专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

21. 发明授权

US07107620B2 Authentication in a packet data network 有权
公开(公告)号：US07107620B2
公开(公告)日：2006-09-12
申请号：US09756346
申请日：2001-01-08
申请人： Henry Haverinen , Jukka-Pekka Honkanen , Antti Kuikka , Nadarajah Asokan , Patrik Flykt , Juha Ala-Laurila , Jyri Rinnemaa , Timo Takamäki , Raimo Vuonnala , Jan-Erik Ekberg , Tommi Mikkonen , Petri Aalto , Seppo Honkanen
发明人： Henry Haverinen , Jukka-Pekka Honkanen , Antti Kuikka , Nadarajah Asokan , Patrik Flykt , Juha Ala-Laurila , Jyri Rinnemaa , Timo Takamäki , Raimo Vuonnala , Jan-Erik Ekberg , Tommi Mikkonen , Petri Aalto , Seppo Honkanen
IPC分类号： G06F7/04 , H04L9/00 , H04M1/66 , H04M1/68 , H04M3/16 , H04K1/00
CPC分类号： H04L63/08 , H04L63/0435 , H04L63/061 , H04L63/0853 , H04L63/0869 , H04L63/162 , H04W12/06
摘要： Authentication method for authenticating a mobile node to a packet data network, in which a shared secret for both the mobile node and the packet data network is arranged by using a shared secret of the mobile node and a telecommunications network authentication center. In the method, the mobile node sends its subscriber identity to the packet data network together with a replay attack protector. The packet data network obtains authentication triplets, forms a session key using them, and sends back to the mobile node challenges and a cryptographic authenticator made by using the session key. The mobile node can then form the rest of the authentication triplets using the challenges and then form the session key. With the session key, the mobile node can check the validity of the cryptographic authenticator. If the authenticator is correct, the mobile node sends a cryptographic response formed using the session key to the packet data network for authenticating itself to the packet data network.

22. 发明申请

US20050187882A1 Electronic payment schemes in a mobile environment for short-range transactions 有权
标题翻译：在短期交易的移动环境中的电子支付方案
公开(公告)号：US20050187882A1
公开(公告)日：2005-08-25
申请号：US10785025
申请日：2004-02-25
申请人： Sampo Sovio , Jan-Erik Ekberg , Nadarajah Asokan , Pekka Lahtinen
发明人： Sampo Sovio , Jan-Erik Ekberg , Nadarajah Asokan , Pekka Lahtinen
IPC分类号： G06F1/00 , G06Q20/00 , G07F7/10 , H04L9/00 , H04L29/06
CPC分类号： G07F7/1008 , G06Q20/20 , G06Q20/327 , G06Q20/3278 , G06Q20/341 , G06Q20/382 , G06Q20/3827 , G06Q20/388 , G07F7/0886 , H04M15/68 , H04M2215/0196
摘要： A short-range transaction system enables a user to conduct transactions with a self-service terminal in a user-friendly environment without using currency. The user carries a portable smart card, which interacts with a mobile phone. After authentication via an RFID connection, the device MAC address and a security key (K) are imprinted in the card. In operation, the user waves the smart card past the self-service terminal and activates an RFID connection. The terminal sends the card a random number. The card returns the MAC address and a result (RES) computed using the hash value and the security key. The terminal using the MAC address and security key establishes a secure connection with the device. The terminal downloads the user's transaction interface from the device and displays the user interface at the self-service terminal. The user completes a transaction at the terminal via the user interface.
摘要翻译：短距离交易系统使用户能够在不使用货币的情况下在用户友好的环境中与自助终端进行交易。用户携带便携式智能卡，其与移动电话交互。通过RFID连接认证后，设备的MAC地址和安全密钥（K）被印在卡中。在操作中，用户通过自助终端来移动智能卡并激活RFID连接。终端发送卡片随机数。卡返回MAC地址和使用哈希值和安全密钥计算的结果（RES）。使用MAC地址和安全密钥的终端建立与设备的安全连接。终端从设备下载用户的交易界面，并在自助终端显示用户界面。用户通过用户界面在终端完成事务。

