专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

WO2011076274A1 USAGE CONTROL OF DIGITAL DATA EXCHANGED BETWEEN TERMINALS OF A TELECOMMUNICATIONS NETWORK 审中-公开
标题翻译：电信网络终端之间交换的数字数据的使用控制
公开(公告)号：WO2011076274A1
公开(公告)日：2011-06-30
申请号：PCT/EP2009/067847
申请日：2009-12-23
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (publ) , CATREIN, Daniel , HARTUNG, Frank , CHENG, Yi
发明人： CATREIN, Daniel , HARTUNG, Frank , CHENG, Yi
IPC分类号： H04L29/06 , H04L29/08 , G06F21/00
CPC分类号： H04L63/0428 , G06F21/10 , H04L63/10 , H04L67/06 , H04L2463/101
摘要： The invention refers to a method of supporting a sending user device (14) to enforcing a usage control of digital content embedded in a content object, CO, wherein a rights object, RO, associated to the CO is required for using the digital content of the CO at a receiving user device (16), the method comprising generating at the sending user device (14) a encryption information for decrypting the encrypted digital content and inserting the decryption information into the RO, and sending the RO to a rights management server (12) to be forwarded to the receiving user device (16). The invention further refers to a corresponding method of receiving at a rights management server (12) a rights object generation request to be forwarded to the receiving user device (16), and to a corresponding user device server and a corresponding server.
摘要翻译：本发明涉及一种支持发送用户设备（14）来实施嵌入在内容对象CO中的数字内容的使用控制的方法，其中与CO相关联的权利对象RO需要使用数字内容所述方法包括在所述发送用户设备（14）生成用于解密所述加密的数字内容并将所述解密信息插入到所述RO中的加密信息，以及将所述RO发送到权限管理服务器（12）被转发到接收用户设备（16）。本发明还涉及在权限管理服务器（12）处接收要转发给接收用户设备（16）的权利对象生成请求以及对应的用户设备服务器和相应服务器的相应方法。

2. 发明申请

WO2010099823A1 IP MULTIMEDIA SECURITY 审中-公开
标题翻译： IP多媒体安全
公开(公告)号：WO2010099823A1
公开(公告)日：2010-09-10
申请号：PCT/EP2009/052560
申请日：2009-03-04
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (PUBL) , NÄSLUND, Mats , BLOM, Rolf , CHENG, Yi , LINDHOLM, Fredrik , NORRMAN, Karl
发明人： NÄSLUND, Mats , BLOM, Rolf , CHENG, Yi , LINDHOLM, Fredrik , NORRMAN, Karl
IPC分类号： H04L29/06 , H04W12/04
CPC分类号： H04L63/06 , H04L9/0844 , H04L2209/80 , H04W12/04
摘要： A method of establishing keys for at least partially securing media plane data exchanged between first and second end users via respective first and second media plane network nodes. The method comprises sending session set-up signalling from said first end point towards said second end point, said session set-up signalling including a session key generated by said first end point. The set-up signalling is intercepted at a first signalling plane network node and a determination made as to whether or not a signalling plane key has already been established for securing the signalling plane between said first end point and said first signalling plane network node. If a signalling plane key has already been established, then a media plane key is derived from that signalling plane key, and the media plane key sent to said first media plane network node for securing the media plane between said first end user and said first media plane network node. If a signalling plane key has not already been established, then an alternative media plane key is derived from said session key and sent to said first media plane network node for securing the media plane between said first end user and said first media plane network node.
摘要翻译：一种建立用于经由相应的第一和第二媒体平面网络节点至少部分地保护在第一和第二终端用户之间交换的媒体平面数据的密钥的方法。该方法包括从所述第一端点向所述第二端点发送会话建立信令，所述会话建立信令包括由所述第一端点产生的会话密钥。建立信令在第一信令平面网络节点被拦截，并且确定信令平面密钥是否已被建立用于在所述第一终端和所述第一信令平面网络节点之间保护信令平面。如果已经建立了信令平面密钥，则从该信令平面密钥导出媒体平面密钥，并且将媒体平面密钥发送到所述第一媒体平面网络节点，以将介质平面固定在所述第一终端用户和所述第一媒体之间平面网络节点。如果还没有建立信令平面密钥，则从所述会话密钥导出替代媒体平面密钥，并将其发送到所述第一媒体平面网络节点，以便在所述第一终端用户和所述第一媒体平面网络节点之间保护媒体平面。

