专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

WO2005048560A1 AN INTERMEDIATE NODE AWARE IP DATAGRAM GENERATION 审中-公开
标题翻译：中间节点知识IP代码生成
公开(公告)号：WO2005048560A1
公开(公告)日：2005-05-26
申请号：PCT/IB2004/003683
申请日：2004-11-11
申请人： NOKIA CORPORATION , LE, Franck , LIU, Zhigang , FACCIN, Stefano , LE, Khiem
发明人： LE, Franck , LIU, Zhigang , FACCIN, Stefano , LE, Khiem
IPC分类号： H04L29/06
CPC分类号： H04L63/029 , H04L63/0428 , H04L69/16 , H04L69/161 , H04L69/22
摘要： According to the invention, information in clear text is added to a data packet transmitted from a sender to a receiver with end-to-end security in an IP network, which information indicate encrypted data fields in payload data of the packet and/or instruct an intermediate node located on a path between the sender and the receiver how to process the packet, wherein the part of the packet in which the information is provided is different from payload data.
摘要翻译：根据本发明，在IP网络中具有端到端安全性的从发送方发送到接收者的数据分组中添加明文信息，该信息表示分组的有效载荷数据中的加密数据字段和/或指示位于发送器和接收器之间的路径上的中间节点如何处理分组，其中提供信息的分组的部分与有效载荷数据不同。

2. 发明申请

WO2003069872A1 DISCOVERY OF AN AGENT OR A SERVER IN AN IP NETWORK 审中-公开
标题翻译：在IP网络中发现代理或服务器
公开(公告)号：WO2003069872A1
公开(公告)日：2003-08-21
申请号：PCT/IB2003/000501
申请日：2003-02-14
申请人： NOKIA CORPORATION , LE, Franck , FACCIN, Stefano, M.
发明人： LE, Franck , FACCIN, Stefano, M.
IPC分类号： H04L29/12
CPC分类号： H04L29/12018 , H04L29/12933 , H04L61/10 , H04L61/6068 , H04L67/16 , H04W4/06 , H04W8/005 , H04W8/26 , H04W80/00 , H04W88/14
摘要： A method for discovering an agent in an IP environment comprising broadcasting router advertisement messages by router, wherein the messages comprise a first data element corresponding to a network prefix which identifies the network visited by a communication device; receiving the messages by the communication device; obtaining, by the communication device, a second data element identifying the agent; and computing an IP address of the agent by the communication device by using the first data element and the second data element.
摘要翻译：一种用于在IP环境中发现代理的方法，包括由路由器广播路由器通告消息，其中所述消息包括对应于识别由通信设备访问的网络的网络前缀的第一数据元素; 通过通信设备接收消息; 通过所述通信设备获得识别所述代理的第二数据元素; 以及通过使用第一数据元素和第二数据元素来计算通信设备的代理的IP地址。

3. 发明申请

WO2002068418A2 AUTHENTICATION AND DISTRIBUTION OF KEYS IN MOBILE IP NETWORK 审中-公开
标题翻译：移动IP网络中的认证和分发
公开(公告)号：WO2002068418A2
公开(公告)日：2002-09-06
申请号：PCT/IB2002/001658
申请日：2002-02-25
申请人： NOKIA CORPORATION , FACCIN, Stefano , LE, Franck
发明人： FACCIN, Stefano , LE, Franck
IPC分类号： C07D453/00
CPC分类号： H04L63/062 , H04L9/0841 , H04L63/0853 , H04L63/0869 , H04L2209/80 , H04W12/04 , H04W12/06 , H04W80/04
摘要： There is disclosed a method of establishing a connection between a mobile station and a serving domain, in which a first security association exists between the mobile node and an associated home domain, and a second security association exists between the serving domain and the home domain, the method comprising: transmitting a first message from the mobile node to the serving domain, the first message being encrypted in accordance with the first security association; transmitting the first message from the serving domain to the home domain; decrypting the first message in the home domain in accordance the first security association; transmitting a second message from the home domain to the serving domain, the second message being encrypted according to the first security association; transmitting the second message from the serving domain to the mobile node; decrypting the second message in the mobile node in accordance with the first security association.
摘要翻译：公开了一种在移动站和服务域之间建立连接的方法，其中在移动节点和相关联的归属域之间存在第一安全关联，并且在服务域和归属域之间存在第二安全关联，所述方法包括：从所述移动节点向所述服务域发送第一消息，所述第一消息根据所述第一安全关联进行加密; 将第一消息从服务域发送到归属域; 根据第一安全关联解密归属域中的第一消息; 将第二消息从所述归属域发送到所述服务域，所述第二消息根据所述第一安全关联进行加密; 将所述第二消息从所述服务域发送到所述移动节点; 根据第一安全关联在移动节点中解密第二消息。