23. 发明授权

US09246910B2 Determination of apparatus configuration and programming data 有权
标题翻译：确定仪器配置和编程数据
公开(公告)号：US09246910B2
公开(公告)日：2016-01-26
申请号：US14115525
申请日：2011-05-06
申请人： Jan-Erik Ekberg , Harald Kaaja
发明人： Jan-Erik Ekberg , Harald Kaaja
IPC分类号： H04L29/00 , H04L29/06 , G06F21/57 , H04W12/06 , H04W12/04 , H04W12/10
CPC分类号： H04L63/0823 , G06F21/572 , H04L63/101 , H04L63/123 , H04W12/04 , H04W12/06 , H04W12/10
摘要： A method including determining a public identifier for identifying a configuration of an apparatus, determining a common configuration certificate comprising a common configuration certificate identifier for verifying programming data, and determining a hardware certificate comprising the public identifier and the common configuration certificate identifier for associating a permitted combination of the apparatus configuration and the programming data. Furthermore, the method includes generating a dedicated package of the hardware certificates corresponding to the apparatus configurations allowed to be provided, encrypting the dedicated package of the hardware certificates using a public key, and storing the encrypted dedicated package of the hardware certificates with an identifier to a passive memory of the apparatus.
摘要翻译：一种方法，包括确定用于识别装置的配置的公共标识符，确定包括用于验证节目数据的公共配置证书标识符的公共配置证书，以及确定包括公共标识符和公共配置证书标识符的硬件证书，用于将允许组合设备配置和编程数据。此外，该方法包括生成与允许提供的装置配置相对应的硬件证书的专用包，使用公开密钥加密硬件证书的专用包，并将具有标识符的硬件证书的加密专用包存储到设备的被动记忆体。

24. 发明授权

US09203609B2 Method and apparatus for implementing key stream hierarchy 有权
标题翻译：实现密钥流层次结构的方法和装置
公开(公告)号：US09203609B2
公开(公告)日：2015-12-01
申请号：US13316932
申请日：2011-12-12
申请人： Jan-Erik Ekberg , Jari-Jukka Harald Kaaja
发明人： Jan-Erik Ekberg , Jari-Jukka Harald Kaaja
IPC分类号： H04K1/00 , H04L9/06 , H04L9/08
CPC分类号： H04L9/065 , H04L9/0838 , H04L9/0877 , H04L2209/805
摘要： Various methods for implementing keystream hierarchy in a distributed memory environment are provided. One example method may comprise causing a generated keystream to be accessed on a memory device, wherein the keystream was generated in an instance in which the memory device was in radio communications range. One example method may further comprise determining a session key based on the generated keystream and a modified keystream. In some example embodiments, the modified keystream is created by the memory device based on the generated keystream and a keystream received by the memory device from a second device. One example method may further comprise causing communications data to be transmitted to the memory device or to the second device. In some example embodiments, the communications data is protected using at least a portion of the session key and is intended for the second device.
摘要翻译：提供了在分布式存储器环境中实现密钥流层次的各种方法。一个示例性方法可以包括使得在存储器设备上访问生成的密钥流，其中在存储器设备处于无线电通信范围的情况下生成密钥流。一个示例性方法还可以包括基于生成的密钥流和修改的密钥流来确定会话密钥。在一些示例实施例中，修改的密钥流由存储器设备基于生成的密钥流和由存储器设备从第二设备接收的密钥流来创建。一个示例性方法还可以包括使通信数据被发送到存储设备或第二设备。在一些示例性实施例中，使用会话密钥的至少一部分来保护通信数据，并且用于第二设备。

25. 发明申请

US20140220929A1 Method and Apparatus For Providing Network Access To A Connecting Apparatus 有权
标题翻译：提供对连接装置的网络访问的方法和装置
公开(公告)号：US20140220929A1
公开(公告)日：2014-08-07
申请号：US14128662
申请日：2011-07-01
申请人： Jan-Erik Ekberg , Rune Adolf Lindholm , Jukka Tapio Virtanen
发明人： Jan-Erik Ekberg , Rune Adolf Lindholm , Jukka Tapio Virtanen
IPC分类号： H04W48/08 , H04W12/06
CPC分类号： H04W48/08 , H04L12/1457 , H04W4/50 , H04W4/60 , H04W12/06
摘要： A method and apparatus are provided for providing network access to a connecting apparatus. A method may include determining, at a terminal apparatus, a selection of a network access credential for a network from a plurality of available network access credentials installed on the terminal apparatus. The method may further include responsive to the selection, activating the selected network access credential. The method may additionally include using the activated network access credential to cause a connecting apparatus to be provided with access to the network via a local connection between the terminal apparatus and the connecting apparatus. A corresponding apparatus is also provided.
摘要翻译：提供了一种提供对连接装置的网络访问的方法和装置。方法可以包括在终端设备处从安装在终端设备上的多个可用网络访问证书中确定网络的网络访问凭证的选择。该方法还可以包括响应于选择，激活所选择的网络接入凭证。该方法可以另外包括使用激活的网络访问凭据来使得连接装置经由终端装置和连接装置之间的本地连接被提供给网络的访问。还提供了相应的装置。

