专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

41. 发明授权

US06704789B1 SIM based authentication mechanism for DHCPv4/v6 messages 有权
标题翻译：基于SIM卡的DHCPv4 / v6消息认证机制
公开(公告)号：US06704789B1
公开(公告)日：2004-03-09
申请号：US09564635
申请日：2000-05-03
申请人： Juha Ala-Laurila , Patrik Flykt , Nadarajah Asokan
发明人： Juha Ala-Laurila , Patrik Flykt , Nadarajah Asokan
IPC分类号： G06F1516
CPC分类号： H04L63/0853 , H04L61/2015 , H04L63/164 , H04W12/06
摘要： The invention is a method of providing a user (12) a terminal network address (14) in a first network (16) through which the user communicates with a data network (18) and authenticating connection of the user to the first network. The invention includes transmitting to at least one server in the first network a request to obtain the terminal network address in the first network to provide connection of the user to the data network and an identification of the user in a second network (20) through which the user communicates to the first network; transmitting the identification of the user to the second network; transmitting from the second network to the first network authentication information of the user stored in the second network associated with the identification of the user; transmitting from the first network to the user at least one advertisement of the terminal network address and information within the authentication information; and processing the received at least one advertisement and the received information within the authentication information and determining if the authentication information is correct.
摘要翻译：本发明是一种在第一网络（16）中提供用户（12）终端网络地址（14）的方法，用户通过该终端网络地址与数据网络（18）进行通信，并且认证用户与第一网络的连接。本发明包括向第一网络中的至少一个服务器发送获得第一网络中的终端网络地址以提供用户到数据网络的连接的请求，以及在第二网络（20）中的用户的标识，通过该第二网络用户与第一网络进行通信; 将所述用户的标识发送到所述第二网络; 从所述第二网络发送到存储在与所述用户的所述标识相关联的所述第二网络中的用户的所述第一网络认证信息; 从所述第一网络向所述用户发送所述终端网络地址和所述认证信息内的信息的至少一个广告; 以及处理接收到的至少一个广告和接收到的信息，并确定认证信息是否正确。

42. 发明授权

US09781085B2 Device to device security using NAF key 有权
公开(公告)号：US09781085B2
公开(公告)日：2017-10-03
申请号：US14371683
申请日：2012-02-14
申请人： Silke Holtmanns , Nadarajah Asokan
发明人： Silke Holtmanns , Nadarajah Asokan
IPC分类号： H04L29/06 , H04W12/04 , H04L9/08 , H04W4/00 , H04W76/02
CPC分类号： H04L63/062 , H04L9/0866 , H04L63/0876 , H04L63/30 , H04W4/70 , H04W4/80 , H04W12/04 , H04W76/14
摘要： A method, apparatus and computer program product are disclosed for establishing secure off-network communications between first and second Secure Cellular Devices that each have a cellular identity. The second Secure Cellular Device may assume the role of Remote Device for interaction with the NAF keyserver and may obtain a local key. The first Secure Cellular Device may derive the local key and the two devices may conduct secure communications using the shared local key. The two Secure Cellular Devices may alternate the roles of Secure Host and Remote Device, each twice obtaining or deriving a shared local key such that there are two such keys. The devices may employ one key for secure communication in one direction and the other for communication in the other direction. Alternatively, the devices may derive a unique shared key as a function of the two shared keys.

43. 再颁专利

USRE44592E1 Address acquisition 有权
标题翻译：地址收购
公开(公告)号：USRE44592E1
公开(公告)日：2013-11-12
申请号：US13446749
申请日：2012-04-13
申请人： Nadarajah Asokan , Jonne Soininen , Jaakko Rajaniemi , Lassi Hippelainen , Tuija Hurtta
发明人： Nadarajah Asokan , Jonne Soininen , Jaakko Rajaniemi , Lassi Hippelainen , Tuija Hurtta
IPC分类号： H04L12/28
CPC分类号： H04W4/18 , H04L29/06 , H04L29/12216 , H04L29/12264 , H04L29/12311 , H04L29/1232 , H04L29/12801 , H04L29/12839 , H04L61/2015 , H04L61/2046 , H04L61/2084 , H04L61/2092 , H04L61/6004 , H04L61/6022 , H04L69/16 , H04L69/167
摘要： In a GPRS system, a method of a mobile station acquiring an IP network address. The method comprises the steps of:the mobile station generating a link identifier and sending it to a gateway over a wireless link in a network address request together with a request to check if the link identifier is unique;the gateway receiving the network address request and checking if the link identifier is unique;the gateway responding with a network address request response including either the sending a unique link identifier confirmed as being unique or a different unique link identifier;the gateway sending a network prefix to the mobile station;the mobile station combining the interface identifier and the network prefix to generate the IP network address.
摘要翻译：在GPRS系统中，移动台获取IP网络地址的方法。该方法包括以下步骤：移动台生成链路标识符并通过网络地址请求中的无线链路将其发送到网关，以及检查链路标识符是否唯一的请求; 网关接收网络地址请求并检查链路标识符是否唯一; 所述网关用网络地址请求响应进行响应，包括发送确认为唯一的唯一链路标识符或不同的唯一链路标识符; 网关向移动台发送网络前缀; 移动台组合接口标识符和网络前缀，以生成IP网络地址。

