专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

WO2003069872A1 DISCOVERY OF AN AGENT OR A SERVER IN AN IP NETWORK 审中-公开
标题翻译：在IP网络中发现代理或服务器
公开(公告)号：WO2003069872A1
公开(公告)日：2003-08-21
申请号：PCT/IB2003/000501
申请日：2003-02-14
申请人： NOKIA CORPORATION , LE, Franck , FACCIN, Stefano, M.
发明人： LE, Franck , FACCIN, Stefano, M.
IPC分类号： H04L29/12
CPC分类号： H04L29/12018 , H04L29/12933 , H04L61/10 , H04L61/6068 , H04L67/16 , H04W4/06 , H04W8/005 , H04W8/26 , H04W80/00 , H04W88/14
摘要： A method for discovering an agent in an IP environment comprising broadcasting router advertisement messages by router, wherein the messages comprise a first data element corresponding to a network prefix which identifies the network visited by a communication device; receiving the messages by the communication device; obtaining, by the communication device, a second data element identifying the agent; and computing an IP address of the agent by the communication device by using the first data element and the second data element.
摘要翻译：一种用于在IP环境中发现代理的方法，包括由路由器广播路由器通告消息，其中所述消息包括对应于识别由通信设备访问的网络的网络前缀的第一数据元素; 通过通信设备接收消息; 通过所述通信设备获得识别所述代理的第二数据元素; 以及通过使用第一数据元素和第二数据元素来计算通信设备的代理的IP地址。

2. 发明申请

WO2005002172A1 SECURITY FOR PROTOCOL TRAVERSAL 审中-公开
标题翻译：协议保密协议
公开(公告)号：WO2005002172A1
公开(公告)日：2005-01-06
申请号：PCT/IB2004/002086
申请日：2004-06-23
申请人： NOKIA CORPORATION , LE, Franck , FACCIN, Stefano, M.
发明人： LE, Franck , FACCIN, Stefano, M.
IPC分类号： H04L29/06
CPC分类号： H04L63/123 , H04L9/3073 , H04L9/3247 , H04L9/3297 , H04L69/22 , H04L2209/80
摘要： The invention proposes a method for protecting packets to be sent from a first network node to a second network node, comprising the steps of generating (S21) validity information for a packet, generating (S22) a header for the packet, comprising the validity information, and sending (S23) the packet including the header from the first network node to the second network node, wherein the validity information comprises all necessary information required for performing a validity check of the packet. Thus, no pre-established security association or the like is necessary to verify the validity of a packet.
摘要翻译：本发明提出了一种保护要从第一网络节点发送到第二网络节点的分组的方法，包括以下步骤：产生（S21）分组的有效性信息，生成（S22）分组的报头，包括有效信息并且将包括所述报头的分组从所述第一网络节点发送（S23）到所述第二网络节点，其中所述有效性信息包括执行所述分组的有效性检查所需的所有必要信息。因此，不需要预先建立的安全关联等来验证分组的有效性。

3. 发明申请

WO2002030132A3 METHOD AND SYSTEM FOR SECURITY MOBILITY BETWEEN DIFFERENT CELLULAR SYSTEMS 审中-公开
公开(公告)号：WO2002030132A3
公开(公告)日：2002-04-11
申请号：PCT/US2001/025929
申请日：2001-08-20
申请人： NOKIA CORPORATION , FACCIN, Stefano, M. , LE, Franck
发明人： FACCIN, Stefano, M. , LE, Franck
IPC分类号： H04Q7/32
摘要： Method and system for providing security mobility between two cellular systems. One or more ciphering keys are generated for a second cellular system by an interperability authentication center at a first cellular system and by a mobile device separetely . Traffic between the mobile device and the first cellular system is encrypted using one or more first ciphering keys for the first cellular system. A handover of the traffic of the mobile device. After approval of handoff and before handoff, the one or more second ciphering keys are sent from the first cellular system to the second cellular system. The traffic is handed off by the mobile device from the first cellular system to the second to the second cellulary system.. The traffic between the mobile device and the second cellulary system is encryped using the one or more second ciphering keys. The ciphering of the traffic is maintained during handoff.