4. 发明申请

WO2005002172A1 SECURITY FOR PROTOCOL TRAVERSAL 审中-公开
标题翻译：协议保密协议
公开(公告)号：WO2005002172A1
公开(公告)日：2005-01-06
申请号：PCT/IB2004/002086
申请日：2004-06-23
申请人： NOKIA CORPORATION , LE, Franck , FACCIN, Stefano, M.
发明人： LE, Franck , FACCIN, Stefano, M.
IPC分类号： H04L29/06
CPC分类号： H04L63/123 , H04L9/3073 , H04L9/3247 , H04L9/3297 , H04L69/22 , H04L2209/80
摘要： The invention proposes a method for protecting packets to be sent from a first network node to a second network node, comprising the steps of generating (S21) validity information for a packet, generating (S22) a header for the packet, comprising the validity information, and sending (S23) the packet including the header from the first network node to the second network node, wherein the validity information comprises all necessary information required for performing a validity check of the packet. Thus, no pre-established security association or the like is necessary to verify the validity of a packet.
摘要翻译：本发明提出了一种保护要从第一网络节点发送到第二网络节点的分组的方法，包括以下步骤：产生（S21）分组的有效性信息，生成（S22）分组的报头，包括有效信息并且将包括所述报头的分组从所述第一网络节点发送（S23）到所述第二网络节点，其中所述有效性信息包括执行所述分组的有效性检查所需的所有必要信息。因此，不需要预先建立的安全关联等来验证分组的有效性。

5. 发明申请

WO2007003992A2 METHOD, SYSTEM & COMPUTER PROGRAM PRODUCT FOR DISCOVERING CHARACTERISTICS OF MIDDLEBOXES 审中-公开
标题翻译：用于发现中间盒特性的方法，系统和计算机程序产品
公开(公告)号：WO2007003992A2
公开(公告)日：2007-01-11
申请号：PCT/IB2006/001361
申请日：2006-05-25
申请人： NOKIA CORPORATION , LE, Franck , FACCIN, Stefano
发明人： LE, Franck , FACCIN, Stefano
CPC分类号： H04L29/12528 , H04L29/12471 , H04L29/12509 , H04L61/2553 , H04L61/2567 , H04L61/2575
摘要： A method, computer program product, communications device and system for enabling an end node or terminal to discover one or more characteristics of a firewall on the communications path between the end node and a data network are provided. In particular, middlebox configuration protocols have been extended to allow a user to run additional tests in order to determine, for example, whether a discovered firewall blocks unsolicited incoming requests, as well as what the length of time associated with a particular state created by the discovered firewall is.
摘要翻译：提供了用于使端节点或终端能够发现端节点和数据网络之间的通信路径上的防火墙的一个或多个特征的方法，计算机程序产品，通信设备和系统。特别是，中间件配置协议已经扩展到允许用户运行附加测试，以便确定例如发现的防火墙是否阻止未经请求的传入请求，以及与由该应用程序创建的特定状态相关的时间长度发现的防火墙是。

6. 发明申请

WO2002030132A3 METHOD AND SYSTEM FOR SECURITY MOBILITY BETWEEN DIFFERENT CELLULAR SYSTEMS 审中-公开
公开(公告)号：WO2002030132A3
公开(公告)日：2002-04-11
申请号：PCT/US2001/025929
申请日：2001-08-20
申请人： NOKIA CORPORATION , FACCIN, Stefano, M. , LE, Franck
发明人： FACCIN, Stefano, M. , LE, Franck
IPC分类号： H04Q7/32
摘要： Method and system for providing security mobility between two cellular systems. One or more ciphering keys are generated for a second cellular system by an interperability authentication center at a first cellular system and by a mobile device separetely . Traffic between the mobile device and the first cellular system is encrypted using one or more first ciphering keys for the first cellular system. A handover of the traffic of the mobile device. After approval of handoff and before handoff, the one or more second ciphering keys are sent from the first cellular system to the second cellular system. The traffic is handed off by the mobile device from the first cellular system to the second to the second cellulary system.. The traffic between the mobile device and the second cellulary system is encryped using the one or more second ciphering keys. The ciphering of the traffic is maintained during handoff.

