会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 1. 发明授权
    • Access to services in a telecommunications network
    • 访问电信网络中的服务
    • US08261078B2
    • 2012-09-04
    • US12303342
    • 2006-06-09
    • Luis BarrigaRolf BlomMats Näslund
    • Luis BarrigaRolf BlomMats Näslund
    • H04L9/32
    • H04L65/1016H04L9/32H04L9/321H04L63/0421H04L63/062H04L63/08H04L63/0815H04L63/0853H04L2209/80H04W4/00H04W12/02H04W12/04H04W12/06H04W60/00H04W74/00H04W88/16
    • A method and arrangement is disclosed for providing a user, not previously having an individual subscription with a network operator, with credentials for secure access to network services. The arrangement includes a gateway, associated with a subscription for network services, having means for generating and exporting to a user entity personalized user security data derived from security data related to the subscription. In particular, the derivation of credentials is based on a function that is shared between network and gateway and further conveniently makes use of bootstrapping on keying material from the subscription authentication. Pre-registered user identities are assigned trusted users who, thereafter, can download credentials and authenticate for service access. The invention may be implemented at a public place for providing temporary visitors network access whereby trust may exemplary be established by presenting a credit card.
    • 公开了一种方法和装置,用于提供先前不具有与网络运营商的单独订阅的用户,以及用于安全访问网络服务的凭证。 该安排包括与网络服务的订阅相关联的网关,具有用于生成和导出到用户实体的个体化用户安全数据,该安全数据是从与订阅有关的安全数据导出的。 特别地,证书的推导基于在网络和网关之间共享的功能,并且进一步方便地利用来自订阅认证的密钥材料的引导。 预先注册的用户身份被分配给受信任的用户,其后可以下载凭证并进行身份验证以进行服务访问。 本发明可以在公共场所实现,以提供临时访问者网络访问,从而通过呈现信用卡可以示范地建立信任。
    • 3. 发明授权
    • User authentication
    • 用户认证
    • US08875232B2
    • 2014-10-28
    • US13201694
    • 2009-02-18
    • Rolf BlomLuis BarrigaKarl Norrman
    • Rolf BlomLuis BarrigaKarl Norrman
    • H04L29/06H04W12/06H04L29/08
    • H04W12/06H04L63/0492H04L63/18H04L67/04
    • A method of authenticating access to a service comprises: a) receiving at a mobile terminal, over a bi-directional near-field communication channel between the mobile terminal and a browser, at least part of the identifier of a service; b) comparing, at the mobile terminal, at least part of the identifier received at the mobile terminal with a set of identifiers stored in the mobile device; and c) authenticating access to the service on the basis of whether at least part of the identifier received at the mobile terminal matches an identifier in the set. The mobile terminal may stored a set of URLs, and may compare a received URL (or part URL) with the set of stored URLs. It may generate an alert to the user if at least part of the URL received at the mobile terminal does not match a stored URL. User names and keys are not required to be stored on the web-browser, so the web-browser does not need to maintain a password database. This improves security, since a password database would be vulnerable to malicious code.
