专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

31. 发明申请

US20120191970A1 Sending Protected Data in a Communication Network 有权
标题翻译：在通信网络中发送受保护的数据
公开(公告)号：US20120191970A1
公开(公告)日：2012-07-26
申请号：US13498970
申请日：2009-10-01
申请人： Rolf Blom , Fredrik Lindholm , John Mattsson
发明人： Rolf Blom , Fredrik Lindholm , John Mattsson
IPC分类号： H04L29/06
CPC分类号： H04L9/0841 , H04L9/3249 , H04L9/3263 , H04L63/04 , H04L63/06 , H04L63/0823 , H04L65/1006 , H04L65/1016 , H04L65/4076 , H04L65/608 , H04L2209/34
摘要： A method of sending protected data from a sender unit to a receiver unit via an intermediate unit. The intermediate unit stores information associated with a certificate belonging to the receiver unit, and information associated with a certificate belonging to the intermediate unit, which has previously been signed by the receiver unit. The intermediate unit receives a request from the sender unit to send protected data to the receiver unit, and so it sends a response to the sender unit. The response includes the information associated with the certificate belonging to the receiver unit, which allows the sender unit to verify that the intermediate unit is authorised to receive data on behalf of the receiver unit. The intermediate unit then receives data from the sender unit that is protected using the information associated with the certificate belonging to the receiver unit for subsequent forwarding to the receiver unit. Having the receiver unit sign the intermediate unit's certificate allows the exchange of credentials to allow a sender unit to send protected data to a receiver unit via an intermediate unit.
摘要翻译：一种通过中间单元将保护的数据从发送器单元发送到接收器单元的方法。中间单元存储与属于接收器单元的证书相关联的信息，以及与属于中间单元的证书相关联的信息，该信息先前已被接收器单元签名。中间单元接收来自发送器单元的请求以将受保护的数据发送到接收器单元，并且因此向发送器单元发送响应。响应包括与属于接收器单元的证书相关联的信息，其允许发送器单元验证中间单元是否被授权代表接收器单元接收数据。然后中间单元从使用与属于接收机单元的证书相关联的信息来保护的来自发送器单元的数据接收用于随后转发到接收器单元的数据。使接收器单元签署中间单元的证书允许交换凭证以允许发送器单元经由中间单元将保护的数据发送到接收器单元。

32. 发明申请

US20110206206A1 Key Management in a Communication Network 有权
标题翻译：通信网络中的密钥管理
公开(公告)号：US20110206206A1
公开(公告)日：2011-08-25
申请号：US13063997
申请日：2009-03-13
申请人： Rolf Blom , Fredrik Lindholm , Mats Naslund , Karl Norrman
发明人： Rolf Blom , Fredrik Lindholm , Mats Naslund , Karl Norrman
IPC分类号： H04L9/08
CPC分类号： H04L63/0869 , H04L9/0819 , H04L9/083 , H04L9/3213 , H04L63/0428 , H04L63/06 , H04L63/08
摘要： A method and apparatus for key management in a communication network. A Key Management Terminal KMS Terminal Server (KMS) receives from a first device a request for a token associated with a user identity, the user identity being associated with a second device. The KMS then sends the requested token and a user key associated with the user to the first device. The KMS subsequently receives the token from the second device. A second device key is generated using the user key and a modifying parameter associated with the second device. The modifying parameter is available to the first device for generating the second device key. The second device key is then sent from the KMS to the second device. The second device key can be used by the second device to authenticate itself to the first device, or for the first device to secure communications to the second device.
摘要翻译：一种用于通信网络中密钥管理的方法和装置。密钥管理服务器（KMS）从第一设备接收与用户身份相关联的令牌的请求，所述用户身份与第二设备相关联。然后，KMS将所请求的令牌和与用户相关联的用户密钥发送到第一设备。 KMS随后从第二个设备接收令牌。使用用户密钥和与第二设备相关联的修改参数来生成第二设备密钥。修改参数可用于第一设备用于生成第二设备密钥。然后，第二个设备密钥从KMS发送到第二个设备。第二设备密钥可以由第二设备用于向第一设备或第一设备认证自身以确保与第二设备的通信。

