专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08875232B2 User authentication 有权
标题翻译：用户认证
公开(公告)号：US08875232B2
公开(公告)日：2014-10-28
申请号：US13201694
申请日：2009-02-18
申请人： Rolf Blom , Luis Barriga , Karl Norrman
发明人： Rolf Blom , Luis Barriga , Karl Norrman
IPC分类号： H04L29/06 , H04W12/06 , H04L29/08
CPC分类号： H04W12/06 , H04L63/0492 , H04L63/18 , H04L67/04
摘要： A method of authenticating access to a service comprises: a) receiving at a mobile terminal, over a bi-directional near-field communication channel between the mobile terminal and a browser, at least part of the identifier of a service; b) comparing, at the mobile terminal, at least part of the identifier received at the mobile terminal with a set of identifiers stored in the mobile device; and c) authenticating access to the service on the basis of whether at least part of the identifier received at the mobile terminal matches an identifier in the set. The mobile terminal may stored a set of URLs, and may compare a received URL (or part URL) with the set of stored URLs. It may generate an alert to the user if at least part of the URL received at the mobile terminal does not match a stored URL. User names and keys are not required to be stored on the web-browser, so the web-browser does not need to maintain a password database. This improves security, since a password database would be vulnerable to malicious code.
摘要翻译：认证对服务的访问的方法包括：a）在移动终端处通过移动终端和浏览器之间的双向近场通信信道，至少部分服务的标识符进行接收; b）在移动终端处将在移动终端处接收到的标识符的至少一部分与存储在移动设备中的一组标识符进行比较; 以及c）基于在所述移动终端中接收到的所述标识符的至少一部分是否匹配所述集合中的标识符来认证对所述服务的访问。移动终端可以存储一组URL，并且可以将接收到的URL（或部分URL）与存储的URL集合进行比较。如果在移动终端处接收到的URL的至少一部分与存储的URL不匹配，则它可以向用户生成警报。用户名和密钥不需要存储在Web浏览器上，因此Web浏览器不需要维护密码数据库。这提高了安全性，因为密码数据库将容易受到恶意代码的攻击。

2. 发明申请

US20130268681A1 Method and Apparatuses for End-to-Edge Media Protection in ANIMS System 有权
标题翻译： ANIMS系统中端到端媒体保护的方法与设备
公开(公告)号：US20130268681A1
公开(公告)日：2013-10-10
申请号：US13800129
申请日：2013-03-13
申请人： Luis Barriga , Rolf Blom , Yi Cheng , Fredrik Lindholm , Mats Naslund , Karl Norrman
发明人： Luis Barriga , Rolf Blom , Yi Cheng , Fredrik Lindholm , Mats Naslund , Karl Norrman
IPC分类号： H04W76/02
CPC分类号： H04W76/02 , H04L63/0428 , H04L65/1016 , H04L65/1069 , H04W12/02 , H04W12/04 , H04W76/10
摘要： An IMS system includes an IMS initiator user entity. The system includes an IMS responder user entity that is called by the initiator user entity. The system includes a calling side S-CSCF in communication with the caller entity which receives an INVITE having a first protection offer and parameters for key establishment from the caller entity, removes the first protection offer from the INVITE and forwards the INVITE without the first protection offer. The system includes a receiving end S-CSCF in communication with the responder user entity and the calling side S-CSCF which receives the INVITE without the first protection offer and checks that the responder user entity supports the protection, inserts a second protection offer into the INVITE and forwards the INVITE to the responder user entity, wherein the responder user entity accepts the INVITE including the second protection offer and answers with an acknowledgment having a first protection accept. A method for supporting a call by a telecommunications node.
摘要翻译： IMS系统包括IMS发起者用户实体。该系统包括由发起者用户实体调用的IMS应答器用户实体。该系统包括与主叫实体进行通信的主叫侧S-CSCF，其从呼叫方实体接收具有第一保护报价的INVITE和用于密钥建立的参数，从INVITE中移除第一保护报价并转发INVITE而没有第一保护提供。该系统包括与响应者用户实体通信的接收端S-CSCF，以及在没有第一保护提供的情况下接收INVITE的主叫侧S-CSCF，并检查响应者用户实体是否支持保护，将第二保护请求插入到 INVITE并将INVITE转发到响应者用户实体，其中响应者用户实体接受包括第二保护请求的INVITE和具有第一保护接受的确认的应答。一种用于支持电信节点的呼叫的方法。

