专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

61. 发明授权

US07746851B2 Secure communications within and between personal area networks by using private and public identifiers 有权
标题翻译：通过使用私有和公共标识符来保护个人区域网内和之间的通信
公开(公告)号：US07746851B2
公开(公告)日：2010-06-29
申请号：US10579697
申请日：2004-11-05
申请人： Pubudu Chandrasiri , Bulent Ozgur Gurleyen , Mats Naslund , Annika Jonsson , Christian Gehrmann , Yashar Shahabi
发明人： Pubudu Chandrasiri , Bulent Ozgur Gurleyen , Mats Naslund , Annika Jonsson , Christian Gehrmann , Yashar Shahabi
IPC分类号： H04L12/28
CPC分类号： H04L63/0272 , H04L29/06027 , H04L29/12009 , H04L29/12367 , H04L61/2514 , H04L63/0428 , H04L63/065 , H04L63/0823 , H04L63/104 , H04L63/164 , H04L65/1016 , H04W4/06 , H04W8/26 , H04W12/08 , H04W84/10
摘要： A Personal Area Network Security Domain (PSD) (50) is formed between PDA (52), mobile terminal (54), PC (56) and printer (58). The PSD (50) allows the sharing of resources between the devices within the PSD. If the devices within the PSD (50) are located remotely from one another, communication between those devices will be performed via mobile or cellular telephone network (66) and the Internet (68). For each set or association of similarly located devices within the PSD (50), one of those devices will be a gateway device. The gateway device is a device that is configured to communicate with an external communications medium (mobile network (66) or the Internet (68)). Data transmissions to other devices within the PSD are channelled through the relevant gateway. In another embodiment resources are shared between the two separate PSDs (of which may or may not be remotely located with respect to one another) by means of data exchanges between the respective gateway devices of the two PSDs.
摘要翻译：在PDA（52），移动终端（54），PC（56）和打印机（58）之间形成个人区域网络安全域（PSD）（50）。 PSD（50）允许在PSD内的设备之间共享资源。如果PSD（50）内的设备彼此远离地定位，则这些设备之间的通信将通过移动或蜂窝电话网络（66）和因特网（68）进行。对于PSD（50）内类似位置的设备的每个集合或关联，这些设备之一将是网关设备。网关设备是被配置为与外部通信介质（移动网络（66）或因特网（68））进行通信的设备。通过相关网关将数据传输到PSD内的其他设备。在另一个实施例中，通过两个PSD的各个网关设备之间的数据交换，资源在两个单独的PSD（其可以相对于彼此可以或可以不相对于彼此远位置）之间共享。

62. 发明申请

US20090013380A1 Networks 有权
标题翻译：网络
公开(公告)号：US20090013380A1
公开(公告)日：2009-01-08
申请号：US10580297
申请日：2004-11-05
申请人： Pubudu Chandrasiri , Bulent Ozgur Gurleyen , Mats Naslund , Annika Jonsson , Christian Gehrmann
发明人： Pubudu Chandrasiri , Bulent Ozgur Gurleyen , Mats Naslund , Annika Jonsson , Christian Gehrmann
IPC分类号： G06F21/20
CPC分类号： H04L63/0272 , H04L29/06027 , H04L29/12009 , H04L29/12367 , H04L61/2514 , H04L63/0428 , H04L63/065 , H04L63/0823 , H04L63/104 , H04L63/164 , H04L65/1016 , H04W4/06 , H04W8/26 , H04W12/08 , H04W84/10
摘要： A Personal Area Network Security Domain (PSD) is formed between devices (142, 150, 152, 154 and 156). The PSD allows the sharing of data and/or resources between the devices within the PSD. The devices within the PSD are located remotely from one another. For example, communication between device (150 and 156) will be performed via mobile or cellular telephone network (120), the Internet (140) and mobile or cellular telephone network (126). Each network (120, 126) is provided with a PSD Hub, which enables an IPsec secure connection between the devices (150 and 156) to be established.
摘要翻译：在设备（142,150,152,154和156）之间形成个人区域网络安全域（PSD）。 PSD允许在PSD内的设备之间共享数据和/或资源。 PSD内的设备彼此远离。例如，设备（150和156）之间的通信将通过移动或蜂窝电话网络（120），因特网（140）和移动或蜂窝电话网络（126）来执行。每个网络（120,126）设置有PSD集线器，其能够建立设备（150和156）之间的IPsec安全连接。