    • 认证对服务的访问的方法包括:a)在移动终端处通过移动终端和浏览器之间的双向近场通信信道,至少部分服务的标识符进行接收; b)在移动终端处将在移动终端处接收到的标识符的至少一部分与存储在移动设备中的一组标识符进行比较; 以及c)基于在所述移动终端中接收到的所述标识符的至少一部分是否匹配所述集合中的标识符来认证对所述服务的访问。 移动终端可以存储一组URL,并且可以将接收到的URL(或部分URL)与存储的URL集合进行比较。 如果在移动终端处接收到的URL的至少一部分与存储的URL不匹配,则它可以向用户生成警报。 用户名和密钥不需要存储在Web浏览器上,因此Web浏览器不需要维护密码数据库。 这提高了安全性,因为密码数据库将容易受到恶意代码的攻击。
    • 4. 发明申请
    • Method and Apparatuses for End-to-Edge Media Protection in ANIMS System
    • ANIMS系统中端到端媒体保护的方法与设备
    • US20130268681A1
    • 2013-10-10
    • US13800129
    • 2013-03-13
    • Luis BarrigaRolf BlomYi ChengFredrik LindholmMats NaslundKarl Norrman
    • Luis BarrigaRolf BlomYi ChengFredrik LindholmMats NaslundKarl Norrman
    • H04W76/02
    • H04W76/02H04L63/0428H04L65/1016H04L65/1069H04W12/02H04W12/04H04W76/10
    • An IMS system includes an IMS initiator user entity. The system includes an IMS responder user entity that is called by the initiator user entity. The system includes a calling side S-CSCF in communication with the caller entity which receives an INVITE having a first protection offer and parameters for key establishment from the caller entity, removes the first protection offer from the INVITE and forwards the INVITE without the first protection offer. The system includes a receiving end S-CSCF in communication with the responder user entity and the calling side S-CSCF which receives the INVITE without the first protection offer and checks that the responder user entity supports the protection, inserts a second protection offer into the INVITE and forwards the INVITE to the responder user entity, wherein the responder user entity accepts the INVITE including the second protection offer and answers with an acknowledgment having a first protection accept. A method for supporting a call by a telecommunications node.
    • IMS系统包括IMS发起者用户实体。 该系统包括由发起者用户实体调用的IMS应答器用户实体。 该系统包括与主叫实体进行通信的主叫侧S-CSCF,其从呼叫方实体接收具有第一保护报价的INVITE和用于密钥建立的参数,从INVITE中移除第一保护报价并转发INVITE而没有第一保护 提供。 该系统包括与响应者用户实体通信的接收端S-CSCF,以及在没有第一保护提供的情况下接收INVITE的主叫侧S-CSCF,并检查响应者用户实体是否支持保护,将第二保护请求插入到 INVITE并将INVITE转发到响应者用户实体,其中响应者用户实体接受包括第二保护请求的INVITE和具有第一保护接受的确认的应答。 一种用于支持电信节点的呼叫的方法。
    • 6. 发明授权
    • Method and apparatuses for end-to-edge media protection in an IMS system
    • 用于IMS系统中端到端媒体保护的方法和装置
    • US08549615B2
    • 2013-10-01
    • US12744720
    • 2008-12-01
    • Luis BarrigaRolf BlomYi ChengFredrik LindholmMats NaslundKarl Norrman
    • Luis BarrigaRolf BlomYi ChengFredrik LindholmMats NaslundKarl Norrman
    • H04L29/06G06F15/16
    • H04W76/02H04L63/0428H04L65/1016H04L65/1069H04W12/02H04W12/04H04W76/10
    • An IMS system includes an IMS initiator user entity. The system includes an IMS responder user entity that is called by the initiator user entity. The system includes a calling side S-CSCF in communication with the caller entity which receives an INVITE having a first protection offer and parameters for key establishment from the caller entity, removes the first protection offer from the INVITE and forwards the INVITE without the first protection offer. The system includes a receiving end S-CSCF in communication with the responder user entity and the calling side S-CSCF which receives the INVITE without the first protection offer and checks that the responder user entity supports the protection, inserts a second protection offer into the INVITE and forwards the INVITE to the responder user entity, wherein the responder user entity accepts the INVITE including the second protection offer and answers with an acknowledgment having a first protection accept. A method for supporting a call by a telecommunications node.