3. 发明申请

WO2016209126A1 METHODS, NETWORK NODES, MOBILE ENTITY, COMPUTER PROGRAMS AND COMPUTER PROGRAM PRODUCTS FOR PROTECTING PRIVACY OF A MOBILE ENTITY 审中-公开
标题翻译：方法，网络编号，移动实体，计算机程序和计算机程序产品，用于保护移动实体的隐私
公开(公告)号：WO2016209126A1
公开(公告)日：2016-12-29
申请号：PCT/SE2015/050728
申请日：2015-06-23
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
发明人： NORRMAN, Karl , NÄSLUND, Mats , MATTSSON, John , CHENG, Yi
IPC分类号： H04W12/02 , H04L9/32 , H04W8/26 , H04W12/06
CPC分类号： H04L9/3271 , H04L63/0414 , H04L2209/42 , H04L2209/80 , H04W8/26 , H04W12/02 , H04W12/06
摘要： A method (20) for a first network node (5, 15) of protecting confidentiality of a first identifier associated by the first network node (5, 15) with a subscription used by a mobile entity (6, 16) in a communications network (1, 10) is provided. The communications network (1, 10) comprises a home network (3, 13) of the mobile entity (6, 16) and a serving network (2, 4, 12, 14) serving the mobile entity (6, 16). The method (20) comprises the following steps performed by the first network node (5, 5), which is part of the home network (3, 13): receiving (21), from a second network node (4, 14) which is part of the serving network (2, 12), a first request for authentication information for the mobile entity (6, 16), the first request comprising the first identifier, generating (22) a first pseudonym associated with the first identifier, creating (23) a link between the first pseudonym and the first identifier, and sending (24), to the second network node (4, 14), the first pseudonym in response to the first request for authentication information for use as an identifier for the mobile entity (6, 16) in the serving network (2, 12). A method (70) for a second network node is also provided, and corresponding network nodes, computer programs and computer program products.
摘要翻译：一种用于通过由通信网络中的移动实体（6,16）使用的订阅来保护由第一网络节点（5,15）相关联的第一标识符的机密性的第一网络节点（5,15）的方法（20）（1,10）。通信网络（1,10）包括移动实体（6,16）的归属网络（3,13）和服务于移动实体（6,16）的服务网络（2,4,12,14）。方法（20）包括作为家庭网络（3,13）的一部分的第一网络节点（5,5）执行的以下步骤：从第二网络节点（4,14）接收（21）是服务网络（2,12）的一部分，对移动实体（6,16）的认证信息的第一请求，第一请求包括第一标识符，生成（22）与第一标识符相关联的第一假名，创建（23）第一假名和第一标识符之间的链接，并且向第二网络节点（4,14）发送（24）第一假名，响应于用于认证信息的第一请求用作用于移动实体（6,16）在服务网络（2,12）中。还提供了用于第二网络节点的方法（70），以及相应的网络节点，计算机程序和计算机程序产品。