63. 发明申请

US20080095362A1 CRYPTOGRAPHIC KEY MANAGEMENT IN COMMUNICATION NETWORKS 有权
标题翻译：通信网络中的CRYPTOGRAPHIC KEY MANAGEMENT
公开(公告)号：US20080095362A1
公开(公告)日：2008-04-24
申请号：US11857621
申请日：2007-09-19
申请人： Rolf Blom , Karl Norrman , Mats Naslund
发明人： Rolf Blom , Karl Norrman , Mats Naslund
IPC分类号： H04L9/14
CPC分类号： H04L9/321 , H04L63/062 , H04L63/08 , H04L2209/80 , H04L2463/061 , H04W12/04 , H04W12/06 , H04W36/0038
摘要： An authentication server and a system and method for managing cryptographic keys across different combinations of user terminals, access networks, and core networks. A Transformation Coder Entity (TCE) creates a master key (Mk), which is used to derive keys during the authentication procedure. During handover between the different access types, the Mk or a transformed Mk is passed between two nodes that hold the key in the respective access networks when a User Equipment (UE) terminal changes access. The transformation of the Mk is performed via a one-way function, and has the effect that if the Mk is somehow compromised, it is not possible to automatically obtain access to previously used master keys. The transformation is performed based on the type of authenticator node and type of UE/identity module with which the transformed key is to be utilized. The Mk is never used directly, but is only used to derive the keys that are directly used to protect the access link.
摘要翻译：一种认证服务器，以及用于管理跨越用户终端，接入网络和核心网络的不同组合的加密密钥的系统和方法。转换编码器实体（TCE）创建主密钥（Mk），用于在认证过程期间导出密钥。在不同访问类型之间的切换期间，当用户设备（UE）终端改变访问时，Mk或经变换的Mk在保持密钥的两个节点之间传递。通过单向函数执行Mk的转换，并且具有以下效果：如果Mk以某种方式受损，则不可能自动获得对先前使用的主密钥的访问。基于认证者节点的类型和使用变换密钥的UE /身份模块的类型进行转换。 Mk从不直接使用，但仅用于派生直接用于保护访问链接的密钥。

64. 发明申请

US20070113085A1 METHODS FOR SECURE AND BANDWIDTH EFFICIENT CRYPTOGRAPHIC SYNCHRONIZATION 有权
标题翻译：安全和带宽有效的同步同步方法
公开(公告)号：US20070113085A1
公开(公告)日：2007-05-17
申请号：US11470554
申请日：2006-09-06
申请人： Mats Naslund , Karl Norrman , Vesa Lehtovirta , Alex Raith
发明人： Mats Naslund , Karl Norrman , Vesa Lehtovirta , Alex Raith
IPC分类号： H04L9/00
CPC分类号： H04L9/12 , H04L9/0861 , H04L9/16
摘要： Methods for cryptographic synchronization of data packets. A roll-over counter (ROC) value is periodically appended to and transmitted with a data packet when a function of the packet sequence number equals a predetermined value. The ROC effectively synchronizes the cryptographic transformation of the data packets. Although the disclosed methods are generally applicable to many transmission protocols, they are particularly adaptable for use in systems wherein the data packets are transmitted to a receiver using the Secure Real-Time Transport Protocol (SRTP) as defined in Internet Engineering Task Force (IETF) Request for Comments (RFC) 3711.
摘要翻译：数据包的密码同步方法。当分组序列号的功能等于预定值时，翻转计数器（ROC）值周期性地附加到数据分组并与数据分组一起发送。 ROC有效地同步数据包的加密转换。虽然所公开的方法通常适用于许多传输协议，但是它们特别适用于在使用因特网工程任务组（IETF）中定义的安全实时传输协议（SRTP）将数据分组发送到接收机的系统中，请求注释（RFC）3711。

