专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

21. 发明授权

US09544334B2 Policy routing-based lawful interception in communication system with end-to-end encryption 有权
标题翻译：基于策略路由的通信系统中的合法拦截采用端到端加密
公开(公告)号：US09544334B2
公开(公告)日：2017-01-10
申请号：US13212788
申请日：2011-08-18
申请人： John Frederick Heck , Ganapathy S. Sundaram , Douglas William Varney
发明人： John Frederick Heck , Ganapathy S. Sundaram , Douglas William Varney
IPC分类号： H04L12/28 , H04L29/06
CPC分类号： H04L63/306 , H04L63/0272 , H04L63/0464 , H04L63/061 , H04L65/1016
摘要： A method for intercepting encrypted communications exchanged between first and second computing devices in a communication network, wherein interception is performed by a third computing device in the computing network. The third computing device obtains one or more packets having a packet address associated with one of the first and second computing devices in response to at least one interception routing policy being implemented in at least one element in the communication network, such that the obtained packets may be decrypted to obtain data contained therein. The third computing device preserves the packet address of the obtained packets and forwards the obtained packets toward a packet-destination one of the first and second computing devices such that the packet-destination one of the first and second computing devices is unable to detect from the one or more packets that the one or more packets were intercepted by the third computing device.
摘要翻译：一种用于拦截在通信网络中在第一和第二计算设备之间交换的加密通信的方法，其中由计算网络中的第三计算设备执行拦截。响应于在通信网络中的至少一个元件中实施的至少一个拦截路由策略，第三计算设备获得具有与第一和第二计算设备之一相关联的分组地址的一个或多个分组，使得获得的分组可以被解密以获得其中包含的数据。第三计算设备保留所获得的分组的分组地址，并将所获得的分组转发到第一和第二计算设备中的分组目的地之一，使得第一和第二计算设备中的分组目的地的一个不能从所述一个或多个分组被所述第三计算设备拦截的一个或多个分组。

22. 发明授权

US09166778B2 Secure group messaging 有权
标题翻译：安全群组讯息
公开(公告)号：US09166778B2
公开(公告)日：2015-10-20
申请号：US13548835
申请日：2012-07-13
申请人： Ganapathy S. Sundaram , Ioannis Broustis , Violeta Cakulev
发明人： Ganapathy S. Sundaram , Ioannis Broustis , Violeta Cakulev
IPC分类号： H04L9/08 , H04L9/30
CPC分类号： H04L9/08 , H04L9/0833 , H04L9/0847 , H04L9/3073
摘要： A method for securing at least one message transferred in a communication system from a first computing device to a second computing device in a peer-to-peer manner. At the first computing device, an identity based authenticated key exchange session is established with a third computing device operating as a peer authenticator. The identity based authenticated key exchange session has an identity based authenticated session key associated therewith. The first computing device obtains from the third computing device a random key component of the second computing device, wherein the random key component of the second computing device is encrypted by the third computing device using the identity based authenticated session key prior to sending the random key component of the second computing device to the first computing device. A peer-to-peer messaging key is computed at the first computing device using the random key component of the second computing device.
摘要翻译：一种用于将通信系统中传送的至少一个消息从第一计算设备以对等方式保护到第二计算设备的方法。在第一计算设备处，基于身份的认证密钥交换会话与作为对等体认证者操作的第三计算设备建立。基于身份的认证密钥交换会话具有与其相关联的基于身份的经认证的会话密钥。第一计算设备从第三计算设备获得第二计算设备的随机密钥组件，其中第二计算设备的随机密钥组件在发送随机密钥之前由第三计算设备使用基于身份的认证会话密钥加密第二计算设备的组件到第一计算设备。使用第二计算设备的随机密钥组件在第一计算设备处计算对等消息传递密钥。

