专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

WO2010041991A1 DIGITAL RIGHTS MANAGEMENT IN USER-CONTROLLED ENVIRONMENT 审中-公开
标题翻译：用户控制环境中的数字权限管理
公开(公告)号：WO2010041991A1
公开(公告)日：2010-04-15
申请号：PCT/SE2008/051131
申请日：2008-10-06
申请人： TELEFONAKTIEBOLAGET L M ERICSSON (PUBL) , NÄSLUND, Mats , GALLO, Diego Sanchez , VENTURINI, Yeda Regina , SIMPLICIO JUNIOR, Marcos Antonio , POURZANDI, Makan , CARVALHO, Tereza Cristina Melo de Brito
发明人： NÄSLUND, Mats , GALLO, Diego Sanchez , VENTURINI, Yeda Regina , SIMPLICIO JUNIOR, Marcos Antonio , POURZANDI, Makan , CARVALHO, Tereza Cristina Melo de Brito
IPC分类号： G06F21/00 , H04L9/00 , H04L29/00
CPC分类号： H04N21/63345 , G06F21/10 , G06F2221/0706 , G06F2221/2149 , H04N21/2541 , H04N21/43615 , H04N21/64322 , H04N21/8355
摘要： A method of controlling access to content comprises receiving, at a domain gateway (3) of a domain (4), a request from a device (5) in the domain for access to the content. It is determined at the domain gateway whether the number of devices in the domain currently accessing the content is equal to a specified maximum number of devices that may simultaneously access the content. The maximum number of devices that may simultaneously access the content is independent of the number of devices in the domain. If the determination is that the number of devices in the domain currently accessing the content is less than the specified maximum number the request is allowed, otherwise it is refused.
摘要翻译：控制对内容的访问的方法包括在域的域网关（3）处接收来自域中的用于访问内容的设备（5）的请求。在域网关确定当前正在访问内容的域中的设备的数量是否等于可以同时访问内容的指定的最大数量的设备。可以同时访问内容的最大设备数量与域中的设备数量无关。如果确定当前正在访问内容的域中的设备数量小于指定的最大数量，则允许该请求，否则将被拒绝。

2. 发明申请

WO2010050861A1 A METHOD AND AN APPARATUS FOR KEY MANAGEMENT IN A COMMUNICATION NETWORK 审中-公开
标题翻译：一种通信网络中密钥管理的方法和装置
公开(公告)号：WO2010050861A1
公开(公告)日：2010-05-06
申请号：PCT/SE2008/051240
申请日：2008-10-30
申请人： TELEFONAKTIEBOLAGET L M ERICSSON (PUBL) , CARVALHO, Tereza Cristina Melo de Brito , COROAMA, Vlad Constantin , NÄSLUND, Mats , POURZANDI, Makan , SIMPLICIO JUNIOR, Marcos Antonio , VENTURINI, Yeda Regina
发明人： CARVALHO, Tereza Cristina Melo de Brito , COROAMA, Vlad Constantin , NÄSLUND, Mats , POURZANDI, Makan , SIMPLICIO JUNIOR, Marcos Antonio , VENTURINI, Yeda Regina
IPC分类号： H04L29/06 , H04L9/08 , H04N7/173
CPC分类号： H04L63/065 , H04L9/0833 , H04L63/10 , H04L65/4076 , H04L2209/60 , H04L2209/80 , H04N7/162 , H04N21/26613 , H04N21/4383 , H04N21/63345 , H04N21/6405
摘要： The present invention relates to a method of key management and to an apparatus (200) of communication network (100) comprising a plurality of groups (141, 142, 143), each group (141) including one or several members (132A, 132B, 132C) authorized to have access to key-protected services provided by the apparatus. According to the method, it is determined when a member (132A) starts a switching action from one service to another and it is determined a time dependent quantity starting from the switching action. The method further comprises, determining that the member (132A) is a member of a switching group (150) when the quantity is less thana threshold value, and when the quantity is larger than the threshold, determining that the member (132A) has decided to join a new group(142), and changing the appropriate access key(s).
摘要翻译：本发明涉及密钥管理方法和通信网络（100）的装置（200），包括多个组（141,142,143），每个组（141）包括一个或多个成员（132A，132B），132C）被授权访问由该设备提供的密钥保护服务。根据该方法，确定成员（132A）何时开始从一个服务到另一个服务的切换动作，并且从切换动作开始确定时间相关量。该方法还包括：当所述数量小于阈值时，确定所述构件（132A）是切换组（150）的成员，并且当所述数量大于所述阈值时，确定所述构件（132A）已经决定加入新组（142），并更改适当的访问密钥。