44. 发明申请

US20130185777A1 Methods And Apparatus For Reliable And Privacy Protecting Identification Of Parties' Mutual Friends And Common Interests 有权
标题翻译：可靠和隐私保护方法和手段识别缔约方的互助和共同利益
公开(公告)号：US20130185777A1
公开(公告)日：2013-07-18
申请号：US13351354
申请日：2012-01-17
申请人： Nadarajah Asokan , Markus Miettinen
发明人： Nadarajah Asokan , Markus Miettinen
IPC分类号： H04L9/32 , G06F21/00
CPC分类号： G06F21/31 , G06F21/33 , G06Q50/01 , H04L9/14 , H04L9/32 , H04L63/0407 , H04L63/08
摘要： Systems and techniques for authenticating joint friends of users of wireless devices. An authenticating authority delivers a token to a wireless device for each party identified as a friend of a user of the wireless device, such as through relationships in an online social network. Two wireless devices can use information relating to the tokens to determine information relating to joint friends of the users of the devices, such as the identities of joint friends or simply the numbers of joint friends. Tokens can be further refined to allow for analysis that provides information relating to the degree of intimacy of the relationship between a user and a party identified as a friend.
摘要翻译：用于认证无线设备用户的联合朋友的系统和技术。认证机构向诸如通过在线社交网络中的关系识别为无线设备的用户的朋友的每个方向无线设备递送令牌。两个无线设备可以使用与令牌相关的信息来确定与设备的用户的联合朋友相关的信息，例如联合朋友的身份或简单的联合朋友的数量。可以进一步改进令牌，以便分析提供与用户和被识别为朋友的一方之间的关系的亲密度有关的信息。

45. 发明申请

US20120324214A1 Method and Apparatus to Provide Attestation with PCR Reuse and Existing Infrastructure 审中-公开
标题翻译：提供PCR再利用和现有基础设施认证的方法和设备
公开(公告)号：US20120324214A1
公开(公告)日：2012-12-20
申请号：US13579013
申请日：2011-02-16
申请人： Nadarajah Asokan , Jan-Erik Ekberg , Kari Timo Juhani Kostiainen
发明人： Nadarajah Asokan , Jan-Erik Ekberg , Kari Timo Juhani Kostiainen
IPC分类号： G06F21/00
CPC分类号： G06F21/57 , H04L9/3234 , H04L9/3247 , H04L9/3271
摘要： The exemplary embodiments or the invention provide at least a method, apparatus, and program of computer instructions to perform operations including receiving a challenge from a prover device, reading and saving an old value of a selected platform configuration register, obtaining at least one measurement or property and forming a new platform configuration register value, where the forming includes calculating a cryptographic hash over the old value of the platform configuration register and the obtained at least one measurement or property, triggering, with the trusted software, an attestation by sending a challenge to a trusted platform module/mobile platform module, and sending by the prover device a device certificate, attestation, at least one measurement or property, and old platform configuration register value to the verifier. Further, the exemplary embodiments or the invention teach sending a challenge to a trusted software of a prover device, and receiving by the verifier device a device certificate, attestation, at least one measurement or property, and an old platform configuration register value from the prover device, checking by the verifier device that extending the old platform configuration register value with the at least one measurement or property results in a new platform configuration register value that has been attested, and using the new platform configuration register value in attestation of the prover device.
摘要翻译：示例性实施例或本发明提供至少一种计算机指令的方法，装置和程序，以执行操作，包括从证明者设备接收挑战，读取和保存所选择的平台配置寄存器的旧值，获得至少一个测量或属性并形成新的平台配置寄存器值，其中形成包括计算平台配置寄存器的旧值和所获得的至少一个测量或属性的加密散列，通过发送挑战触发与可信软件的认证到可信任的平台模块/移动平台模块，并且由验证者设备向验证者发送设备证书，认证，至少一个测量或属性以及旧平台配置寄存器值。此外，示例性实施例或本发明教导了向验证器设备的可信软件发送挑战，并且由验证器设备从验证器接收设备证书，认证，至少一个测量或属性以及旧平台配置寄存器值设备，由验证者设备检查扩展旧的平台配置寄存器值与至少一个测量或属性导致已经被证明的新的平台配置寄存器值，并且使用新的平台配置寄存器值来证明证明器设备。

