Patents by Inventor Guenther Horn
Guenther Horn has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9749309Abstract: A system comprising an IMS network (104), an adapter module (106), an identity provider (108) and an application (110) is described. The adapter module (106) is within an IMS trust domain. The application (110) is within the trust domain of the identity provider. A user of the system can access the application (110) via the IMS network (104), regardless of whether the application is within the IMS trust domain, by making use of the adapter module (106) to obtain the user's user credentials for the application from the identity provider.Type: GrantFiled: September 12, 2008Date of Patent: August 29, 2017Assignee: NOKIA SOLUTIONS AND NETWORKS OYInventors: Günther Horn, Wolf-Dietrich Moeller, Hariharan Rajasekaran
-
Publication number: 20170238247Abstract: A method and apparatus can be configured to notify that the apparatus has changed a network node upon which the apparatus is camped on. The apparatus changes from camping on a first network node to camping on a second network node. The apparatus is in idle mode while camping on the first and the second network node. The first network node and the second network node both belong to a first network. The notifying is performed when the apparatus maintains a session to a third network node of a second network. The notifying is not performed when the apparatus is not maintaining a session to the third network node of the second network.Type: ApplicationFiled: September 30, 2014Publication date: August 17, 2017Inventors: Subramanya CHANDRASHEKAR, Hans Thomas HOEHNE, Irina-Mihaela BALAN, Richard WALDHAUSER, Güenther HORN, Dario Serafino TONESI
-
Publication number: 20170184076Abstract: A wind turbine tower is provided with a plurality of tower segment which are placed one on top of the other in order to form the tower. A lower tower segment has a lower end face, and in the lower region of the lower tower segment, the lower tower segment has a plurality of recesses and through-bores between the lower end face of the lower tower segment and a base of the recesses. The recesses are designed to receive a leveling unit for leveling the lower tower segment. The recesses are preferably provided on the inner face of the lower tower segment and provide an effective possibility for receiving leveling units.Type: ApplicationFiled: May 26, 2015Publication date: June 29, 2017Inventor: Günther HORN
-
Publication number: 20170118635Abstract: Various communication systems may benefit from appropriate security mechanisms. For example, isolated operation of evolved universal terrestrial radio networks may benefit from key separation for a local evolved packet core. A method can include deriving a subscriber key corresponding to an isolated operation network. The subscriber key can be derived from an identifier of the isolated operation network and a master subscriber key. The method can also include provisioning the subscriber key to the isolated operation network.Type: ApplicationFiled: October 26, 2015Publication date: April 27, 2017Inventors: Anja JERICHOW, Guenther HORN
-
Publication number: 20170063540Abstract: A method, apparatus, and computer program product, in which a password-based digest access authentication procedure is used for performing authentication between a client and a server, wherein the authentication procedure is secured by at least one of modifying a digest-response parameter with a user password and generating a bootstrapped key based on the user password and at least one fresh parameter not used in a previous protocol run between the client and the server.Type: ApplicationFiled: November 9, 2016Publication date: March 2, 2017Inventors: Marc Blommaert, Guenther Horn
-
Patent number: 9526003Abstract: The present invention is related to a method, apparatus, and computer program product, in which a password-based digest access authentication procedure is used for performing authentication between a client and a server, wherein the authentication procedure is secured by at least one of modifying a digest-response parameter with a user password and generating a bootstrapped key based on the user password and at least one fresh parameter not used in a previous protocol run between the client and the server.Type: GrantFiled: February 25, 2008Date of Patent: December 20, 2016Assignee: Nokia Solutions and Networks OyInventors: Marc Blommaert, Guenther Horn
-
Patent number: 9392447Abstract: Systems, methods, apparatuses, and computer program products for security handling in, for example, cells that support multiple frequency band indication are provided. One method includes receiving, for example by a source evolved node B (eNB) configured to communicate with a user equipment, a multiple frequency band indicator (MFBI) list, the multiple frequency band indicator (MFBI) list comprising at least one frequency band number listed in the same order of priority as broadcast by a target eNB. The method may further include selecting one of the at least one frequency band number for use by the source eNB, calculating a security key (KeNB*) using the DL EARFCN belonging to the selected frequency band number with the highest priority that is also supported by the user equipment, and signaling the calculated security key to the target eNB.Type: GrantFiled: January 23, 2014Date of Patent: July 12, 2016Assignee: NOKIA SOLUTIONS AND NETWORKS OYInventors: Woonhee Hwang, Eric Drury, Guenther Horn
-
Patent number: 9344411Abstract: In a method for key handling in mobile communication systems, first and second numbers are exchanged between entities of the mobile communication system. The first and second numbers are respectively used only once with respect to the respective system parameters of the communication system and therefore allowing greater security in the communication system.Type: GrantFiled: March 18, 2008Date of Patent: May 17, 2016Assignee: Nokia Solutions and Networks GmbH & Co. KGInventors: Dan Forsberg, Guenther Horn, Ulrike Meyer
