data as input. Preferably, the first security standard corresponds to a 2G standard, basically the GSM standard and the second security standard at least in part corresponds to a 3G standard such as the UMTS standard, and/or the IP Multimedia Sub-system (IMS) standard.
摘要翻译：当具有根据第一安全标准操作的基本身份模块（12）的移动终端（10）启动服务访问时，家庭网络（30）确定移动终端是否具有被配置为相互作用的可执行程序（14）具有用于根据第二安全标准模拟身份模块的基本身份模块。如果确定移动终端具有这样的可执行程序，则在归属网络（30）处执行安全算法以根据第二安全标准提供安全数据。这些安全数据的至少一部分然后被透明地传送到被访问网络（20）到移动终端（10）。在移动终端侧，执行可执行程序（14），用于使用至少部分传送的安全数据作为输入来根据第二安全标准来模拟身份模块。优选地，第一安全标准对应于2G标准，基本上GSM标准和第二安全标准至少部分地对应于诸如UMTS标准和/或IP多媒体子系统（IMS）标准的3G标准。

10. 发明申请

US20120198527A1 IP Multimedia Security 有权
标题翻译： IP多媒体安全
公开(公告)号：US20120198527A1
公开(公告)日：2012-08-02
申请号：US13254013
申请日：2009-03-04
申请人： Mats Näslund , Rolf Blom , Yi Cheng , Fredrik Lindholm , Karl Norrman
发明人： Mats Näslund , Rolf Blom , Yi Cheng , Fredrik Lindholm , Karl Norrman
IPC分类号： G06F21/20
CPC分类号： H04L63/06 , H04L9/0844 , H04L2209/80 , H04W12/04
摘要： A method of establishing keys for at least partially securing media plane data exchanged between first and second end users via respective first and second media plane network nodes. The method comprises sending session set-up signalling from said first end point towards said second end point, said session set-up signalling including a session key generated by said first end point. The set-up signalling is intercepted at a first signalling plane network node and a determination made as to whether or not a signalling plane key has already been established for securing the signalling plane between said first end point and said first signalling plane network node. If a signalling plane key has already been established, then a media plane key is derived from that signalling plane key, and the media plane key sent to said first media plane network node for securing the media plane between said first end user and said first media plane network node. If a signalling plane key has not already been established, then an alternative media plane key is derived from said session key and sent to said first media plane network node for securing the media plane between said first end user and said first media plane network node.
摘要翻译：一种建立用于经由相应的第一和第二媒体平面网络节点至少部分地保护在第一和第二终端用户之间交换的媒体平面数据的密钥的方法。该方法包括从所述第一端点向所述第二端点发送会话建立信令，所述会话建立信令包括由所述第一端点产生的会话密钥。建立信令在第一信令平面网络节点被拦截，并且确定信令平面密钥是否已被建立用于在所述第一终端和所述第一信令平面网络节点之间保护信令平面。如果已经建立了信令平面密钥，则从该信令平面密钥导出媒体平面密钥，并且将媒体平面密钥发送到所述第一媒体平面网络节点，以将介质平面固定在所述第一终端用户和所述第一媒体之间平面网络节点。如果还没有建立信令平面密钥，则从所述会话密钥导出替代媒体平面密钥，并将其发送到所述第一媒体平面网络节点，以便在所述第一终端用户和所述第一媒体平面网络节点之间保护媒体平面。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式