26. 发明申请

US20130148805A1 METHOD AND APPARATUS FOR IMPLEMENTING KEY STREAM HIERARCHY 有权
标题翻译：实施关键流域分层的方法与装置
公开(公告)号：US20130148805A1
公开(公告)日：2013-06-13
申请号：US13316932
申请日：2011-12-12
申请人： Jan-Erik Ekberg , Jari-Jukka Harald Kaaja
发明人： Jan-Erik Ekberg , Jari-Jukka Harald Kaaja
IPC分类号： H04K1/00
CPC分类号： H04L9/065 , H04L9/0838 , H04L9/0877 , H04L2209/805
摘要： Various methods for implementing keystream hierarchy in a distributed memory environment are provided. One example method may comprise causing a generated keystream to be accessed on a memory device, wherein the keystream was generated in an instance in which the memory device was in radio communications range. One example method may further comprise determining a session key based on the generated keystream and a modified keystream. In some example embodiments, the modified keystream is created by the memory device based on the generated keystream and a keystream received by the memory device from a second device. One example method may further comprise causing communications data to be transmitted to the memory device or to the second device. In some example embodiments, the communications data is protected using at least a portion of the session key and is intended for the second device.
摘要翻译：提供了在分布式存储器环境中实现密钥流层次的各种方法。一个示例性方法可以包括使得在存储器设备上访问生成的密钥流，其中在存储器设备处于无线电通信范围的情况下生成密钥流。一个示例性方法还可以包括基于生成的密钥流和修改的密钥流来确定会话密钥。在一些示例实施例中，修改的密钥流由存储器设备基于生成的密钥流和由存储器设备从第二设备接收的密钥流来创建。一个示例性方法还可以包括使通信数据被发送到存储设备或第二设备。在一些示例性实施例中，使用会话密钥的至少一部分来保护通信数据，并且用于第二设备。

27. 发明授权

US07590097B2 Device detection and service discovery system and method for a mobile ad hoc communications network 有权
标题翻译：用于移动自组织通信网络的设备检测和服务发现系统和方法
公开(公告)号：US07590097B2
公开(公告)日：2009-09-15
申请号：US10662407
申请日：2003-09-16
申请人： Jan-Erik Ekberg , Pekka Lahtinen , Jaakko Lipasti
发明人： Jan-Erik Ekberg , Pekka Lahtinen , Jaakko Lipasti
IPC分类号： H04W4/00 , H04B7/00 , G06F15/16
CPC分类号： H04W48/16
摘要： A computer system, method, and computer program product for performing device detection and service discovery in a mobile ad hoc communications network. The method comprises conducting an inquiry of the mobile ad hoc communications network to discover nearby devices. If the inquiry indicates that the nearby devices may include a middleware layer, the method further comprises creating a connection to each of the nearby devices and confirming whether each of the nearby devices include the middleware layer. For each of the nearby devices that include the middleware layer, the method further comprises executing the middleware layer to perform application and service discovery, and to launch applications and services.
摘要翻译：一种用于在移动自组织通信网络中执行设备检测和服务发现的计算机系统，方法和计算机程序产品。该方法包括进行移动自组织通信网络的查询以发现附近的设备。如果查询指示附近的设备可以包括中间件层，则该方法还包括创建到每个附近设备的连接并且确认每个附近的设备是否包括中间件层。对于包括中间件层的每个附近的设备，该方法还包括执行中间件层以执行应用和服务发现，以及启动应用和服务。

28. 发明申请

US20080311884A1 BILLING IN A PACKET DATA NETWORK 有权
标题翻译：在分组数据网络中进行计费
公开(公告)号：US20080311884A1
公开(公告)日：2008-12-18
申请号：US12141024
申请日：2008-06-17
申请人： Juha Ala-Laurila , Jyri Rinnemaa , Jukka-Pekka Honkanen , Timo Takamaki , Raimo Vuonnala , Jan-Erik Ekberg
发明人： Juha Ala-Laurila , Jyri Rinnemaa , Jukka-Pekka Honkanen , Timo Takamaki , Raimo Vuonnala , Jan-Erik Ekberg
IPC分类号： H04M11/00 , H04M1/66 , H04Q7/20
CPC分类号： H04M15/48 , H04M15/00 , H04M15/55 , H04M2215/0156 , H04M2215/2026 , H04M2215/32 , H04M2215/44 , H04W4/24 , H04W8/26 , H04W12/06 , H04W48/08 , H04W48/16 , H04W76/10
摘要： A method for billing in a packet data network (WISP1) comprising at least one user's terminal (MN), comprising the steps of:forming a data link between the terminal and the packet data network; requesting a user identity from the terminal; generating billing data based on the user identity; and sending the billing data to an accounting server (HAAA) of an external telecommunications network.
摘要翻译：一种用于在包括至少一个用户终端（MN）的分组数据网络（WISP1）中计费的方法，包括以下步骤：在所述终端和分组数据网络之间形成数据链路; 从终端请求用户身份; 基于用户身份生成计费数据; 并将计费数据发送到外部电信网络的计费服务器（HAAA）。