65. 发明授权

US08819765B2 Security policy distribution to communication terminals 有权
标题翻译：通信终端的安全策略分配
公开(公告)号：US08819765B2
公开(公告)日：2014-08-26
申请号：US12863746
申请日：2008-01-22
申请人： Mats Naslund , Michael Liljenstam , Karl Norrman , Bengt Sahlin
发明人： Mats Naslund , Michael Liljenstam , Karl Norrman , Bengt Sahlin
IPC分类号： G06F17/00 , H04L29/06
CPC分类号： H04L41/0893 , H04L63/20 , H04L63/205 , H04W12/02
摘要： A method and arrangement for distributing a security policy to a communication terminal having an association with a home communication network, but being present in a visited communication network. The home communication network generates its own preferred security policy Ph and the visited communication network generates its own preferred security policy Pv. A communication network entity in the visited communication network combines the security policies and selects security algorithms and/or functions to apply from the combined security policy. By generating security policy vectors of both networks and combining them before the security algorithms are selected, both networks are able to influence the selection without requiring the use of signaling messages.
摘要翻译：一种用于将安全策略分发给具有与归属通信网络相关联但存在于被访问的通信网络中的通信终端的方法和装置。家庭通信网络生成自己的首选安全策略Ph，并且被访问的通信网络生成其自己的优选安全策略Pv。访问通信网络中的通信网络实体组合安全策略并选择从组合的安全策略应用的安全算法和/或功能。通过在选择安全算法之前生成两个网络的安全策略向量并组合它们，两个网络能够影响选择，而不需要使用信令消息。

66. 发明授权

US08578506B2 Digital rights management in user-controlled environment 有权
标题翻译：用户控制环境中的数字版权管理
公开(公告)号：US08578506B2
公开(公告)日：2013-11-05
申请号：US13122687
申请日：2008-10-06
申请人： Mats Naslund , Tereza Cristina Melo de Brito Carvalho , Diego Sanchez Gallo , Makan Pourzandi , Marcos Antonio Simplicio Junior , Yeda Regina Venturini
发明人： Mats Naslund , Tereza Cristina Melo de Brito Carvalho , Diego Sanchez Gallo , Makan Pourzandi , Marcos Antonio Simplicio Junior , Yeda Regina Venturini
IPC分类号： G06F21/24
CPC分类号： H04N21/63345 , G06F21/10 , G06F2221/0706 , G06F2221/2149 , H04N21/2541 , H04N21/43615 , H04N21/64322 , H04N21/8355
摘要： A method of controlling access to content comprises receiving, at a domain gateway (3) of a domain (4), a request from a device (5) in the domain for access to the content. It is determined at the domain gateway whether the number of devices in the domain currently accessing the content is equal to a specified maximum number of devices that may simultaneously access the content. The maximum number of devices that may simultaneously access the content is independent of the number of devices in the domain. If the determination is that the number of devices in the domain currently accessing the content is less than the specified maximum number the request is allowed, otherwise it is refused.
摘要翻译：控制对内容的访问的方法包括在域的域网关（3）处接收来自域中的用于访问内容的设备（5）的请求。在域网关确定当前正在访问内容的域中的设备的数量是否等于可以同时访问内容的指定的最大数量的设备。可以同时访问内容的最大设备数量与域中的设备数量无关。如果确定当前正在访问内容的域中的设备数量小于指定的最大数量，则允许该请求，否则将被拒绝。

