专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20100267363A1 Methods and Apparatuses Generating a Radio Base Station Key in a Cellular Radio System 有权
标题翻译：在蜂窝无线电系统中生成无线基站密钥的方法和装置
公开(公告)号：US20100267363A1
公开(公告)日：2010-10-21
申请号：US12746879
申请日：2008-07-01
申请人： Rolf Blom , Magnus Lindstrom , Karl Norrman
发明人： Rolf Blom , Magnus Lindstrom , Karl Norrman
IPC分类号： H04M3/16
CPC分类号： H04W12/04 , H04J11/0069 , H04L9/0656 , H04L2463/061 , H04W88/08
摘要： In a method and a system for providing secure communication in a cellular radio system radio base station key is generated by determining a set of data bits known to both the UE and the radio base station, and creating the radio base station key in response to the determined set of data.
摘要翻译：在用于在蜂窝无线电系统中提供安全通信的方法和系统中，通过确定UE和无线电基站已知的一组数据比特来生成无线基站密钥，并响应于该无线基站密钥创建无线基站密钥确定的数据集。

2. 发明授权

US09232390B2 Methods and apparatuses generating a radio base station key in a cellular radio system 有权
标题翻译：在蜂窝无线电系统中生成无线基站密钥的方法和装置
公开(公告)号：US09232390B2
公开(公告)日：2016-01-05
申请号：US12746879
申请日：2008-07-01
申请人： Rolf Blom , Magnus Lindstrom , Karl Norrman
发明人： Rolf Blom , Magnus Lindstrom , Karl Norrman
IPC分类号： H04L29/06 , H04W12/04 , H04J11/00 , H04L9/06 , H04W88/08
CPC分类号： H04W12/04 , H04J11/0069 , H04L9/0656 , H04L2463/061 , H04W88/08
摘要： In a method and a system for providing secure communication in a cellular radio system radio base station key is generated by determining a set of data bits known to both the UE and the radio base station, and creating the radio base station key in response to the determined set of data.
摘要翻译：在用于在蜂窝无线电系统中提供安全通信的方法和系统中，通过确定UE和无线电基站已知的一组数据比特来生成无线基站密钥，并响应于该无线基站密钥创建无线基站密钥确定的数据集。

3. 发明授权

US08660270B2 Method and arrangement in a telecommunication system 有权
标题翻译：电信系统中的方法和布置
公开(公告)号：US08660270B2
公开(公告)日：2014-02-25
申请号：US12677675
申请日：2008-05-20
申请人： Rolf Blom , Gunnar Mildh , Karl Norrman
发明人： Rolf Blom , Gunnar Mildh , Karl Norrman
IPC分类号： H04L9/32 , H04M1/66
CPC分类号： H04L9/083 , H04L9/0816 , H04L9/0869 , H04L63/062 , H04L2209/24 , H04L2209/80 , H04L2463/061 , H04W8/20 , H04W12/04 , H04W92/10
摘要： A security key, K_eNB, for protecting RRC/UP traffic between a User Equipment, UE, and a serving eNodeB is established by a method and an arrangement in a Mobility Management Entity, MME, and in said UE, of an Evolved Packet System, EPS. The MME and the UE derives the security key, K_eNB, from at least an NAS uplink sequence number, NAS_U_SEQ, sent from the UE to the MME, and from an Access Security Management Entity-key, K_ASME, shared between the MME and the UE.
摘要翻译：用于在用户设备，UE和服务eNodeB之间保护RRC / UP业务的安全密钥K_eNB通过移动性管理实体MME中的所述UE和所述UE中的演进分组系统的方法和配置来建立， EPS。 MME和UE从从UE发送到MME的至少一个NAS上行链路序列号NAS_U_SEQ以及从MME和UE之间共享的接入安全管理实体密钥K_ASME中导出安全密钥K_eNB 。