46. 发明申请

US20110289560A1 Method And Apparatus To Bind A Key To A Namespace 有权
标题翻译：方法和设备绑定命名空间的关键
公开(公告)号：US20110289560A1
公开(公告)日：2011-11-24
申请号：US12782216
申请日：2010-05-18
申请人： Pekka J. Laitinen , Nadarajah Asokan , Antti H. Partanen
发明人： Pekka J. Laitinen , Nadarajah Asokan , Antti H. Partanen
IPC分类号： H04L9/32 , H04L29/06
CPC分类号： H04L29/12613 , H04L9/321 , H04L9/3263 , H04L9/3273 , H04L29/12066 , H04L61/1511 , H04L61/301 , H04L63/0823 , H04L63/101 , H04L2209/80 , H04W4/00 , H04W12/04 , H04W12/08
摘要： A method includes identifying an application installed on a device as an authorized application of a certain domain, the application being signed with a private key; deriving a signer identity using a public key that forms a key pair with the private key; mapping the certain domain to another domain using a deterministic function map; making a request to the another domain to obtain a list of signer identities that are authorized to act on behalf of the certain domain; determining whether the signer of the application is in the list and, if it is, authorizing the application to act with the same privileges as granted in the certain domain. Apparatus and computer programs for performing the method are also disclosed.
摘要翻译：一种方法包括将安装在设备上的应用标识为特定域的授权应用，该应用使用私钥进行签名; 使用与私钥形成密钥对的公钥来导出签名者身份; 使用确定性函数图将特定域映射到另一个域; 向另一个域发出请求以获得被授权代表某个域的签名者身份的列表; 确定应用程序的签名者是否在列表中，如果是，则授权应用程序以在特定域中授予的相同权限来执行。还公开了用于执行该方法的装置和计算机程序。

47. 发明授权

US07783041B2 System, method and computer program product for authenticating a data agreement between network entities 有权
标题翻译：系统，方法和计算机程序产品，用于认证网络实体之间的数据协议
公开(公告)号：US07783041B2
公开(公告)日：2010-08-24
申请号：US11242374
申请日：2005-10-03
申请人： Nadarajah Asokan , Kaisa Nyberg
发明人： Nadarajah Asokan , Kaisa Nyberg
IPC分类号： H04K1/00
CPC分类号： H04L9/0844 , H04L63/0428 , H04L63/08 , H04L63/18 , H04L2209/80
摘要： A method for authenticating a data agreement between first and second network entities can include the first network entity committing to the agreed data value, and transmitting the committed data value and a first random value to the second network entity. The first network entity can receive a second random value, and can then open the committed data value such that the second network entity can check the committed data value. If successful, the second network entity can calculate a third check string, and the first network entity can similarly calculate a fourth check string, based upon the data value and the first and second random values. The first network entity can calculate the fourth check string without the second network entity committing to the data value. The method can then include comparing the check strings such that the agreed data can be considered authenticated based upon the comparison.
摘要翻译：用于认证第一和第二网络实体之间的数据协议的方法可以包括提交到约定的数据值的第一网络实体，以及向第二网络实体发送所提交的数据值和第一随机值。第一网络实体可以接收第二随机值，然后可以打开提交的数据值，使得第二网络实体可以检查提交的数据值。如果成功，则第二网络实体可以计算第三检查字符串，并且第一网络实体可以基于数据值和第一和第二随机值类似地计算第四检查字符串。第一个网络实体可以计算第四个检查字符串，而第二个网络实体不提交数据值。该方法然后可以包括比较检查字符串，使得可以基于比较认可约定的数据。