    • IMS系统包括IMS发起者用户实体。 该系统包括由发起者用户实体调用的IMS应答器用户实体。 该系统包括与主叫实体进行通信的主叫侧S-CSCF,其从呼叫方实体接收具有第一保护报价的INVITE和用于密钥建立的参数,从INVITE中移除第一保护报价并转发INVITE而没有第一保护 提供。 该系统包括与响应者用户实体通信的接收端S-CSCF,以及在没有第一保护提供的情况下接收INVITE的主叫侧S-CSCF,并检查响应者用户实体是否支持保护,将第二保护请求插入到 INVITE并将INVITE转发到响应者用户实体,其中响应者用户实体接受包括第二保护请求的INVITE和具有第一保护接受的确认的应答。 一种用于支持电信节点的呼叫的方法。
    • 7. 发明申请
    • USER AUTHENTICATON
    • 用户认证
    • US20110302627A1
    • 2011-12-08
    • US13201694
    • 2009-02-18
    • Rolf BlomLuis BarrigaKarl Norrman
    • Rolf BlomLuis BarrigaKarl Norrman
    • G06F21/00G06F7/04
    • H04W12/06H04L63/0492H04L63/18H04L67/04
    • A method of authenticating access to a service comprises: a) receiving at a mobile terminal, over a bi-directional near-field communication channel between the mobile terminal and a browser, at least part of the identifier of a service; b) comparing, at the mobile terminal, at least part of the identifier received at the mobile terminal with a set of identifiers stored in the mobile device; and c) authenticating access to the service on the basis of whether at least part of the identifier received at the mobile terminal matches an identifier in the set. The mobile terminal may stored a set of URLs, and may compare a received URL (or part URL) with the set of stored URLs. It may generate an alert to the user if at least part of the URL received at the mobile terminal does not match a stored URL. User names and keys are not required to be stored on the web-browser, so the web-browser does not need to maintain a password database. This improves security, since a password database would be vulnerable to malicious code.
    • 认证对服务的访问的方法包括:a)在移动终端处通过移动终端和浏览器之间的双向近场通信信道,至少部分服务的标识符进行接收; b)在移动终端处将在移动终端处接收到的标识符的至少一部分与存储在移动设备中的一组标识符进行比较; 以及c)基于在所述移动终端中接收到的所述标识符的至少一部分是否匹配所述集合中的标识符来认证对所述服务的访问。 移动终端可以存储一组URL,并且可以将接收到的URL(或部分URL)与存储的URL集合进行比较。 如果在移动终端处接收到的URL的至少一部分与存储的URL不匹配,则它可以向用户生成警报。 用户名和密钥不需要存储在Web浏览器上,因此Web浏览器不需要维护密码数据库。 这提高了安全性,因为密码数据库将容易受到恶意代码的攻击。
    • 8. 发明申请
    • Access to services in a telecommunications network
    • 访问电信网络中的服务
    • US20090199001A1
    • 2009-08-06
    • US12303342
    • 2006-06-09
    • Luis BarrigaRolf BlomMats Naslund
    • Luis BarrigaRolf BlomMats Naslund
    • H04L9/32G06F21/00
    • H04L65/1016H04L9/32H04L9/321H04L63/0421H04L63/062H04L63/08H04L63/0815H04L63/0853H04L2209/80H04W4/00H04W12/02H04W12/04H04W12/06H04W60/00H04W74/00H04W88/16
    • A method and arrangement is disclosed for providing a user, not previously having an individual subscription with a network operator, with credentials for secure access to network services. The arrangement includes a gateway, associated with a subscription for network services, having means for generating and exporting to a user entity personalized user security data derived from security data related to the subscription. In particular, the derivation of credentials is based on a function that is shared between network and gateway and further conveniently makes use of bootstrapping on keying material from the subscription authentication. Pre-registered user identities are assigned trusted users who, thereafter, can download credentials and authenticate for service access. The invention may be implemented at a public place for providing temporary visitors network access whereby trust may exemplary be established by presenting a credit card.