4. 发明申请

WO2014065720A1 METHODS AND NODES FOR HANDLING USAGE POLICY 审中-公开
标题翻译：处理使用政策的方法和方法
公开(公告)号：WO2014065720A1
公开(公告)日：2014-05-01
申请号：PCT/SE2012/051128
申请日：2012-10-22
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
发明人： HUANG, Vincent , CHENG, Yi
IPC分类号： G06F21/60 , H04L9/08 , H04L9/32 , H04L29/06 , H04L29/08 , H04W84/18
CPC分类号： G06F21/10 , G06F21/60 , G06F21/85 , H04L9/3247 , H04L63/0245 , H04L63/0263 , H04L63/10 , H04L63/20 , H04L2209/603
摘要： Methods and nodes (300a, 300b, 302) for handling a usage policy (P1.P2) pertaining to source data (D1,D2) generated by a source node (300a, 300b). The usage policy dictates permission to access and use the source data. The source node calculates a signature (Sig) based on an identification (id_D) of the source data and the usage policy (P) of the source data, and provides the source data, its usage policy and the calculated signature to a data processing node (302). The data processing node then generates new data (D3) based on the source data, and calculates a new signature (Sig3) based on an identification (ldj_)3) of the new data and at least one of: a new usage policy (P3) pertaining to the generated new data, and the usage policy (P1, P2) of the source data. The data processing node finally provides the new data, the usage policies (P1, P2, P3) and the signatures (Sig1, Sig2, Sig3) to a data receiving node (304) which is thereby enabled to verify and comply with the provided usage policies based on the respective associated signatures.
摘要翻译：用于处理由源节点（300a，300b）生成的与源数据（D1，D2）有关的使用策略（P1.P2）的方法和节点（300a，300b，302）。使用策略规定了访问和使用源数据的权限。源节点基于源数据的标识（id_D）和源数据的使用策略（P）来计算签名（Sig），并将源数据，其使用策略和计算的签名提供给数据处理节点（302）。数据处理节点然后基于源数据生成新数据（D3），并且基于新数据的标识（1dj_）3）计算新签名（Sig3），并且至少一个：新的使用策略（P3 ）和源数据的使用策略（P1，P2）相关联。数据处理节点最终向数据接收节点（304）提供新数据，使用策略（P1，P2，P3）和签名（Sig1，Sig2，Sig3），从而能够验证并遵守所提供的使用基于各自相关联的签名的策略。

5. 发明申请

WO2009149759A1 METHOD AND APPARATUS FOR MACHINE-TO-MACHINE COMMUNICATION 审中-公开
标题翻译：机器到机器通信的方法和装置
公开(公告)号：WO2009149759A1
公开(公告)日：2009-12-17
申请号：PCT/EP2008/057420
申请日：2008-06-12
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (publ) , CHENG, Yi , HUANG, Vincent , JOHANSSON, Mattias
发明人： CHENG, Yi , HUANG, Vincent , JOHANSSON, Mattias
IPC分类号： H04L29/06
CPC分类号： H04L63/062 , H04L9/3263 , H04L67/12 , H04L2209/805 , H04W4/00 , H04W4/70
摘要： According to a first aspect of the present invention there is provided a method of at least partly delegating processing of data in a machine-to-machine system to reduce computational load on a broker entity 11 while maintaining security of the data to be processed, the broker entity 11 serving as a link between a node 13 of a sensor network providing the data and an application node 12 requesting the data. In the method, at the broker entity 11, following receipt of a request for processed data from the application node 12, determining the node to provide the data to be processed, generating a data key for the data-providing node 13, generating a data-processing algorithm for processing the data in dependence upon the request, sending the data key to the data-providing node 13, and sending the data key and data-processing algorithm to a remote data-processing entity 15. At the data-providing node 13, encrypting the data using the data key and sending the encrypted data to the data- processing entity 15. At the data-processing entity 15, decrypting the data using the data key, processing the data using the data-processing algorithm, and sending the processed data to the application node 12.
摘要翻译：根据本发明的第一方面，提供了一种至少部分地委托机器到机器系统中的数据的处理以减少代理实体11上的计算负荷同时保持要处理的数据的安全性的方法，作为提供数据的传感器网络的节点13与请求数据的应用节点12之间的链接的代理实体11。在该方法中，在代理实体11，在从应用节点12接收到对已处理数据的请求之后，确定节点以提供要处理的数据，生成数据提供节点13的数据密钥，生成数据处理算法，用于根据请求处理数据，将数据密钥发送到数据提供节点13，以及将数据密钥和数据处理算法发送到远程数据处理实体15.在数据提供节点 13，使用数据密钥对数据进行加密，并将加密的数据发送到数据处理实体15.在数据处理实体15处，使用数据密钥解密数据，使用数据处理算法处理数据，并发送处理的数据到应用节点12。