4. 发明申请

WO2003026334A1 AUTHENTICATING IP PAGING REQUESTS AS SECURITY MECHANISM 审中-公开
标题翻译：作为安全机制认证IP寻呼请求
公开(公告)号：WO2003026334A1
公开(公告)日：2003-03-27
申请号：PCT/IB2002/003681
申请日：2002-09-12
申请人： NOKIA CORPORATION , LE, Franck , FACCIN, Stefano, M. , KOODLI, Rajeev , MALINEN, Jari, T.
发明人： LE, Franck , FACCIN, Stefano, M. , KOODLI, Rajeev , MALINEN, Jari, T.
IPC分类号： H04Q7/38
CPC分类号： H04L63/061 , H04L63/0838 , H04L63/1466 , H04W12/06 , H04W12/12 , H04W64/00 , H04W68/00 , H04W80/04
摘要： A method of authenticating a paging request within an IP environment, said environment comprising a paging area having a plurality of access router (PAR, AR) and at least one mobile node (MN), said method comprising the steps of: sharing a session security key (K) between said mobile node (MN) and an access router (PAR) to which said mobile node (MN) has been previously attached to; receiving (S1) a packet incoming for said mobile node (MN) by said previous access router (PAR), wherein said mobile node (MN) is in a dormant mode; submitting (S2) a paging request to all other access routers (AR) of said paging area by said previous access router (PAR) about the packet which came in, thereby also distributing said session security key (K); generating (S3) authentication parameters according to a predetermined process by an access router (AR) to which said mobile node (MN) is currently attached to; submitting (S4) said paging request from said access router (AR) to said mobile node (MN) including said authentication parameters; verifying (S5) the validity of said request by said mobile node (MN), wherein said authentication parameters are processed according to said predetermined process; and submitting (S6) a paging response from said mobile node (MN) to said access router (AR), wherein said response authenticates said paging request.
摘要翻译：一种在IP环境内认证寻呼请求的方法，所述环境包括具有多个接入路由器（PAR，AR）和至少一个移动节点（MN）的寻呼区域，所述方法包括以下步骤：共享会话安全所述移动节点（MN）和所述移动节点（MN）先前已经附接到的移动节点（MN）的接入路由器（PAR）之间的密钥（K）接收（S1）由所述先前访问路由器（PAR）进入所述移动节点（MN）的分组，其中所述移动节点（MN）处于休眠模式; 向所述先前访问路由器（PAR）向所述寻呼区域的所有其他接入路由器（AR）提交关于进入的分组的寻呼请求（S2），从而也分发所述会话安全密钥（K）; 根据所述移动节点（MN）当前附着到的接入路由器（AR）根据预定的处理生成（S3）认证参数; （S4）从所述接入路由器（AR）到包括所述认证参数的所述移动节点（MN）的所述寻呼请求; 验证（S5）所述移动节点（MN）的所述请求的有效性，其中所述认证参数根据所述预定过程进行处理; 以及向所述接入路由器（AR）提交（S6）从所述移动节点（MN）的寻呼响应，其中所述响应认证所述寻呼请求。

5. 发明申请

WO2003041358A1 PROVIDING LOCATION PRIVACY IN COMMUNICATION NETWORKS 审中-公开
标题翻译：在通信网络中提供位置隐私
公开(公告)号：WO2003041358A1
公开(公告)日：2003-05-15
申请号：PCT/IB2002/004656
申请日：2002-11-07
申请人： NOKIA CORPORATION , LE, Franck , FACCIN, Stefano, M.
发明人： LE, Franck , FACCIN, Stefano, M.
IPC分类号： H04L29/06
CPC分类号： H04W12/02 , H04L29/12009 , H04L61/00 , H04L63/0407 , H04L63/0428 , H04L63/107 , H04W8/065 , H04W8/082 , H04W8/16 , H04W80/00 , H04W80/04
摘要： A method for providing location privacy. A mobile node, identified by its permanent address is addressable by a temporary address. A correspondent node, in communication with the mobile node, always sends its packets to the permanent address. These packets are intercepted by an agent, similar to the mobile IP home agent, which then tunnels these packets to the temporary address. Thereby the mobile node’s temporary address, from which the mobile node’s location can be derived, is not revealed to the correspondent node. For route optimization, a server entity maintaining records of the agents and their positions is introduced which dynamically allocates on per connection basis an agent to a mobile node.
摘要翻译：提供位置隐私的方法。由其永久地址识别的移动节点可通过临时地址寻址。与移动节点通信的通信节点始终将其分组发送到永久地址。这些数据包被代理拦截，类似于移动IP归属代理，然后将这些数据包隧道传送到临时地址。因此，移动节点的移动节点的位置可以从其导出的临时地址不会被显示给对端节点。对于路由优化，引入维护代理及其位置的记录的服务器实体，其基于每个连接将代理动态地分配给移动节点。

