会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 2. 发明申请
    • SECURE RELAY NODE IN COMMUNICATION SYSTEM
    • 通信系统中的安全继电器节点
    • WO2011126744A1
    • 2011-10-13
    • PCT/US2011/029603
    • 2011-03-23
    • ALCATEL-LUCENT USA INC.BRUSILOVSKY, AlecCAKULEV, Violeta
    • BRUSILOVSKY, AlecCAKULEV, Violeta
    • H04W12/02
    • H04W12/02H04B7/15521H04L63/164H04W84/047
    • Techniques are disclosed for use in securing communications in environments such as those employing relay nodes. For example, in a communication network wherein a first computing device comprises a user node, a second computing device comprises a relay node, and a third computing device comprises a network access node, and wherein the relay node comprises: a first module for connecting the user node to the communication network; and a second module for connecting the relay node to the network access node, a method comprises the following steps. At least one packet is received at the first module of the relay node from the user node over an interface established between the user node and the relay node. At least one packet is sent from the first module of the relay node to the second module of the relay node via a secure channel established by the first module in accordance with a secure communication protocol. The at least one packet is sent from the second module of the relay node to the network access node via the secure channel and over an interface established between the relay node and the network access node.
    • 公开了用于保护诸如采用中继节点的环境中的通信的技术。 例如,在第一计算设备包括用户节点的通信网络中,第二计算设备包括中继节点,并且第三计算设备包括网络接入节点,并且其中所述中继节点包括:第一模块,用于将 用户节点到通信网络; 以及用于将中继节点连接到网络接入节点的第二模块,一种方法包括以下步骤。 在用户节点和中继节点之间建立的接口上,从用户节点在中继节点的第一模块处接收至少一个分组。 根据安全通信协议,经由由第一模块建立的安全信道,将至少一个分组从中继节点的第一模块发送到中继节点的第二模块。 所述至少一个分组经由所述安全信道以及在所述中继节点与所述网络接入节点之间建立的接口从所述中继节点的所述第二模块发送到所述网络接入节点。
    • 4. 发明申请
    • SECURE GROUP MESSAGING
    • 安全集团消息传递
    • WO2013012734A1
    • 2013-01-24
    • PCT/US2012/046704
    • 2012-07-13
    • ALCATEL-LUCENT USA INC.SUNDARAM, Ganapathy, S.BROUSTIS, IoannisCAKULEV, Violeta
    • SUNDARAM, Ganapathy, S.BROUSTIS, IoannisCAKULEV, Violeta
    • H04L9/08H04L9/30
    • H04L9/08H04L9/0833H04L9/0847H04L9/3073
    • A method is provided for securing at least one message transferred in a communication system from a first computing device to a second computing device in a peer-to-peer manner. At the first computing device, an identity based authenticated key exchange session is established with a third computing device operating as a peer authenticator. The identity based authenticated key exchange session has an identity based authenticated session key associated therewith. The first computing device obtains from the third computing device a random key component of the second computing device, wherein the random key component of the second computing device is encrypted by the third computing device using the identity based authenticated session key prior to sending the random key component of the second computing device to the first computing device. A peer-to-peer messaging key is computed at the first computing device using the random key component of the second computing device. At least one message is sent from the first computing device intended for the second computing device via a fourth computing device operating as a messaging server, wherein the at least one message is encrypted using the peer-to-peer messaging key prior to sending. Another method provides for securing at least one message transferred in a communication system from a first computing device to a second computing device and at least a third computing device, wherein the first, second and third computing devices form a predetermined group. A group messaging key is computed from respective group key components of the computing devices.
    • 提供一种用于将以通信系统传送的至少一个消息从第一计算设备以对等方式保护到第二计算设备的方法。 在第一计算设备处,基于身份的认证密钥交换会话与作为对等体认证者操作的第三计算设备建立。 基于身份的认证密钥交换会话具有与其相关联的基于身份的经认证的会话密钥。 第一计算设备从第三计算设备获得第二计算设备的随机密钥组件,其中第二计算设备的随机密钥组件在发送随机密钥之前由第三计算设备使用基于身份的认证会话密钥加密 第二计算设备的组件到第一计算设备。 使用第二计算设备的随机密钥组件在第一计算设备处计算对等消息传递密钥。 经由作为消息收发服务器操作的第四计算设备,从用于第二计算设备的第一计算设备发送至少一个消息,其中在发送之前使用对等消息传递密钥对所述至少一个消息进行加密。 另一种方法提供用于将在通信系统中传送的至少一个消息从第一计算设备固定到第二计算设备和至少第三计算设备,其中所述第一,第二和第三计算设备形成预定组。 从计算设备的各组密钥组件计算组消息密钥。
    • 5. 发明申请
    • METHOD AND APPARATUS FOR COMMUNICATION BETWEEN WIRELESS TELECOMMUNICATIONS NETWORKS OF DIFFERENT TECHNOLOGY TYPES
    • 不同技术类型的无线电信网络之间的通信方法与装置
    • WO2009122286A1
    • 2009-10-08
    • PCT/IB2009/005369
    • 2009-03-13
    • ALCATEL-LUCENT USA INC.CAKULEV, VioletaDOLAN, Michael, FrancisVASUDEVAN, SubramanianZHU, Lily, H.
