专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

WO2009098130A2 METHOD AND SYSTEM FOR MOBILE DEVICE CREDENTIALING 审中-公开
标题翻译：用于移动设备认证的方法和系统
公开(公告)号：WO2009098130A2
公开(公告)日：2009-08-13
申请号：PCT/EP2009/050829
申请日：2009-01-26
申请人： TELEFONAKTIEBOLAGET L M ERICSSON (PUBL) , SMEETS, Bernard , SÄLLBERG, Krister , LEHTOVIRTA, Vesa , BARRIGA, Luis , JOHANSSON, Mattias
发明人： SMEETS, Bernard , SÄLLBERG, Krister , LEHTOVIRTA, Vesa , BARRIGA, Luis , JOHANSSON, Mattias
IPC分类号： H04L29/06
CPC分类号： G06F21/445 , G06F2221/2129 , H04L9/321 , H04L9/3263 , H04L63/062 , H04L2209/56 , H04L2209/80 , H04W12/04
摘要： Methods and systems taught herein allow communication device manufacturers to preconfigure communication devices to use preliminary access credentials to gain temporary network access for downloading subscription credentials, and particularly allow the network operator issuing the subscription credentials to verify that individual devices requesting credentials are trusted. In one or more embodiments, a credentialing server is owned or controlled by the network operator, and is used by the network operator to verify that subscription credentials are issued only to trusted communication devices, even though such devices may be referred to the credentialing server by an external registration server and may be provisioned by an external provisioning server. Particularly, the credentialing server interrogates requesting devices for their device certificates and submits these device certificates to an external authorization server, e.g., an independent OCSP server, for verification. A common Public Key Infrastructure (PKI) may be used for operator and device certificates.
摘要翻译：本文教导的方法和系统允许通信设备制造商预先配置通信设备以使用初步访问凭证来获得用于下载订阅凭证的临时网络访问，并且特别地允许网络运营商发布预订凭证来验证请求凭证的各个设备是否被信任。在一个或多个实施例中，凭证服务器由网络运营商拥有或控制，并且被网络运营商用于验证订阅凭证仅被发送到受信任的通信设备，即使这样的设备可以被引用到凭证服务器外部注册服务器，并且可以由外部配置服务器提供。特别地，凭证服务器询问请求设备的设备证书，并将这些设备证书提交给外部授权服务器，例如独立的OCSP服务器，以进行验证。通用公钥基础设施（PKI）可用于运营商和设备证书。

2. 发明申请

WO2003005636A1 SECURE HEADER INFORMATION FOR MULTI-CONTENT E-MAIL 审中-公开
标题翻译：多内容电子邮件的安全信息
公开(公告)号：WO2003005636A1
公开(公告)日：2003-01-16
申请号：PCT/SE2002/001220
申请日：2002-06-18
申请人： TELEFONAKTIEBOLAGET L M ERICSSON (PUBL) , BARRIGA, Luis , MÅNGS, Jan-Erik
发明人： BARRIGA, Luis , MÅNGS, Jan-Erik
IPC分类号： H04L9/00
CPC分类号： H04L63/0428 , H04L51/063 , H04L51/38 , H04L63/104
摘要： A multicontent e-mail has a body part comprising separately encrypted content parts and a header part comprising a clear text part and an encrypted part. The encrypted header part includes a descriptor section and a link section. The link section specifies relationships between content parts. The descriptor section provides information related to each body content part such as information format. The descriptor section, further, provides information for access to any content part such as requirement for authorization. The access information can include executable code exemplary for establishing a negotiation process for access to linked information at a remote information server. Further disclosed is an arrangement for download and decryption of the e-mail header part and analysis of the descriptor section. A user can select any body content part for downloading according to requirements determined from the descriptor section.
摘要翻译：多电子邮件具有包括单独加密的内容部分的主体部分和包括明文部分和加密部分的标题部分。加密的报头部分包括描述符部分和链接部分。链接部分指定内容部分之间的关系。描述符部分提供与每个身体内容部分相关的信息，例如信息格式。描述符部分还提供了访问任何内容部分的信息，例如授权要求。访问信息可以包括示例性的可执行代码，用于在远程信息服务器处建立用于访问链接信息的协商过程。还公开了电子邮件标题部分的下载和解密以及描述符部分的分析的安排。用户可以根据从描述符部分确定的要求，选择任何身体内容部分进行下载。

