专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

WO2013004465A1 AUTHENTICATION OF WARNING MESSAGES IN A NETWORK 审中-公开
标题翻译：网络中警告信息的验证
公开(公告)号：WO2013004465A1
公开(公告)日：2013-01-10
申请号：PCT/EP2012/061318
申请日：2012-06-14
申请人： TELEFONAKTIEBOLAGET L M ERICSSON (publ) , WIFVESSON, Monica , LILJENSTAM, Michael , MATTSSON, John , NORRMAN, Karl
发明人： WIFVESSON, Monica , LILJENSTAM, Michael , MATTSSON, John , NORRMAN, Karl
IPC分类号： H04L29/06 , H04W8/24
CPC分类号： H04L63/08 , H04L63/123 , H04W4/90 , H04W12/10
摘要： There is described herein a device (101) for communicating with a network. The device (101) comprises a communications unit for receiving data, a notification device for providing a notification to a user, and a control unit for controlling the operation of the communications unit and notification unit. The communications unit is configured to receive an information message (110, 112, 115), and to receive security authentication data (110, 112, 115) associated with the information message if such security authentication data is available. The control unit is configured to operate in a first or second configuration. In the first configuration it ignores the security authentication data, (111, 113), and instructs the notification unit to convey the notification to the user. In the second configuration, it verifies the information message (116) on the basis of the security authentication data and instructs the notification unit to convey the notification to the user if the verification is successful. The communications unit is configured to receive a configuration message (114) indicating the configuration in which the control unit should operate, and the control unit is configured to change configuration if the indicated configuration is different to the current configuration.
摘要翻译：这里描述了用于与网络通信的设备（101）。设备（101）包括用于接收数据的通信单元，用于向用户提供通知的通知装置，以及用于控制通信单元和通知单元的操作的控制单元。通信单元被配置为接收信息消息（110,112,115），并且如果这种安全认证数据可用，则接收与该信息消息相关联的安全认证数据（110,112,115）。控制单元被配置为以第一或第二配置操作。在第一配置中，它忽略安全认证数据（111,113），并指示通知单元向用户传达通知。在第二配置中，它根据安全认证数据来验证信息消息（116），并且如果验证成功则指示通知单元向用户传达该通知。通信单元被配置为接收指示控制单元应该运行的配置的配置消息（114），并且如果所指示的配置与当前配置不同，则配置控制单元来改变配置。

2. 发明申请

WO2012134369A1 METHODS AND APPARATUSES FOR AVOIDING DAMAGE IN NETWORK ATTACKS 审中-公开
标题翻译：避免网络攻击造成的损害的方法和设备
公开(公告)号：WO2012134369A1
公开(公告)日：2012-10-04
申请号：PCT/SE2011/050916
申请日：2011-07-06
申请人： TELEFONAKTIEBOLAGET L M ERICSSON (PUBL) , OHLSSON, Oscar , LEHTOVIRTA, Vesa , MATTSSON, John , NORRMAN, Karl
发明人： OHLSSON, Oscar , LEHTOVIRTA, Vesa , MATTSSON, John , NORRMAN, Karl
IPC分类号： H04W12/06 , H04L9/32 , H04L29/06
CPC分类号： H04L63/14 , H04L63/1466 , H04L63/168 , H04L67/02 , H04L67/14 , H04L2463/061 , H04W12/04
摘要： Methods and apparatuses in a client terminal (400) and a web server (402) for enabling safe communication between said terminal and server. When the terminal obtains a web page from the server in a session, the terminal creates a context specific key, Ks_NAF', based on one or more context parameters, P1,...Pn, pertaining to said session and/or web page. The terminal then indicates the context specific key in a login request to the server, and the server determines a context specific key, Ks_NAF', in the same manner to verify the client if the context specific key determined in the web server matches the context specific key received from the client terminal. The context specific key is thus bound to and valid for the present context or session only and cannot be used in other contexts or sessions.
摘要翻译：客户终端（400）和网络服务器（402）中的方法和装置，用于使所述终端和服务器之间能够进行安全通信。当终端在会话中从服务器获得网页时，终端基于与所述会话和/或网页有关的一个或多个上下文参数P1，... Pn来创建上下文特定密钥Ks_NAF'。终端然后在向服务器的登录请求中指示上下文特定密钥，并且服务器以相同的方式确定上下文特定密钥Ks_NAF'，以验证客户端，如果在web服务器中确定的上下文特定密钥与上下文具体从客户终端收到的密钥。因此，上下文特定密钥被绑定到并且仅对于当前上下文或会话有效，并且不能在其他上下文或会话中使用。