    • CAKULEV, VioletaDOLAN, Michael, FrancisVASUDEVAN, SubramanianZHU, Lily, H.
    • H04W36/14
    • H04W36/14H04W36/0066H04W36/08H04W92/20
    • For handover between wireless telecommunications networks of different technology types, an air interface is set up between a first node 4 included in a network of a first technology type and a second node 10 included in a network of a second different technology type. Signaling messaging, in accordance with the second technology type, is related to handover of a mobile terminal from the network of the first technology type to the network of the second technology type. The signaling messaging is encapsulated in a container for transmission over the signaling interface. An identifier is associated with the container to indicate that it encapsulates the signaling messaging. When the identifier is detected at the first node, the container is sent over the interface to the second node. In one method in accordance with the invention, the first technology type is WiMAX and the identifier is a special service flow identifier. This may be detected at an Access Services Network Gateway (ASN GW), for example. A method in accordance with the invention thus permits the use of logical radio channels for encapsulating inter-technology signaling.
    • 对于不同技术类型的无线电信网络之间的切换,在包括在第一技术类型的网络中的第一节点4和第二不同技术类型的网络中包括的第二节点10之间建立空中接口。 根据第二技术类型的信令消息传送涉及移动终端从第一技术类型的网络到第二技术类型的网络的切换。 信令消息被封装在容器中,用于通过信令接口进行传输。 标识符与容器相关联,以指示其封装了信令消息。 当在第一节点处检测到标识符时,容器通过接口发送到第二节点。 在根据本发明的一种方法中,第一种技术类型是WiMAX,标识符是特殊业务流标识符。 例如,这可以在接入服务网络网关(ASN GW)处检测。 因此,根据本发明的方法允许使用逻辑无线电信道来封装技术间信令。
    • 6. 发明申请
    • HIERARCHICAL KEY MANAGEMENT FOR SECURE COMMUNICATIONS IN MULTIMEDIA COMMUNICATION SYSTEM
    • 多媒体通信系统安全通信的分层关键管理
    • WO2011087989A1
    • 2011-07-21
    • PCT/US2011/020686
    • 2011-01-10
    • ALCATEL-LUCENT USA INC.BRUSILOVSKY, AlecCAKULEV, Violeta
    • BRUSILOVSKY, AlecCAKULEV, Violeta
    • H04L9/08H04L29/06
    • H04L9/0836H04L63/062H04L2209/60
    • In a communication system wherein a first computing device is configured to perform a key management function for first user equipment and a second computing device is configured to perform a key management function for second user equipment, wherein the first user equipment seeks to initiate communication with the second user equipment, wherein the first computing device and the second computing device do not have a pre-existing security association there between, and wherein a third computing device is configured to perform a key management function and has a pre-existing security association with the first computing device and a pre-existing security association with the second computing device, the third computing device performing a method comprising steps of: receiving a request from one of the first computing device and the second computing device; and in response to the request, facilitating establishment of a security association between the first computing device and the second computing device such that the first computing device and the second computing device can then facilitate establishment of a security association between the first user equipment and the second user equipment. The first computing device, the second computing device and the third computing device comprise at least a part of a key management hierarchy wherein the first computing device and the second computing device are on a lower level of the hierarchy and the third computing device is on a higher level of the hierarchy.