7. 发明申请

WO2005064890A1 A METHOD TO SUPPORT MOBILE IP MOBILITY IN 3GPP NETWORKS WITH SIP ESTABLISHED COMMUNICATIONS 审中-公开
标题翻译：支持3GPP网络中移动IP移动性的方法与SIP建立通信
公开(公告)号：WO2005064890A1
公开(公告)日：2005-07-14
申请号：PCT/IB2004/004256
申请日：2004-12-15
申请人： NOKIA CORPORATION , LE, Franck , FACCIN, Stefano , PURNADI, Rene , GRECH, Sandro
发明人： LE, Franck , FACCIN, Stefano , PURNADI, Rene , GRECH, Sandro
IPC分类号： H04L29/06
CPC分类号： H04L63/0236 , H04L29/06027 , H04L63/0254 , H04L63/029 , H04L65/1006 , H04L65/1016 , H04L65/80 , H04W80/04 , H04W80/10
摘要： The invention proposes a method for controlling a connection between a first network node and a second network node, wherein the connection is controlled by a packet filtering function filtering packets such that a packet is discarded in case a source address and/or a destination address do not comply with a filtering rule, wherein the packet filtering function is configured at a connection set up, and at least one of the first or second network node is adapted to change its address, the method comprising the steps of informing the packet filtering function about the new address of the network node having changed its address, and updating the packet filter of the packet filtering function by using the new address of the network node having changed its address. The invention also proposes a corresponding network system comprising at least a network node and a packet filtering network element. Furthermore, the invention proposes a corresponding packet filtering network device.
摘要翻译：本发明提出了一种用于控制第一网络节点和第二网络节点之间的连接的方法，其中所述连接由过滤分组的分组过滤功能控制，使得在源地址和/或目的地地址做的情况下丢弃分组不符合过滤规则，其中所述包过滤功能被配置在建立的连接处，并且所述第一或第二网络节点中的至少一个适于改变其地址，所述方法包括以下步骤：通知所述包过滤功能关于网络节点的新地址已经改变了其地址，并且通过使用已经改变了其地址的网络节点的新地址来更新分组过滤功能的分组过滤器。本发明还提出了至少包括网络节点和分组过滤网络元件的对应网络系统。此外，本发明提出了一种相应的分组过滤网络设备。

8. 发明申请

WO2003026334A1 AUTHENTICATING IP PAGING REQUESTS AS SECURITY MECHANISM 审中-公开
标题翻译：作为安全机制认证IP寻呼请求
公开(公告)号：WO2003026334A1
公开(公告)日：2003-03-27
申请号：PCT/IB2002/003681
申请日：2002-09-12
申请人： NOKIA CORPORATION , LE, Franck , FACCIN, Stefano, M. , KOODLI, Rajeev , MALINEN, Jari, T.
发明人： LE, Franck , FACCIN, Stefano, M. , KOODLI, Rajeev , MALINEN, Jari, T.
IPC分类号： H04Q7/38
CPC分类号： H04L63/061 , H04L63/0838 , H04L63/1466 , H04W12/06 , H04W12/12 , H04W64/00 , H04W68/00 , H04W80/04
摘要： A method of authenticating a paging request within an IP environment, said environment comprising a paging area having a plurality of access router (PAR, AR) and at least one mobile node (MN), said method comprising the steps of: sharing a session security key (K) between said mobile node (MN) and an access router (PAR) to which said mobile node (MN) has been previously attached to; receiving (S1) a packet incoming for said mobile node (MN) by said previous access router (PAR), wherein said mobile node (MN) is in a dormant mode; submitting (S2) a paging request to all other access routers (AR) of said paging area by said previous access router (PAR) about the packet which came in, thereby also distributing said session security key (K); generating (S3) authentication parameters according to a predetermined process by an access router (AR) to which said mobile node (MN) is currently attached to; submitting (S4) said paging request from said access router (AR) to said mobile node (MN) including said authentication parameters; verifying (S5) the validity of said request by said mobile node (MN), wherein said authentication parameters are processed according to said predetermined process; and submitting (S6) a paging response from said mobile node (MN) to said access router (AR), wherein said response authenticates said paging request.
摘要翻译：一种在IP环境内认证寻呼请求的方法，所述环境包括具有多个接入路由器（PAR，AR）和至少一个移动节点（MN）的寻呼区域，所述方法包括以下步骤：共享会话安全所述移动节点（MN）和所述移动节点（MN）先前已经附接到的移动节点（MN）的接入路由器（PAR）之间的密钥（K）接收（S1）由所述先前访问路由器（PAR）进入所述移动节点（MN）的分组，其中所述移动节点（MN）处于休眠模式; 向所述先前访问路由器（PAR）向所述寻呼区域的所有其他接入路由器（AR）提交关于进入的分组的寻呼请求（S2），从而也分发所述会话安全密钥（K）; 根据所述移动节点（MN）当前附着到的接入路由器（AR）根据预定的处理生成（S3）认证参数; （S4）从所述接入路由器（AR）到包括所述认证参数的所述移动节点（MN）的所述寻呼请求; 验证（S5）所述移动节点（MN）的所述请求的有效性，其中所述认证参数根据所述预定过程进行处理; 以及向所述接入路由器（AR）提交（S6）从所述移动节点（MN）的寻呼响应，其中所述响应认证所述寻呼请求。

