会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 3. 发明申请
    • MONITORING OF DIGITAL CONTENT PROVIDED FROM A CONTENT PROVIDER OVER A NETWORK
    • 监控网络内容提供商提供的数字内容
    • WO2004017560A1
    • 2004-02-26
    • PCT/SE2003/000664
    • 2003-04-25
    • TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)NÄSLUND, MatsSELANDER, GöranBJÖRKENGREN, Ulf
    • NÄSLUND, MatsSELANDER, GöranBJÖRKENGREN, Ulf
    • H04L12/14
    • H04L63/0428H04L63/0823H04L2463/101Y02P90/845
    • The invention refers to monitoring usage of digital content provided from a content provider (30) over a network (40) to a client system (10). In the client system (10), a logging agent (150) generates and stores information concerning usage of the digital content individually for each usage to be monitored. The generated information is entered in a usage log (170; 175), either stored in the client system (10) or at a trusted party. The logged usage information is also authenticated allowing identification of the client using the associated digital content. The entries (172) of the log (170; 175) may include a representation (172-1) of the content, information about usage quality (172-2) and/or usage time (172-N). The logging agent (150) is preferably implemented in a portable tamper-resistant module (400), e.g. a network subscriber identity module. The module (400) may be pre-manufactured with the logging agent (150), or the agent (150) can be downloaded thereto.
    • 本发明涉及通过网络(40)向客户端系统(10)监视从内容提供商(30)提供的数字内容的使用。 在客户端系统(10)中,记录代理(150)针对要监视的每个使用情况分别产生和存储关于数字内容的使用的信息。 生成的信息被输入到使用日志(170; 175)中,存储在客户端系统(10)中或在可信方中。 记录的使用信息也被认证,允许使用相关联的数字内容来识别客户端。 日志(170; 175)的条目(172)可以包括内容的表示(172-1),关于使用质量的信息(172-2)和/或使用时间(172-N)。 测井剂(150)优选地实现在便携式防篡改模块(400)中,例如。 网络用户识别模块。 模块(400)可以用测井剂(150)预先制造,或者可以向其下载代理(150)。
    • 5. 发明申请
    • IP MULTIMEDIA SECURITY
    • IP多媒体安全
    • WO2010099823A1
    • 2010-09-10
    • PCT/EP2009/052560
    • 2009-03-04
    • TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)NÄSLUND, MatsBLOM, RolfCHENG, YiLINDHOLM, FredrikNORRMAN, Karl
    • NÄSLUND, MatsBLOM, RolfCHENG, YiLINDHOLM, FredrikNORRMAN, Karl
    • H04L29/06H04W12/04
    • H04L63/06H04L9/0844H04L2209/80H04W12/04
    • A method of establishing keys for at least partially securing media plane data exchanged between first and second end users via respective first and second media plane network nodes. The method comprises sending session set-up signalling from said first end point towards said second end point, said session set-up signalling including a session key generated by said first end point. The set-up signalling is intercepted at a first signalling plane network node and a determination made as to whether or not a signalling plane key has already been established for securing the signalling plane between said first end point and said first signalling plane network node. If a signalling plane key has already been established, then a media plane key is derived from that signalling plane key, and the media plane key sent to said first media plane network node for securing the media plane between said first end user and said first media plane network node. If a signalling plane key has not already been established, then an alternative media plane key is derived from said session key and sent to said first media plane network node for securing the media plane between said first end user and said first media plane network node.
