专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

41. 发明申请

WO2013004465A1 AUTHENTICATION OF WARNING MESSAGES IN A NETWORK 审中-公开
标题翻译：网络中警告信息的验证
公开(公告)号：WO2013004465A1
公开(公告)日：2013-01-10
申请号：PCT/EP2012/061318
申请日：2012-06-14
申请人： TELEFONAKTIEBOLAGET L M ERICSSON (publ) , WIFVESSON, Monica , LILJENSTAM, Michael , MATTSSON, John , NORRMAN, Karl
发明人： WIFVESSON, Monica , LILJENSTAM, Michael , MATTSSON, John , NORRMAN, Karl
IPC分类号： H04L29/06 , H04W8/24
CPC分类号： H04L63/08 , H04L63/123 , H04W4/90 , H04W12/10
摘要： There is described herein a device (101) for communicating with a network. The device (101) comprises a communications unit for receiving data, a notification device for providing a notification to a user, and a control unit for controlling the operation of the communications unit and notification unit. The communications unit is configured to receive an information message (110, 112, 115), and to receive security authentication data (110, 112, 115) associated with the information message if such security authentication data is available. The control unit is configured to operate in a first or second configuration. In the first configuration it ignores the security authentication data, (111, 113), and instructs the notification unit to convey the notification to the user. In the second configuration, it verifies the information message (116) on the basis of the security authentication data and instructs the notification unit to convey the notification to the user if the verification is successful. The communications unit is configured to receive a configuration message (114) indicating the configuration in which the control unit should operate, and the control unit is configured to change configuration if the indicated configuration is different to the current configuration.
摘要翻译：这里描述了用于与网络通信的设备（101）。设备（101）包括用于接收数据的通信单元，用于向用户提供通知的通知装置，以及用于控制通信单元和通知单元的操作的控制单元。通信单元被配置为接收信息消息（110,112,115），并且如果这种安全认证数据可用，则接收与该信息消息相关联的安全认证数据（110,112,115）。控制单元被配置为以第一或第二配置操作。在第一配置中，它忽略安全认证数据（111,113），并指示通知单元向用户传达通知。在第二配置中，它根据安全认证数据来验证信息消息（116），并且如果验证成功则指示通知单元向用户传达该通知。通信单元被配置为接收指示控制单元应该运行的配置的配置消息（114），并且如果所指示的配置与当前配置不同，则配置控制单元来改变配置。

42. 发明申请

WO2011128183A3 METHOD AND APPARATUS FOR INTERWORKING WITH SINGLE SIGN-ON AUTHENTICATION ARCHITECTURE 审中-公开
标题翻译：用于与单一标识认证架构交互的方法和装置
公开(公告)号：WO2011128183A3
公开(公告)日：2012-01-05
申请号：PCT/EP2011054303
申请日：2011-03-22
申请人： ERICSSON TELEFON AB L M , NIKANDER PEKKA , EKDAHL PATRIK , LEHTOVIRTA VESA , NORRMAN KARL , WIFVESSON MONICA
发明人： NIKANDER PEKKA , EKDAHL PATRIK , LEHTOVIRTA VESA , NORRMAN KARL , WIFVESSON MONICA
IPC分类号： H04L29/06
CPC分类号： H04L63/0815 , H04L63/0853 , H04L63/18 , H04W12/06
摘要： A method is provided for use in interworking a single sign-on authentication architecture (Open ID) and a further authentication architecture (3GPP) in a split terminal scenario. The split terminal scenario is one in which authentication under the single sign-on authentication architecture is required of a browsing agent (8) being used to access a relying party and in response an associated authentication under the further authentication architecture is performed in relation to a separate authentication agent (7). A controlling agent (4) sends (C3) a token to the authentication agent (7). The controlling agent (4) sends (C4) a request to the browsing agent (8) to return a token for comparing with the token sent to the authentication agent (7). The controlling agent (4) waits (C6) for the authentication agent (7) or a user of the authentication agent (7) to communicate (A2) the received token to the browsing agent (8). The controlling agent (4) compares (C10) the received token with the token sent to the authentication agent (7) to determine whether the authentication agent (7) is authorised to perform authentication on behalf of the browsing agent (8).
摘要翻译：提供了一种用于在分离终端场景中互通单一登录认证架构（开放ID）和另外的认证架构（3GPP）的方法。拆分终端场景是其中需要用于访问依赖方的浏览代理（8）的单点登录认证体系结构下的认证，并且响应于在进一步认证架构下的相关认证相对于单独的认证代理（7）。控制代理（4）向认证代理（7）发送（C3）令牌。控制代理（4）向浏览代理（8）发送（C4）请求以返回与发送给认证代理（7）的令牌进行比较的令牌。控制代理（4）等待认证代理（7）或认证代理（7）的用户（C6）将所接收的令牌通信（A2）到浏览代理（8）。控制代理（4）将接收的令牌（C10）与发送给认证代理（7）的令牌进行比较（C10），以确定认证代理（7）是否被授权代表浏览代理（8）进行认证。

