专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08621570B2 Access through non-3GPP access networks 有权
标题翻译：通过非3GPP接入网络进行接入
公开(公告)号：US08621570B2
公开(公告)日：2013-12-31
申请号：US12937008
申请日：2008-11-05
申请人： Mats Naslund , Jari Arkko , Rolf Blom , Vesa Lehtovirta , Karl Norrman , Stefan Rommer , Bengt Sahlin
发明人： Mats Naslund , Jari Arkko , Rolf Blom , Vesa Lehtovirta , Karl Norrman , Stefan Rommer , Bengt Sahlin
IPC分类号： G06F15/177 , G06F7/04 , G06F15/16 , G06F17/30 , G06F9/00 , G06F12/00 , H04L29/06 , G11C7/00
CPC分类号： H04W12/06 , G06F21/30 , H04L63/0272 , H04L63/08 , H04L63/0892 , H04L63/1433 , H04L63/162 , H04L63/164 , H04L63/20 , H04W60/00 , H04W72/0493
摘要： When setting up communication from a user equipment UE (1), such as for providing IP access for the UE in order to allow it to use some service, information or an indication or at least one network properly relating to a first network, e.g. the current access network (3, 3′), is sent to the UE from a node (13) in a sue and network such as the home network (5) of the subscriber ask UE. The information or indication can be sent in a first stage of an authentication procedure being part of the setting up of a connection from the UE. In particular, the network property can indicate whether the access network (3, 3′) is trusted or not.
摘要翻译：当从用户设备UE（1）建立通信时，例如用于为UE提供IP接入，以便允许其使用与第一网络正确相关的至少一个网络的一些服务，信息或指示，例如，当前接入网络（3,3'）从诸如用户询问UE的归属网络（5）的第二网络中的节点（13）发送到UE。可以在认证过程的第一阶段中发送信息或指示，这是作为来自UE的连接的建立的一部分。特别地，网络属性可以指示接入网络（3,3'）是否被信任。

2. 发明申请

US20110035787A1 Access Through Non-3GPP Access Networks 有权
标题翻译：通过非3GPP接入网络进行接入
公开(公告)号：US20110035787A1
公开(公告)日：2011-02-10
申请号：US12937008
申请日：2008-11-05
申请人： Mats Naslund , Jari Arkko , Rolf Blom , Vesa Lehtovirta , Karl Norrman , Stefan Rommer , Bengt Sahlin
发明人： Mats Naslund , Jari Arkko , Rolf Blom , Vesa Lehtovirta , Karl Norrman , Stefan Rommer , Bengt Sahlin
IPC分类号： G06F21/00 , G06F15/177
CPC分类号： H04W12/06 , G06F21/30 , H04L63/0272 , H04L63/08 , H04L63/0892 , H04L63/1433 , H04L63/162 , H04L63/164 , H04L63/20 , H04W60/00 , H04W72/0493
摘要： When setting up communication from a user equipment UE (1), such as for providing IP access for the UE in order to allow it to use some service, information or an indication or at least one network properly relating to a first network, e.g. the current access network (3, 3′), is sent to the UE from a node (13) in a sue and network such as the home network (5) of the subscriber ask UE. The information or indication can be sent in a first stage of an authentication procedure being part of the setting up of a connection from the UE. In particular, the network property can indicate whether the access network (3, 3′) is trusted or not.
摘要翻译：当从用户设备UE（1）建立通信时，例如用于为UE提供IP接入，以便允许其使用与第一网络正确相关的至少一个网络的一些服务，信息或指示，例如，当前接入网络（3,3'）从诸如用户询问UE的归属网络（5）的第二网络中的节点（13）发送到UE。可以在认证过程的第一阶段中发送信息或指示，这是作为来自UE的连接的建立的一部分。特别地，网络属性可以指示接入网络（3,3'）是否被信任。