-
Publication number: 20160112207Abstract: It is provided an apparatus, comprising property checking means configured to check whether a claimant property information received from a claimant device corresponds to a predefined claimant attribute; obtaining means configured to obtain a result, which is positive only if the claimant property information corresponds to the predefined claimant attribute as checked by the property checking means; key generation means configured to generate a first claimant intermediate key from a predefined claimant permanent key stored in the apparatus; supplying means configured to supply, to the claimant device, the first claimant intermediate key using a secured protocol, wherein at least one of the key generation means and the supplying means is configured to generate and to supply, respectively, the first claimant intermediate key only if the result is positive.Type: ApplicationFiled: November 4, 2015Publication date: April 21, 2016Inventors: Guenther HORN, Wolf-Dietrich MOELLER
-
Patent number: 9215220Abstract: It is provided an apparatus, comprising property checking means configured to check whether a claimant property information received from a claimant device corresponds to a predefined claimant attribute; obtaining means configured to obtain a result, which is positive only if the claimant property information corresponds to the predefined claimant attribute as checked by the property checking means; key generation means configured to generate a first claimant intermediate key from a predefined claimant permanent key stored in the apparatus; supplying means configured to supply, to the claimant device, the first claimant intermediate key using a secured protocol, wherein at least one of the key generation means and the supplying means is configured to generate and to supply, respectively, the first claimant intermediate key only if the result is positive.Type: GrantFiled: April 29, 2011Date of Patent: December 15, 2015Assignee: NOKIA SOLUTIONS AND NETWORKS OYInventors: Guenther Horn, Wolf-Dietrich Moeller
-
Patent number: 9197615Abstract: An access specific key is provided for securing of a data transfer between a mobile terminal and a node of an access net. For authentication of the mobile terminal, a authentication server generates a session key, from which a basic key is derived and transferred to an interworking-proxy-server. The interworking-proxy-server derives the access specific key from the transferred basis key and provides the key to the node of the access net.Type: GrantFiled: August 9, 2007Date of Patent: November 24, 2015Assignee: SIEMENS AKTIENGESELLSCHAFTInventors: Rainer Falk, Günther Horn, Dirk Kröselberg
-
Publication number: 20150296375Abstract: The present invention relates to devices, methods and computer program products in relation to mobile communication. In particular, it relates to those devices, methods and computer program products of communication networks in relation to e.g. so-called Public Warning Systems (PWS). In order to provide improvement, an apparatus comprises: a control module configured to receive a specified message including an indication of a public key for verification of broadcast messages, in response to having received the indication, select a timer period associated with the indication of the public key received, launch a timer for the selected timer period, and, upon expiry of the timer, cause to indicate acceptance of the public key.Type: ApplicationFiled: October 29, 2012Publication date: October 15, 2015Inventor: Guenther Horn
-
Patent number: 9154510Abstract: It is disclosed a method (and related apparatus) including selecting, at a first endpoint entity, at least one range of protection to be granted, the range of protection relating to one of a plurality of network elements in at least one access network and at least one core network and to a second endpoint entity, and transmitting, to a network element entity, a signaling message including first establishment information indicating the at least one range of protection to be granted; and a method (and related apparatus) including receiving, at the network element entity, the signaling message from the first endpoint entity, obtaining, from a second endpoint entity and based on the first establishment information, second establishment information indicating protection granted by the second endpoint entity, and signaling, from the network element entity to the first endpoint entity, third establishment information indicating the protection granted to the first endpoint entity.Type: GrantFiled: June 10, 2009Date of Patent: October 6, 2015Assignee: Nokia Solutions and Networks OyInventors: Peter Schneider, Guenther Horn
-
Publication number: 20150269028Abstract: An apparatus comprises a memory unit, and a control unit connected to the memory unit. The apparatus can be configured to interface at least one access node; the control unit is configured to derive at least one local level security key within an established security context for a terminal, forward the derived local security key to at least one access node, and detect failures in a handover for a terminal being served by a first access node towards a second access node. The failures concern the interface between the apparatus and the second access node. In response to a verified trigger condition, the control unit can re-adjust local level security keys with keys maintained at the terminal within the established security context.Type: ApplicationFiled: October 29, 2012Publication date: September 24, 2015Inventors: Guenther Horn, Hinrich Eilts
-