4. 发明授权

US08122240B2 Method and apparatus for establishing a security association 有权
标题翻译：用于建立安全关联的方法和装置
公开(公告)号：US08122240B2
公开(公告)日：2012-02-21
申请号：US11305329
申请日：2005-12-19
申请人： Rolf Blom , Karl Norrman
发明人： Rolf Blom , Karl Norrman
IPC分类号： H04L29/06
CPC分类号： H04W12/04 , H04L9/0841 , H04L9/3271 , H04L63/0435 , H04L63/062 , H04L67/26 , H04L2209/56 , H04L2209/80 , H04W84/042
摘要： A method for establishing a security association between a client and a service node for the purpose of pushing information from the service node to the client, where the client and a key server share a base secret. The method comprises sending a request for generation and provision of a service key from the service node to a key server, the request identifying the client and the service node, generating a service key at the key server using the identities of the client and the service node, the base secret, and additional information, and sending the service key to the service node together with said additional information, forwarding said additional information from the service node to the client, and at the client, generating said service key using the received additional information and the base key. A similar approach may be used to provide p2p key management.
摘要翻译：一种用于在客户机和服务节点之间建立安全关联以便将信息从服务节点推送到客户端的方法，其中客户端和密钥服务器共享基本秘密。该方法包括从服务节点向密钥服务器发送生成和提供服务密钥的请求，所述请求标识客户端和服务节点，使用客户端和服务的身份在密钥服务器生成服务密钥节点，基本秘密和附加信息，以及将服务密钥与所述附加信息一起发送到服务节点，将所述附加信息从服务节点转发到客户端，并且在客户端处，使用接收到的附加信息生成所述服务密钥信息和基本键。可以使用类似的方法来提供p2p密钥管理。

5. 发明授权

US08094817B2 Cryptographic key management in communication networks 有权
标题翻译：通信网络密码管理
公开(公告)号：US08094817B2
公开(公告)日：2012-01-10
申请号：US11857621
申请日：2007-09-19
申请人： Rolf Blom , Karl Norrman , Mats Naslund
发明人： Rolf Blom , Karl Norrman , Mats Naslund
IPC分类号： H04L9/00
CPC分类号： H04L9/321 , H04L63/062 , H04L63/08 , H04L2209/80 , H04L2463/061 , H04W12/04 , H04W12/06 , H04W36/0038
摘要： An authentication server and a system and method for managing cryptographic keys across different combinations of user terminals, access networks, and core networks. A Transformation Coder Entity (TCE) creates a master key (Mk), which is used to derive keys during the authentication procedure. During handover between the different access types, the Mk or a transformed Mk is passed between two nodes that hold the key in the respective access networks when a User Equipment (UE) terminal changes access. The transformation of the Mk is performed via a one-way function, and has the effect that if the Mk is somehow compromised, it is not possible to automatically obtain access to previously used master keys. The transformation is performed based on the type of authenticator node and type of UE/identity module with which the transformed key is to be utilized. The Mk is never used directly, but is only used to derive the keys that are directly used to protect the access link.
摘要翻译：一种认证服务器，以及用于管理跨越用户终端，接入网络和核心网络的不同组合的加密密钥的系统和方法。转换编码器实体（TCE）创建主密钥（Mk），用于在认证过程期间导出密钥。在不同访问类型之间的切换期间，当用户设备（UE）终端改变访问时，Mk或经变换的Mk在保持密钥的两个节点之间传递。通过单向函数执行Mk的转换，并且具有以下效果：如果Mk以某种方式受损，则不可能自动获得对先前使用的主密钥的访问。基于认证者节点的类型和使用变换密钥的UE /身份模块的类型进行转换。 Mk从不直接使用，但仅用于派生直接用于保护访问链接的密钥。

6. 发明申请

US20110305339A1 Key Establishment for Relay Node in a Wireless Communication System 审中-公开
标题翻译：无线通信系统中继节点的关键建立
公开(公告)号：US20110305339A1
公开(公告)日：2011-12-15
申请号：US12964991
申请日：2010-12-10
申请人： Karl Norrman , Rolf Blom , Gunnar Mildh , Ingrid Nordstrand
发明人： Karl Norrman , Rolf Blom , Gunnar Mildh , Ingrid Nordstrand
IPC分类号： H04K1/00
CPC分类号： H04W12/0013 , H04L63/0272 , H04L63/0442 , H04L63/164 , H04L63/166 , H04L2463/061 , H04W12/003 , H04W88/08
摘要： Techniques for providing additional security for the wireless interface between a relay node and a donor base station are based on a security association established between the relay node and the donor base station. In an example method implemented in a relay node, communications with a donor base station are established and a first cryptographic key is generated according to a radio access protocol. A security association between the relay node and the donor base station is then established, using a credential stored at the relay node, and a second cryptographic key is derived from the first cryptographic key, using the stored credential, or one or more parameters relating to the security association, or information exchanged within the security association. The second key is used to protect user plane data relayed from one or more mobile terminals to the donor base station.
摘要翻译：用于为中继节点和施主基站之间的无线接口提供附加安全性的技术基于在中继节点和施主基站之间建立的安全关联。在中继节点中实现的示例性方法中，建立与施主基站的通信，并且根据无线电接入协议生成第一密码密钥。然后使用存储在中继节点处的凭证建立中继节点和施主基站之间的安全关联，并且使用存储的凭证从第一密码密钥导出第二密码密钥，或者与安全关联或在安全关联中交换的信息。第二个密钥用于保护从一个或多个移动终端中继到被授权基站的用户平面数据。