43. 发明申请

WO2010074621A1 A KEY MANAGEMENT METHOD 审中-公开
标题翻译：关键管理方法
公开(公告)号：WO2010074621A1
公开(公告)日：2010-07-01
申请号：PCT/SE2008/051558
申请日：2008-12-23
申请人： TELEFONAKTIEBOLAGET LM Ericsson (publ) , LINDHOLM, Fredrik , JOHANSSON, Mattias , NORRMAN, Karl
发明人： LINDHOLM, Fredrik , JOHANSSON, Mattias , NORRMAN, Karl
IPC分类号： H04L9/08
CPC分类号： H04L9/0833
摘要： The present invention relates to a key management method to establish selective secret information in multiple disjoint groups, more specifically to a method of reducing the broadcast size in access hierarchies and localize and facilitate management in said access hierarchies. The key management method selects a number of subgroups. Each subgroup supports an instance of a key distribution method for receiving distributed key material, and is capable of computing a usage security key based on the distributed key material and predefined user group key material.
摘要翻译：本发明涉及一种用于在多个不相交组中建立选择性秘密信息的密钥管理方法，更具体地涉及一种减少接入层次中广播大小的方法，并且对所述接入层次中的管理进行本地化和便利化。密钥管理方法选择多个子组。每个子组支持用于接收分布式密钥材料的密钥分发方法的实例，并且能够基于分布式密钥材料和预定义的用户组密钥材料来计算使用安全密钥。

44. 发明申请

WO2010031600A1 KEY MANAGEMENT IN A COMMUNICATION NETWORK 审中-公开
标题翻译：通信网络中的主要管理
公开(公告)号：WO2010031600A1
公开(公告)日：2010-03-25
申请号：PCT/EP2009/052967
申请日：2009-03-13
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (PUBL) , BLOM, Rolf , NÄSLUND, Mats , NORRMAN, Karl , LINDHOLM, Fredrik
发明人： BLOM, Rolf , NÄSLUND, Mats , NORRMAN, Karl , LINDHOLM, Fredrik
IPC分类号： H04L29/06 , H04L9/08
CPC分类号： H04L63/0869 , H04L9/0819 , H04L9/083 , H04L9/3213 , H04L63/0428 , H04L63/06 , H04L63/08
摘要： A method and apparatus for key management in a communication network. A Key Management Server (KMS) receives from a first device a request for a token associated with a user identity, the user identity being associated with a second device. The KMS then sends the requested token and a user key associated with the user to the first device. The KMS subsequently receives the token from the second device. A second device key is generated using the user key and a modifying parameter associated with the second device. The modifying parameter is available to the first device for generating the second device key. The second device key is then sent from the KMS to the second device. The second device key can be used by the second device to authenticate itself to the first device, or for the first device to secure communications to the second device.
摘要翻译：一种用于通信网络中密钥管理的方法和装置。密钥管理服务器（KMS）从第一设备接收与用户身份相关联的令牌的请求，所述用户身份与第二设备相关联。然后，KMS将所请求的令牌和与用户相关联的用户密钥发送到第一设备。 KMS随后从第二个设备接收令牌。使用用户密钥和与第二设备相关联的修改参数来生成第二设备密钥。修改参数可用于第一设备用于生成第二设备密钥。然后，第二个设备密钥从KMS发送到第二个设备。第二设备密钥可以由第二设备用于向第一设备或第一设备认证自身以确保与第二设备的通信。