    • 公开了一种方法和装置,用于提供先前不具有与网络运营商的单独订阅的用户,以及用于安全访问网络服务的凭证。 该安排包括与网络服务的订阅相关联的网关,具有用于生成和导出到用户实体的个体化用户安全数据,该安全数据是从与订阅有关的安全数据导出的。 特别地,证书的推导基于在网络和网关之间共享的功能,并且进一步方便地利用来自订阅认证的密钥材料的引导。 预先注册的用户身份被分配给受信任的用户,其后可以下载凭证并进行身份验证以进行服务访问。 本发明可以在公共场所实现,以提供临时访问者网络访问,从而通过呈现信用卡可以示范地建立信任。
    • 9. 发明授权
    • Method and apparatuses for end-to-edge media protection in an IMS system
    • 用于IMS系统中端到端媒体保护的方法和装置
    • US08832821B2
    • 2014-09-09
    • US13800129
    • 2013-03-13
    • Luis BarrigaRolf BlomYi ChengFredrik LindholmMats NaslundKarl Norrman
    • Luis BarrigaRolf BlomYi ChengFredrik LindholmMats NaslundKarl Norrman
    • H04L29/06G06F15/16H04W76/02H04W12/04H04W12/02
    • H04W76/02H04L63/0428H04L65/1016H04L65/1069H04W12/02H04W12/04H04W76/10
    • An IMS system includes an IMS initiator user entity. The system includes an IMS responder user entity that is called by the initiator user entity. The system includes a calling side S-CSCF in communication with the caller entity which receives an INVITE having a first protection offer and parameters for key establishment from the caller entity, removes the first protection offer from the INVITE and forwards the INVITE without the first protection offer. The system includes a receiving end S-CSCF in communication with the responder user entity and the calling side S-CSCF which receives the INVITE without the first protection offer and checks that the responder user entity supports the protection, inserts a second protection offer into the INVITE and forwards the INVITE to the responder user entity, wherein the responder user entity accepts the INVITE including the second protection offer and answers with an acknowledgment having a first protection accept. A method for supporting a call by a telecommunications node.
    • IMS系统包括IMS发起者用户实体。 该系统包括由发起者用户实体调用的IMS应答器用户实体。 该系统包括与主叫实体进行通信的主叫侧S-CSCF,其从呼叫方实体接收具有第一保护报价的INVITE和用于密钥建立的参数,从INVITE中移除第一保护报价并转发INVITE而没有第一保护 提供。 该系统包括与响应者用户实体通信的接收端S-CSCF,以及在没有第一保护提供的情况下接收INVITE的主叫侧S-CSCF,并检查响应者用户实体是否支持保护,将第二保护请求插入到 INVITE并将INVITE转发到响应者用户实体,其中响应者用户实体接受包括第二保护请求的INVITE和具有第一保护接受的确认的应答。 一种用于支持电信节点的呼叫的方法。
    • 10. 发明申请
    • Method and Apparatuses for End-to-Edge Media Protection in ANIMS System
    • ANIMS系统中端到端媒体保护的方法与设备
    • US20110010768A1
    • 2011-01-13
    • US12744720
    • 2008-12-01
    • Luis BarrigaRolf BlomYi ChengFredrik LindholmMats NaslundKarl Norrman
    • Luis BarrigaRolf BlomYi ChengFredrik LindholmMats NaslundKarl Norrman
    • G06F21/00
    • H04W76/02H04L63/0428H04L65/1016H04L65/1069H04W12/02H04W12/04H04W76/10
    • An IMS system includes an IMS initiator user entity. The system includes an IMS responder user entity that is called by the initiator user entity. The system includes a calling side S-CSCF in communication with the caller entity which receives an INVITE having a first protection offer and parameters for key establishment from the caller entity, removes the first protection offer from the INVITE and forwards the INVITE without the first protection offer. The system includes a receiving end S-CSCF in communication with the responder user entity and the calling side S-CSCF which receives the INVITE without the first protection offer and checks that the responder user entity supports the protection, inserts a second protection offer into the INVITE and forwards the INVITE to the responder user entity, wherein the responder user entity accepts the INVITE including the second protection offer and answers with an acknowledgment having a first protection accept. A method for supporting a call by a telecommunications node.
    • IMS系统包括IMS发起者用户实体。 该系统包括由发起者用户实体调用的IMS应答器用户实体。 该系统包括与主叫实体进行通信的主叫侧S-CSCF,其从呼叫方实体接收具有第一保护报价的INVITE和用于密钥建立的参数,从INVITE中移除第一保护报价并转发INVITE而没有第一保护 提供。 该系统包括与响应者用户实体通信的接收端S-CSCF,以及在没有第一保护提供的情况下接收INVITE的主叫侧S-CSCF,并检查响应者用户实体是否支持保护,将第二保护请求插入到 INVITE并将INVITE转发到响应者用户实体,其中响应者用户实体接受包括第二保护请求的INVITE和具有第一保护接受的确认的应答。 一种用于支持电信节点的呼叫的方法。