3. 发明申请

US20070113085A1 METHODS FOR SECURE AND BANDWIDTH EFFICIENT CRYPTOGRAPHIC SYNCHRONIZATION 有权
标题翻译：安全和带宽有效的同步同步方法
公开(公告)号：US20070113085A1
公开(公告)日：2007-05-17
申请号：US11470554
申请日：2006-09-06
申请人： Mats Naslund , Karl Norrman , Vesa Lehtovirta , Alex Raith
发明人： Mats Naslund , Karl Norrman , Vesa Lehtovirta , Alex Raith
IPC分类号： H04L9/00
CPC分类号： H04L9/12 , H04L9/0861 , H04L9/16
摘要： Methods for cryptographic synchronization of data packets. A roll-over counter (ROC) value is periodically appended to and transmitted with a data packet when a function of the packet sequence number equals a predetermined value. The ROC effectively synchronizes the cryptographic transformation of the data packets. Although the disclosed methods are generally applicable to many transmission protocols, they are particularly adaptable for use in systems wherein the data packets are transmitted to a receiver using the Secure Real-Time Transport Protocol (SRTP) as defined in Internet Engineering Task Force (IETF) Request for Comments (RFC) 3711.
摘要翻译：数据包的密码同步方法。当分组序列号的功能等于预定值时，翻转计数器（ROC）值周期性地附加到数据分组并与数据分组一起发送。 ROC有效地同步数据包的加密转换。虽然所公开的方法通常适用于许多传输协议，但是它们特别适用于在使用因特网工程任务组（IETF）中定义的安全实时传输协议（SRTP）将数据分组发送到接收机的系统中，请求注释（RFC）3711。

4. 发明申请

US20100293595A1 Security Policy Distribution to Communication Terminals 有权
标题翻译：通信终端的安全策略分配
公开(公告)号：US20100293595A1
公开(公告)日：2010-11-18
申请号：US12863746
申请日：2008-01-22
申请人： Mats Naslund , Michael Liljenstam , Karl Norrman , Bengt Sahlin
发明人： Mats Naslund , Michael Liljenstam , Karl Norrman , Bengt Sahlin
IPC分类号： H04L29/06
CPC分类号： H04L41/0893 , H04L63/20 , H04L63/205 , H04W12/02
摘要： A method and arrangement for distributing a security policy to a communication terminal having an association with a home communication network, but being present in a visited communication network. The home communication network (106) generates its own preferred security policy Ph and the visited communication network (102) generates its own preferred security policy Pv. A communication network entity (104) in the visited communication network combines the security policies and selects security algorithms/functions to apply from the combined security policy. By generating a security policy vectors of both networks and combine them before the security algorithms are selected, enables both networks to influence the selection without affecting use of existing signalling messages.
摘要翻译：一种用于将安全策略分发给具有与归属通信网络相关联但存在于被访问的通信网络中的通信终端的方法和装置。家庭通信网络（106）生成其自己的优选安全策略Ph，并且被访问的通信网络（102）生成其自己的优选安全策略Pv。访问通信网络中的通信网络实体（104）组合安全策略并选择从组合的安全策略应用的安全算法/功能。通过生成两个网络的安全策略向量并在选择安全算法之前将它们组合起来，使得两个网络能够影响选择，而不影响现有信令消息的使用。

5. 发明授权

US08819765B2 Security policy distribution to communication terminals 有权
标题翻译：通信终端的安全策略分配
公开(公告)号：US08819765B2
公开(公告)日：2014-08-26
申请号：US12863746
申请日：2008-01-22
申请人： Mats Naslund , Michael Liljenstam , Karl Norrman , Bengt Sahlin
发明人： Mats Naslund , Michael Liljenstam , Karl Norrman , Bengt Sahlin
IPC分类号： G06F17/00 , H04L29/06
CPC分类号： H04L41/0893 , H04L63/20 , H04L63/205 , H04W12/02
摘要： A method and arrangement for distributing a security policy to a communication terminal having an association with a home communication network, but being present in a visited communication network. The home communication network generates its own preferred security policy Ph and the visited communication network generates its own preferred security policy Pv. A communication network entity in the visited communication network combines the security policies and selects security algorithms and/or functions to apply from the combined security policy. By generating security policy vectors of both networks and combining them before the security algorithms are selected, both networks are able to influence the selection without requiring the use of signaling messages.
摘要翻译：一种用于将安全策略分发给具有与归属通信网络相关联但存在于被访问的通信网络中的通信终端的方法和装置。家庭通信网络生成自己的首选安全策略Ph，并且被访问的通信网络生成其自己的优选安全策略Pv。访问通信网络中的通信网络实体组合安全策略并选择从组合的安全策略应用的安全算法和/或功能。通过在选择安全算法之前生成两个网络的安全策略向量并组合它们，两个网络能够影响选择，而不需要使用信令消息。