45. 发明申请

WO2010003713A1 SENDING MEDIA DATA VIA AN INTERMEDIATE NODE 审中-公开
标题翻译：发送媒体数据通过中间节点
公开(公告)号：WO2010003713A1
公开(公告)日：2010-01-14
申请号：PCT/EP2009/055490
申请日：2009-05-06
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (PUBL) , BLOM, Rolf , CHENG, Yi , MATTSSON, John , NÄSLUND, Mats , NORRMAN, Karl
发明人： BLOM, Rolf , CHENG, Yi , MATTSSON, John , NÄSLUND, Mats , NORRMAN, Karl
IPC分类号： H04L29/06
CPC分类号： H04L65/601 , H04L63/0464 , H04L63/0478 , H04L63/06 , H04L63/123
摘要： A method and apparatus for sending protected media data from a data source node to a client node via an intermediate node. The data source node establishes a first hop- by-hop key to be shared with the intermediate node and an end-to-end key to be shared with the client node. A single security protocol instance is configured and used to transform data from a media stream into transformed data using the keys. The transformed data is then sent to the intermediate node. The intermediate node uses the first hop-by-hop key to apply a security processing to the transformed data, and establishes a second hop-by-hop key with the client node. A second transformation is performed on the transformed data using the second hop-by-hop key to produce further transformed media data, which is then sent to the client node. At the client node a single security protocol instance is configured with the second hop-by-hop key and the end-to-end key, which are used to apply further security processing to the transformed media data.
摘要翻译：一种用于经由中间节点将受保护媒体数据从数据源节点发送到客户端节点的方法和装置。数据源节点建立要与中间节点共享的第一个逐跳密钥和要与客户端节点共享的端对端密钥。单个安全协议实例被配置并用于使用密钥将媒体流中的数据转换为变换数据。然后将变换的数据发送到中间节点。中间节点使用第一个逐跳密钥对转换的数据应用安全处理，并与客户端节点建立第二个逐跳密钥。使用第二逐跳密钥对经变换的数据执行第二变换以产生进一步转换的媒体数据，然后将其转发到客户端节点。在客户端节点，单个安全协议实例配置有第二个逐跳密钥和端对端密钥，用于对转换的媒体数据应用进一步的安全处理。

46. 发明申请

WO2009152845A1 CONVERTING ENCRYPTED MEDIA DATA 审中-公开
标题翻译：转换加密媒体数据
公开(公告)号：WO2009152845A1
公开(公告)日：2009-12-23
申请号：PCT/EP2008/057548
申请日：2008-06-16
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (PUBL) , BLOM, Rolf , NORRMAN, Karl
发明人： BLOM, Rolf , NORRMAN, Karl
IPC分类号： H04L29/06
CPC分类号： H04L63/0457 , H04L63/0464 , H04L65/605 , H04L65/608
摘要： A method and apparatus for converting encrypted media data. An intermediate node receives Secure Real-time Transport Protocol (SRTP) media data packets having an encrypted payload. The intermediate node modifies each media data packet, such that a SRTP Initialization Vector (IV) is converted to a corresponding Packet-switched Streaming Service (PSS) IV. The modified media data packets are then sent to a receiver node using a PSS protocol. This allows the receiver to receive the SRTP media in a PSS format.
摘要翻译：一种用于转换加密的媒体数据的方法和装置。中间节点接收具有加密有效载荷的安全实时传输协议（SRTP）媒体数据分组。中间节点修改每个媒体数据分组，使得SRTP初始化向量（IV）被转换为相应的分组交换流服务（PSS）IV。然后使用PSS协议将修改的媒体数据分组发送到接收方节点。这允许接收器以PSS格式接收SRTP媒体。