23. 发明授权

US09049024B2 Secure key management in conferencing system 有权
标题翻译：会议系统中的安全密钥管理
公开(公告)号：US09049024B2
公开(公告)日：2015-06-02
申请号：US13596823
申请日：2012-08-28
申请人： Ganapathy S. Sundaram , Violeta Cakulev
发明人： Ganapathy S. Sundaram , Violeta Cakulev
IPC分类号： H04M3/42 , H04L9/30 , H04L9/08 , H04L29/06
CPC分类号： H04L9/3073 , H04L9/0825 , H04L9/0833 , H04L9/0847 , H04L63/306 , H04L2209/80
摘要： A method for managing a conference between two or more parties comprises an identity based authenticated key exchange between a conference management element and each of the two or more parties seeking to participate in the conference. Messages exchanged between the conference management element and the two or more parties are encrypted based on respective identities of recipients of the messages. The method comprises the conference management element receiving from each party a random group key component. The random group key component is computed by each party based on a random number used by the party during the key authentication operation and random key components computed by a subset of others of the two or more parties seeking to participate in the conference. The conference management element sends to each party the random group key components computed by the parties such that each party can compute the same group key.
摘要翻译：一种用于在两个或多个方之间管理会议的方法包括会议管理元件与寻求参加会议的两个或多个方中的每个之间的基于身份的认证密钥交换。在会议管理单元与两个或多个会话之间交换的消息基于消息的接收者的相应身份被加密。该方法包括从各方接收随机组密钥分量的会议管理单元。随机组密钥分量由各方根据在密钥认证操作期间由该方使用的随机数和由寻求参与会议的两个或多个方的其他人的子集计算的随机密钥分量来计算。会议管理单元向各方发送由各方计算的随机组密钥分量，使得各方可以计算相同的组密钥。

24. 发明授权

US08774411B2 Session key generation and distribution with multiple security associations per protocol instance 有权
标题翻译：每个协议实例具有多个安全关联的会话密钥生成和分发
公开(公告)号：US08774411B2
公开(公告)日：2014-07-08
申请号：US12474764
申请日：2009-05-29
申请人： Violeta Cakulev , Semyon B. Mizikovsky , Ganapathy S. Sundaram
发明人： Violeta Cakulev , Semyon B. Mizikovsky , Ganapathy S. Sundaram
IPC分类号： H04K1/00 , H04L9/08 , H04L29/06 , H04W12/08
CPC分类号： H04L9/0819 , H04L9/0844 , H04L63/0428 , H04L2209/80 , H04W12/08
摘要： A single instance of a session key generation protocol is executed in a manner that generates a plurality of security associations between user equipment and a first network element of a communication system. In one aspect, a first one of the security associations is utilized to secure data sent between the user equipment and the first network element in an ongoing communication. In conjunction with a handoff of the ongoing communication from the first network element to a second network element of the communication system, another one of the security associations is selected, and the other selected security association is utilized to secure data sent between the user equipment and the second network element in the ongoing communication. The security associations may comprise respective sets of session keys derived from a single pairwise master key.
摘要翻译：执行会话密钥生成协议的单个实例，以便在用户设备和通信系统的第一网络元件之间生成多个安全关联。在一个方面，安全关联中的第一个被用于在正在进行的通信中保护在用户设备和第一网络元件之间发送的数据。结合从第一网络元件到通信系统的第二网络元件的正在进行的通信的切换，选择另一个安全关联，并且使用另一个选择的安全关联来保护在用户设备和正在进行的通信中的第二个网络元素。安全关联可以包括从单个成对主密钥导出的各组会话密钥。

25. 发明授权

US07826849B2 Method of sharing mobile unit state information between base station routers 有权
标题翻译：在基站路由器之间共享移动单元状态信息的方法
公开(公告)号：US07826849B2
公开(公告)日：2010-11-02
申请号：US11741909
申请日：2007-04-30
申请人： Peter Bosch , Sape J. Mullender , Paul Anthony Polakos , Ajay Rajkumar , Ganapathy S. Sundaram
发明人： Peter Bosch , Sape J. Mullender , Paul Anthony Polakos , Ajay Rajkumar , Ganapathy S. Sundaram
IPC分类号： H04W40/00
CPC分类号： H04W24/04 , H04W76/20
摘要： The present invention provides a method of operating a first base station router. The method may include transmitting state information associated with at least one inactive mobile unit to at least one second base station router. The state information is usable to initiate an active session with the at least one inactive mobile unit. The first base station router retains the state information for initiating an active session with the at least one inactive mobile unit and the least one second base station router is capable of initiating an active session with the at least one inactive mobile unit based on the state information when the state information is unavailable to the first base station router.
摘要翻译：本发明提供一种操作第一基站路由器的方法。该方法可以包括向至少一个第二基站路由器发送与至少一个非活动移动单元相关联的状态信息。所述状态信息可用于发起与所述至少一个非活动移动单元的活动会话。第一基站路由器保留用于发起与至少一个非活动移动单元的活动会话的状态信息，并且至少一个第二基站路由器能够基于状态信息发起与所述至少一个非活动移动单元的活动会话当第一基站路由器的状态信息不可用时。

