专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08087069B2 Method, apparatus and computer program product providing bootstrapping mechanism selection in generic bootstrapping architecture (GBA) 有权
标题翻译：在通用引导架构（GBA）中提供引导机制选择的方法，设备和计算机程序产品
公开(公告)号：US08087069B2
公开(公告)日：2011-12-27
申请号：US11232494
申请日：2005-09-21
申请人： Gabor Bajko , Tat Keung Chan
发明人： Gabor Bajko , Tat Keung Chan
IPC分类号： G06F7/04
CPC分类号： H04L9/0844 , H04L9/3271 , H04L63/08 , H04L63/14 , H04L63/1466 , H04L63/20 , H04L63/205 , H04L69/18 , H04L2209/80
摘要： In one exemplary and non-limiting aspect thereof this invention provides a method to execute a bootstrapping procedure between a node, such as a MN, and a wireless network (WN). The method includes sending the WN a first message that contains a list of authentication mechanisms supported by the MN; determining in the WN an authentication mechanism to be used for bootstrapping, based at least on the list received from the MN, and including in a first response message to the MN information pertaining to the determined authentication mechanism; and sending a second message to the WN that is at least partially integrity, the second message containing the list of authentication mechanisms that the MN supports in an integrity protected form. If authentication is successful, and if the list received in the second message matches the list received in the first message, the method further includes responding to the MN with a second response message that is at least partially integrity protected, where the second response message contains an indication of the selected authentication mechanism in an integrity protected form; and receiving the successful response message and verifying that the authentication mechanism used by the MN matches the authentication mechanism selected by the WN.
摘要翻译：在其一个示例性和非限制性方面，本发明提供了一种在诸如MN的节点与无线网络（WN）之间执行自举过程的方法。该方法包括向WN发送包含由MN支持的认证机制的列表的第一消息; 至少基于从MN接收到的列表，在WN中确定要用于引导的认证机制，并且在与所确定的认证机制有关的MN的第一响应消息中包括MN信息; 以及向所述WN发送至少部分完整性的第二消息，所述第二消息包含所述MN以完整性保护形式支持的认证机制的列表。如果认证成功，并且如果在第二消息中接收到的列表与第一消息中接收的列表匹配，则该方法还包括用至少部分完整性保护的第二响应消息来响应MN，其中第二响应消息包含所选认证机制以完整性保护形式的指示; 并且接收到成功的响应消息并且验证由MN使用的认证机制与由WN选择的认证机制相匹配。

2. 发明授权

US08484467B2 Authentication in communications networks 有权
标题翻译：通信网络中的认证
公开(公告)号：US08484467B2
公开(公告)日：2013-07-09
申请号：US11606910
申请日：2006-12-01
申请人： Tat Keung Chan , Gabor Bajko
发明人： Tat Keung Chan , Gabor Bajko
IPC分类号： H04L9/32 , G06F21/00 , G06F7/04
CPC分类号： H04L9/0838 , H04L9/08 , H04L9/0841 , H04L9/3247 , H04L9/3265 , H04L9/3271 , H04L63/061 , H04L63/062 , H04L63/08 , H04L63/0823 , H04L63/0869 , H04L63/205 , H04L2209/38 , H04L2209/56 , H04L2209/80 , H04L2463/061 , H04W12/04 , H04W12/06 , H04W88/02
摘要： The invention relates to a method of authenticating a user equipment in a communications network. The method involves sending a message from a network entity to the user equipment. This message includes a set of options for an authentication procedure for authenticating an internet protocol communication over a first interface between the user equipment and the network entity; said options including a “shared key”-based authentication procedure. The method also involves selecting an option from the set. In the event that the “shared-key”-based authentication procedure is selected, a shared secret from a security key established in a generic bootstrapping architecture (GBA) is generated over a second interface between the user equipment and a bootstrapping service function. The shared secret is then used to compute and verify authentication payloads in the key-based authentication procedure for the communication over the first interface.
摘要翻译：本发明涉及一种在通信网络中认证用户设备的方法。该方法涉及将消息从网络实体发送到用户设备。该消息包括用于通过用户设备和网络实体之间的第一接口认证互联网协议通信的认证过程的一组选项; 所述选项包括基于“共享密钥”的认证过程。该方法还涉及从集合中选择一个选项。在选择基于“共享密钥”的认证过程的情况下，通过在通用引导体系结构（GBA）中建立的安全密钥的共享密钥在用户设备和引导服务功能之间的第二接口上生成。然后，共享秘密用于在基于密钥的认证过程中通过第一接口进行通信的计算和验证认证有效载荷。