47. 发明申请

WO2009146729A1 CRYPTOGRAPHIC KEY GENERATION 审中-公开
公开(公告)号：WO2009146729A1
公开(公告)日：2009-12-10
申请号：PCT/EP2008/005960
申请日：2008-07-21
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (publ) , NORRMAN, Karl , NÄSLUND, Mats
发明人： NORRMAN, Karl , NÄSLUND, Mats
IPC分类号： H04L9/08 , H04W12/02
CPC分类号： H04W12/06 , H04L9/065 , H04L9/0819 , H04L9/0838 , H04L9/0866 , H04L9/0869 , H04L9/0891 , H04L9/14 , H04L9/3271 , H04L2209/24 , H04L2209/80 , H04L2463/061 , H04W12/04
摘要： A technique for generating a cryptographic key (120) is provided. The technique is particularly useful for protecting the communication between two entities (202, 302; 204, 304) cooperatively running a distributed security operation. The technique comprises providing at least two parameters (106, 108), the first parameter (106) comprising or deriving from some cryptographic keys (110, 112) which have been computed by the first entity (202, 302) by running the security operation; and the second parameter (108) comprising or deriving from a token (116) having a different value each time the security (114) operation is initiated by the second entity (204, 304) for the first entity (202, 302). A key derivation function is applied to the provided parameters (106, 108) to generate the desired cryptographic key (120).
摘要翻译：提供了一种用于生成加密密钥（120）的技术。该技术对于保护协作地运行分布式安全操作的两个实体（202,302; 204,304）之间的通信特别有用。所述技术包括提供至少两个参数（106,108），所述第一参数（106）包括由所述第一实体（202,302）通过运行所述安全操作来计算的一些加密密钥（110,112） ; 并且所述第二参数（108）包括每个所述第一实体（202,302）由所述第二实体（204,304）启动所述安全性（114）操作时具有不同值的令牌（116）或从所述令牌（116）导出。密钥导出函数被应用于所提供的参数（106,108）以生成期望的密码密钥（120）。

48. 发明申请

WO2009078775A1 METHOD FOR DIGITAL RIGHTS MANAGEMENT IN A MOBILE COMMUNICATIONS NETWORK 审中-公开
标题翻译：移动通信网络中数字权限管理的方法
公开(公告)号：WO2009078775A1
公开(公告)日：2009-06-25
申请号：PCT/SE2007/051043
申请日：2007-12-19
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (PUBL) , CHENG, Yi , BARRIGA, Luis , NORRMAN, Karl
发明人： CHENG, Yi , BARRIGA, Luis , NORRMAN, Karl
IPC分类号： G06F21/00
CPC分类号： H04W12/08 , G06F21/10 , G06F2221/0717 , H04L2463/101
摘要： The present invention relates to a method and an operator network node for enabling a user-defined DRM domain of *SIMs hosted by *SIM-enabled devices. The operator network node is connectable to a *SIM based device and to a content provider node, and comprises means for establishing a secure channel between a *SIM-based device and an operator network node, means for creating a DRM domain defined by at least one user of *SIM- based devices, means for receiving at the operator network node a registration request from the *SIM-based device to register the *SIM of the *SIM-based device into the created user-defined DRM domain, means for registering at the operator network node the *SIM of the *SIM-based device into the registered user-defined DRM domain, and means for making the registered information associated with the user-defined DRM domain available to the content provider. The invention also relates to a further method and the content provider comprising means for accessing in the operator network node registered information associated with a registered user-defined DRM domain comprising *SIMs of a user, and means for establishing a content provider defined DRM domain comprising at least one of the *SIMs of the user-defined DRM domain.
摘要翻译：本发明涉及一种方法和运营商网络节点，用于启用由启用SIM的设备主持的* SIM的用户定义的DRM域。运营商网络节点可连接到基于* SIM的设备和内容提供商节点，并且包括用于在基于* SIM的设备和运营商网络节点之间建立安全信道的装置，用于创建至少定义的DRM域的装置用于基于SIM的设备的一个用户，用于在所述运营商网络节点处接收来自基于* SIM的设备的注册请求以将所述基于SIM卡的设备的* SIM注册到所创建的用户定义的DRM域中的装置，在运营商网络节点将基于* SIM的设备的* SIM注册到注册用户定义的DRM域中，以及用于使与用户定义的DRM域相关联的注册信息可用于内容提供商的装置。本发明还涉及一种另外的方法和内容提供器，其包括用于在运营商网络节点中访问与包括用户的SIM的注册用户定义的DRM域相关联的注册信息的装置，以及用于建立内容提供商定义的DRM域的装置，包括用户定义的DRM域的* SIM中的至少一个。