6. 发明申请

US20130268681A1 Method and Apparatuses for End-to-Edge Media Protection in ANIMS System 有权
标题翻译： ANIMS系统中端到端媒体保护的方法与设备
公开(公告)号：US20130268681A1
公开(公告)日：2013-10-10
申请号：US13800129
申请日：2013-03-13
申请人： Luis Barriga , Rolf Blom , Yi Cheng , Fredrik Lindholm , Mats Naslund , Karl Norrman
发明人： Luis Barriga , Rolf Blom , Yi Cheng , Fredrik Lindholm , Mats Naslund , Karl Norrman
IPC分类号： H04W76/02
CPC分类号： H04W76/02 , H04L63/0428 , H04L65/1016 , H04L65/1069 , H04W12/02 , H04W12/04 , H04W76/10
摘要： An IMS system includes an IMS initiator user entity. The system includes an IMS responder user entity that is called by the initiator user entity. The system includes a calling side S-CSCF in communication with the caller entity which receives an INVITE having a first protection offer and parameters for key establishment from the caller entity, removes the first protection offer from the INVITE and forwards the INVITE without the first protection offer. The system includes a receiving end S-CSCF in communication with the responder user entity and the calling side S-CSCF which receives the INVITE without the first protection offer and checks that the responder user entity supports the protection, inserts a second protection offer into the INVITE and forwards the INVITE to the responder user entity, wherein the responder user entity accepts the INVITE including the second protection offer and answers with an acknowledgment having a first protection accept. A method for supporting a call by a telecommunications node.
摘要翻译： IMS系统包括IMS发起者用户实体。该系统包括由发起者用户实体调用的IMS应答器用户实体。该系统包括与主叫实体进行通信的主叫侧S-CSCF，其从呼叫方实体接收具有第一保护报价的INVITE和用于密钥建立的参数，从INVITE中移除第一保护报价并转发INVITE而没有第一保护提供。该系统包括与响应者用户实体通信的接收端S-CSCF，以及在没有第一保护提供的情况下接收INVITE的主叫侧S-CSCF，并检查响应者用户实体是否支持保护，将第二保护请求插入到 INVITE并将INVITE转发到响应者用户实体，其中响应者用户实体接受包括第二保护请求的INVITE和具有第一保护接受的确认的应答。一种用于支持电信节点的呼叫的方法。

7. 发明授权

US08429737B2 Method and apparatuses for end-to-edge media protection in an IMS system 有权
公开(公告)号：US08429737B2
公开(公告)日：2013-04-23
申请号：US12744720
申请日：2008-12-01
申请人： Luis Barriga , Rolf Blom , Yi Cheng , Fredrik Lindholm , Mats Naslund , Karl Norrman
发明人： Luis Barriga , Rolf Blom , Yi Cheng , Fredrik Lindholm , Mats Naslund , Karl Norrman
IPC分类号： H04L29/06 , G06F15/16
摘要： An IMS system includes an IMS initiator user entity. The system includes an IMS responder user entity that is called by the initiator user entity. The system includes a calling side S-CSCF in communication with the caller entity which receives an INVITE having a first protection offer and parameters for key establishment from the caller entity, removes the first protection offer from the INVITE and forwards the INVITE without the first protection offer. The system includes a receiving end S-CSCF in communication with the responder user entity and the calling side S-CSCF which receives the INVITE without the first protection offer and checks that the responder user entity supports the protection, inserts a second protection offer into the INVITE and forwards the INVITE to the responder user entity, wherein the responder user entity accepts the INVITE including the second protection offer and answers with an acknowledgment having a first protection accept. A method for supporting a call by a telecommunications node.

8. 发明申请

US20110206206A1 Key Management in a Communication Network 有权
标题翻译：通信网络中的密钥管理
公开(公告)号：US20110206206A1
公开(公告)日：2011-08-25
申请号：US13063997
申请日：2009-03-13
申请人： Rolf Blom , Fredrik Lindholm , Mats Naslund , Karl Norrman
发明人： Rolf Blom , Fredrik Lindholm , Mats Naslund , Karl Norrman
IPC分类号： H04L9/08
CPC分类号： H04L63/0869 , H04L9/0819 , H04L9/083 , H04L9/3213 , H04L63/0428 , H04L63/06 , H04L63/08
摘要： A method and apparatus for key management in a communication network. A Key Management Terminal KMS Terminal Server (KMS) receives from a first device a request for a token associated with a user identity, the user identity being associated with a second device. The KMS then sends the requested token and a user key associated with the user to the first device. The KMS subsequently receives the token from the second device. A second device key is generated using the user key and a modifying parameter associated with the second device. The modifying parameter is available to the first device for generating the second device key. The second device key is then sent from the KMS to the second device. The second device key can be used by the second device to authenticate itself to the first device, or for the first device to secure communications to the second device.
摘要翻译：一种用于通信网络中密钥管理的方法和装置。密钥管理服务器（KMS）从第一设备接收与用户身份相关联的令牌的请求，所述用户身份与第二设备相关联。然后，KMS将所请求的令牌和与用户相关联的用户密钥发送到第一设备。 KMS随后从第二个设备接收令牌。使用用户密钥和与第二设备相关联的修改参数来生成第二设备密钥。修改参数可用于第一设备用于生成第二设备密钥。然后，第二个设备密钥从KMS发送到第二个设备。第二设备密钥可以由第二设备用于向第一设备或第一设备认证自身以确保与第二设备的通信。