3. 发明授权

US08429737B2 Method and apparatuses for end-to-edge media protection in an IMS system 有权
公开(公告)号：US08429737B2
公开(公告)日：2013-04-23
申请号：US12744720
申请日：2008-12-01
申请人： Luis Barriga , Rolf Blom , Yi Cheng , Fredrik Lindholm , Mats Naslund , Karl Norrman
发明人： Luis Barriga , Rolf Blom , Yi Cheng , Fredrik Lindholm , Mats Naslund , Karl Norrman
IPC分类号： H04L29/06 , G06F15/16
摘要： An IMS system includes an IMS initiator user entity. The system includes an IMS responder user entity that is called by the initiator user entity. The system includes a calling side S-CSCF in communication with the caller entity which receives an INVITE having a first protection offer and parameters for key establishment from the caller entity, removes the first protection offer from the INVITE and forwards the INVITE without the first protection offer. The system includes a receiving end S-CSCF in communication with the responder user entity and the calling side S-CSCF which receives the INVITE without the first protection offer and checks that the responder user entity supports the protection, inserts a second protection offer into the INVITE and forwards the INVITE to the responder user entity, wherein the responder user entity accepts the INVITE including the second protection offer and answers with an acknowledgment having a first protection accept. A method for supporting a call by a telecommunications node.

4. 发明申请

US20110302627A1 USER AUTHENTICATON 有权
标题翻译：用户认证
公开(公告)号：US20110302627A1
公开(公告)日：2011-12-08
申请号：US13201694
申请日：2009-02-18
申请人： Rolf Blom , Luis Barriga , Karl Norrman
发明人： Rolf Blom , Luis Barriga , Karl Norrman
IPC分类号： G06F21/00 , G06F7/04
CPC分类号： H04W12/06 , H04L63/0492 , H04L63/18 , H04L67/04
摘要： A method of authenticating access to a service comprises: a) receiving at a mobile terminal, over a bi-directional near-field communication channel between the mobile terminal and a browser, at least part of the identifier of a service; b) comparing, at the mobile terminal, at least part of the identifier received at the mobile terminal with a set of identifiers stored in the mobile device; and c) authenticating access to the service on the basis of whether at least part of the identifier received at the mobile terminal matches an identifier in the set. The mobile terminal may stored a set of URLs, and may compare a received URL (or part URL) with the set of stored URLs. It may generate an alert to the user if at least part of the URL received at the mobile terminal does not match a stored URL. User names and keys are not required to be stored on the web-browser, so the web-browser does not need to maintain a password database. This improves security, since a password database would be vulnerable to malicious code.
摘要翻译：认证对服务的访问的方法包括：a）在移动终端处通过移动终端和浏览器之间的双向近场通信信道，至少部分服务的标识符进行接收; b）在移动终端处将在移动终端处接收到的标识符的至少一部分与存储在移动设备中的一组标识符进行比较; 以及c）基于在所述移动终端中接收到的所述标识符的至少一部分是否匹配所述集合中的标识符来认证对所述服务的访问。移动终端可以存储一组URL，并且可以将接收到的URL（或部分URL）与存储的URL集合进行比较。如果在移动终端处接收到的URL的至少一部分与存储的URL不匹配，则它可以向用户生成警报。用户名和密钥不需要存储在Web浏览器上，因此Web浏览器不需要维护密码数据库。这提高了安全性，因为密码数据库将容易受到恶意代码的攻击。