    • 一种建立用于经由相应的第一和第二媒体平面网络节点至少部分地保护在第一和第二终端用户之间交换的媒体平面数据的密钥的方法。 该方法包括从所述第一端点向所述第二端点发送会话建立信令,所述会话建立信令包括由所述第一端点产生的会话密钥。 建立信令在第一信令平面网络节点被拦截,并且确定信令平面密钥是否已被建立用于在所述第一终端和所述第一信令平面网络节点之间保护信令平面。 如果已经建立了信令平面密钥,则从该信令平面密钥导出媒体平面密钥,并且将媒体平面密钥发送到所述第一媒体平面网络节点,以将介质平面固定在所述第一终端用户和所述第一媒体之间 平面网络节点。 如果还没有建立信令平面密钥,则从所述会话密钥导出替代媒体平面密钥,并将其发送到所述第一媒体平面网络节点,以便在所述第一终端用户和所述第一媒体平面网络节点之间保护媒体平面。
    • 8. 发明申请
    • PREFIX REACHABILITY DETECTION IN A COMMUNICATION
    • 通信中的前缀可访问性检测
    • WO2008115126A2
    • 2008-09-25
    • PCT/SE2008/050209
    • 2008-02-26
    • TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)HADDAD, WassimNÄSLUND, Mats
    • HADDAD, WassimNÄSLUND, Mats
    • H04L29/06G06F21/00
    • H04L63/1416H04L9/30H04L63/061H04L63/123H04L63/1466H04L2209/24
    • There is disclosed a method, and a communication system, and a communication node for implementing the claimed method, for attempting to enhance legitimacy assessment and thwart a man-in-the middle or similar false-location attack by evaluating the topology of a communication-session requesting node relative to the proposed communication path through a network between the requesting node and the requested node. Upon receiving the request,a PRD (Prefix Reachability Detection) protocol is initiated, either after or during a secure key exchange, if any, which if performed preferably includes an ART (address reachability text). The PRD is executed by sending a message to the communication node challenging the location-authenticity of the requesting device. The communication node, which may be for example an access router through which the requesting node accesses the network, determines if the requesting node is positioned behind the communication node topologically, and reports the result to the requested node. The requested node may then make a decision on whether to permit the communication. If so, the PRD may be repeated one or more times while the communication session is in progress.
    • 公开了一种用于实现所要求保护的方法的方法,通信系统和通信节点,用于通过评估通信的拓扑来尝试增强合法性评估并阻止中间或类似的假位置攻击中的人员, 会话请求节点相对于所提出的通信路径通过请求节点和请求节点之间的网络。 在接收到请求后,在安全密钥交换之后或期间,如果执行了PRD(前缀可达性检测)协议,如果执行的话,优先包括ART(地址可达性文本)。 通过向通信节点发送消息来执行请求设备的位置真实性来执行PRD。 通信节点,其可以是例如请求节点访问网络的接入路由器,确定请求节点是否在拓扑结构中位于通信节点后面,并将结果报告给所请求的节点。 所请求的节点然后可以决定是否允许通信。 如果是,则通信会话正在进行时,PRD可以重复一次或多次。
    • 9. 发明申请
    • APPLICATION SPECIFIC MASTER KEY SELECTION IN EVOLVED NETWORKS
    • 应用特定的主要选择在演进的网络
    • WO2009102247A1
    • 2009-08-20
    • PCT/SE2008/050178
    • 2008-02-15
    • TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)WALKER, John MichaelNÄSLUND, MatsFERNANDEZ ALONSO, Susana
    • WALKER, John MichaelNÄSLUND, MatsFERNANDEZ ALONSO, Susana
    • H04W12/04H04L9/32H04W12/06
    • H04L63/062H04L12/06H04L63/083H04W12/06
    • An authentication method comprises providing a set of N plural number of master keys both to a user terminal (13) and to home network entity (11) and, when performing an authentication key agreement (AKA) transaction for an application, selecting one of the N number of master keys to serve as a master key for use both at the user terminal and the home network entity for deriving further keys for the application. For example, when performing an authentication key agreement (AKA) transaction for a first application, the method involves randomly selecting one of the N number of master keys to serve as a first master key for use both at the user terminal and the home network entity for deriving further keys for the first application; but when 10 performing an authentication key agreement (AKA) transaction for another application, the method involves randomly selecting another one of the N number of master keys to serve as master key for use both at the user terminal and the home network entity for deriving further keys for the another application.
    • 认证方法包括向用户终端(13)和家庭网络实体(11)提供N个多个主密钥的集合,并且当为应用执行认证密钥协商(AKA)事务时,选择一个 N个主密钥用作用于用户终端和家庭网络实体的主密钥,用于导出用于应用的另外的密钥。 例如,当对第一应用执行认证密钥协商(AKA)事务时,该方法包括随机选择N个主密钥中的一个作为第一主密钥,用于在用户终端和家庭网络实体 用于导出用于第一应用的另外的键; 但是当10执行针对另一应用的认证密钥协议(AKA)事务时,该方法包括随机选择N个主密钥中的另一个作为主密钥,以在用户终端和归属网络实体处用于进一步导出 另一个应用程序的键。