专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

EP2702741B1 AUTHENTICATING A DEVICE IN A NETWORK 有权
标题翻译： EINEM NETZWERK的AUTHENTIFIZIERUNG EINER VORRICHTUNG
公开(公告)号：EP2702741B1
公开(公告)日：2015-10-14
申请号：EP11716554.8
申请日：2011-04-27
申请人： Telefonaktiebolaget L M Ericsson (publ)
发明人： NORRMAN, Karl , BLOM, Rolf , NÄSLUND, Mats
IPC分类号： H04L29/06 , H04W12/06
CPC分类号： H04L63/08 , H04L63/062 , H04L63/0876 , H04L63/20 , H04W12/04 , H04W12/06

2. 发明授权

EP2304918B1 SENDING MEDIA DATA VIA AN INTERMEDIATE NODE 有权
标题翻译：发送媒体的资料进行了中间节点
公开(公告)号：EP2304918B1
公开(公告)日：2014-04-09
申请号：EP09779413.5
申请日：2009-05-06
申请人： Telefonaktiebolaget L M Ericsson (PUBL)
发明人： BLOM, Rolf , CHENG, Yi , MATTSSON, John , NÄSLUND, Mats , NORRMAN, Karl
IPC分类号： H04L29/06
CPC分类号： H04L65/601 , H04L63/0464 , H04L63/0478 , H04L63/06 , H04L63/123

3. 发明公开

EP2534809A1 TRUST DISCOVERY IN A COMMUNICATIONS NETWORK 有权
标题翻译：保障规定通信网络中的
公开(公告)号：EP2534809A1
公开(公告)日：2012-12-19
申请号：EP10845885.2
申请日：2010-02-12
申请人： Telefonaktiebolaget L M Ericsson (PUBL)
发明人： HADDAD, Wassim , BLOM, Rolf , NÄSLUND, Mats
IPC分类号： H04L29/06 , H04W12/06
CPC分类号： H04W12/06 , H04L63/08 , H04L63/0823
摘要： A method and apparatus to establish trust between two nodes in a communications network. A first node receives from a network node authentication data unique to the first node, which can be used to derive a compact representation of verification data for the first node. The first node also receives a certified compact representation of verification data of all nodes in the network. The first node derives trust information from the authentication data for the node, and sends to a second node a message that includes the trust information and part of the authentication data. The second node has its own copy of the certified compact representation of verification data of all nodes in the network, and verifies the authenticity of the message from the first node using the compact representation of verification data of all nodes in the network and the received trust information and authentication data.

4. 发明授权

EP2248018B1 Method and apparatus for authentication service application processes during service reallocation in high availability clusters 有权
标题翻译：在高可用性集群方法和用于认证服务应用进程装置Dienstneuzuteilung期间
公开(公告)号：EP2248018B1
公开(公告)日：2012-08-15
申请号：EP09704519.9
申请日：2009-01-22
申请人： Telefonaktiebolaget L M Ericsson (PUBL)
发明人： POURZANDI, Makan , ROSSI, Frederic , NÄSLUND, Mats
IPC分类号： G06F9/50 , H04L9/32
CPC分类号： G06F11/1482 , G06F9/468 , G06F11/2025 , G06F11/203
摘要： A method and communication node for providing secure communications and services in a High Availability (HA) cluster. The communication node comprises an Operating System (OS) that detects an unavailability of a first service application process and switches a second service application process from the first state to the second state, the second service application being selected for taking over service currently provided from the first service application process, the first state and the second state each being associated to a set of rights in the cluster. The OS generates a private key for the second service application process based on its second state. The set of rights associated to the second state allows the OS to replace the first service application process with the second service application process for providing secure communications between the second service application and other service application processes in the HA cluster.

5. 发明公开

EP2329621A1 KEY DISTRIBUTION TO A SET OF ROUTERS 有权
标题翻译：密钥分发的路由器数量
公开(公告)号：EP2329621A1
公开(公告)日：2011-06-08
申请号：EP08813565.2
申请日：2008-09-24
申请人： Telefonaktiebolaget L M Ericsson (PUBL)
发明人： HADDAD, Wassim , NÄSLUND, Mats
IPC分类号： H04L9/08 , H04L12/56
摘要： Before actually communicating information/data between two endpoints (C, S) connected to a network a secure and confidential distribution of a special key (K h) is performed to nodes (R j) along a path in the network. This is allowed by performing a path handshaking procedure in which first a hint token is forwarded along the path in a first direction and then a disclosure token is forwarded in the opposite direction. In forwarding the disclosure token it is verified in the nodes against the already received hint token. This assures that only nodes on-the particular path will receive the special key or possibly some other information related thereto.

6. 发明公开

EP2316203A1 METHOD AND APPARATUS FOR AVOIDING UNWANTED DATA PACKETS 无效
标题翻译：方法和设备防止意外打包数据
公开(公告)号：EP2316203A1
公开(公告)日：2011-05-04
申请号：EP08813451.5
申请日：2008-08-22
申请人： Telefonaktiebolaget L M Ericsson (publ)
发明人： CSÁSZÁR, András , NÄSLUND, Mats , WESTBERG, Lars , MAGNUSSON, Lars
IPC分类号： H04L12/56 , H04L9/08
CPC分类号： H04L45/00 , H04L9/083 , H04L29/12066 , H04L29/12207 , H04L45/50 , H04L61/1511 , H04L61/20 , H04L63/08 , H04L63/14
摘要： Method and apparatus for controlling transmission of data packets in a packet-switched network. When a first end-host (A) sends an address query to a DNS system (300) for a second end-host, the DNS system responds by providing a sender key created from a destination key registered for the second end-host, if the first end-host is authorised to send packets to the second end-host. Thereby, the first end- host, if authorised, is able to get across data packets to the second end-host by attaching a sender tag (TAG) generated from the sender key, as ingress tag to each transmitted data packet. A router (302) in the network matches an ingress tag in a received packet with entries in a forwarding table and sends out the packet on an output port (X) according to a matching entry. Otherwise, the router discards the packet if no matching entry is found in the table.