33. 发明申请

US20110126017A1 Methods, Nodes, System, Computer Programs and Computer Program Products for Secure User Subscription or Registration 有权
标题翻译：方法，节点，系统，计算机程序和用于安全用户订阅或注册的计算机程序产品
公开(公告)号：US20110126017A1
公开(公告)日：2011-05-26
申请号：US13056393
申请日：2008-12-22
申请人： Rolf Blom , David Castellanos Zamora
发明人： Rolf Blom , David Castellanos Zamora
IPC分类号： H04L9/32
CPC分类号： H04W12/06 , H04L63/06 , H04L63/0892 , H04L63/168 , H04L63/18 , H04W12/04
摘要： The invention relates to secure user subscription or registration to a service at least partly enabled in a network. The network comprises user equipment adapted to perform generic bootstrapping. A network application function provides the service. A bootstrapping server function generates a bootstrapping transaction identifier. A home subscriber system stores a user profile, comprising information relating to the user and at least one service provided by the network application function. Corresponding communication network nodes and methods of their operation are also disclosed.
摘要翻译：本发明涉及对网络中至少部分启用的服务的安全用户订阅或注册。该网络包括适于执行通用自举的用户设备。网络应用功能提供服务。引导服务器功能生成引导事务标识符。归属订户系统存储用户简档，其包括与用户有关的信息和由网络应用功能提供的至少一个服务。还公开了相应的通信网络节点及其操作方法。

34. 发明申请

US20110107082A1 Storing and Forwarding Media Data 有权
标题翻译：存储和转发媒体数据
公开(公告)号：US20110107082A1
公开(公告)日：2011-05-05
申请号：US12997924
申请日：2008-06-16
申请人： Rolf Blom , Karl Norrman
发明人： Rolf Blom , Karl Norrman
IPC分类号： H04L9/00
CPC分类号： H04L63/168 , H04L65/605 , H04L65/608 , H04L69/22
摘要： A method apparatus for storing and forwarding media data in a communication network. An intermediate node disposed between a media data source node and a client node receives encrypted media data packets from the media data source node. The intermediate node stores the received media data packets in a memory for later sending to the client node, and adjusts fields in the original header of each stored media data packet to create modified media data packets having a modified header, and sends adjustment information to the client node. The adjustment information allows the client node to recreate the original headers from the modified headesr, before decrypting the encrypted media packets with keying materials already sent between the media data source node and the client node. The modified media data packets are then sent to the client node for decryption. This allows the intermediate node to “store and forward” SRTP data without being able to access the encrypted data content.
摘要翻译：一种在通信网络中存储和转发媒体数据的方法装置。设置在媒体数据源节点和客户端节点之间的中间节点从媒体数据源节点接收加密的媒体数据分组。中间节点将接收到的媒体数据分组存储在存储器中用于随后发送到客户端节点，并且调整每个存储的媒体数据分组的原始报头中的字段以创建具有修改的报头的修改的媒体数据分组，并将调整信息发送到客户端节点。调整信息允许客户端节点在已经在媒体数据源节点和客户机节点之间发送的密钥材料解密加密的媒体分组之前，从修改的头节点重新创建原始报头。然后将经修改的媒体数据分组发送到客户端节点进行解密。这允许中间节点“存储和转发”SRTP数据，而不能访问加密的数据内容。

35. 发明申请

US20110059736A1 IDENTIFICATION OF A MANIPULATED OR DEFECT BASE STATION DURING HANDOVER 有权
标题翻译：在切换期间识别操作或缺陷基站
公开(公告)号：US20110059736A1
公开(公告)日：2011-03-10
申请号：US12922314
申请日：2008-08-25
申请人： Karl Norrman , Bernard Smeets , Rolf Blom
发明人： Karl Norrman , Bernard Smeets , Rolf Blom
IPC分类号： H04W24/04
CPC分类号： H04W36/0083 , H04W12/10 , H04W12/12 , H04W36/34 , H04W88/08
摘要： A method of and arrangement for detecting a manipulated or defect base station of a communication network is disclosed, wherein a target base station, having selected one or more algorithms on the basis of a prioritized algorithm list (PAL) and a UE security capabilities (SCAP), reports UE SCAP related information to a core network node. The core network node having knowledge of the UE SCAP compares this information or parts of this information with the retrieved UE SCAP related information in order to be able to identify a manipulated or defect base station when a comparison fails to match.
摘要翻译：公开了一种用于检测通信网络的被操纵或缺陷基站的方法和装置，其中基于优先级算法列表（PAL）和UE安全能力（SCAP）选择了一个或多个算法的目标基站）向核心网络节点报告UE SCAP相关信息。具有UE SCAP知识的核心网络节点将该信息或该部分信息与检索到的UE SCAP相关信息进行比较，以便能够在比较不匹配时识别被操纵或缺陷基站。