3. 发明申请

WO2011160683A1 PRIVACY PRESERVING AUTHORISATION IN PERVASIVE ENVIRONMENTS 审中-公开
标题翻译：隐私保护环境中的授权
公开(公告)号：WO2011160683A1
公开(公告)日：2011-12-29
申请号：PCT/EP2010/058846
申请日：2010-06-22
申请人： TELEFONAKTIEBOLAGET LM ERICSSON (publ) , NÄSLUND, Mats , CARVALHO, Tereza, Cristina Melo de Brito , DOMINIC, Cristina Klippel , SAKURAGUI, Rony , POURZANDI, Makan , SIMPLICIO JUNIOR, Marcos Antonio
发明人： NÄSLUND, Mats , CARVALHO, Tereza, Cristina Melo de Brito , DOMINIC, Cristina Klippel , SAKURAGUI, Rony , POURZANDI, Makan , SIMPLICIO JUNIOR, Marcos Antonio
IPC分类号： H04L29/06
CPC分类号： H04L63/08 , H04L9/0841 , H04L9/321 , H04L63/0407 , H04L63/062 , H04L63/0815 , H04L2209/80 , H04W12/02 , H04W12/04
摘要： A method for preserving privacy during authorisation in pervasive environments is described. The method includes an authorisation phase in which the user is provided with a reusable credential associated with verifiable constraints, and an operation phase where the service provider verifies the reusable credential before authorising the user. Third parties cannot link plural uses of the credential to each other, and the service provider cannot link plural uses of said credential to each other.
摘要翻译：描述了在普及环境中授权期间保护隐私的方法。该方法包括向用户提供与可验证约束相关联的可重用证书的授权阶段，以及服务提供商在授权用户之前验证可重用凭证的操作阶段。第三方不能将凭证的复用用途彼此连接，并且服务提供者不能将所述证书的复数用法彼此连接起来。

4. 发明申请

WO2009093194A1 METHOD AND APPARATUS FOR AUTHENTICATION SERVICE APPLICATION PROCESSES DURING SERVICE REALLOCATION IN HIGH AVAILABILITY CLUSTERS 审中-公开
标题翻译：在高可用性集群中的服务重新认证过程中的认证服务应用程序的方法和装置
公开(公告)号：WO2009093194A1
公开(公告)日：2009-07-30
申请号：PCT/IB2009/050244
申请日：2009-01-22
申请人： TELEFONAKTIEBOLAGET L M ERICSSON (PUBL) , POURZANDI, Makan , ROSSI, Frederic , NÄSLUND, Mats
发明人： POURZANDI, Makan , ROSSI, Frederic , NÄSLUND, Mats
IPC分类号： G06F9/50 , H04L9/32
CPC分类号： G06F11/1482 , G06F9/468 , G06F11/2025 , G06F11/203
摘要： A method and communication node for providing secure communications and services in a High Availability (HA) cluster. The communication node comprises an Operating System (OS) that detects an unavailability of a first service application process and switches a second service application process from the first state to the second state, the second service application being selected for taking over service currently provided from the first service application process, the first state and the second state each being associated to a set of rights in the cluster. The OS generates a private key for the second service application process based on its second state. The set of rights associated to the second state allows the OS to replace the first service application process with the second service application process for providing secure communications between the second service application and other service application processes in the HA cluster.
摘要翻译：一种用于在高可用性（HA）集群中提供安全通信和服务的方法和通信节点。通信节点包括检测第一服务应用进程的不可用性的操作系统（OS），并且将第二服务应用进程从第一状态切换到第二状态，第二服务应用被选择用于接管当前从第一服务应用进程，第一状态和第二状态各自与集群中的一组权限相关联。操作系统基于其第二状态为第二服务应用进程生成私钥。与第二状态相关联的一组权限允许OS用第二服务应用进程替换第一服务应用进程，以在第二服务应用和HA群集中的其他服务应用进程之间提供安全通信。