5. 发明授权

US08549615B2 Method and apparatuses for end-to-edge media protection in an IMS system 有权
标题翻译：用于IMS系统中端到端媒体保护的方法和装置
公开(公告)号：US08549615B2
公开(公告)日：2013-10-01
申请号：US12744720
申请日：2008-12-01
申请人： Luis Barriga , Rolf Blom , Yi Cheng , Fredrik Lindholm , Mats Naslund , Karl Norrman
发明人： Luis Barriga , Rolf Blom , Yi Cheng , Fredrik Lindholm , Mats Naslund , Karl Norrman
IPC分类号： H04L29/06 , G06F15/16
CPC分类号： H04W76/02 , H04L63/0428 , H04L65/1016 , H04L65/1069 , H04W12/02 , H04W12/04 , H04W76/10
摘要： An IMS system includes an IMS initiator user entity. The system includes an IMS responder user entity that is called by the initiator user entity. The system includes a calling side S-CSCF in communication with the caller entity which receives an INVITE having a first protection offer and parameters for key establishment from the caller entity, removes the first protection offer from the INVITE and forwards the INVITE without the first protection offer. The system includes a receiving end S-CSCF in communication with the responder user entity and the calling side S-CSCF which receives the INVITE without the first protection offer and checks that the responder user entity supports the protection, inserts a second protection offer into the INVITE and forwards the INVITE to the responder user entity, wherein the responder user entity accepts the INVITE including the second protection offer and answers with an acknowledgment having a first protection accept. A method for supporting a call by a telecommunications node.
摘要翻译： IMS系统包括IMS发起者用户实体。该系统包括由发起者用户实体调用的IMS应答器用户实体。该系统包括与主叫实体进行通信的主叫侧S-CSCF，其从呼叫方实体接收具有第一保护报价的INVITE和用于密钥建立的参数，从INVITE中移除第一保护报价并转发INVITE而没有第一保护提供。该系统包括与响应者用户实体通信的接收端S-CSCF，以及在没有第一保护提供的情况下接收INVITE的主叫侧S-CSCF，并检查响应者用户实体是否支持保护，将第二保护请求插入到 INVITE并将INVITE转发到响应者用户实体，其中响应者用户实体接受包括第二保护请求的INVITE和具有第一保护接受的确认的应答。一种用于支持电信节点的呼叫的方法。

6. 发明授权

US08832821B2 Method and apparatuses for end-to-edge media protection in an IMS system 有权
标题翻译：用于IMS系统中端到端媒体保护的方法和装置
公开(公告)号：US08832821B2
公开(公告)日：2014-09-09
申请号：US13800129
申请日：2013-03-13
申请人： Luis Barriga , Rolf Blom , Yi Cheng , Fredrik Lindholm , Mats Naslund , Karl Norrman
发明人： Luis Barriga , Rolf Blom , Yi Cheng , Fredrik Lindholm , Mats Naslund , Karl Norrman
IPC分类号： H04L29/06 , G06F15/16 , H04W76/02 , H04W12/04 , H04W12/02
CPC分类号： H04W76/02 , H04L63/0428 , H04L65/1016 , H04L65/1069 , H04W12/02 , H04W12/04 , H04W76/10
摘要： An IMS system includes an IMS initiator user entity. The system includes an IMS responder user entity that is called by the initiator user entity. The system includes a calling side S-CSCF in communication with the caller entity which receives an INVITE having a first protection offer and parameters for key establishment from the caller entity, removes the first protection offer from the INVITE and forwards the INVITE without the first protection offer. The system includes a receiving end S-CSCF in communication with the responder user entity and the calling side S-CSCF which receives the INVITE without the first protection offer and checks that the responder user entity supports the protection, inserts a second protection offer into the INVITE and forwards the INVITE to the responder user entity, wherein the responder user entity accepts the INVITE including the second protection offer and answers with an acknowledgment having a first protection accept. A method for supporting a call by a telecommunications node.
摘要翻译： IMS系统包括IMS发起者用户实体。该系统包括由发起者用户实体调用的IMS应答器用户实体。该系统包括与主叫实体进行通信的主叫侧S-CSCF，其从呼叫方实体接收具有第一保护报价的INVITE和用于密钥建立的参数，从INVITE中移除第一保护报价并转发INVITE而没有第一保护提供。该系统包括与响应者用户实体通信的接收端S-CSCF，以及在没有第一保护提供的情况下接收INVITE的主叫侧S-CSCF，并检查响应者用户实体是否支持保护，将第二保护请求插入到 INVITE并将INVITE转发到响应者用户实体，其中响应者用户实体接受包括第二保护请求的INVITE和具有第一保护接受的确认的应答。一种用于支持电信节点的呼叫的方法。