9. 发明申请

WO2005076573A1 METHOD AND SYSTEM FOR SENDING BINDING UPDATES TO CORRESPONDENT NODES BEHIND FIREWALLS 审中-公开
标题翻译：发送绑定更新的相关方法和系统
公开(公告)号：WO2005076573A1
公开(公告)日：2005-08-18
申请号：PCT/IB2005/000304
申请日：2005-02-08
申请人： NOKIA CORPORATION , LE, Franck , FACCIN, Stefano
发明人： LE, Franck , FACCIN, Stefano
IPC分类号： H04L29/06
CPC分类号： H04W8/082 , H04L63/0254 , H04L63/029 , H04L69/16 , H04L69/167
摘要： The invention proposes a method for providing traversal of a packet filtering function (D) for information transferred between a first network node (A) and a second network node (B) wherein the second network node (B) is associated with a home network control element (C) and the first network node (A) is protected by the packet filtering function (D), the method comprising the steps of sending (S1) a message including temporary identification information from the second node to the home network control element, sending (S3) a message including at least a part of the temporary identification information from the home network control element to the first node, and preparing (S4-S7) a direct connection between the first node and the second node via the packet filtering function based on the identification information. The invention also proposes corresponding network nodes, a corresponding home network control element and a corresponding network system.
摘要翻译：本发明提出了一种用于提供对第一网络节点（A）和第二网络节点（B）之间传输的信息的分组过滤功能（D）的遍历的方法，其中第二网络节点（B）与家庭网络控制元素（C）和第一网络节点（A）由分组过滤功能（D）保护，所述方法包括以下步骤：将包括临时识别信息的消息从第二节点发送（S1）到家庭网络控制元件，将包括所述临时识别信息的至少一部分的消息从家庭网络控制元件发送（S3）到第一节点，以及通过分组过滤功能（S4-S7）准备第一节点和第二节点之间的直接连接基于识别信息。本发明还提出了相应的网络节点，相应的家庭网络控制元件和相应的网络系统。

10. 发明申请

WO2004112346A1 IMPROVEMENTS IN SECURITY OF A COMMUNICATION SYSTEM 审中-公开
标题翻译：通信系统安全的改进
公开(公告)号：WO2004112346A1
公开(公告)日：2004-12-23
申请号：PCT/IB2004/001962
申请日：2004-06-11
申请人： NOKIA CORPORATION , LE, Franck , FACCIN, Stefano
发明人： LE, Franck , FACCIN, Stefano
IPC分类号： H04L29/06
CPC分类号： H04L63/1458 , H04L63/0227 , H04L63/14
摘要： Communications systems and methods for controlling transportation of data. The methods commonly include entering state information associated with a data transportation connection in a state information record maintained in a data processing entity. The data transportation connection is normally established between user equipment and a node, commonly via a gateway node, and the data processing entity is typically configured to control transportation of data based on the state information table. The methods also usually include, detecting that the data transportation connection is deactivated for the user equipment, sending information from the gateway node that the user equipment cannot be reached, and, in response to the information, deleting the state information from the state information record. The systems generally allow for implementation of the methods.
摘要翻译：用于控制数据传输的通信系统和方法。这些方法通常包括在维护在数据处理实体中的状态信息记录中输入与数据传输连接相关联的状态信息。通常通过网关节点在用户设备和节点之间建立数据传输连接，并且数据处理实体通常被配置为基于状态信息表来控制数据传输。该方法还通常包括：检测到用户设备的数据传输连接被停用，从网关节点发送不能到达用户设备的信息，并且响应于该信息，从状态信息记录中删除状态信息。系统通常允许实现方法。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式