7. 发明申请

US20110302627A1 USER AUTHENTICATON 有权
标题翻译：用户认证
公开(公告)号：US20110302627A1
公开(公告)日：2011-12-08
申请号：US13201694
申请日：2009-02-18
申请人： Rolf Blom , Luis Barriga , Karl Norrman
发明人： Rolf Blom , Luis Barriga , Karl Norrman
IPC分类号： G06F21/00 , G06F7/04
CPC分类号： H04W12/06 , H04L63/0492 , H04L63/18 , H04L67/04
摘要： A method of authenticating access to a service comprises: a) receiving at a mobile terminal, over a bi-directional near-field communication channel between the mobile terminal and a browser, at least part of the identifier of a service; b) comparing, at the mobile terminal, at least part of the identifier received at the mobile terminal with a set of identifiers stored in the mobile device; and c) authenticating access to the service on the basis of whether at least part of the identifier received at the mobile terminal matches an identifier in the set. The mobile terminal may stored a set of URLs, and may compare a received URL (or part URL) with the set of stored URLs. It may generate an alert to the user if at least part of the URL received at the mobile terminal does not match a stored URL. User names and keys are not required to be stored on the web-browser, so the web-browser does not need to maintain a password database. This improves security, since a password database would be vulnerable to malicious code.
摘要翻译：认证对服务的访问的方法包括：a）在移动终端处通过移动终端和浏览器之间的双向近场通信信道，至少部分服务的标识符进行接收; b）在移动终端处将在移动终端处接收到的标识符的至少一部分与存储在移动设备中的一组标识符进行比较; 以及c）基于在所述移动终端中接收到的所述标识符的至少一部分是否匹配所述集合中的标识符来认证对所述服务的访问。移动终端可以存储一组URL，并且可以将接收到的URL（或部分URL）与存储的URL集合进行比较。如果在移动终端处接收到的URL的至少一部分与存储的URL不匹配，则它可以向用户生成警报。用户名和密钥不需要存储在Web浏览器上，因此Web浏览器不需要维护密码数据库。这提高了安全性，因为密码数据库将容易受到恶意代码的攻击。

8. 发明申请

US20110256850A1 METHOD AND ARRANGEMENT FOR CREATION OF ASSOCIATION BETWEEN USER EQUIPMENT AND AN ACCESS POINT 有权
标题翻译：创建用户设备与访问点之间的关联的方法和布置
公开(公告)号：US20110256850A1
公开(公告)日：2011-10-20
申请号：US13140818
申请日：2008-12-19
申请人： Göran Selander , Jari Vikberg , Karl Norrman , Rolf Blom , Mats Naslund
发明人： Göran Selander , Jari Vikberg , Karl Norrman , Rolf Blom , Mats Naslund
IPC分类号： H04W12/06
CPC分类号： H04W12/08 , H04L63/101 , H04W84/045
摘要： Methods, apparatus, and computer program products for creating an association between a first user equipment and at least one access point assisted by a registration server in a telecommunication network are disclosed. The registration server responds to a first contact request carried out using a first association number for the access point, provided by the first user equipment, receives a first association request for the association with the access point, provided by the first user equipment, authorizes the first association request based on a first authorization information provided by the first user equipment; registers the association between the first user equipment and the access point responsive to authorization of the first association request. The first user equipment is associated with the access point and the association is administered by the registration server.
摘要翻译：公开了用于在第一用户设备和由电信网络中的注册服务器辅助的至少一个接入点之间建立关联的方法，设备和计算机程序产品。注册服务器响应由第一用户设备提供的接入点的第一关联号码执行的第一联系请求，接收由第一用户设备提供的与接入点的关联的第一关联请求，授权基于由第一用户设备提供的第一授权信息的第一关联请求; 响应于第一关联请求的授权，注册第一用户设备和接入点之间的关联。第一用户设备与接入点相关联，该关联由注册服务器管理。