7. 发明申请

US20110010768A1 Method and Apparatuses for End-to-Edge Media Protection in ANIMS System 有权
标题翻译： ANIMS系统中端到端媒体保护的方法与设备
公开(公告)号：US20110010768A1
公开(公告)日：2011-01-13
申请号：US12744720
申请日：2008-12-01
申请人： Luis Barriga , Rolf Blom , Yi Cheng , Fredrik Lindholm , Mats Naslund , Karl Norrman
发明人： Luis Barriga , Rolf Blom , Yi Cheng , Fredrik Lindholm , Mats Naslund , Karl Norrman
IPC分类号： G06F21/00
CPC分类号： H04W76/02 , H04L63/0428 , H04L65/1016 , H04L65/1069 , H04W12/02 , H04W12/04 , H04W76/10
摘要： An IMS system includes an IMS initiator user entity. The system includes an IMS responder user entity that is called by the initiator user entity. The system includes a calling side S-CSCF in communication with the caller entity which receives an INVITE having a first protection offer and parameters for key establishment from the caller entity, removes the first protection offer from the INVITE and forwards the INVITE without the first protection offer. The system includes a receiving end S-CSCF in communication with the responder user entity and the calling side S-CSCF which receives the INVITE without the first protection offer and checks that the responder user entity supports the protection, inserts a second protection offer into the INVITE and forwards the INVITE to the responder user entity, wherein the responder user entity accepts the INVITE including the second protection offer and answers with an acknowledgment having a first protection accept. A method for supporting a call by a telecommunications node.
摘要翻译： IMS系统包括IMS发起者用户实体。该系统包括由发起者用户实体调用的IMS应答器用户实体。该系统包括与主叫实体进行通信的主叫侧S-CSCF，其从呼叫方实体接收具有第一保护报价的INVITE和用于密钥建立的参数，从INVITE中移除第一保护报价并转发INVITE而没有第一保护提供。该系统包括与响应者用户实体通信的接收端S-CSCF，以及在没有第一保护提供的情况下接收INVITE的主叫侧S-CSCF，并检查响应者用户实体是否支持保护，将第二保护请求插入到 INVITE并将INVITE转发到响应者用户实体，其中响应者用户实体接受包括第二保护请求的INVITE和具有第一保护接受的确认的应答。一种用于支持电信节点的呼叫的方法。

8. 发明申请

US20090199001A1 Access to services in a telecommunications network 有权
标题翻译：访问电信网络中的服务
公开(公告)号：US20090199001A1
公开(公告)日：2009-08-06
申请号：US12303342
申请日：2006-06-09
申请人： Luis Barriga , Rolf Blom , Mats Naslund
发明人： Luis Barriga , Rolf Blom , Mats Naslund
IPC分类号： H04L9/32 , G06F21/00
CPC分类号： H04L65/1016 , H04L9/32 , H04L9/321 , H04L63/0421 , H04L63/062 , H04L63/08 , H04L63/0815 , H04L63/0853 , H04L2209/80 , H04W4/00 , H04W12/02 , H04W12/04 , H04W12/06 , H04W60/00 , H04W74/00 , H04W88/16
摘要： A method and arrangement is disclosed for providing a user, not previously having an individual subscription with a network operator, with credentials for secure access to network services. The arrangement includes a gateway, associated with a subscription for network services, having means for generating and exporting to a user entity personalized user security data derived from security data related to the subscription. In particular, the derivation of credentials is based on a function that is shared between network and gateway and further conveniently makes use of bootstrapping on keying material from the subscription authentication. Pre-registered user identities are assigned trusted users who, thereafter, can download credentials and authenticate for service access. The invention may be implemented at a public place for providing temporary visitors network access whereby trust may exemplary be established by presenting a credit card.
摘要翻译：公开了一种方法和装置，用于提供先前不具有与网络运营商的单独订阅的用户，以及用于安全访问网络服务的凭证。该安排包括与网络服务的订阅相关联的网关，具有用于生成和导出到用户实体的个体化用户安全数据，该安全数据是从与订阅有关的安全数据导出的。特别地，证书的推导基于在网络和网关之间共享的功能，并且进一步方便地利用来自订阅认证的密钥材料的引导。预先注册的用户身份被分配给受信任的用户，其后可以下载凭证并进行身份验证以进行服务访问。本发明可以在公共场所实现，以提供临时访问者网络访问，从而通过呈现信用卡可以示范地建立信任。