6. 发明申请

WO2002098098A2 METHOD OF COMMUNICATING A FLOW OF DATA PACKETS ACROSS A NETWORK 审中-公开
标题翻译：通过网络传播数据包流的方法
公开(公告)号：WO2002098098A2
公开(公告)日：2002-12-05
申请号：PCT/IB2002/001848
申请日：2002-05-28
申请人： NOKIA CORPORATION , ZHENG, Haihong , LE, Franck , FACCIN, Stefano, M.
发明人： ZHENG, Haihong , LE, Franck , FACCIN, Stefano, M.
IPC分类号： H04L29/00
CPC分类号： H04L69/22
摘要： tA method of communicating a flow of data packets across a network, said network comprising routing means including communication nodes and communication endpoints, wherein a data packet is structured to have a plurality of fields including header fields and payload fields and such a data packet is communicated from endpoint to endpoint via at least one node; the method comprising the steps of generating (S31) a flow identity number for said flow by an originating endpoint of said flow; writing (S32), by said originating endpoint, at least a source address of said flow and a destination address of said flow into header fields of each of data packets belonging to said flow; writing (S32) said flow identity number into a header field of each data packet belonging to said flow which is examined by every routing means along the communication path of said flow, but remains unchanged during the whole communication; and examining (S33) the header fields containing said flow identity number, said source address and said destination address by every (S36) routing means along the communication path of said flow, wherein said flow is uniquely identified by the flow identity number being unique itself, or by combination of said source address and said flow identity number, or by combination of said source address and said destination address and said flow identity number.(Fig. 3)
摘要翻译： tA通过网络传送数据分组流的方法，所述网络包括包括通信节点和通信端点的路由装置，其中数据分组被构造为具有多个字段，包括报头字段和有效载荷字段，并且这样的数据分组被传送通过至少一个节点从端点到端点; 该方法包括以下步骤：由所述流的始发端产生（S31）所述流的流标识号; 由所述始发端点写入（S32）至少将所述流的源地址和所述流的目的地址转换成属于所述流的每个数据分组的报头字段; 将所述流标识号写入（S32），将所述流标识号写入属于所述流的每个数据分组的报头字段，所述报头字段由每个路由装置沿着所述流的通信路径检查，但在整个通信期间保持不变; 以及沿着所述流的通信路径，通过每个（S36）路由装置检查（S33）包含所述流标识号，所述源地址和所述目的地地址的报头字段，其中所述流由唯一标识的唯一标识符，或通过所述源地址和所述流标识号的组合，或通过所述源地址和所述目的地地址和所述流标识号的组合（图3）

7. 发明公开

EP1371206A1 METHOD AND SYSTEM FOR DELEGATION OF SECURITY PROCEDURES TO A VISITED DOMAIN 有权
标题翻译：方法和设备进行委派安全措施以AN一带走访
公开(公告)号：EP1371206A1
公开(公告)日：2003-12-17
申请号：EP02701075.0
申请日：2002-01-24
申请人： Nokia Corporation , Faccin, Stefano M.
发明人： FACCIN, Stefano , LE, Franck
IPC分类号： H04L29/06 , H04Q7/38
CPC分类号： H04L63/08 , H04L9/083 , H04L9/321 , H04L9/3271 , H04L63/067 , H04L63/0892 , H04L63/107 , H04L63/123 , H04L2209/80 , H04L2463/061 , H04W12/04 , H04W12/06 , H04W36/0038
摘要： A method and system for delegation of security procedures to a second domain. A first key is generated for a mobile node. The first key is stored at the mobile node and at a home domain of the mobile node. The mobile node is moved to the second domain. A request is sent from the second domain to the home domain to authenticate the mobile node. A second key is generated at the home domain using the first key and a random number. The random number and the second key are sent to the second domain. The random number is sent to the mobile node by the second domain. The mobile node generates the second key using the random number and the first key. The second key is used for authentication procedures and/or key derivation procedures between the mobile node and the second domain.
摘要翻译：一种安全程序委派方法和系统的第二域。第一密钥被用于移动节点生成。第一密钥存储在移动节点和移动节点的归属域。移动节点被移动到所述第二结构域。的请求从第二域发送到归属域来认证移动节点。第二个关键是在使用第一密钥和随机数的归属域生成。随机数和第二密钥发送到第二域。该随机数由所述第二域发送到移动节点。移动节点基因费率使用随机数和所述第一密钥的第二密钥。第二密钥被用于认证的程序和/或移动节点，并且所述第二结构域之间密钥推导过程。