9. 发明申请

US20100268937A1 KEY MANAGEMENT FOR SECURE COMMUNICATION 有权
标题翻译：安全通信的关键管理
公开(公告)号：US20100268937A1
公开(公告)日：2010-10-21
申请号：US12744986
申请日：2007-11-30
申请人： Rolf Blom , Yi Cheng , Fredrik Lindholm , John Mattsson , Mats Naslund , Karl Norrman
发明人： Rolf Blom , Yi Cheng , Fredrik Lindholm , John Mattsson , Mats Naslund , Karl Norrman
IPC分类号： H04L9/32 , H04L29/06 , H04L9/08
CPC分类号： H04L9/0838 , H04L9/083 , H04L9/0861 , H04L63/061 , H04L63/062 , H04L63/0884 , H04L65/1016
摘要： A method and arrangement is disclosed for managing session keys for secure communication between a first and at least a second user device in a communications network. The method is characterized being independent of what type of credential each user device implements for security operations. A first user receives from a first key management server keying information and a voucher and generates a first session key. The voucher is forwarded to at least a responding user device that, with support from a second key management server communicating with the first key management server, resolves the voucher and determines a second session keys. First and second session keys are, thereafter, used for secure communication. In one embodiment the communication traverses an intermediary whereby first and second session keys protect communication with respective leg to intermediary.
摘要翻译：公开了一种用于管理用于通信网络中的第一和第二用户设备之间的安全通信的会话密钥的方法和装置。该方法的特征在于独立于每个用户设备为安全操作实现什么类型的凭证。第一用户从第一密钥管理服务器接收密钥信息和凭证并生成第一会话密钥。该凭证被转发到至少一个响应用户设备，在来自与第一密钥管理服务器通信的第二密钥管理服务器的支持下，解决凭证并确定第二会话密钥。此后，第一和第二会话密钥用于安全通信。在一个实施例中，通信遍及中间体，由此第一和第二会话密钥保护与相应的腿到中间的通信。

10. 发明授权

US09178696B2 Key management for secure communication 有权
标题翻译：安全通信的密钥管理
公开(公告)号：US09178696B2
公开(公告)日：2015-11-03
申请号：US12744986
申请日：2007-11-30
申请人： Rolf Blom , Yi Cheng , Fredrik Lindholm , John Mattsson , Mats Naslund , Karl Norrman
发明人： Rolf Blom , Yi Cheng , Fredrik Lindholm , John Mattsson , Mats Naslund , Karl Norrman
IPC分类号： H04L9/08 , H04L29/06
CPC分类号： H04L9/0838 , H04L9/083 , H04L9/0861 , H04L63/061 , H04L63/062 , H04L63/0884 , H04L65/1016
摘要： A method and arrangement is disclosed for managing session keys for secure communication between a first and at least a second user device in a communications network. The method is characterized being independent of what type of credential each user device implements for security operations. A first user receives from a first key management server keying information and a voucher and generates a first session key. The voucher is forwarded to at least a responding user device that, with support from a second key management server communicating with the first key management server, resolves the voucher and determines a second session keys. First and second session keys are, thereafter, used for secure communication. In one embodiment the communication traverses an intermediary whereby first and second session keys protect communication with respective leg to intermediary.
摘要翻译：公开了一种用于管理用于通信网络中的第一和第二用户设备之间的安全通信的会话密钥的方法和装置。该方法的特征在于独立于每个用户设备为安全操作实现什么类型的凭证。第一用户从第一密钥管理服务器接收密钥信息和凭证并生成第一会话密钥。该凭证被转发到至少一个响应用户设备，在来自与第一密钥管理服务器通信的第二密钥管理服务器的支持下，解决凭证并确定第二会话密钥。此后，第一和第二会话密钥用于安全通信。在一个实施例中，通信遍及中间体，由此第一和第二会话密钥保护与相应的腿到中间的通信。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式