5. 发明申请

WO2013034187A1 SECURE COMMUNICATION 审中-公开
标题翻译：安全通信
公开(公告)号：WO2013034187A1
公开(公告)日：2013-03-14
申请号：PCT/EP2011/065529
申请日：2011-09-08
申请人： TELEFONAKTIEBOLAGET L M ERICSSON (publ) , GRONOWSKI, Kristoffer , MURAKAMI, Shingo , NÄSLUND, Mats
发明人： GRONOWSKI, Kristoffer , MURAKAMI, Shingo , NÄSLUND, Mats
IPC分类号： H04L9/08
CPC分类号： H04L63/062 , H04L9/0816 , H04L9/0819 , H04L9/083 , H04L9/0838 , H04L63/061 , H04L63/083 , H04L63/0853 , H04L2209/56 , H04L2209/80
摘要： A method comprising the use of a bootstrapping protocol to define a security relationship between a first server and a second server, the first and second servers co-operating to provide a service to a user terminal. A bootstrapping protocol is used to generate a shared key for securing communication between the first server and the second server. The shared key is based on a context of the bootstrapping protocol, and the context is associated with a Subscriber Identity Module (SIM) associated with the user terminal and provides a base for the shared key. A method of the invention may, for example, be employed within a computing/service network such as a "cloud", and in particular for communications between two servers in the cloud that are co-operating to provide a service to a user.
摘要翻译：一种方法，包括使用引导协议来定义第一服务器和第二服务器之间的安全关系，所述第一和第二服务器协作以向用户终端提供服务。引导协议用于生成用于保护第一服务器和第二服务器之间的通信的共享密钥。共享密钥基于引导协议的上下文，并且上下文与与用户终端相关联的订户身份模块（SIM）相关联，并为共享密钥提供基础。例如，本发明的方法可以在诸如“云”的计算/服务网络内使用，并且特别地用于云中的两个服务器之间的通信，这些服务器正在协作以向用户提供服务。

6. 发明申请

WO2011081588A1 METHOD AND APPARATUS FOR SECURE ROUTING OF DATA PACKETS 审中-公开
标题翻译：数据包安全路由的方法和装置
公开(公告)号：WO2011081588A1
公开(公告)日：2011-07-07
申请号：PCT/SE2010/050001
申请日：2010-01-04
申请人： TELEFONAKTIEBOLAGET L M ERICSSON (PUBL) , NÄSLUND, Mats , NORRMAN, Karl , YLITALO, Jukka , NIKANDER, Pekka
发明人： NÄSLUND, Mats , NORRMAN, Karl , YLITALO, Jukka , NIKANDER, Pekka
IPC分类号： H04L12/56
CPC分类号： H04L45/00 , H04L63/04 , H04L63/06
摘要： Methods and arrangements for supporting a forwarding process in routers (R1-R3) when routing data packets through a packet-switched network, by employing hierarchical parameters in which the hops of a predetermined transmission path between a sender (A) and a receiver are encoded. A name server (300) generates and distributes router-associated keys (K, K1-K3) to routers in the network which keys are used for computing the hierarchical parameters.
摘要翻译：在路由器（R1-R3）中通过分组交换网络路由数据分组时支持转发过程的方法和装置，通过采用其中编码发送器（A）和接收机之间的预定传输路径的跳数的分层参数。名称服务器（300）生成并将路由器相关密钥（K，K1-K3）分发给网络中用于计算层次参数的密钥的路由器。