36. 发明申请

US20100316223A1 Method and Arrangement in a Telecommunication System 有权
标题翻译：电信系统中的方法和布置
公开(公告)号：US20100316223A1
公开(公告)日：2010-12-16
申请号：US12677675
申请日：2008-05-20
申请人： Rolf Blom , Gunnar Mildh , Karl Norrman
发明人： Rolf Blom , Gunnar Mildh , Karl Norrman
IPC分类号： H04L9/08 , H04L9/00 , H04L29/06
CPC分类号： H04L9/083 , H04L9/0816 , H04L9/0869 , H04L63/062 , H04L2209/24 , H04L2209/80 , H04L2463/061 , H04W8/20 , H04W12/04 , H04W92/10
摘要： A security key, K_eNB, for protecting RRC/UP traffic between a User Equipment, UE, and a serving eNodeB is established by a method and an arrangement in a Mobility Management Entity, MME, and in said UE, of an Evolved Packet System, EPS. The MME and the UE derives the security key, K_eNB, from at least an NAS uplink sequence number, NAS_U_SEQ, sent from the UE to the MME, and from an Access Security Management Entity-key, K_ASME, shared between the MME and the UE.
摘要翻译：用于在用户设备，UE和服务eNodeB之间保护RRC / UP业务的安全密钥K_eNB通过移动性管理实体MME中的所述UE和所述UE中的演进分组系统的方法和配置来建立， EPS。 MME和UE从从UE发送到MME的至少一个NAS上行链路序列号NAS_U_SEQ以及从MME和UE之间共享的接入安全管理实体密钥K_ASME中导出安全密钥K_eNB 。

37. 发明申请

US20100268937A1 KEY MANAGEMENT FOR SECURE COMMUNICATION 有权
标题翻译：安全通信的关键管理
公开(公告)号：US20100268937A1
公开(公告)日：2010-10-21
申请号：US12744986
申请日：2007-11-30
申请人： Rolf Blom , Yi Cheng , Fredrik Lindholm , John Mattsson , Mats Naslund , Karl Norrman
发明人： Rolf Blom , Yi Cheng , Fredrik Lindholm , John Mattsson , Mats Naslund , Karl Norrman
IPC分类号： H04L9/32 , H04L29/06 , H04L9/08
CPC分类号： H04L9/0838 , H04L9/083 , H04L9/0861 , H04L63/061 , H04L63/062 , H04L63/0884 , H04L65/1016
摘要： A method and arrangement is disclosed for managing session keys for secure communication between a first and at least a second user device in a communications network. The method is characterized being independent of what type of credential each user device implements for security operations. A first user receives from a first key management server keying information and a voucher and generates a first session key. The voucher is forwarded to at least a responding user device that, with support from a second key management server communicating with the first key management server, resolves the voucher and determines a second session keys. First and second session keys are, thereafter, used for secure communication. In one embodiment the communication traverses an intermediary whereby first and second session keys protect communication with respective leg to intermediary.
摘要翻译：公开了一种用于管理用于通信网络中的第一和第二用户设备之间的安全通信的会话密钥的方法和装置。该方法的特征在于独立于每个用户设备为安全操作实现什么类型的凭证。第一用户从第一密钥管理服务器接收密钥信息和凭证并生成第一会话密钥。该凭证被转发到至少一个响应用户设备，在来自与第一密钥管理服务器通信的第二密钥管理服务器的支持下，解决凭证并确定第二会话密钥。此后，第一和第二会话密钥用于安全通信。在一个实施例中，通信遍及中间体，由此第一和第二会话密钥保护与相应的腿到中间的通信。