8. 发明申请

WO2006021836A1 METHOD AND SYSTEM FOR CONFIGURING FIREWALLS IN THE PRESENCE OF PERFORMANCE ENHANCEMENT PROXIES 审中-公开
标题翻译：在性能增强项目存在下配置防火墙的方法和系统
公开(公告)号：WO2006021836A1
公开(公告)日：2006-03-02
申请号：PCT/IB2005/001749
申请日：2005-06-21
申请人： NOKIA CORPORATION , LE, Franck , LIU, Zhigang, C.
发明人： LE, Franck , LIU, Zhigang, C.
IPC分类号： H04L29/06
CPC分类号： H04L65/1006 , H04L63/0281 , H04L63/029 , H04L65/1016 , H04L65/105 , H04L65/1069 , H04L65/80 , H04L69/329
摘要： Signaling between a terminal equipment (10) and a session server (40) is provided which carries information on an expected media stream to or from the terminal equipment via a middle box (20) for optimizing the performance of data communications between the terminal equipment (10) and a correspondent node (30). On the basis of this information the session server (40) is enabled to create appropriate entries in a security entity (50) provided for the terminal equipment so that the media stream can successfully traverse the middle box (20) and the security entity (50).
摘要翻译：提供终端设备（10）和会话服务器（40）之间的信令，其经由用于优化终端设备（20）之间的数据通信的性能的中间盒（20）将期望媒体流的信息携带到终端设备或从终端设备 10）和通讯节点（30）。基于该信息，会话服务器（40）能够在为终端设备提供的安全实体（50）中创建适当的条目，使得媒体流可以成功地遍历中间盒（20）和安全实体（50））。

9. 发明申请

WO2002068418A2 AUTHENTICATION AND DISTRIBUTION OF KEYS IN MOBILE IP NETWORK 审中-公开
标题翻译：移动IP网络中的认证和分发
公开(公告)号：WO2002068418A2
公开(公告)日：2002-09-06
申请号：PCT/IB2002/001658
申请日：2002-02-25
申请人： NOKIA CORPORATION , FACCIN, Stefano , LE, Franck
发明人： FACCIN, Stefano , LE, Franck
IPC分类号： C07D453/00
CPC分类号： H04L63/062 , H04L9/0841 , H04L63/0853 , H04L63/0869 , H04L2209/80 , H04W12/04 , H04W12/06 , H04W80/04
摘要： There is disclosed a method of establishing a connection between a mobile station and a serving domain, in which a first security association exists between the mobile node and an associated home domain, and a second security association exists between the serving domain and the home domain, the method comprising: transmitting a first message from the mobile node to the serving domain, the first message being encrypted in accordance with the first security association; transmitting the first message from the serving domain to the home domain; decrypting the first message in the home domain in accordance the first security association; transmitting a second message from the home domain to the serving domain, the second message being encrypted according to the first security association; transmitting the second message from the serving domain to the mobile node; decrypting the second message in the mobile node in accordance with the first security association.
摘要翻译：公开了一种在移动站和服务域之间建立连接的方法，其中在移动节点和相关联的归属域之间存在第一安全关联，并且在服务域和归属域之间存在第二安全关联，所述方法包括：从所述移动节点向所述服务域发送第一消息，所述第一消息根据所述第一安全关联进行加密; 将第一消息从服务域发送到归属域; 根据第一安全关联解密归属域中的第一消息; 将第二消息从所述归属域发送到所述服务域，所述第二消息根据所述第一安全关联进行加密; 将所述第二消息从所述服务域发送到所述移动节点; 根据第一安全关联在移动节点中解密第二消息。

10. 发明申请

WO2007003992A2 METHOD, SYSTEM & COMPUTER PROGRAM PRODUCT FOR DISCOVERING CHARACTERISTICS OF MIDDLEBOXES 审中-公开
标题翻译：用于发现中间盒特性的方法，系统和计算机程序产品
公开(公告)号：WO2007003992A2
公开(公告)日：2007-01-11
申请号：PCT/IB2006/001361
申请日：2006-05-25
申请人： NOKIA CORPORATION , LE, Franck , FACCIN, Stefano
发明人： LE, Franck , FACCIN, Stefano
CPC分类号： H04L29/12528 , H04L29/12471 , H04L29/12509 , H04L61/2553 , H04L61/2567 , H04L61/2575
摘要： A method, computer program product, communications device and system for enabling an end node or terminal to discover one or more characteristics of a firewall on the communications path between the end node and a data network are provided. In particular, middlebox configuration protocols have been extended to allow a user to run additional tests in order to determine, for example, whether a discovered firewall blocks unsolicited incoming requests, as well as what the length of time associated with a particular state created by the discovered firewall is.
摘要翻译：提供了用于使端节点或终端能够发现端节点和数据网络之间的通信路径上的防火墙的一个或多个特征的方法，计算机程序产品，通信设备和系统。特别是，中间件配置协议已经扩展到允许用户运行附加测试，以便确定例如发现的防火墙是否阻止未经请求的传入请求，以及与由该应用程序创建的特定状态相关的时间长度发现的防火墙是。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式