7. 发明申请

WO2010134862A1 CHALLENGING A FIRST TERMINAL INTENDING TO COMMUNICATE WITH A SECOND TERMINAL 审中-公开
标题翻译：挑选第一个终端用于与第二个终端通信
公开(公告)号：WO2010134862A1
公开(公告)日：2010-11-25
申请号：PCT/SE2009/050585
申请日：2009-05-20
申请人： TELEFONAKTIEBOLAGET L M ERICSSON (PUBL) , BARRIGA, Luis , LILJENSTAM, Michael , NERBRANT, Per-Olof , NÄSLUND, Mats
发明人： BARRIGA, Luis , LILJENSTAM, Michael , NERBRANT, Per-Olof , NÄSLUND, Mats
IPC分类号： H04L9/32 , H04W8/18 , H04W8/22
CPC分类号： H04L9/3271 , G06F21/31 , G06F2221/2133 , G06Q10/107 , H04L63/08 , H04L2209/805 , H04W12/06 , H04W48/16 , H04W76/10
摘要： The invention relates to a method, party challenging device (18) and computer program products for providing a challenge to a first terminal (10) intending to communicate with a second terminal (24) via two networks (N1, N2). The party challenging device receives a first electronic message (1M) concerning a transfer of media from the first terminal to the second terminal sent from the first terminal (10) and addressed to the second terminal (24), obtains communication contextual data associated with the first party or the first terminal, provides an electronic challenge message (CHM) including a challenge (CH1l) based on the obtained data and sends the challenge message to the first terminal in order to enable a decision to be made how to process the invitation message for the second terminal based on the correctness of a response (RM) including a response to the challenge.
摘要翻译：本发明涉及一种方法，一方挑战性装置（18）和用于向第一终端（10）提供有意通过两个网络（N1，N2）与第二终端（24）进行通信的计算机程序产品。派对挑战装置接收关于从第一终端（10）发送的媒体从第一终端到第二终端的传送并寻址到第二终端（24）的第一电子消息（1M），获得与第一终端相关联的通信上下文数据第一方或第一终端基于获得的数据提供包括质询（CH1l）的电子质询消息（CHM），并将询问消息发送到第一终端，以便能够做出如何处理邀请消息基于包括对挑战的响应的响应（RM）的正确性的第二终端。

8. 发明申请

WO2013117243A1 LAWFUL INTERCEPTION OF ENCRYPTED COMMUNICATIONS 审中-公开
标题翻译：严格界定加密通信
公开(公告)号：WO2013117243A1
公开(公告)日：2013-08-15
申请号：PCT/EP2012/057788
申请日：2012-04-27
申请人： TELEFONAKTIEBOLAGET L M ERICSSON (PUBL) , NÄSLUND, Mats , IOVIENO, Maurizio , NORRMAN, Karl
发明人： NÄSLUND, Mats , IOVIENO, Maurizio , NORRMAN, Karl
IPC分类号： H04L29/06
CPC分类号： H04L63/0807 , H04L9/3213 , H04L63/0428 , H04L63/062 , H04L63/306
摘要： A method and apparatus for providing access to an encrypted communication between a sending node and a receiving node to a Law Enforcement Agency (LEA). A Key Management Server (KMS) function stores cryptographic information used to encrypt the communication at a database. The cryptographic information is associated with an identifier used to identify the encrypted communication between the sending node and the receiving node. The KMS receives a request for Lawful Interception, the request including an identity of a Lawful Interception target. The KMS uses the target identity to determine the identifier, and retrieves the cryptographic information associated with the identifier from the database. The cryptographic information can be used to decrypt the encrypted communication. The KMS then sends either information derived from the cryptographic information or a decrypted communication towards the LEA. This allows the LEA to obtain a decrypted version of the communication.
摘要翻译：一种用于向执法机构（LEA）提供对发送节点和接收节点之间的加密通信的访问的方法和装置。密钥管理服务器（KMS）功能存储用于加密数据库中的通信的加密信息。加密信息与用于识别发送节点和接收节点之间的加密通信的标识符相关联。 KMS收到合法侦听请求，该请求包括合法拦截目标的身份。 KMS使用目标身份确定标识符，并从数据库检索与标识符相关联的加密信息。加密信息可用于解密加密通信。然后，KMS将从加密信息或解密的通信导出的信息发送给LEA。这允许LEA获得通信的解密版本。