3. 发明申请

WO2010134862A1 CHALLENGING A FIRST TERMINAL INTENDING TO COMMUNICATE WITH A SECOND TERMINAL 审中-公开
标题翻译：挑选第一个终端用于与第二个终端通信
公开(公告)号：WO2010134862A1
公开(公告)日：2010-11-25
申请号：PCT/SE2009/050585
申请日：2009-05-20
申请人： TELEFONAKTIEBOLAGET L M ERICSSON (PUBL) , BARRIGA, Luis , LILJENSTAM, Michael , NERBRANT, Per-Olof , NÄSLUND, Mats
发明人： BARRIGA, Luis , LILJENSTAM, Michael , NERBRANT, Per-Olof , NÄSLUND, Mats
IPC分类号： H04L9/32 , H04W8/18 , H04W8/22
CPC分类号： H04L9/3271 , G06F21/31 , G06F2221/2133 , G06Q10/107 , H04L63/08 , H04L2209/805 , H04W12/06 , H04W48/16 , H04W76/10
摘要： The invention relates to a method, party challenging device (18) and computer program products for providing a challenge to a first terminal (10) intending to communicate with a second terminal (24) via two networks (N1, N2). The party challenging device receives a first electronic message (1M) concerning a transfer of media from the first terminal to the second terminal sent from the first terminal (10) and addressed to the second terminal (24), obtains communication contextual data associated with the first party or the first terminal, provides an electronic challenge message (CHM) including a challenge (CH1l) based on the obtained data and sends the challenge message to the first terminal in order to enable a decision to be made how to process the invitation message for the second terminal based on the correctness of a response (RM) including a response to the challenge.
摘要翻译：本发明涉及一种方法，一方挑战性装置（18）和用于向第一终端（10）提供有意通过两个网络（N1，N2）与第二终端（24）进行通信的计算机程序产品。派对挑战装置接收关于从第一终端（10）发送的媒体从第一终端到第二终端的传送并寻址到第二终端（24）的第一电子消息（1M），获得与第一终端相关联的通信上下文数据第一方或第一终端基于获得的数据提供包括质询（CH1l）的电子质询消息（CHM），并将询问消息发送到第一终端，以便能够做出如何处理邀请消息基于包括对挑战的响应的响应（RM）的正确性的第二终端。

4. 发明申请

WO2010104435A1 SETUP AND CONFIGURATION OF RELAY NODES 审中-公开
标题翻译：继电器的设置和配置
公开(公告)号：WO2010104435A1
公开(公告)日：2010-09-16
申请号：PCT/SE2009/050569
申请日：2009-05-20
申请人： TELEFONAKTIEBOLAGET L M ERICSSON (PUBL) , RÁCZ, András , SELANDER, Göran , NÄSLUND, Mats , BARRIGA, Luis , LINDSTRÖM, Magnus , MILDH, Gunnar , JOHANSSON, Niklas
发明人： RÁCZ, András , SELANDER, Göran , NÄSLUND, Mats , BARRIGA, Luis , LINDSTRÖM, Magnus , MILDH, Gunnar , JOHANSSON, Niklas
IPC分类号： H04W12/06
CPC分类号： H04W12/06 , H04B7/15557 , H04L63/0838 , H04W8/205 , H04W24/02 , H04W84/047
摘要： Systems and methods for the configuration of network nodes without a secured connection in a telecommunications system are described herein. These network nodes can be wireless network nodes which are part of the network infrastructure, such as, wireless relays, wireless repeaters and self-backhauled eNodeBs.
摘要翻译：这里描述了用于在电信系统中配置没有安全连接的网络节点的系统和方法。这些网络节点可以是作为网络基础设施的一部分的无线网络节点，诸如无线中继，无线中继器和自回程的eNodeB。