26. 发明申请

US20130110920A1 NETWORK-ASSISTED PEER-TO-PEER SECURE COMMUNICATION ESTABLISHMENT 审中-公开
标题翻译：网络协调对等安全通信机构
公开(公告)号：US20130110920A1
公开(公告)日：2013-05-02
申请号：US13283133
申请日：2011-10-27
申请人： Ioannis Broustis , Ganapathy S. Sundaram
发明人： Ioannis Broustis , Ganapathy S. Sundaram
IPC分类号： G06F15/16
CPC分类号： H04L67/104 , H04L63/04
摘要： Techniques are disclosed for establishing network-assisted secure communications in a peer-to-peer environment. For example, a method for secure communications comprises the following steps. A first computing device provides connectivity information associated therewith to a network server. The first computing device receives connectivity information respectively associated with one or more other computing devices from the network server. The first computing device, independent of the network server, establishes a security association with at least one of the one or more other computing devices. The first computing device, independent of the network server, participates in a secure peer-to-peer session with the at least one other computing device.
摘要翻译：公开了用于在对等环境中建立网络辅助安全通信的技术。例如，用于安全通信的方法包括以下步骤。第一计算设备向网络服务器提供与之相关联的连接信息。第一计算设备从网络服务器接收分别与一个或多个其他计算设备相关联的连接信息。独立于网络服务器的第一计算设备与一个或多个其他计算设备中的至少一个建立安全关联。独立于网络服务器的第一计算设备参与与至少一个其他计算设备的安全对等会话。

27. 发明申请

US20120322416A1 SECURE KEY MANAGEMENT IN CONFERENCING SYSTEM 有权
标题翻译：会议系统中的安全关键管理
公开(公告)号：US20120322416A1
公开(公告)日：2012-12-20
申请号：US13596823
申请日：2012-08-28
申请人： Ganapathy S. Sundaram , Violeta Cakulev
发明人： Ganapathy S. Sundaram , Violeta Cakulev
IPC分类号： H04W12/06
CPC分类号： H04L9/3073 , H04L9/0825 , H04L9/0833 , H04L9/0847 , H04L63/306 , H04L2209/80
摘要： A method for managing a conference between two or more parties comprises an identity based authenticated key exchange between a conference management element and each of the two or more parties seeking to participate in the conference. Messages exchanged between the conference management element and the two or more parties are encrypted based on respective identities of recipients of the messages. The method comprises the conference management element receiving from each party a random group key component. The random group key component is computed by each party based on a random number used by the party during the key authentication operation and random key components computed by a subset of others of the two or more parties seeking to participate in the conference. The conference management element sends to each party the random group key components computed by the parties such that each party can compute the same group key.
摘要翻译：一种用于在两个或多个方之间管理会议的方法包括会议管理元件与寻求参加会议的两个或多个方中的每个之间的基于身份的认证密钥交换。在会议管理单元与两个或多个会话之间交换的消息基于消息的接收者的相应身份被加密。该方法包括从各方接收随机组密钥分量的会议管理单元。随机组密钥分量由各方根据在密钥认证操作期间由该方使用的随机数和由寻求参与会议的两个或多个方的其他人的子集计算的随机密钥分量来计算。会议管理单元向各方发送由各方计算的随机组密钥分量，使得各方可以计算相同的组密钥。