48. 发明申请

US20080320308A1 Method for remote message attestation in a communication system 有权
标题翻译：在通信系统中远程消息认证的方法
公开(公告)号：US20080320308A1
公开(公告)日：2008-12-25
申请号：US11812635
申请日：2007-06-20
申请人： Kari Timo Juhani Kostiainen , Nadarajah Asokan
发明人： Kari Timo Juhani Kostiainen , Nadarajah Asokan
IPC分类号： H04L9/32 , H04L9/30
CPC分类号： H04L63/123 , G06F21/57 , H04L9/0877 , H04L9/3234
摘要： The invention relates to a method for remote attestation. In the method is created a first asymmetric key pair in a trusted platform module in an electronic device. A first public key and software platform state information are certified with an attestation identity key associated with the trusted platform module to produce a first certificate. A second asymmetric key pair is produced in an application within the electronic device. The second public key is certified with said first secret key to produce a second certificate. A message is signed with the second secret key to provide a message signature in the first electronic device. The message and the message signature, software platform state information, the first certificate and the second certificate are sent to a second electronic device.
摘要翻译：本发明涉及一种用于远程认证的方法。在该方法中，在电子设备中的可信平台模块中创建第一非对称密钥对。第一个公钥和软件平台状态信息通过与可信平台模块相关联的认证身份密钥进行认证，以生成第一个证书。在电子设备内的应用中产生第二非对称密钥对。第二个公钥通过第一个密钥进行认证，产生第二个证书。用第二密钥签名消息以在第一电子设备中提供消息签名。将消息和消息签名，软件平台状态信息，第一证书和第二证书发送到第二电子设备。

49. 发明申请

US20070203843A1 SYSTEM AND METHOD FOR EFFICIENT ENCRYPTION AND DECRYPTION OF DRM RIGHTS OBJECTS 审中-公开
标题翻译：有效加密和解密DRM权利对象的系统和方法
公开(公告)号：US20070203843A1
公开(公告)日：2007-08-30
申请号：US11382125
申请日：2006-05-08
申请人： Lauri Tarkkala , Nadarajah Asokan
发明人： Lauri Tarkkala , Nadarajah Asokan
IPC分类号： H04L9/00
CPC分类号： H04L63/0428 , G06F21/10 , H04L9/0822 , H04L9/088 , H04L9/12 , H04L63/10 , H04L2209/603 , H04L2463/101 , H04N7/1675 , H04N21/26613 , H04N21/4627 , H04N21/63345
摘要： A content encryption/decryption system is disclosed that provides for the use of multiple DRM rights objects. The disclosed system also provides for use in non-connected, connected and mixed mode transmission models.
摘要翻译：公开了提供多个DRM权限对象的使用的内容加密/解密系统。所公开的系统还提供用于非连接，连接和混合模式传输模型。

50. 发明授权

US07251733B2 Method, system and devices for transferring accounting information 有权
标题翻译：会计信息传输的方法，系统和设备
公开(公告)号：US07251733B2
公开(公告)日：2007-07-31
申请号：US10601337
申请日：2003-06-20
申请人： Henry Haverinen , Pekka Laitinen , Nadarajah Asokan
发明人： Henry Haverinen , Pekka Laitinen , Nadarajah Asokan
IPC分类号： G06F1/24
CPC分类号： H04L29/06 , H04L63/10 , H04L63/12 , H04L67/04 , H04L69/329
摘要： A method in a system for transferring accounting information, a system for transferring accounting information, a method in a terminal, a terminal, a method in an Extensible Authentication Protocol (EAP) service authorization server, an EAP service authorization server, a computer program, an Extensible Authentication Protocol response (EAP-response) packet, wherein the method:meters data related to a service used by at least one terminal,provides the metered data as accounting information to at least one Extensible Authentication Protocol (EAP) service authorization server,sends, by means of an Extensible Authentication Protocol request (EAP-request), a service authorization request from the at least one EAP service authorization server to the at least one terminal,digitally signs accounting information, in the at least one terminal,includes, at the at least one terminal, the digitally signed accounting information in an Extensible Authentication Protocol response (EAP-response), andsends the digitally signed accounting information to an AAA-server.
摘要翻译：用于传送会计信息的系统中的方法，用于传送会计信息的系统，终端中的方法，终端，可扩展认证协议（EAP）服务授权服务器中的方法，EAP服务授权服务器，计算机程序，可扩展认证协议响应（EAP-响应）分组，其中所述方法：与由至少一个终端使用的服务有关的计量数据将计量数据作为计费信息提供给至少一个可扩展认证协议（EAP）服务授权服务器，通过可扩展认证协议请求（EAP请求），从所述至少一个EAP服务授权服务器向所述至少一个终端发送对所述至少一个终端中的计费信息进行数字签名的服务授权请求，在至少一个终端，在可扩展认证协议响应（EAP响应）中的数字签名的计费信息，并将数字签名的计费信息发送给AAA服务器。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式