    • 在其中第一计算设备被配置为对第一用户设备执行密钥管理功能的通信系统中,并且第二计算设备被配置为对第二用户设备执行密钥管理功能,其中第一用户设备寻求发起与 第二用户设备,其中所述第一计算设备和所述第二计算设备之间不具有预先存在的安全关联,并且其中第三计算设备被配置为执行密钥管理功能并且具有与所述第一计算设备的预先存在的安全关联 第一计算设备和与第二计算设备的预先存在的安全关联,所述第三计算设备执行方法包括以下步骤:从所述第一计算设备和所述第二计算设备之一接收请求; 并且响应于该请求,促进在第一计算设备和第二计算设备之间建立安全关联,使得第一计算设备和第二计算设备可以便于在第一用户设备和第二计算设备之间建立安全关联 用户设备。 第一计算设备,第二计算设备和第三计算设备包括密钥管理层级的至少一部分,其中第一计算设备和第二计算设备位于层次结构的较低层,并且第三计算设备位于 更高层次的层次。
    • 7. 发明申请
    • SECURE KEY MANAGEMENT IN CONFERENCING SYSTEM
    • 会议系统中的安全关键管理
    • WO2011031436A2
    • 2011-03-17
    • PCT/US2010/046319
    • 2010-08-23
    • ALCATEL-LUCENT USA INC.SUNDARAM, Ganapathy, S.CAKULEV, Violeta
    • SUNDARAM, Ganapathy, S.CAKULEV, Violeta
    • H04L9/3073H04L9/0825H04L9/0833H04L9/0847H04L63/306H04L2209/80
    • Principles of the invention provide one or more secure key management protocols for use in a communication environment such as a conferencing system. For example, a method for managing a conference between two or more parties in a communication system comprises the following steps. An identity based authenticated key exchange operation is performed between a conference management element of the communication system and each of the two or more parties seeking to participate in the conference, wherein messages exchanged between the conference management element and the two or more parties are encrypted based on respective identities of recipients of the messages, and further wherein the conference management element receives from each party during the key authentication operation a random key component that is computed based on a random number selected by the party. The conference management element sends to each party a set comprising the random key components computed by the parties. The conference management element receives from each party a random group key component, wherein the random group key component is computed by each party via a computation based on the random number used by the party during the key authentication operation and the random key components computed by a subset of others of the two or more parties seeking to participate in the conference. The conference management element sends to each party a set comprising the random group key components computed by the parties such that each party can compute the same group key for use in communicating with each other party through the conference management element.
    • 本发明的原理提供了一种或多种用于诸如会议系统的通信环境中的安全密钥管理协议。 例如,在通信系统中的两个或多个方之间管理会议的方法包括以下步骤。 在通信系统的会议管理单元和寻求参与会议的两方或者多方之间执行基于身份的认证密钥交换操作,其中在会议管理单元与两方或多方之间交换的消息被加密 关于消息的接收者的相应身份,并且其中,所述会议管理单元在密钥认证操作期间从每一方接收基于由所选择的随机数计算的随机密钥组件。 会议管理单元向各方发送包括由各方计算的随机密钥分量的集合。 会议管理单元从各方接收随机组密钥分量,其中,所述随机组密钥分量由密钥认证操作期间通过基于所述一方使用的随机数的计算通过各方计算,并且由所述随机组密钥分量由 寻求参加会议的两个或更多方的其他人的一部分。 会议管理单元向各方发送包括由各方计算的随机组密钥分量的集合,使得各方可以通过会议管理单元计算相同的组密钥以用于彼此通信。
    • 9. 发明申请
    • DISCOVERY OF SECURITY ASSOCIATIONS FOR KEY MANAGEMENT RELYING ON PUBLIC KEYS
    • 发现关于公共钥匙的重要管理安全协会
    • WO2012154422A1
    • 2012-11-15
    • PCT/US2012/035355
    • 2012-04-27
    • ALCATEL LUCENTCAKULEV, VioletaMIZIKOVSKY, Semyon B.
    • CAKULEV, VioletaMIZIKOVSKY, Semyon B.
    • H04L9/08
    • H04L9/0894H04L63/0442H04L63/30
    • Techniques are disclosed for forming a discoverable security association in communication environments and for lawfully discovering security associations formed in communication environments. For example, a method for forming a discoverable security association between a first computing device and a second computing device comprises the following steps. The first computing device obtains from a key management entity." (i) a first private key assigned to the first computing device, which is computationally associative with a first public key associated with the first computing device; and (ii) a first root key assigned to the first computing device. The first computing device chooses a first random value and generating a first nonce, wherein the first nonce is a result of an encryption of the first random value using the first root key. The first computing device generates a first key component based on the first random value. The first computing device encrypts the first nonce and the first key component with a second public key associated with the second computing device using an identity-based encryption process and sends the encrypted first nonce and the encrypted first key component to the second computing device so as to establish a security association with the second computing device. The security association is discoverable by a third computing device unbeknownst to the first computing device and the second computing device.
    • 公开了用于在通信环境中形成可发现的安全关联并且合法发现在通信环境中形成的安全关联的技术。 例如,用于形成第一计算设备和第二计算设备之间的可发现安全关联的方法包括以下步骤。 第一计算设备从密钥管理实体获得“(i)分配给第一计算设备的第一私钥,其与与第一计算设备相关联的第一公钥计算地相关联;以及(ii)第一根密钥 分配给第一计算设备,第一计算设备选择第一随机值并生成第一随机数,其中第一随机数是使用第一根密钥对第一随机值的加密的结果,第一计算设备生成第一随机值 所述第一计算设备使用基于身份的加密过程,使用与所述第二计算设备相关联的第二公钥来加密所述第一随机数和所述第一密钥组件,并且发送所述加密的第一随机数和加密的第一随机数 关键组件到第二计算设备,以便建立与第二计算设备的安全关联。安全关联是可被发现的 第一计算设备和第二计算设备不知道的第三计算设备。