28. 发明申请

US20120287922A1 POLICY ROUTING-BASED LAWFUL INTERCEPTION IN COMMUNICATION SYSTEM WITH END-TO-END ENCRYPTION 有权
标题翻译：具有端到端加密的通信系统中基于策略路由的法律障碍
公开(公告)号：US20120287922A1
公开(公告)日：2012-11-15
申请号：US13212788
申请日：2011-08-18
申请人： John Frederick Heck , Ganapathy S. Sundaram , Douglas William Varney
发明人： John Frederick Heck , Ganapathy S. Sundaram , Douglas William Varney
IPC分类号： H04L12/28
CPC分类号： H04L63/306 , H04L63/0272 , H04L63/0464 , H04L63/061 , H04L65/1016
摘要： Techniques are disclosed for lawfully intercepting information in communication environments with end-to-end encryption. For example, a method for intercepting encrypted communications exchanged between a first computing device and a second computing device in a communication network, wherein the interception is performed by a third computing device in the communication network, comprises the following steps. The third computing device obtains one or more packets having a packet address associated with one of the first computing device and the second computing device. The one or more packets are obtained by the third computing device, in response to at least one interception routing policy being implemented in at least one element in the communication network, such that the one or more obtained packets may be decrypted so as to obtain data contained therein. The third computing device preserves the packet address of the one or more obtained packets. The third computing device forwards the one or more packets toward a packet-destination one of the first computing device and the second computing device such that the packet-destination one of the first computing device and the second computing device is unable to detect from the one or more packets that the one or more packets were intercepted by the third computing device.
摘要翻译：披露了在端到端加密的通信环境中合法拦截信息的技术。例如，一种用于拦截在通信网络中的第一计算设备和第二计算设备之间交换的加密通信的方法，其中所述通信网络中的第三计算设备执行所述拦截，包括以下步骤。第三计算设备获得具有与第一计算设备和第二计算设备之一相关联的分组地址的一个或多个分组。响应于在通信网络中的至少一个元件中实施的至少一个拦截路由策略，由第三计算设备获得一个或多个分组，使得一个或多个获得的分组可以被解密以便获得数据其中包含。第三计算设备保留一个或多个获得的分组的分组地址。第三计算设备将一个或多个分组转发到第一计算设备和第二计算设备中的分组目的地之一，使得第一计算设备和第二计算设备中的分组目的地一个不能从一个或更多的分组，所述一个或多个分组被第三计算设备拦截。

29. 发明申请

US20100303238A1 Session Key Generation and Distribution with Multiple Security Associations per Protocol Instance 有权
标题翻译：每个协议实例具有多个安全关联的会话密钥生成和分发
公开(公告)号：US20100303238A1
公开(公告)日：2010-12-02
申请号：US12474764
申请日：2009-05-29
申请人： Violeta Cakulev , Semyon B. Mizikovsky , Ganapathy S. Sundaram
发明人： Violeta Cakulev , Semyon B. Mizikovsky , Ganapathy S. Sundaram
IPC分类号： H04L9/14
CPC分类号： H04L9/0819 , H04L9/0844 , H04L63/0428 , H04L2209/80 , H04W12/08
摘要： A single instance of a session key generation protocol is executed in a manner that generates a plurality of security associations between user equipment and a first network element of a communication system. In one aspect, a first one of the security associations is utilized to secure data sent between the user equipment and the first network element in an ongoing communication. In conjunction with a handoff of the ongoing communication from the first network element to a second network element of the communication system, another one of the security associations is selected, and the other selected security association is utilized to secure data sent between the user equipment and the second network element in the ongoing communication. The security associations may comprise respective sets of session keys derived from a single pairwise master key.
摘要翻译：执行会话密钥生成协议的单个实例，以便在用户设备和通信系统的第一网络元件之间生成多个安全关联。在一个方面，安全关联中的第一个被用于在正在进行的通信中保护在用户设备和第一网络元件之间发送的数据。结合从第一网络元件到通信系统的第二网络元件的正在进行的通信的切换，选择另一个安全关联，并且使用另一个选择的安全关联来保护在用户设备和正在进行的通信中的第二个网络元素。安全关联可以包括从单个成对主密钥导出的各组会话密钥。

30. 发明申请

US20090191845A1 NETWORK ENFORCED ACCESS CONTROL FOR FEMTOCELLS 审中-公开
标题翻译：网络实现对FEMTOCELLS的访问控制
公开(公告)号：US20090191845A1
公开(公告)日：2009-07-30
申请号：US12019967
申请日：2008-01-25
申请人： TODD C. MORGAN , Sarvar Patel , Ganapathy S. Sundaram , Robin J. Thompson
发明人： TODD C. MORGAN , Sarvar Patel , Ganapathy S. Sundaram , Robin J. Thompson
IPC分类号： H04M3/16
CPC分类号： H04W48/02 , H04W84/045 , H04W84/105
摘要： The present invention provides a method involving a femtocell in communication with a secure network. The method includes determining whether the femtocell is authorized to provide wireless connectivity to a mobile unit based on information stored in a secure entity in the secure network. The information has been confirmed by a user of the mobile unit.
摘要翻译：本发明提供一种涉及与安全网络通信的毫微微小区的方法。该方法包括基于存储在安全网络中的安全实体中的信息来确定毫微微小区是否被授权向移动单元提供无线连接。该信息已被移动单元的用户确认。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式