6. 发明申请

WO2009070075A1 KEY MANAGEMENT FOR SECURE COMMUNICATION 审中-公开
标题翻译：安全通信的关键管理
公开(公告)号：WO2009070075A1
公开(公告)日：2009-06-04
申请号：PCT/SE2007/050927
申请日：2007-11-30
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (PUBL) , BLOM, Rolf , CHENG, Yi , LINDHOLM, Fredrik , MATTSSON, John , NÄSLUND, Mats , NORRMAN, Karl
发明人： BLOM, Rolf , CHENG, Yi , LINDHOLM, Fredrik , MATTSSON, John , NÄSLUND, Mats , NORRMAN, Karl
IPC分类号： H04L9/08
CPC分类号： H04L9/0838 , H04L9/083 , H04L9/0861 , H04L63/061 , H04L63/062 , H04L63/0884 , H04L65/1016
摘要： A method and arrangement is disclosed for managing session keys for secure communication between a first and at least a second user device in a communications network. The method is characterized being independent of what type of credential each user device implements for security operations. A first user receives from a first key management server keying information and a voucher and generates a first session key. The voucher is forwarded to at least a responding user device that, with support from a second key management server communicating with the first key management server, resolves the voucher and determines a second session keys. First and second session keys are, thereafter, used for secure communication. In one embodiment the communication traverses an intermediary whereby first and second session keys protect communication with respective leg to intermediary.
摘要翻译：公开了一种用于管理用于通信网络中的第一和第二用户设备之间的安全通信的会话密钥的方法和装置。该方法的特征在于独立于每个用户设备为安全操作实现什么类型的凭证。第一用户从第一密钥管理服务器接收密钥信息和凭证并生成第一会话密钥。该凭证被转发到至少一个响应用户设备，在来自与第一密钥管理服务器通信的第二密钥管理服务器的支持下，解决凭证并确定第二会话密钥。此后，第一和第二会话密钥用于安全通信。在一个实施例中，通信遍及中间体，由此第一和第二会话密钥保护与相应的腿到中间的通信。