3. 发明申请

WO2012034720A1 SENDING PROTECTED DATA IN A COMMUNICATION NETWORK VIA AN INTERMEDIATE UNIT 审中-公开
标题翻译：通过中间单元在通信网络中发送保护的数据
公开(公告)号：WO2012034720A1
公开(公告)日：2012-03-22
申请号：PCT/EP2011/059447
申请日：2011-06-08
申请人： TELEFONAKTIEBOLAGET L M ERICSSON (publ) , BLOM, Rolf , MATTSSON, John , OHLSSON, Oscar
发明人： BLOM, Rolf , MATTSSON, John , OHLSSON, Oscar
IPC分类号： H04W12/04 , H04L29/06 , H04L9/08
CPC分类号： H04L63/062 , H04L9/0827 , H04L9/083 , H04L9/3213 , H04L63/0807 , H04W12/04 , H04W12/06
摘要： A method and apparatus for sending protected data from a sender unit (8) to a receiver unit (10) via an intermediate unit (9). A Transfer Init message that contains a ticket associated with the receiver unit (10) is sent from the intermediate unit (9) to the sender unit (8). The intermediate unit (9) then receives a transfer response message from the sender unit (8), and also data which has been protected using at least one security key associated with the ticket and obtained from a Key Management Server (11). A message is sent to th receiver unit, the message including information required for security processing of the protected data. The protected data is then sent to the receiver unit (10), allowing the receiver unit to access the protected data.
摘要翻译：一种用于经由中间单元（9）将受保护数据从发送器单元（8）发送到接收器单元（10）的方法和装置。包含与接收器单元（10）相关联的票据的传送初始化消息从中间单元（9）发送到发送器单元（8）。然后，中间单元（9）从发送器单元（8）接收传输响应消息，以及使用至少一个与密钥管理服务器（11）相关联的安全密钥保护的数据。向接收机单元发送消息，该消息包括对受保护数据进行安全处理所需的信息。然后将受保护的数据发送到接收器单元（10），允许接收器单元访问受保护的数据。

4. 发明申请

WO2011040847A1 SENDING PROTECTED DATA IN A COMMUNICATION NETWORK 审中-公开
标题翻译：在通信网络中发送保护的数据
公开(公告)号：WO2011040847A1
公开(公告)日：2011-04-07
申请号：PCT/SE2009/051093
申请日：2009-10-01
申请人： TELEFONAKTIEBOLAGET L M ERICSSON (PUBL) , BLOM, Rolf , LINDHOLM, Fredrik , MATTSSON, John
发明人： BLOM, Rolf , LINDHOLM, Fredrik , MATTSSON, John
IPC分类号： H04L9/32
CPC分类号： H04L9/0841 , H04L9/3249 , H04L9/3263 , H04L63/04 , H04L63/06 , H04L63/0823 , H04L65/1006 , H04L65/1016 , H04L65/4076 , H04L65/608 , H04L2209/34
摘要： A method of sending protected data from a sender unit to a receiver unit via an intermediate unit. The intermediate unit stores information associated with a certificate belonging to the receiver unit, and information associated with a certificate belonging to the intermediate unit, which has previously been signed by the receiver unit. The intermediate unit receives a request from the sender unit to send protected data to the receiver unit, and so it sends a response to the sender unit. The response includes the information associated with the certificate belonging to the receiver unit, which allows the sender unit to verify that the intermediate unit is authorised to receive data on behalf of the receiver unit. The intermediate unit then receives data from the sender unit that is protected using the information associated with the certificate belonging to the receiver unit for subsequent forwarding to the receiver unit. Having the receiver unit sign the intermediate unit's certificate allows the exchange of credentials to allow a sender unit to send protected data to a receiver unit via an intermediate unit.
摘要翻译：一种通过中间单元将受保护的数据从发送器单元发送到接收器单元的方法。中间单元存储与属于接收器单元的证书相关联的信息，以及与属于中间单元的证书相关联的信息，其已经由接收器单元签名。中间单元从发送器单元接收发送受保护数据到接收器单元的请求，并且向发送器单元发送响应。响应包括与属于接收器单元的证书相关联的信息，其允许发送器单元验证中间单元是否被授权代表接收器单元接收数据。然后，中间单元从使用与属于接收器单元的证书相关联的信息来保护的发送器单元接收数据，以便随后转发到接收器单元。使接收器单元签署中间单元的证书允许交换凭证以允许发送者单元经由中间单元将保护的数据发送到接收器单元。