3. 发明授权

US08353011B2 Apparatus, method and computer program product providing mobile node identities in conjunction with authentication preferences in generic bootstrapping architecture (GBA) 有权
标题翻译：在泛型自举架构（GBA）中结合认证偏好提供移动节点身份的装置，方法和计算机程序产品，
公开(公告)号：US08353011B2
公开(公告)日：2013-01-08
申请号：US11372333
申请日：2006-03-08
申请人： Gabor Bajko , Tat Keung Chan
发明人： Gabor Bajko , Tat Keung Chan
IPC分类号： H04L29/06
CPC分类号： H04W12/06 , G06F21/305 , G06F21/31 , G06F21/43 , G06F21/575 , H04L9/3271 , H04L63/08 , H04L63/14 , H04L63/1441 , H04L63/1466 , H04L63/168 , H04L63/205 , H04L2209/80 , H04W12/10 , H04W12/12 , H04W80/10
摘要： In one exemplary and non-limiting aspect thereof a method is provided that includes sending a wireless network (WN) a first message that includes a list of authentication mechanisms supported by a node and, in association with each authentication mechanism, a corresponding identity; determining in the WN an authentication mechanism to be used for bootstrapping, based at least on the list received from the node; and including information in a second message that is sent to the node, the information including the determined authentication mechanism in conjunction with a corresponding identity. The method further includes protecting at least the list of authentication mechanisms supported by the node and the corresponding identities and sending a second message to the network, the second message including at least the list of authentication mechanisms and the corresponding identities. The method further includes receiving a second response message from the network that is at least partially integrity protected, where the second response message includes an indication of the selected authentication mechanism and the corresponding identity.
摘要翻译：在一个示例性和非限制性的方面，提供了一种方法，其包括发送无线网络（WN）第一消息，所述第一消息包括由节点支持的认证机制的列表，并且与每个认证机制相关联地具有对应的身份; 至少基于从节点接收的列表，在WN中确定要用于引导的认证机制; 并且包括发送到节点的第二消息中的信息，所述信息包括结合相应身份的确定的认证机制。所述方法还包括至少保护所述节点支持的认证机制的列表和对应的身份，并向网络发送第二消息，所述第二消息至少包括认证机制列表和对应的身份。该方法还包括从网络接收至少部分完整性保护的第二响应消息，其中第二响应消息包括所选择的认证机制的指示和对应的身份。

4. 发明授权

US07835528B2 Method and apparatus for refreshing keys within a bootstrapping architecture 有权
标题翻译：在自举架构中刷新密钥的方法和装置
公开(公告)号：US07835528B2
公开(公告)日：2010-11-16
申请号：US11397837
申请日：2006-04-04
申请人： Gabor Bajko , Tat Keung Chan
发明人： Gabor Bajko , Tat Keung Chan
IPC分类号： H04L9/00 , H04L9/08
CPC分类号： H04L9/0891 , H04L9/3271 , H04L63/067 , H04L63/068 , H04L2209/56 , H04L2209/80 , H04W12/04
摘要： An approach is provided for refreshing keys in a communication system. An application request is transmitted to a network element configured to provide secure services. A message is received, in response to the application request, indicating refreshment of a key that is used to provide secure communications with the network element. A refreshed key is derived based on the received message.
摘要翻译：提供了一种用于在通信系统中刷新密钥的方法。将应用请求发送到被配置为提供安全服务的网元。响应于应用请求，接收到指示用于提供与网络元件的安全通信的密钥的刷新的消息。基于接收到的消息导出刷新密钥。