9. 发明授权

US08261078B2 Access to services in a telecommunications network 有权
标题翻译：访问电信网络中的服务
公开(公告)号：US08261078B2
公开(公告)日：2012-09-04
申请号：US12303342
申请日：2006-06-09
申请人： Luis Barriga , Rolf Blom , Mats Näslund
发明人： Luis Barriga , Rolf Blom , Mats Näslund
IPC分类号： H04L9/32
CPC分类号： H04L65/1016 , H04L9/32 , H04L9/321 , H04L63/0421 , H04L63/062 , H04L63/08 , H04L63/0815 , H04L63/0853 , H04L2209/80 , H04W4/00 , H04W12/02 , H04W12/04 , H04W12/06 , H04W60/00 , H04W74/00 , H04W88/16
摘要： A method and arrangement is disclosed for providing a user, not previously having an individual subscription with a network operator, with credentials for secure access to network services. The arrangement includes a gateway, associated with a subscription for network services, having means for generating and exporting to a user entity personalized user security data derived from security data related to the subscription. In particular, the derivation of credentials is based on a function that is shared between network and gateway and further conveniently makes use of bootstrapping on keying material from the subscription authentication. Pre-registered user identities are assigned trusted users who, thereafter, can download credentials and authenticate for service access. The invention may be implemented at a public place for providing temporary visitors network access whereby trust may exemplary be established by presenting a credit card.
摘要翻译：公开了一种方法和装置，用于提供先前不具有与网络运营商的单独订阅的用户，以及用于安全访问网络服务的凭证。该安排包括与网络服务的订阅相关联的网关，具有用于生成和导出到用户实体的个体化用户安全数据，该安全数据是从与订阅有关的安全数据导出的。特别地，证书的推导基于在网络和网关之间共享的功能，并且进一步方便地利用来自订阅认证的密钥材料的引导。预先注册的用户身份被分配给受信任的用户，其后可以下载凭证并进行身份验证以进行服务访问。本发明可以在公共场所实现，以提供临时访问者网络访问，从而通过呈现信用卡可以示范地建立信任。

10. 发明授权

US08660270B2 Method and arrangement in a telecommunication system 有权
标题翻译：电信系统中的方法和布置
公开(公告)号：US08660270B2
公开(公告)日：2014-02-25
申请号：US12677675
申请日：2008-05-20
申请人： Rolf Blom , Gunnar Mildh , Karl Norrman
发明人： Rolf Blom , Gunnar Mildh , Karl Norrman
IPC分类号： H04L9/32 , H04M1/66
CPC分类号： H04L9/083 , H04L9/0816 , H04L9/0869 , H04L63/062 , H04L2209/24 , H04L2209/80 , H04L2463/061 , H04W8/20 , H04W12/04 , H04W92/10
摘要： A security key, K_eNB, for protecting RRC/UP traffic between a User Equipment, UE, and a serving eNodeB is established by a method and an arrangement in a Mobility Management Entity, MME, and in said UE, of an Evolved Packet System, EPS. The MME and the UE derives the security key, K_eNB, from at least an NAS uplink sequence number, NAS_U_SEQ, sent from the UE to the MME, and from an Access Security Management Entity-key, K_ASME, shared between the MME and the UE.
摘要翻译：用于在用户设备，UE和服务eNodeB之间保护RRC / UP业务的安全密钥K_eNB通过移动性管理实体MME中的所述UE和所述UE中的演进分组系统的方法和配置来建立， EPS。 MME和UE从从UE发送到MME的至少一个NAS上行链路序列号NAS_U_SEQ以及从MME和UE之间共享的接入安全管理实体密钥K_ASME中导出安全密钥K_eNB 。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式