67. 发明申请

US20120059897A1 CHALLENGING A FIRST TERMINAL INTENDING TO COMMUNICATE WITH A SECOND TERMINAL 有权
标题翻译：挑选第一个终端用于与第二个终端通信
公开(公告)号：US20120059897A1
公开(公告)日：2012-03-08
申请号：US13320328
申请日：2009-05-20
申请人： Luis Barriga , Michael Liljenstam , Mats Naslund , Per-Olof Nerbrant
发明人： Luis Barriga , Michael Liljenstam , Mats Naslund , Per-Olof Nerbrant
IPC分类号： G06F15/16
CPC分类号： H04L9/3271 , G06F21/31 , G06F2221/2133 , G06Q10/107 , H04L63/08 , H04L2209/805 , H04W12/06 , H04W48/16 , H04W76/10
摘要： The invention relates to a method, party challenging device (18) and computer program products for providing a challenge to a first terminal (10) intending to communicate with a second terminal (24) via two networks (N1, N2). The party challenging device receives a first electronic message (1M) concerning a transfer of media from the first terminal to the second terminal sent from the first terminal (10) and addressed to the second terminal (24), obtains communication contextual data associated with the first party or the first terminal, provides an electronic challenge message (CHM) including a challenge (CHl1) based on the obtained data and sends the challenge message to the first terminal in order to enable a decision to be made how to process the invitation message for the second terminal based on the correctness of a response (RM) including a response to the challenge.
摘要翻译：本发明涉及一种方法，一方挑战性装置（18）和用于向第一终端（10）提供有意通过两个网络（N1，N2）与第二终端（24）进行通信的计算机程序产品。派对挑战装置接收关于从第一终端（10）发送的媒体从第一终端到第二终端的传送并寻址到第二终端（24）的第一电子消息（1M），获得与第一终端相关联的通信上下文数据第一方或第一终端基于获得的数据提供包括质询（CH1）的电子质询消息（CHM），并将询问消息发送到第一终端，以便能够做出如何处理邀请消息的决定基于包括对挑战的响应的响应（RM）的正确性的第二终端。

68. 发明授权

US08094817B2 Cryptographic key management in communication networks 有权
标题翻译：通信网络密码管理
公开(公告)号：US08094817B2
公开(公告)日：2012-01-10
申请号：US11857621
申请日：2007-09-19
申请人： Rolf Blom , Karl Norrman , Mats Naslund
发明人： Rolf Blom , Karl Norrman , Mats Naslund
IPC分类号： H04L9/00
CPC分类号： H04L9/321 , H04L63/062 , H04L63/08 , H04L2209/80 , H04L2463/061 , H04W12/04 , H04W12/06 , H04W36/0038
摘要： An authentication server and a system and method for managing cryptographic keys across different combinations of user terminals, access networks, and core networks. A Transformation Coder Entity (TCE) creates a master key (Mk), which is used to derive keys during the authentication procedure. During handover between the different access types, the Mk or a transformed Mk is passed between two nodes that hold the key in the respective access networks when a User Equipment (UE) terminal changes access. The transformation of the Mk is performed via a one-way function, and has the effect that if the Mk is somehow compromised, it is not possible to automatically obtain access to previously used master keys. The transformation is performed based on the type of authenticator node and type of UE/identity module with which the transformed key is to be utilized. The Mk is never used directly, but is only used to derive the keys that are directly used to protect the access link.
摘要翻译：一种认证服务器，以及用于管理跨越用户终端，接入网络和核心网络的不同组合的加密密钥的系统和方法。转换编码器实体（TCE）创建主密钥（Mk），用于在认证过程期间导出密钥。在不同访问类型之间的切换期间，当用户设备（UE）终端改变访问时，Mk或经变换的Mk在保持密钥的两个节点之间传递。通过单向函数执行Mk的转换，并且具有以下效果：如果Mk以某种方式受损，则不可能自动获得对先前使用的主密钥的访问。基于认证者节点的类型和使用变换密钥的UE /身份模块的类型进行转换。 Mk从不直接使用，但仅用于派生直接用于保护访问链接的密钥。