5. 发明申请

WO2009082306A1 DETECTION OF MALICIOUS SOFTWARE IN COMMUNICATION SYSTEM 审中-公开
标题翻译：检测通信系统中的恶意软件
公开(公告)号：WO2009082306A1
公开(公告)日：2009-07-02
申请号：PCT/SE2007/051068
申请日：2007-12-21
申请人： TELEFONAKTIEBOLAGET L M ERICSSON (PUBL) , LILJENSTAM, Michael , BARRIGA, Luis , MÉHES, András
发明人： LILJENSTAM, Michael , BARRIGA, Luis , MÉHES, András
IPC分类号： H04Q7/34 , G06F21/00
CPC分类号： H04L63/1416 , G06F21/56 , H04L63/12 , H04L63/1491
摘要： A method and arrangement in a communications network is disclosed for detection and action on messages originating from execution ofmalicious software surreptitiouslyimplemented at a user device. The system is initially configured with special addresses generated at the network. A configuration phase includes update of user device address list and registration at network database of special addresses applicable for the user. A message is analyzed with respect to special address indicated as message receiver whereby network functionality determines actions ranging from deletion of message, update of charging data, to further statistical analysis for preventive actions at network level.
摘要翻译：公开了一种通信网络中的方法和装置，用于对在用户设备上暗中实现的恶意软件执行的消息进行检测和动作。该系统最初配置有在网络生成的特殊地址。配置阶段包括更新用户设备地址列表，并在网络数据库中注册适用于用户的特殊地址。针对指定为消息接收者的特殊地址分析消息，由此网络功能确定从消息的删除，计费数据的更新到网络级的预防性动作的进一步统计分析的动作。

6. 发明申请

WO2009068985A2 END-TO-EDGE MEDIA PROTECTION 审中-公开
标题翻译：端到端媒体保护
公开(公告)号：WO2009068985A2
公开(公告)日：2009-06-04
申请号：PCT/IB2008/003288
申请日：2008-12-01
申请人： TELEFONAKTIEBOLAGET L M ERICSSON (PUBL) , BARRIGA, Luis , BLOM, Rolf , CHENG, Yi , NÄSLUND, Mats , NORRMAN, Karl , LINDHOLM, Fredrik
发明人： BARRIGA, Luis , BLOM, Rolf , CHENG, Yi , NÄSLUND, Mats , NORRMAN, Karl , LINDHOLM, Fredrik
IPC分类号： H04W12/02
CPC分类号： H04W76/02 , H04L63/0428 , H04L65/1016 , H04L65/1069 , H04W12/02 , H04W12/04 , H04W76/10
摘要： An IMS system includes an IMS initiator user entity. The system includes an IMS responder user entity that is called by the initiator user entity. The system includes a calling side S-CSCF in communication with the caller entity which receives an INVITE having a first protection offer and parameters for key establishment from the caller entity, removes the first protection offer from the INVITE and forwards the INVITE without the first protection offer. The system includes a receiving end S-CSCF in communication with the responder user entity and the calling side S-CSCF which receives the INVITE without the first protection offer and checks that the responder user entity supports the protection, inserts a second protection offer into the INVITE and forwards the INVITE to the responder user entity, wherein the responder user entity accepts the INVITE including the second protection offer and answers with an acknowledgment having a first protection accept. A method for supporting a call by a telecommunications node.
摘要翻译： IMS系统包括IMS发起者用户实体。该系统包括由发起者用户实体调用的IMS应答器用户实体。该系统包括与主叫实体进行通信的主叫侧S-CSCF，其从呼叫方实体接收具有第一保护报价的INVITE和用于密钥建立的参数，从INVITE中移除第一保护报价并转发INVITE而没有第一保护提供。该系统包括与响应者用户实体通信的接收端S-CSCF，以及在没有第一保护提供的情况下接收INVITE的主叫侧S-CSCF，并检查响应者用户实体是否支持保护，将第二保护请求插入到 INVITE并将INVITE转发到响应者用户实体，其中响应者用户实体接受包括第二保护提议的INVITE和具有第一保护接受的确认的应答。一种用于支持电信节点的呼叫的方法。