Publication number: 20150204298Abstract: The invention relates to a blade (1.1) for a water turbine, comprising the following features or components: •—a body made of sheet steel or cast steel, said body having mutually opposite outer surfaces that are in contact with the water during operation; •—at least one relief notch (5) which is located in a peripheral region of the blade (1.1) and extends through mutually opposite regions of the outer surfaces; •—a curable filling compound (6) which fills the cavity in the notch (5). The invention is characterized by the following features: •—retaining bodies (10) are fixed to the notch surface (5.1), said retaining bodies (10) being embedded in the filling compound (6) in the mounted state; •—the retaining bodies (10) have protrusions which prevent the filling compound (6) from falling out by way of a tight fit when the filling compound has cured.Type: ApplicationFiled: October 18, 2013Publication date: July 23, 2015Applicant: Voith Patent GmbHInventors: Ingrid Reh, Günther Horn
-
Publication number: 20150200946Abstract: Systems, methods, apparatuses, and computer program products for providing security between WebRTC clients and IMS are provided. One method includes storing, by a network node, at least one parameter per internet protocol multimedia subsystem (IMS) subscription, where the at least one parameter comprises at least one identity of any web real time communication (WebRTC) web server function that is authorized to authenticate an IMS subscriber in WebRTC. The method may further include receiving a WebRTC web server function identity from a call state control function, comparing the received WebRTC web server function identity with the at least one parameter associated with the IMS subscription, and rejecting IMS communication when there is not a match between the received WebRTC web server function identity and the at least one parameter associated with the IMS subscription.Type: ApplicationFiled: January 13, 2015Publication date: July 16, 2015Inventors: Guenther HORN, Alexander MILINSKI
-
Patent number: 8990925Abstract: A home subscriber server (400) receives a request for authentication information from an authentication server (300) and transforms cryptographic keys for a user equipment (100) into access specific cryptographic keys based on an identity of an authenticator (200) controlling access from the user equipment (100) to an EPS network, and generates the authentication information including the access specific cryptographic keys and a separation indicator which is set. The user equipment (100) checks whether the separation indicator included in the authentication information is set, and if the separation indicator is set, transforms cryptographic keys into access specific cryptographic keys based on the identity of the authenticator (200), and computes a key specific to an authentication method from the access specific cryptographic keys.Type: GrantFiled: April 2, 2008Date of Patent: March 24, 2015Assignee: Nokia Solutions and Networks OyInventor: Guenther Horn
-
Patent number: 8924722Abstract: Embodiments provide an apparatus, method, product and storage medium for secure communication, wherein a message is sent over a secure signalling path to a recipient, the message including a value indicating a key for encrypting or decrypting information for secure communication, or a key derivation value for deriving a key. The message further includes an indication indicating the type of usage of the value. The receiver of the message may return a message which also includes a key or key derivation value and an indication indicating the type of key or type of usage of the value.Type: GrantFiled: April 7, 2008Date of Patent: December 30, 2014Assignee: Nokia Siemens Networks OyInventors: Guenther Horn, Peter Schneider
-
Publication number: 20140302821Abstract: Systems, methods, apparatuses, and computer program products for security handling in, for example, cells that support multiple frequency band indication are provided. One method includes receiving, for example by a source evolved node B (eNB) configured to communicate with a user equipment, a multiple frequency band indicator (MFBI) list, the multiple frequency band indicator (MFBI) list comprising at least one frequency band number listed in the same order of priority as broadcast by a target eNB. The method may further include selecting one of the at least one frequency band number for use by the source eNB, calculating a security key (KeNB*) using the DL EARFCN belonging to the selected frequency band number with the highest priority that is also supported by the user equipment, and signaling the calculated security key to the target eNB.Type: ApplicationFiled: January 23, 2014Publication date: October 9, 2014Applicant: NOKIA SOLUTIONS AND NETWORKS OYInventors: Woonhee HWANG, Eric DRURY, Guenther HORN
-
Publication number: 20140269613Abstract: A method includes receiving at a UE information indicating different CN domains will be used for first and second data services after handover from a first RAT to a second RAT. Integrity protection is activated for the first and second CN domains but an element in the UE does not have an indication integrity protection is activated for the second CN domain. The UE provides a notification for the element that integrity protection has been activated for the second CN domain. Another method includes receiving at a network node a message indicating a UE has performed a handover involving first and second data services from a first to a second RAT, where the first and second data services will be handled by different core network domains. A security mode control procedure is performed to activate integrity protection towards the second core network domain. Apparatus and program products are disclosed.Type: ApplicationFiled: March 18, 2013Publication date: September 18, 2014Applicant: Nokia Siemens Networks OyInventors: Bindhya V. Tiwari, Devaki Chandramouli, Woonhee Hwang, Guenther Horn, Curt Wong, Paula H. Siren