9. 发明申请

US20110035787A1 Access Through Non-3GPP Access Networks 有权
标题翻译：通过非3GPP接入网络进行接入
公开(公告)号：US20110035787A1
公开(公告)日：2011-02-10
申请号：US12937008
申请日：2008-11-05
申请人： Mats Naslund , Jari Arkko , Rolf Blom , Vesa Lehtovirta , Karl Norrman , Stefan Rommer , Bengt Sahlin
发明人： Mats Naslund , Jari Arkko , Rolf Blom , Vesa Lehtovirta , Karl Norrman , Stefan Rommer , Bengt Sahlin
IPC分类号： G06F21/00 , G06F15/177
CPC分类号： H04W12/06 , G06F21/30 , H04L63/0272 , H04L63/08 , H04L63/0892 , H04L63/1433 , H04L63/162 , H04L63/164 , H04L63/20 , H04W60/00 , H04W72/0493
摘要： When setting up communication from a user equipment UE (1), such as for providing IP access for the UE in order to allow it to use some service, information or an indication or at least one network properly relating to a first network, e.g. the current access network (3, 3′), is sent to the UE from a node (13) in a sue and network such as the home network (5) of the subscriber ask UE. The information or indication can be sent in a first stage of an authentication procedure being part of the setting up of a connection from the UE. In particular, the network property can indicate whether the access network (3, 3′) is trusted or not.
摘要翻译：当从用户设备UE（1）建立通信时，例如用于为UE提供IP接入，以便允许其使用与第一网络正确相关的至少一个网络的一些服务，信息或指示，例如，当前接入网络（3,3'）从诸如用户询问UE的归属网络（5）的第二网络中的节点（13）发送到UE。可以在认证过程的第一阶段中发送信息或指示，这是作为来自UE的连接的建立的一部分。特别地，网络属性可以指示接入网络（3,3'）是否被信任。

10. 发明申请

US20070230707A1 Method and apparatus for handling keys used for encryption and integrity 有权
标题翻译：用于处理用于加密和完整性的密钥的方法和装置
公开(公告)号：US20070230707A1
公开(公告)日：2007-10-04
申请号：US11726527
申请日：2007-03-22
申请人： Rolf Blom , Karl Norrman , Mats Naslund
发明人： Rolf Blom , Karl Norrman , Mats Naslund
IPC分类号： H04L9/00
CPC分类号： H04L63/062 , H04L9/0844 , H04L9/0891 , H04L2209/80 , H04W12/04
摘要： A method and an arrangement for providing keys for protecting communication between a terminal (300) and service points in a communication network. A basic key (Ik) is first established with a service control node (304) when the terminal has entered the network. An initial modified key (Ik1) is then created in both the service control node and the terminal, by applying a predetermined first function (f) to at least the basic key and an initial value of a key version parameter (v). The initial modified key is sent to a first service point (302), such that it can be used to protect communication between the terminal and the first service point. When the terminal switches to a second service point (306), the first service point and the terminal both create a second modified key (Ik2) by applying a predetermined second function (g) to the initial modified key, and the first service point sends the second modified key to the second service point.
摘要翻译：一种用于提供用于保护终端（300）与通信网络中的服务点之间的通信的密钥的方法和装置。当终端进入网络时，首先与服务控制节点（304）建立基本密钥（Ik）。然后，通过将预定的第一功能（f）应用于至少基本密钥和密钥的初始值，在服务控制节点和终端两者中创建初始修改密钥（Ik1＆lt; 1＆gt;）版本参数（v）。初始修改的密钥被发送到第一服务点（302），使得其可以用于保护终端和第一服务点之间的通信。当终端切换到第二服务点（306）时，第一服务点和终端都通过将预定的第二功能（g）应用于初始修改的密钥来创建第二修改密钥（Ik> 2＆lt; 密钥，第一服务点将第二修改密钥发送到第二服务点。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式