29. 发明申请

US20080044012A1 Reducing Security Protocol Overhead In Low Data Rate Applications Over A Wireless Link 审中-公开
标题翻译：通过无线链路降低低数据速率应用中的安全协议开销
公开(公告)号：US20080044012A1
公开(公告)日：2008-02-21
申请号：US11464626
申请日：2006-08-15
申请人： Jan-Erik Ekberg , Antti Lappetelainen
发明人： Jan-Erik Ekberg , Antti Lappetelainen
IPC分类号： H04L9/30
CPC分类号： H04L9/065 , H04L63/162 , H04L2209/08 , H04L2209/80 , H04W12/0013
摘要： A wireless communication module to provide security at a baseband layer is disclosed. A payload of plaintext may be divided into partitions. The module may use a block cipher such as the Advanced Encryption Standard (AES) algorithm to process a unique initiation vector (IV) for each partition so that each partition may be XORed with a key stream based on a respective IV, the result providing ciphertext. The IV may include a nonce, an upper level packet counter, a packet counter and a block counter. The state of the counters may be incremented in a predetermined pattern so as to provide a unique IV for use with each partition. The ciphertext may be transmitted in a packet with a security bit indicating that the payload is encrypted but omitting the nonce. Encrypted packets may include an integrity check value (ICV) to provide for integrity of the encrypted message.
摘要翻译：公开了一种在基带层提供安全性的无线通信模块。明文的有效载荷可以划分为分区。模块可以使用诸如高级加密标准（AES）算法的分组密码来处理每个分区的唯一的初始向量（IV），使得每个分区可以基于相应的IV与密钥流进行异或，提供密文的结果。 IV可以包括随机数，高级分组计数器，分组计数器和块计数器。计数器的状态可以以预定模式递增，以便提供与每个分区一起使用的唯一IV。密文可以在具有指示有效载荷被加密但省略随机数的安全位的分组中传送。加密分组可以包括完整性校验值（ICV），以提供加密消息的完整性。

30. 发明授权

US07280820B2 System and method for authentication in a mobile communications system 有权
标题翻译：用于移动通信系统中认证的系统和方法
公开(公告)号：US07280820B2
公开(公告)日：2007-10-09
申请号：US11293188
申请日：2005-12-05
申请人： Jan-Erik Ekberg
发明人： Jan-Erik Ekberg
IPC分类号： H04M1/66
CPC分类号： H04L63/0807 , H04L67/28 , H04W12/06
摘要： The present invention provides an authentication method and apparatus for authenticating an identity of a subscriber attached to a network. According to the invention, in a network terminal, a subscriber identity module is used so that a response is obtained as a result of a challenge given to the identity module as input. A special security server in the network is also used so that when a terminal attaches to the network, a message of a new user is transmitted to the security server. Subscriber authentication information corresponding to the new user is fetched from the mobile communications system to the network, wherein the authentication information includes at least a challenge and a response. Authentication is performed based on the authentication information obtained from the mobile communications system by transmitting the challenge to the terminal through the network, by checking at the terminal that the challenging is unique from challenges used in previous authentication exchanges, by generating, if the challenge is unique, a response from the challenge in the identity module of the terminal and by comparing the generated response with the response received from the mobile communications system.
摘要翻译：本发明提供一种认证方法和装置，用于认证附着在网络上的用户的身份。根据本发明，在网络终端中，使用用户身份模块，以便作为输入给予身份模块的挑战的结果而获得响应。还使用网络中的特殊安全服务器，使得当终端连接到网络时，新用户的消息被传送到安全服务器。与新用户相对应的用户认证信息从移动通信系统被取出到网络，其中认证信息至少包括挑战和响应。基于从移动通信系统获得的认证信息，通过通过网络向终端发送挑战来执行认证，通过在终端上检查挑战是否是先前认证交换中所使用的挑战是唯一的，如果挑战是唯一的，来自终端的身份模块中的挑战的响应，并且通过将生成的响应与从移动通信系统接收的响应相比较。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式