7. 发明申请

WO2013008056A1 DEVICES AND METHODS PROVIDING MOBILE AUTHENTICATION OPTIONS FOR BROKERED EXPEDITED CHECKOUT 审中-公开
标题翻译：提供移动认证选项的设备和方法
公开(公告)号：WO2013008056A1
公开(公告)日：2013-01-17
申请号：PCT/IB2011/002689
申请日：2011-11-14
申请人： TELEFONAKTIEBOLAGET L M ERICSSON (PUBL) , DAMOLA, Ayodele , BARRIGA, Luis
发明人： DAMOLA, Ayodele , BARRIGA, Luis
IPC分类号： G06Q30/06
CPC分类号： G06Q20/322 , G06Q20/027 , G06Q20/12 , G06Q20/363 , G06Q20/3821 , G06Q20/401 , G06Q30/06
摘要： Apparatuses and methods for brokered expedited checkout for e-shopping in telecommunication networks are provided. An apparatus is configured to facilitate checkout for a purchase by a user using user equipment from an e-shop in a telecommunication network. The apparatus has a processing unit configured to authorize the user, to access information related to the user, to respond to queries related to the user based on the information, and to mediate between a payment system and the e-shop in order to pay for the purchase.
摘要翻译：提供了电信网络电子购物中转快速结账的设备和方法。一种装置被配置为便于用户使用来自电信网络中的电子商店的用户设备进行购买。该装置具有处理单元，其被配置为授权用户访问与用户相关的信息，以基于该信息来响应与用户相关的查询，并且在支付系统和电子商店之间进行调解以支付此次购买。

8. 发明申请

WO2010095988A1 USER AUTHENTICATION 审中-公开
标题翻译：用户认证
公开(公告)号：WO2010095988A1
公开(公告)日：2010-08-26
申请号：PCT/SE2009/050182
申请日：2009-02-18
申请人： TELEFONAKTIEBOLAGET L M ERICSSON (PUBL) , BLOM, Rolf , NORRMAN, Karl , BARRIGA, Luis
发明人： BLOM, Rolf , NORRMAN, Karl , BARRIGA, Luis
IPC分类号： H04L29/06 , H04W12/06 , H04B5/00 , H04W12/04
CPC分类号： H04W12/06 , H04L63/0492 , H04L63/18 , H04L67/04
摘要： A method of authenticating access to a service comprises: a) receiving at a mobile terminal, over a bi-directional near-field communication channel between the mobile terminal and a browser, at least part of the identifier of a service; b) comparing, at the mobile terminal, at least part of the identifier received at the mobile terminal with a set of identifiers stored in the mobile device; and c) authenticating access to the service on the basis of whether at least part of the identifier received at the mobile terminal matches an identifier in the set. The mobile terminal may stored a set of URLs, and may compare a received URL (or part URL) with the set of stored URLs. It may generate an alert to the user if at least part of the URL received at the mobile terminal does not match a stored URL. User names and keys are not required to be stored on the web-browser, so the web- browser does not need to maintain a password database. This improves security, since a password database would be vulnerable to malicious code.
摘要翻译：认证对服务的访问的方法包括：a）在移动终端处通过移动终端和浏览器之间的双向近场通信信道，至少部分服务的标识符进行接收; b）在移动终端处将在移动终端处接收到的标识符的至少一部分与存储在移动设备中的一组标识符进行比较; 以及c）基于在所述移动终端中接收到的所述标识符的至少一部分是否匹配所述集合中的标识符来认证对所述服务的访问。移动终端可以存储一组URL，并且可以将接收到的URL（或部分URL）与存储的URL集合进行比较。如果在移动终端处接收到的URL的至少一部分与存储的URL不匹配，则它可以向用户生成警报。用户名和密钥不需要存储在Web浏览器上，因此Web浏览器不需要维护密码数据库。这提高了安全性，因为密码数据库将容易受到恶意代码的攻击。