5. 发明申请

WO2009070075A1 KEY MANAGEMENT FOR SECURE COMMUNICATION 审中-公开
标题翻译：安全通信的关键管理
公开(公告)号：WO2009070075A1
公开(公告)日：2009-06-04
申请号：PCT/SE2007/050927
申请日：2007-11-30
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (PUBL) , BLOM, Rolf , CHENG, Yi , LINDHOLM, Fredrik , MATTSSON, John , NÄSLUND, Mats , NORRMAN, Karl
发明人： BLOM, Rolf , CHENG, Yi , LINDHOLM, Fredrik , MATTSSON, John , NÄSLUND, Mats , NORRMAN, Karl
IPC分类号： H04L9/08
CPC分类号： H04L9/0838 , H04L9/083 , H04L9/0861 , H04L63/061 , H04L63/062 , H04L63/0884 , H04L65/1016
摘要： A method and arrangement is disclosed for managing session keys for secure communication between a first and at least a second user device in a communications network. The method is characterized being independent of what type of credential each user device implements for security operations. A first user receives from a first key management server keying information and a voucher and generates a first session key. The voucher is forwarded to at least a responding user device that, with support from a second key management server communicating with the first key management server, resolves the voucher and determines a second session keys. First and second session keys are, thereafter, used for secure communication. In one embodiment the communication traverses an intermediary whereby first and second session keys protect communication with respective leg to intermediary.
摘要翻译：公开了一种用于管理用于通信网络中的第一和第二用户设备之间的安全通信的会话密钥的方法和装置。该方法的特征在于独立于每个用户设备为安全操作实现什么类型的凭证。第一用户从第一密钥管理服务器接收密钥信息和凭证并生成第一会话密钥。该凭证被转发到至少一个响应用户设备，在来自与第一密钥管理服务器通信的第二密钥管理服务器的支持下，解决凭证并确定第二会话密钥。此后，第一和第二会话密钥用于安全通信。在一个实施例中，通信遍及中间体，由此第一和第二会话密钥保护与相应的腿到中间的通信。

6. 发明申请

WO2009153072A1 SENDING SECURE MEDIA STREAMS 审中-公开
标题翻译：发送安全媒体流
公开(公告)号：WO2009153072A1
公开(公告)日：2009-12-23
申请号：PCT/EP2009/052078
申请日：2009-02-20
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (PUBL) , BLOM, Rolf , CHENG, Yi , MATTSSON, John , NÄSLUND, Mats , NORRMAN, Karl
发明人： BLOM, Rolf , CHENG, Yi , MATTSSON, John , NÄSLUND, Mats , NORRMAN, Karl
IPC分类号： H04L29/06
CPC分类号： H04L65/605 , H04L63/0428 , H04L65/608
摘要： A method and apparatus for sending a first secured media stream having a payload via an intermediate node. The intermediate node receives from a sender the first secured media stream. An end-to-end context identifier and a hop-by-hop context identifier are determined for the first secured media stream, where the hop-by-hop context identifier relates to the intermediate node and the end-to-end identifier relates to the sender. A second secured media stream is generated, which includes at least the payload of the first secured media stream and the context identifiers to identify the first secured media stream. The second secured media stream is sent to a receiving node, and the context identifiers are also sent to the receiving node. The context identifiers are usable by the receiving node to recover the first secured media stream.
摘要翻译：一种用于通过中间节点发送具有有效载荷的第一安全媒体流的方法和装置。中间节点从发送器接收第一安全媒体流。针对第一安全媒体流确定端到端上下文标识符和逐跳上下文标识符，其中逐跳上下文标识符与中间节点相关，并且端到端标识符与发件人。生成第二安全媒体流，其包括至少第一安全媒体流的有效载荷和上下文标识符以识别第一安全媒体流。第二安全媒体流被发送到接收节点，并且上下文标识符也被发送到接收节点。上下文标识符可由接收节点使用以恢复第一安全媒体流。