38. 发明授权

US07298840B2 Method and system for data integrity protection 有权
标题翻译：数据完整性保护方法和系统
公开(公告)号：US07298840B2
公开(公告)日：2007-11-20
申请号：US10476138
申请日：2002-04-09
申请人： Christian Gehrmann , Rolf Blom
发明人： Christian Gehrmann , Rolf Blom
IPC分类号： H04K1/06 , H04K1/04
CPC分类号： H04L9/3242 , H04L2209/80
摘要： A method of authenticating a message (111) received via a transmission channel (108) using a Message Authentication Code (MAC). The message comprises a message body (114) and a tag (116) and the method comprises the steps of generating a second tag (115) according to a MAC function (112) on the basis of the received message body and a secret key (113), calculating a distance (117) between the received tag and generated second tag, and comparing (118) the calculated distance with a predetermined threshold value.
摘要翻译：一种验证通过使用消息认证码（MAC）的传输信道（108）接收的消息（111）的方法。消息包括消息体（114）和标签（116），并且该方法包括以下步骤：根据所接收的消息体和根据MAC功能（112）生成第二标签（115）和秘密密钥（ 113），计算接收到的标签与生成的第二标签之间的距离（117），并将计算出的距离与预定阈值进行比较（118）。

39. 发明申请

US20070150794A1 ERROR CORRECTION USING FINITE FIELDS OF ODD CHARACTERISTIC ON BINARY HARDWARE 失效
标题翻译：使用二进制硬件的特征的有限域的错误校正
公开(公告)号：US20070150794A1
公开(公告)日：2007-06-28
申请号：US10271945
申请日：2002-10-17
申请人： Mats Naslund , Rolf Blom
发明人： Mats Naslund , Rolf Blom
IPC分类号： H03M13/00
CPC分类号： H03M13/158 , G06F7/724 , G06F7/725 , H03M13/6561
摘要： Binary data representing a code word of an error-correcting code is used for calculating a syndrome, wherein a given portion of the binary data comprises k groups of data bits and represents a field element of the finite field GF(pk), p being an odd prime number, the field element comprising k coefficients in accordance with a polynomial basis representation, each group of data bits of the given portion representing a corresponding one of the k coefficients. The given portion is stored in a first general purpose register and is processed such that the k groups of data bits of the given portion are processed in parallel; determining whether the syndrome is equal to zero; and detecting and correcting errors in the binary data if the syndrome is not equal to zero.
摘要翻译：表示纠错码的代码字的二进制数据用于计算校正子，其中二进制数据的给定部分包括k组数据位，并且表示有限域GF（p < / SUP>），p是奇素数，场元素包括根据多项式基表示的k个系数，给定部分的每组数据位表示k个系数中的相应一个。给定部分存储在第一通用寄存器中，并被处理使得给定部分的k组数据位被并行处理; 确定综合征是否等于零; 以及如果所述综合征不等于零，则检测和校正二进制数据中的错误。

40. 发明申请

US20070086590A1 Method and apparatus for establishing a security association 审中-公开
标题翻译：用于建立安全关联的方法和装置
公开(公告)号：US20070086590A1
公开(公告)日：2007-04-19
申请号：US11248589
申请日：2005-10-13
申请人： Rolf Blom
发明人： Rolf Blom
IPC分类号： H04L9/00
CPC分类号： H04L9/0844 , H04L9/3236 , H04L63/06 , H04L63/164 , H04L2209/56 , H04W12/04031
摘要： A method for establishing a security association between a client and a service node for the purpose of pushing information from the service node to the client, where the client and a key server share a base secret. The method comprises sending a request for generation and provision of a service key from the service node to a key server, the request identifying the client and the service node, generating a service key at the key server using the identities of the client and the service node, the base secret, and additional information, and sending the service key to the service node together with said additional information, forwarding said additional information from the service node to the client, and at the client, generating said service key using the received additional information and the base key.
摘要翻译：一种用于在客户机和服务节点之间建立安全关联以便将信息从服务节点推送到客户端的方法，其中客户端和密钥服务器共享基本秘密。该方法包括从服务节点向密钥服务器发送生成和提供服务密钥的请求，所述请求标识客户端和服务节点，使用客户端和服务的身份在密钥服务器生成服务密钥节点，基本秘密和附加信息，以及将服务密钥与所述附加信息一起发送到服务节点，将所述附加信息从服务节点转发到客户端，并且在客户端处，使用接收到的附加信息生成所述服务密钥信息和基本键。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式