7. 发明申请

WO2014074041A1 METHODS AND NODES FOR VERIFICATION OF DATA 审中-公开
标题翻译：数据验证的方法和编号
公开(公告)号：WO2014074041A1
公开(公告)日：2014-05-15
申请号：PCT/SE2012/051233
申请日：2012-11-12
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (publ)
发明人： HUANG, Vincent , CHENG, Yi , NÄSLUND, Mats , MÉHES, András
IPC分类号： H04L29/06 , G06F21/64 , H04L9/32
CPC分类号： H04L63/126 , G06F21/64 , H04L9/3236 , H04L63/08 , H04L63/123 , H04L2209/38
摘要： A first data handling node (304) is configured to verify data received in a data distribution network with multiple data handling nodes forming a distribution path of a network topology, by obtaining tag information from a hash server (306). The first data handling node (304) receives data (D3) and a hash tag (H3) from a second data handling node (302). The received data (D3) and hash tag (H3) have been generated by the second node based on a previous hash tag (H1, H2) generated by a preceding third data handling node (300a, 300b). The third node has delivered data (D1, D2) to the second node, and the received data (D3) has been generated by the second node based on the data (D1, D2) delivered by the third data handling node. The first data handling node (304) verifies the received data (D3) based on the tag information from the hash server, which indicates whether the received hash tag (H3) corresponds to a "valid hash tag" (Hx) which is calculated by applying a predefined hash algorithm on the previous hash tag (H1, H2). When the received tag corresponds to the valid tag, the data is verified as trustworthy and not faked or manipulated.
摘要翻译：第一数据处理节点（304）被配置为通过从散列服务器（306）获取标签信息来验证在形成网络拓扑的分布路径的多个数据处理节点在数据分配网络中接收到的数据。第一数据处理节点（304）从第二数据处理节点（302）接收数据（D3）和散列标签（H3）。基于先前的第三数据处理节点（300a，300b）产生的先前哈希标签（H1，H2），由第二节点生成接收数据（D3）和散列标签（H3）。第三节点已经向第二节点传送数据（D1，D2），并且基于由第三数据处理节点传送的数据（D1，D2），已经由第二节点生成接收数据（D3）。第一数据处理节点（304）基于来自散列服务器的标签信息来验证接收到的数据（D3），该标签信息指示接收的散列标签（H3）是否对应于“有效散列标签”（Hx），其由对先前的散列标签（H1，H2）应用预定义的散列算法。当接收到的标签对应于有效标签时，数据被验证为可信赖的并且不被伪造或操纵。

8. 发明申请

WO2011099903A1 APPARATUSES AND METHODS FOR ENABLING A USER TO CONSUME PROTECTED CONTENTS OF A CONTENT PROVIDER 审中-公开
标题翻译：用于使用户消费内容提供商的受保护内容的装置和方法
公开(公告)号：WO2011099903A1
公开(公告)日：2011-08-18
申请号：PCT/SE2010/050164
申请日：2010-02-11
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (PUBL) , CHENG, Yi , BJÖRKENGREN, Ulf , CATREIN, Daniel , HARTUNG, Frank
发明人： CHENG, Yi , BJÖRKENGREN, Ulf , CATREIN, Daniel , HARTUNG, Frank
IPC分类号： G06F21/22 , H04L9/32
CPC分类号： H04L63/10 , A63F2300/5586 , G06F21/10 , G06F2221/2103 , H04L2463/101 , H04N21/2347 , H04N21/2541 , H04N21/4405 , H04N21/4627 , H04N21/8355
摘要： The embodiments of the present invention relate to apparatuses, in terms of a client device (110) and a server (120) and to methods in the client device (110) and in the server (120) respectively for enabling a user to consume content provided by a content provider. According to the method in the client device (120) the method comprises: assembling a request for rights for consuming a content and indicating in the request which content to consume; determining if an upgrade key, associated with the content, is present in the client device; including, in such a case, in the request, an identifier of the upgrade key that is associated with the content, sending the request to the content provider; receiving, a response comprising an encrypted rights object; decrypting the encrypted rights object and starting to use the rights object for consuming the content.
摘要翻译：本发明的实施例涉及关于客户端设备（110）和服务器（120）以及客户端设备（110）和服务器（120）中的方法的设备，以使用户能够消费内容由内容提供商提供。根据客户端装置（120）中的方法，该方法包括：组合消费内容的权利请求，并在请求中指示要消费的内容; 确定与所述内容相关联的升级密钥是否存在于所述客户端设备中; 在这种情况下，在该请求中包括与内容相关联的升级密钥的标识符，向内容提供者发送请求; 接收包括加密权限对象的响应; 解密加密的权限对象并开始使用权限对象来消费内容。