5. 发明申请

US20060280305A1 Apparatus, method and computer program product providing mobile node identities in conjunction with authentication preferences in generic bootstrapping architecture (GBA) 有权
公开(公告)号：US20060280305A1
公开(公告)日：2006-12-14
申请号：US11372333
申请日：2006-03-08
申请人： Gabor Bajko , Tat Keung Chan
发明人： Gabor Bajko , Tat Keung Chan
IPC分类号： H04K1/00
CPC分类号： H04W12/06 , G06F21/305 , G06F21/31 , G06F21/43 , G06F21/575 , H04L9/3271 , H04L63/08 , H04L63/14 , H04L63/1441 , H04L63/1466 , H04L63/168 , H04L63/205 , H04L2209/80 , H04W12/10 , H04W12/12 , H04W80/10
摘要： In one exemplary and non-limiting aspect thereof a method is provided that includes sending a wireless network (WN) a first message that includes a list of authentication mechanisms supported by a node and, in association with each authentication mechanism, a corresponding identity; determining in the WN an authentication mechanism to be used for bootstrapping, based at least on the list received from the node; and including information in a second message that is sent to the node, the information including the determined authentication mechanism in conjunction with a corresponding identity. The method further includes protecting at least the list of authentication mechanisms supported by the node and the corresponding identities and sending a second message to the network, the second message including at least the list of authentication mechanisms and the corresponding identities. The method further includes receiving a second response message from the network that is at least partially integrity protected, where the second response message includes an indication of the selected authentication mechanism and the corresponding identity.

6. 发明授权

US09807112B2 Methods, apparatuses, and computer program products for facilitating randomized port allocation 有权
公开(公告)号：US09807112B2
公开(公告)日：2017-10-31
申请号：US13143080
申请日：2008-12-30
申请人： Gabor Bajko , Teemu Ilmari Savolainen , Pasi Ismo Eronen , Lars Rene Eggert
发明人： Gabor Bajko , Teemu Ilmari Savolainen , Pasi Ismo Eronen , Lars Rene Eggert
IPC分类号： H04L29/06 , H04L29/12
CPC分类号： H04L63/1475 , H04L29/12924 , H04L61/2015 , H04L61/6063
摘要： A method, apparatus, and computer program product are provided for facilitating randomized port allocation. An apparatus may include a processor configured to receive a port allocation message from a network management entity. The port allocation message may comprise an encryption key, an initial input value, and a value indicating a number of ports allocated to the apparatus for communication on a network. The processor may be further configured to calculate at least one port allocated to the apparatus with an encryption function based at least in part upon the encryption key and initial input value. Corresponding methods and computer program products are also provided.

7. 发明授权

US09596597B2 Mobile security protocol negotiation 有权
标题翻译：移动安全协议协商
公开(公告)号：US09596597B2
公开(公告)日：2017-03-14
申请号：US12927064
申请日：2010-11-05
申请人： Basavaraj Patil , Gabor Bajko
发明人： Basavaraj Patil , Gabor Bajko
IPC分类号： H04L29/06 , H04W12/04 , G06F15/16 , H04W80/04
CPC分类号： H04W12/04 , H04L63/166 , H04L63/205 , H04W80/04
摘要： A security gateway/home agent controller HAC is used to assign one home agent HA from a plurality of HAs and to identify at least one security protocol that is common between a mobile node MN and the assigned HA. Establishment of a security association between the MN and the assigned HA is enabled according to the identified security protocol and utilizing bootstrapping parameters provided over a secure connection between the security gateway/HAC and the MN. The bootstrapping parameters include at least a home address for the MN, an address of the assigned HA and security credentials and security parameters for the identified at least one security protocol. In an exemplary embodiment the home address for the MN may be an IPv6 home address and the MN may have certain capabilities with respect to security protocols and ciphering suites which the MN sends to the security gateway.
摘要翻译：安全网关/归属代理控制器HAC用于从多个HA分配一个归属代理HA，并且识别在移动节点MN和所分配的HA之间共同的至少一个安全协议。根据所识别的安全协议并利用通过安全网关/ HAC与MN之间的安全连接提供的引导参数来实现MN与所分配的HA之间的安全关联的建立。引导参数至少包括MN的归属地址，所分配的HA的地址和用于所识别的至少一个安全协议的安全凭证和安全参数。在示例性实施例中，MN的归属地址可以是IPv6家庭地址，并且MN可以具有关于MN向安全网关发送的安全协议和加密套件的某些能力。