9. 发明申请

WO2003073242A1 METHOD AND APPARATUS FOR HANDLING USER IDENTITIES UNDER SINGLE SIGN-ON SERVICES 审中-公开
标题翻译：在单一登录服务下处理用户身份的方法和装置
公开(公告)号：WO2003073242A1
公开(公告)日：2003-09-04
申请号：PCT/SE2003/000341
申请日：2003-02-28
申请人： TELEFONAKTIEBOLAGET L M ERICSSON (PUBL) , BARRIGA, Luis , PARDO-BLAZQUEZ, Avelina , WALKER, John, Michael , DE GREGORIO, Jesús-Angel
发明人： BARRIGA, Luis , PARDO-BLAZQUEZ, Avelina , WALKER, John, Michael , DE GREGORIO, Jesús-Angel
IPC分类号： G06F1/00
CPC分类号： H04L63/0815 , G06F21/33 , G06F21/41 , G06F2221/2115 , H04L63/0884 , H04L67/04 , H04L67/1002 , H04L67/16 , H04W12/06
摘要： The invention provides a mechanism, in terms of means and method, for handling, provisioning and correlating a plurality of user's identities for a user in an automated manner between a single sign-On authentication provider and a number of service providers where the user accesses. Therefore, after a successful authentication of a user's authentication identity with the authentication provider, the authentication provider assigns an alias shared identity to the user, said alias shared identity being the uniquely exchanged identity between the authentication provider and the service provider to identify the user. The alias shared identity is linked at the authentication provider with the user's authentication identity and with an identifier of the service provider where the user accesses. The alias shared identity is linked at the service provider with the user's local identity which the user has for an account with the service provider.
摘要翻译：本发明提供了一种用于在单一登录认证提供商和用户访问的多个服务提供商之间以自动方式处理，配置和关联用户的多个用户身份的机制。因此，在认证提供者成功认证用户认证身份之后，认证提供商向用户分配别名共享身份，所述别名共享身份是认证提供者和服务提供商之间唯一交换的身份，以识别用户。别名共享身份在身份验证提供商处与用户的身份验证身份和用户访问的服务提供商的标识符相关联。别名共享身份在服务提供商处与用户具有与服务提供商的帐户的本地身份相关联。

10. 发明公开

EP2399376A1 USER AUTHENTICATION 审中-公开
标题翻译：用户认证
公开(公告)号：EP2399376A1
公开(公告)日：2011-12-28
申请号：EP09840503.8
申请日：2009-02-18
申请人： Telefonaktiebolaget L M Ericsson (publ)
发明人： BLOM, Rolf , NORRMAN, Karl , BARRIGA, Luis
IPC分类号： H04L29/06 , H04W12/06 , H04B5/00 , H04W12/04
CPC分类号： H04W12/06 , H04L63/0492 , H04L63/18 , H04L67/04
摘要： A method of authenticating access to a service comprises: a) receiving at a mobile terminal, over a bi-directional near-field communication channel between the mobile terminal and a browser, at least part of the identifier of a service; b) comparing, at the mobile terminal, at least part of the identifier received at the mobile terminal with a set of identifiers stored in the mobile device; and c) authenticating access to the service on the basis of whether at least part of the identifier received at the mobile terminal matches an identifier in the set. The mobile terminal may stored a set of URLs, and may compare a received URL (or part URL) with the set of stored URLs. It may generate an alert to the user if at least part of the URL received at the mobile terminal does not match a stored URL. User names and keys are not required to be stored on the web-browser, so the web- browser does not need to maintain a password database. This improves security, since a password database would be vulnerable to malicious code.

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式