69. 发明申请

US20110264906A1 METHOD AND NODES FOR PROVIDING SECURE ACCESS TO CLOUD COMPUTING FOR MOBILE USERS 有权
标题翻译：提供安全访问移动用户云计算的方法和方法
公开(公告)号：US20110264906A1
公开(公告)日：2011-10-27
申请号：US12768034
申请日：2010-04-27
申请人： Makan Pourzandi , Mats Naslund
发明人： Makan Pourzandi , Mats Naslund
IPC分类号： H04L9/00 , H04L29/06
CPC分类号： H04W12/02 , G06F21/6218 , H04L9/083 , H04L9/0869 , H04L63/0435 , H04L63/061 , H04L63/062 , H04L2209/60 , H04L2209/80 , H04L2463/061 , H04W12/04 , H04W12/06 , H04W88/08
摘要： A mobile node, a gateway node and methods are provided for securely storing a content into a remote node. The mobile node, or a gateway node of a network providing access to the mobile node, applies a content key to the content prior to sending the content for storage in the remote node. The content key is generated at the mobile node, based on a random value obtained from an authentication server, or directly at the authentication server if applied by the gateway node. The content key is not preserved in the mobile node or in the gateway node, for security purposes. When the mobile node or the gateway node fetches again the content from the remote node, the same content key is generated again for decrypting the content. The remote node does not have access to the content key and can therefore no read or modify the content.
摘要翻译：提供移动节点，网关节点和方法以将内容安全地存储到远程节点中。移动节点或提供对移动节点的访问的网络的网关节点在发送用于存储在远程节点内的内容之前向内容应用内容密钥。基于从认证服务器获得的随机值，或者如果由网关节点应用，则直接在认证服务器处，在移动节点生成内容密钥。出于安全考虑，内容密钥不会保留在移动节点或网关节点中。当移动节点或网关节点从远程节点再次获取内容时，再次产生相同的内容密钥以解密该内容。远程节点无法访问内容密钥，因此无法读取或修改内容。

70. 发明申请

US20110256850A1 METHOD AND ARRANGEMENT FOR CREATION OF ASSOCIATION BETWEEN USER EQUIPMENT AND AN ACCESS POINT 有权
标题翻译：创建用户设备与访问点之间的关联的方法和布置
公开(公告)号：US20110256850A1
公开(公告)日：2011-10-20
申请号：US13140818
申请日：2008-12-19
申请人： Göran Selander , Jari Vikberg , Karl Norrman , Rolf Blom , Mats Naslund
发明人： Göran Selander , Jari Vikberg , Karl Norrman , Rolf Blom , Mats Naslund
IPC分类号： H04W12/06
CPC分类号： H04W12/08 , H04L63/101 , H04W84/045
摘要： Methods, apparatus, and computer program products for creating an association between a first user equipment and at least one access point assisted by a registration server in a telecommunication network are disclosed. The registration server responds to a first contact request carried out using a first association number for the access point, provided by the first user equipment, receives a first association request for the association with the access point, provided by the first user equipment, authorizes the first association request based on a first authorization information provided by the first user equipment; registers the association between the first user equipment and the access point responsive to authorization of the first association request. The first user equipment is associated with the access point and the association is administered by the registration server.
摘要翻译：公开了用于在第一用户设备和由电信网络中的注册服务器辅助的至少一个接入点之间建立关联的方法，设备和计算机程序产品。注册服务器响应由第一用户设备提供的接入点的第一关联号码执行的第一联系请求，接收由第一用户设备提供的与接入点的关联的第一关联请求，授权基于由第一用户设备提供的第一授权信息的第一关联请求; 响应于第一关联请求的授权，注册第一用户设备和接入点之间的关联。第一用户设备与接入点相关联，该关联由注册服务器管理。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式