9. 发明申请

WO2009153072A1 SENDING SECURE MEDIA STREAMS 审中-公开
标题翻译：发送安全媒体流
公开(公告)号：WO2009153072A1
公开(公告)日：2009-12-23
申请号：PCT/EP2009/052078
申请日：2009-02-20
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (PUBL) , BLOM, Rolf , CHENG, Yi , MATTSSON, John , NÄSLUND, Mats , NORRMAN, Karl
发明人： BLOM, Rolf , CHENG, Yi , MATTSSON, John , NÄSLUND, Mats , NORRMAN, Karl
IPC分类号： H04L29/06
CPC分类号： H04L65/605 , H04L63/0428 , H04L65/608
摘要： A method and apparatus for sending a first secured media stream having a payload via an intermediate node. The intermediate node receives from a sender the first secured media stream. An end-to-end context identifier and a hop-by-hop context identifier are determined for the first secured media stream, where the hop-by-hop context identifier relates to the intermediate node and the end-to-end identifier relates to the sender. A second secured media stream is generated, which includes at least the payload of the first secured media stream and the context identifiers to identify the first secured media stream. The second secured media stream is sent to a receiving node, and the context identifiers are also sent to the receiving node. The context identifiers are usable by the receiving node to recover the first secured media stream.
摘要翻译：一种用于通过中间节点发送具有有效载荷的第一安全媒体流的方法和装置。中间节点从发送器接收第一安全媒体流。针对第一安全媒体流确定端到端上下文标识符和逐跳上下文标识符，其中逐跳上下文标识符与中间节点相关，并且端到端标识符与发件人。生成第二安全媒体流，其包括至少第一安全媒体流的有效载荷和上下文标识符以识别第一安全媒体流。第二安全媒体流被发送到接收节点，并且上下文标识符也被发送到接收节点。上下文标识符可由接收节点使用以恢复第一安全媒体流。

10. 发明申请

WO2007096001A1 IMS-ENABLED CONTROL CHANNEL FOR IPTV 审中-公开
标题翻译： IMS启用的IPTV控制通道
公开(公告)号：WO2007096001A1
公开(公告)日：2007-08-30
申请号：PCT/EP2006/060279
申请日：2006-02-24
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (publ) , ÅSTRÖM, Bo , IVARS, Ignacio Más , CARLSSON, Hans , CHENG, Yi , NORRMAN, Karl
发明人： ÅSTRÖM, Bo , IVARS, Ignacio Más , CARLSSON, Hans , CHENG, Yi , NORRMAN, Karl
IPC分类号： H04L29/06
CPC分类号： H04L29/06027 , H04L65/1006 , H04L65/1016 , H04L65/1063 , H04L65/1069 , H04L65/1073 , H04L65/80
摘要： An IMS-enabled control channel for an IPTV service is provided by receiving at a Serving Call/State Control Function (S-CSCF) a Session Initiation Protocol (SIP) REGISTER message, the SIP REGISTER message identifying the originating user, receiving at the originating user a response from the S-CSCF indicating that the originating user has been authorised, and sending a SIP INVITE message from the S-CSCF to establish an open channel connection with a selected IPTV Application Server (AS). This open channel connection can then be used for the transmission of control messages, such as for starting play, starting recording, stopping play, etc., between the STB and the IPTV applications server, as well as for the delivery of personalized content, such as advertisements, voting responses, personalized voting triggers and targeted interactive events. By maintaining an open control channel with the IPTV AS, this offers a substantial reduction in the setup delay times for different applications.
摘要翻译：通过在服务呼叫/状态控制功能（S-CSCF）处接收会话发起协议（SIP）REGISTER消息，识别始发用户的SIP REGISTER消息，以始发方式接收来提供用于IPTV服务的启用IMS的控制信道用户从S-CSCF收到指示发起用户已被授权的响应，并从S-CSCF发送SIP INVITE消息，以建立与选定的IPTV应用服务器（AS）的开放信道连接。然后，该开放通道连接可以用于控制消息的传输，例如在STB和IPTV应用服务器之间的开始播放，开始记录，停止播放等，以及用于传送个性化内容，诸如作为广告，投票回复，个性化投票触发器和有针对性的交互式活动。通过与IPTV AS保持开放的控制信道，这大大减少了不同应用的建立延迟时间。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式