9. 发明申请

WO2011113873A1 ENHANCED KEY MANAGEMENT FOR SRNS RELOCATION 审中-公开
标题翻译：加强SRNS重点管理
公开(公告)号：WO2011113873A1
公开(公告)日：2011-09-22
申请号：PCT/EP2011/053999
申请日：2011-03-16
申请人： TELEFONAKTIEBOLAGET L M ERICSSON (PUBL) , NORRMAN, Karl , HEDBERG, Tomas , NÄSLUND, Mats
发明人： NORRMAN, Karl , HEDBERG, Tomas , NÄSLUND, Mats
IPC分类号： H04W12/04 , H04W36/00
CPC分类号： H04L9/08 , H04L63/06 , H04W12/04 , H04W12/08 , H04W36/0038 , H04W36/12
摘要： A method comprises maintaining, in a first node serving a mobile terminal over a connection protected by at least one first key, said first key and information about the key management capabilities of the mobile terminal. Upon relocation of the mobile terminal to a second node the method includes: if, and only if, said key management capabilities indicate an enhanced key management capability supported by the mobile terminal, modifying, by said first node, the first key, thereby creating a second key, sending, from the first node to the second node, the second key, and transmitting to the second node the information about the key management capabilities of the mobile terminal.
摘要翻译：一种方法包括在通过由至少一个第一密钥保护的连接上为移动终端服务的第一节点中保留所述第一密钥和关于移动终端的密钥管理能力的信息。在将移动终端重定位到第二节点时，该方法包括：如果并且仅当所述密钥管理能力指示由移动终端支持的增强密钥管理能力时，由所述第一节点修改第一密钥，从而创建第二密钥，从第一节点向第二节点发送第二密钥，并向第二节点发送关于移动终端的密钥管理能力的信息。

10. 发明申请

WO2011099904A1 TRUST DISCOVERY IN A COMMUNICATIONS NETWORK 审中-公开
标题翻译：通信网络中的信任发现
公开(公告)号：WO2011099904A1
公开(公告)日：2011-08-18
申请号：PCT/SE2010/050167
申请日：2010-02-12
申请人： TELEFONAKTIEBOLAGET L M ERICSSON (PUBL) , HADDAD, Wassim , BLOM, Rolf , NÄSLUND, Mats
发明人： HADDAD, Wassim , BLOM, Rolf , NÄSLUND, Mats
IPC分类号： H04L29/06 , H04W12/06
CPC分类号： H04W12/06 , H04L63/08 , H04L63/0823
摘要： A method and apparatus to establish trust between two nodes in a communications network. A first node receives from a network node authentication data unique to the first node, which can be used to derive a compact representation of verification data for the first node. The first node also receives a certified compact representation of verification data of all nodes in the network. The first node derives trust information from the authentication data for the node, and sends to a second node a message that includes the trust information and part of the authentication data. The second node has its own copy of the certified compact representation of verification data of all nodes in the network, and verifies the authenticity of the message from the first node using the compact representation of verification data of all nodes in the network and the received trust information and authentication data.
摘要翻译：一种在通信网络中的两个节点之间建立信任的方法和装置。第一节点从网络节点接收对第一节点唯一的认证数据，其可以用于导出用于第一节点的验证数据的紧凑表示。第一个节点还接收到网络中所有节点的验证数据的认证紧凑表示。第一节点从节点的认证数据中导出信任信息，并向第二节点发送包含信任信息和认证数据的一部分的消息。第二节点具有网络中所有节点的验证数据的经认证的紧凑表示的副本，并使用网络中所有节点的验证数据的紧密表示和接收到的信任来验证来自第一节点的消息的真实性信息和认证数据。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式