49. 发明申请

WO2009065447A1 WIRELESS LAN MOBILITY 审中-公开
标题翻译：无线局域网移动
公开(公告)号：WO2009065447A1
公开(公告)日：2009-05-28
申请号：PCT/EP2007/062763
申请日：2007-11-23
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (PUBL) , HADDAD, Wassim , NORRMAN, Karl
发明人： HADDAD, Wassim , NORRMAN, Karl
IPC分类号： H04L29/06
CPC分类号： H04L63/0823 , H04L63/0807 , H04W12/06 , H04W36/0011 , H04W84/12
摘要： A method of performing hand-off of a Mobile Node from a previous Access Point to a new Access Point within a WLAN domain, where the previous and new Access Points are connected respectively to previous and new Access Routers. The method comprises, following a MAC authentication exchange between the Mobile Node and the new Access Point, sending a MAC Reassociation Request from the Mobile Node to the New Access Point, forwarding said Reassociation Request to said new Access Router, and sending the Reassociation Request from said new Access Router to said previous Access Router within an IP hand-off request, and authenticating the Reassociation Request at the previous Access Router and initiating the tunnelling of IP packets received at the previous Access Router and destined for said Mobile Node, towards said new Access Router.
摘要翻译：执行移动节点从先前接入点切换到WLAN域内的新接入点的方法，其中先前和新的接入点分别连接到先前和新的接入路由器。该方法包括：在移动节点和新的接入点之间的MAC认证交换之后，从移动节点向新接入点发送MAC重新关联请求，将所述重新关联请求转发到所述新的接入路由器，并将所述重定向请求从在IP切换请求中将所述新的接入路由器指向所述先前的接入路由器，并且在先前的接入路由器上认证重新发送请求，并且发起在先前的接入路由器接收并发往所述移动节点的IP分组的隧道，朝向所述新的接入路由器

50. 发明申请

WO2007062882A3 METHOD AND APPARATUS FOR DELIVERING KEYING INFORMATION 审中-公开
标题翻译：提供密钥信息的方法和设备
公开(公告)号：WO2007062882A3
公开(公告)日：2007-12-13
申请号：PCT/EP2006064107
申请日：2006-07-11
申请人： ERICSSON TELEFON AB L M , NORRMAN KARL , BLOM ROLF , LINDHOLM FREDRIK
发明人： NORRMAN KARL , BLOM ROLF , LINDHOLM FREDRIK
IPC分类号： H04W12/02 , H04W12/04
CPC分类号： H04W12/02 , H04L63/0272 , H04L63/062 , H04L63/08 , H04L63/164 , H04L65/1016 , H04W12/04
摘要： A method of delivering an application key or keys to an application server for use in securing data exchanged between the application server and a user equipment, the user equipment accessing a communications network via an access domain. The method comprises running an Authentication and Key Agreement procedure between the user equipment and a home domain in order to make keying material available to the user equipment and to an access enforcement point. At least a part of said keying material is used to secure a communication tunnel between the user equipment and the access enforcement point, and one or more application keys are derived within the home domain using at least part of said keying material. Said application key(s) is(are) provided to said application server, and the same application key(s) derived at the user equipment, wherein said access enforcement point is unable to derive or have access to said application key(s).
摘要翻译：一种向应用服务器传递一个或多个应用密钥以用于保护在应用服务器和用户设备之间交换的数据的方法，该用户设备经由接入域接入通信网络。该方法包括在用户设备和归属域之间运行认证和密钥协商程序，以便使密钥材料对于用户设备和访问执行点可用。所述密钥资料的至少一部分用于保护用户设备和接入强制执行点之间的通信隧道，并且使用所述密钥资料的至少一部分在本地域内导出一个或多个应用密钥。所述应用密钥被提供给所述应用服务器，并且在用户设备处导出相同的应用密钥，其中所述接入实施点不能导出或访问所述应用密钥。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式