7. 发明公开

EP2304918A1 SENDING MEDIA DATA VIA AN INTERMEDIATE NODE 有权
标题翻译：发送媒体的资料进行了中间节点
公开(公告)号：EP2304918A1
公开(公告)日：2011-04-06
申请号：EP09779413.5
申请日：2009-05-06
申请人： Telefonaktiebolaget L M Ericsson (PUBL)
发明人： BLOM, Rolf , CHENG, Yi , MATTSSON, John , NÄSLUND, Mats , NORRMAN, Karl
IPC分类号： H04L29/06
CPC分类号： H04L65/601 , H04L63/0464 , H04L63/0478 , H04L63/06 , H04L63/123
摘要： A method and apparatus for sending protected media data from a data source node to a client node via an intermediate node. The data source node establishes a first hop- by-hop key to be shared with the intermediate node and an end-to-end key to be shared with the client node. A single security protocol instance is configured and used to transform data from a media stream into transformed data using the keys. The transformed data is then sent to the intermediate node. The intermediate node uses the first hop-by-hop key to apply a security processing to the transformed data, and establishes a second hop-by-hop key with the client node. A second transformation is performed on the transformed data using the second hop-by-hop key to produce further transformed media data, which is then sent to the client node. At the client node a single security protocol instance is configured with the second hop-by-hop key and the end-to-end key, which are used to apply further security processing to the transformed media data.

8. 发明公开

EP2145458A1 METHOD AND APPARATUS FOR PROTECTING THE ROUTING OF DATA PACKETS 审中-公开
标题翻译：方法和装置保护的工艺路线数据分组的
公开(公告)号：EP2145458A1
公开(公告)日：2010-01-20
申请号：EP08825836.3
申请日：2008-05-09
申请人： Telefonaktiebolaget L M Ericsson (publ)
发明人： CZÁSZÁR, András , WESTBERG, Lars , NÄSLUND, Mats
IPC分类号： H04L29/12 , H04L29/06 , H04L9/00
CPC分类号： H04L45/00 , H04L29/12066 , H04L61/1511 , H04L63/0428 , H04L63/08 , H04L69/22
摘要： Method and apparatus for protecting the routing of data packets in a packet data network. When a first end-host (A) sends an address query to a DNS server system (302) regarding a second end-host, the DNS server system responds by providing a destination parameter (TAG) containing an encrypted destination address associated with the second end-host. Thereby, the first end-host is able to get across data packets to the second end-host by attaching the destination parameter (TAG) to each transmitted data packet. A router (300) in the packet data network admits a received packet if a destination parameter (TAG) is attached to the packet including a valid destination address encrypted by a key dependent on a distributed master encryption key. Otherwise, the router discards the packet ifno such valid destination address can be derived from the packet by applying decryption to the destination parameter.

9. 发明公开

EP2702741A1 AUTHENTICATING A DEVICE IN A NETWORK 有权
标题翻译：一个设备的网络认证
公开(公告)号：EP2702741A1
公开(公告)日：2014-03-05
申请号：EP11716554.8
申请日：2011-04-27
申请人： Telefonaktiebolaget L M Ericsson (publ)
发明人： NORRMAN, Karl , BLOM, Rolf , NÄSLUND, Mats
IPC分类号： H04L29/06 , H04W12/06
CPC分类号： H04L63/08 , H04L63/062 , H04L63/0876 , H04L63/20 , H04W12/04 , H04W12/06
摘要： There is disclosed a system for authentication of a device in a network by establishing a second security context between the device and a serving network node when a first security context has previously been established, assisted by an authentication server, based on a random value and a secret shared between an identity module associated with the device and the authentication server. First re-use information from the establishment of the first security context is stored at the authentication server and at the device, the first re-use information enabling secure generation of the second security context from the random value and the secret. Second re-use information may be generated or stored at the device. A context regeneration request is generated at the device, the context regeneration request authenticated at least partly based on the secret. The context regeneration request is sent to the serving network node. The context regen eration req uest is sent from the servi ng n etwork node to the authentication server. The context regeneration request is verified at the authentication server. The second security context is generated at the authentication server based on at least the secret, the random value, and the first and second re-use information. The second security context is communicated from the authentication server to the serving network node.

10. 发明公开

EP2335391A1 KEY MANAGEMENT IN A COMMUNICATION NETWORK 有权转让
标题翻译：密钥管理的通信网络
公开(公告)号：EP2335391A1
公开(公告)日：2011-06-22
申请号：EP09779144.6
申请日：2009-03-13
申请人： Telefonaktiebolaget L M Ericsson (PUBL)
发明人： BLOM, Rolf , NÄSLUND, Mats , NORRMAN, Karl , LINDHOLM, Fredrik
IPC分类号： H04L29/06 , H04L9/08
CPC分类号： H04L63/0869 , H04L9/0819 , H04L9/083 , H04L9/3213 , H04L63/0428 , H04L63/06 , H04L63/08
摘要： A method and apparatus for key management in a communication network. A Key Management Server (KMS) receives from a first device a request for a token associated with a user identity, the user identity being associated with a second device. The KMS then sends the requested token and a user key associated with the user to the first device. The KMS subsequently receives the token from the second device. A second device key is generated using the user key and a modifying parameter associated with the second device. The modifying parameter is available to the first device for generating the second device key. The second device key is then sent from the KMS to the second device. The second device key can be used by the second device to authenticate itself to the first device, or for the first device to secure communications to the second device.

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式