8. 发明授权

US09577984B2 Network initiated alerts to devices using a local connection 有权
标题翻译：使用本地连接向设备发起网络警报
公开(公告)号：US09577984B2
公开(公告)日：2017-02-21
申请号：US13204175
申请日：2011-08-05
申请人： Basavaraj Patil , Gabor Bajko
发明人： Basavaraj Patil , Gabor Bajko
IPC分类号： G06F15/16 , H04L29/06 , H04W76/02 , H04W4/20 , H04W36/14
CPC分类号： H04L63/0272 , H04W4/20 , H04W36/14 , H04W76/12
摘要： Systems and techniques for managing local communication between a network access point and a host device. Upon connection by a host device to an access point, a local connection link is established between the access point and the host device. A network connection may be established between the access point and the host device, with the network connection being able to pass through the host device to enable communication with and beyond an access network to which the access point provides a connection. Local messages may be passed between the access point and the host device over the local connection link, separately from and independent of communication that may occur over the network connection.
摘要翻译：用于管理网络接入点和主机设备之间本地通信的系统和技术。在由主机设备连接到接入点时，在接入点和主机设备之间建立本地连接链路。可以在接入点和主机设备之间建立网络连接，其中网络连接能够通过主机设备，以使得能够与接入点提供连接的接入网络进行通信。可以通过本地连接链路在接入点和主机设备之间传递本地消息，与网络连接可能发生的通信分开并且独立于通信。

9. 发明授权

US08463175B2 Method, apparatus, and computer program product for wireless network discovery through passive and active scanning 失效
标题翻译：通过被动和主动扫描无线网络发现的方法，设备和计算机程序产品
公开(公告)号：US08463175B2
公开(公告)日：2013-06-11
申请号：US13234463
申请日：2011-09-16
申请人： Gabor Bajko
发明人： Gabor Bajko
IPC分类号： H04H20/74 , H04L12/28 , H04B7/00 , H04W4/00
CPC分类号： H04W48/14 , H04W48/16 , H04W84/12
摘要： Method, apparatus, and computer program product embodiments of the invention are disclosed to improve the discovery of wireless networks having desired service offerings. In example embodiments of the invention, a method comprises: determining whether to perform passive or active scanning; transmitting a wireless generic advertisement service request specifying one or more required characteristics of a transmitting device, if the determination is to perform active scanning; passively listening for one or more wireless generic advertisement service responses sent to a broadcast address by one or more wireless devices, the responses including one or more required characteristics of a passive listening device, if the determination is to perform passive scanning; and receiving one or more wireless generic advertisement service responses sent to a broadcast address by one or more wireless devices having the characteristics specified in the transmitted request.
摘要翻译：公开了本发明的方法，装置和计算机程序产品实施例，以改进具有所需服务提供的无线网络的发现。在本发明的示例实施例中，一种方法包括：确定是否执行被动或主动扫描; 如果确定要执行主动扫描，则发送指定发送设备的一个或多个所需特征的无线通用广告服务请求; 如果确定要执行被动扫描，则被动地监听由一个或多个无线设备发送到广播地址的一个或多个无线通用广告服务响应，所述响应包括被动收听设备的一个或多个所需特征; 以及接收由具有所发送的请求中指定的特征的一个或多个无线设备发送到广播地址的一个或多个无线通用广告服务响应。

10. 发明申请

US20130078985A1 SYSTEM, METHOD, AND APPARATUS FOR DETERMINING A NETWORK INTERFACE PREFERENCE POLICY 有权
标题翻译：用于确定网络接口优先策略的系统，方法和装置
公开(公告)号：US20130078985A1
公开(公告)日：2013-03-28
申请号：US13700619
申请日：2010-05-28
申请人： Teemu Ilmari Savolainen , Gabor Bajko
发明人： Teemu Ilmari Savolainen , Gabor Bajko
IPC分类号： H04W48/18
CPC分类号： H04W48/18 , H04L29/12952 , H04L29/12971 , H04L61/6077 , H04L61/6086 , H04W8/26 , H04W88/06
摘要： A method and apparatus are provided for determining a network interface preference policy. An example method may include determining a network address family preference policy signaled to a host apparatus by an access point for a first network interface. The example method may additionally include selecting an interface from the first network interface and a second network interface for network traffic of the host apparatus based at least in part on the signaled preference policy. A corresponding apparatus is also provided.
摘要翻译：提供了一种用于确定网络接口偏好策略的方法和装置。示例性方法可以包括通过第一网络接口的接入点来确定向主机设备发信号的网络地址族偏好策略。示例性方法可以另外包括至少部分地基于所述信号偏好策略从所述第一网络接口选择接口和用于所述主机设备的网络业务的第二网络接口。还提供了相应的装置。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式