7. 发明申请

WO2010003713A1 SENDING MEDIA DATA VIA AN INTERMEDIATE NODE 审中-公开
标题翻译：发送媒体数据通过中间节点
公开(公告)号：WO2010003713A1
公开(公告)日：2010-01-14
申请号：PCT/EP2009/055490
申请日：2009-05-06
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (PUBL) , BLOM, Rolf , CHENG, Yi , MATTSSON, John , NÄSLUND, Mats , NORRMAN, Karl
发明人： BLOM, Rolf , CHENG, Yi , MATTSSON, John , NÄSLUND, Mats , NORRMAN, Karl
IPC分类号： H04L29/06
CPC分类号： H04L65/601 , H04L63/0464 , H04L63/0478 , H04L63/06 , H04L63/123
摘要： A method and apparatus for sending protected media data from a data source node to a client node via an intermediate node. The data source node establishes a first hop- by-hop key to be shared with the intermediate node and an end-to-end key to be shared with the client node. A single security protocol instance is configured and used to transform data from a media stream into transformed data using the keys. The transformed data is then sent to the intermediate node. The intermediate node uses the first hop-by-hop key to apply a security processing to the transformed data, and establishes a second hop-by-hop key with the client node. A second transformation is performed on the transformed data using the second hop-by-hop key to produce further transformed media data, which is then sent to the client node. At the client node a single security protocol instance is configured with the second hop-by-hop key and the end-to-end key, which are used to apply further security processing to the transformed media data.
摘要翻译：一种用于经由中间节点将受保护媒体数据从数据源节点发送到客户端节点的方法和装置。数据源节点建立要与中间节点共享的第一个逐跳密钥和要与客户端节点共享的端对端密钥。单个安全协议实例被配置并用于使用密钥将媒体流中的数据转换为变换数据。然后将变换的数据发送到中间节点。中间节点使用第一个逐跳密钥对转换的数据应用安全处理，并与客户端节点建立第二个逐跳密钥。使用第二逐跳密钥对经变换的数据执行第二变换以产生进一步转换的媒体数据，然后将其转发到客户端节点。在客户端节点，单个安全协议实例配置有第二个逐跳密钥和端对端密钥，用于对转换的媒体数据应用进一步的安全处理。

8. 发明授权

EP2484048B1 SENDING PROTECTED DATA IN A COMMUNICATION NETWORK 有权
标题翻译：受保护的数据通信网络中的SHIPMENT
公开(公告)号：EP2484048B1
公开(公告)日：2015-12-23
申请号：EP09850125.7
申请日：2009-10-01
申请人： Telefonaktiebolaget L M Ericsson (PUBL)
发明人： BLOM, Rolf , LINDHOLM, Fredrik , MATTSSON, John
IPC分类号： H04L9/32 , H04L29/06 , H04L9/08
CPC分类号： H04L9/0841 , H04L9/3249 , H04L9/3263 , H04L63/04 , H04L63/06 , H04L63/0823 , H04L65/1006 , H04L65/1016 , H04L65/4076 , H04L65/608 , H04L2209/34

9. 发明公开

EP2695410A1 METHODS AND APPARATUSES FOR AVOIDING DAMAGE IN NETWORK ATTACKS 有权
标题翻译：方法以及防止损坏网络攻击DEVICES
公开(公告)号：EP2695410A1
公开(公告)日：2014-02-12
申请号：EP11862337.0
申请日：2011-07-06
申请人： Telefonaktiebolaget L M Ericsson (PUBL)
发明人： OHLSSON, Oscar , LEHTOVIRTA, Vesa , MATTSSON, John , NORRMAN, Karl
IPC分类号： H04W12/06 , H04L9/32 , H04L29/06
CPC分类号： H04L63/14 , H04L63/1466 , H04L63/168 , H04L67/02 , H04L67/14 , H04L2463/061 , H04W12/04
摘要： Methods and apparatuses in a client terminal (400) and a web server (402) for enabling safe communication between said terminal and server. When the terminal obtains a web page from the server in a session, the terminal creates a context specific key, Ks_NAF', based on one or more context parameters, P1,...Pn, pertaining to said session and/or web page. The terminal then indicates the context specific key in a login request to the server, and the server determines a context specific key, Ks_NAF', in the same manner to verify the client if the context specific key determined in the web server matches the context specific key received from the client terminal. The context specific key is thus bound to and valid for the present context or session only and cannot be used in other contexts or sessions.

10. 发明公开

EP2628329A1 SENDING PROTECTED DATA IN A COMMUNICATION NETWORK VIA AN INTERMEDIATE UNIT 有权
标题翻译：方法和设备，用于发送受保护的数据通信网络中的OVER中间单元
公开(公告)号：EP2628329A1
公开(公告)日：2013-08-21
申请号：EP11724623.1
申请日：2011-06-08
申请人： Telefonaktiebolaget L M Ericsson (PUBL)
发明人： BLOM, Rolf , MATTSSON, John , OHLSSON, Oscar
IPC分类号： H04W12/04 , H04L29/06 , H04L9/08
CPC分类号： H04L63/062 , H04L9/0827 , H04L9/083 , H04L9/3213 , H04L63/0807 , H04W12/04 , H04W12/06
摘要： A method and apparatus for sending protected data from a sender unit to a receiver unit via an intermediate unit. A Transfer Init message that contains a ticket associated with the receiver unit is sent from the intermediate unit to the sender unit. The intermediate unit then receives a transfer response message from the sender unit, and also data which has been protected using at least one security key associated with the ticket and obtained from a Key Management Server. A message is sent to the receiver unit, the message including information required for security processing of the protected data. The protected data is then sent to the receiver unit, allowing the receiver unit to access the protected data.

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式