Patents by Inventor Markku Kalevi Vimpari
Markku Kalevi Vimpari has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9992015Abstract: An approach is provided for building a scalable service platform by initiating transmission of encrypted data from a public network cache. An access control server platform determines a first authorization key for a user and a second authorization key for a resource, and then encrypts the resource with the second authorization key, and encrypts the second authorization key with the first authorization key. The access control server platform initiates distribution of the encrypted second authorization key with the encrypted resource over a network. The access control server platform further initiates caching the encrypted second authorization key with the encrypted resource that meets a predefined threshold value (e.g., a data size, an access frequency, a modification frequency, or an auditing requirement) in a cache in the network, and initiates transmission of the cached and encrypted second authorization key with the cached and encrypted resource from the cache to at least one authorized entity.Type: GrantFiled: April 30, 2013Date of Patent: June 5, 2018Assignee: Nokia Technologies OyInventors: Yan Fu, Ari M. Vepsalainen, Ari Antero Aarnio, Markku Kalevi Vimpari, Pekka Johannes Laitinen
-
Patent number: 9450752Abstract: An approach is provided for service provider controlled communication security. A security platform receives a connection request from a client device. The security platform determines context information associated with the device, access network, a user of the device, or a combination thereof, and then processes and/or facilitates a processing of the context information to determine one or more encryption ciphers to offer for the session. Next, the security platform causes, at least in part, establishment of the connection request using, at least in part, the one of the offered encryption ciphers.Type: GrantFiled: June 10, 2011Date of Patent: September 20, 2016Assignee: NOKIA TECHNOLOGIES OYInventors: Markku Kalevi Vimpari, Jukka Sakari Alakontiola
-
Patent number: 8667122Abstract: An approach is provided for optimizing message routing without repeatedly resolving a home location. A login request from a user equipment associated with a resource identifier is received. The user equipment is configured to operate within a network including a plurality of clusters. The resource identifier of the user equipment is modified to include home cluster information indicating a corresponding one of the clusters serving the user equipment.Type: GrantFiled: June 18, 2009Date of Patent: March 4, 2014Assignee: Nokia CorporationInventors: Tero Mikael Halla-Aho, Petri Tapani Liimatta, Matti Juhani Oikarinen, Juha Petri Hartikainen, Kristian Andreas Luoma, Markku Kalevi Vimpari
-
Patent number: 8646047Abstract: An approach is presented for authenticating access by a service. The server receives a request, from a service, for the server, wherein the request includes, at least in part, a service-specific secret or a derivation of the service-specific secret. Further, the server determines to generate a server-computed secret. Then, the server determines to authenticate the request based, at least in part, on a comparison of the service-specific secret or the derivation of the service-specific secret against the server-computed secret or a derivation of the server-computed secret. The service receives credentials from a credential manager. The secret is part of the credentials. The credential manager and the server share some secret pre-configured data like key tables. The generation of the service specific secrets is based on the shared data.Type: GrantFiled: September 13, 2010Date of Patent: February 4, 2014Assignee: Nokia CorporationInventor: Markku Kalevi Vimpari
-
Publication number: 20130254529Abstract: An approach is provided for building a scalable service platform by initiating transmission of encrypted data from a public network cache. An access control server platform determines a first authorization key for a user and a second authorization key for a resource, and then encrypts the resource with the second authorization key, and encrypts the second authorization key with the first authorization key. The access control server platform initiates distribution of the encrypted second authorization key with the encrypted resource over a network. The access control server platform further initiates caching the encrypted second authorization key with the encrypted resource that meets a predefined threshold value (e.g., a data size, an access frequency, a modification frequency, or an auditing requirement) in a cache in the network, and initiates transmission of the cached and encrypted second authorization key with the cached and encrypted resource from the cache to at least one authorized entity.Type: ApplicationFiled: April 30, 2013Publication date: September 26, 2013Applicant: Nokia CorporationInventors: Yan Fu, Ari M. Vepsalainen, Ari Antero Aarnio, Markku Kalevi Vimpari, Pekka Ilmani Laitinen
-
Patent number: 8458799Abstract: An approach is provided for building a scalable service platform by initiating transmission of encrypted data from a public network cache. An access control server platform determines a first authorization key for a user and a second authorization key for a resource, and then encrypts the resource with the second authorization key, and encrypts the second authorization key with the first authorization key. The access control server platform initiates distribution of the encrypted second authorization key with the encrypted resource over a network. The access control server platform further initiates caching the encrypted second authorization key with the encrypted resource that meets a predefined threshold value (e.g., a data size, an access frequency, a modification frequency, or an auditing requirement) in a cache in the network, and initiates transmission of the cached and encrypted second authorization key with the cached and encrypted resource from the cache to at least one authorized entity.Type: GrantFiled: June 30, 2009Date of Patent: June 4, 2013Assignee: Nokia CorporationInventors: Yan Fu, Ari Vepsäläinen, Ari Antero Aarnio, Markku Kalevi Vimpari, Pekka Laitinen
-
Publication number: 20120275598Abstract: An approach is provided for service provider controlled communication security. A security platform receives a connection request from a client device. The security platform determines context information associated with the device, access network, a user of the device, or a combination thereof, and then processes and/or facilitates a processing of the context information to determine one or more encryption ciphers to offer for the session. Next, the security platform causes, at least in part, establishment of the connection request using, at least in part, the one of the offered encryption ciphers.Type: ApplicationFiled: June 10, 2011Publication date: November 1, 2012Applicant: Nokia CorporationInventors: Markku Kalevi Vimpari, Jukka Sakari Alakontiola
-
Publication number: 20120066748Abstract: An approach is presented for authenticating access by a service. The server receives a request, from a service, for the server, wherein the request includes, at least in part, a service-specific secret or a derivation of the service-specific secret. Further, the server determines to generate a server-computed secret. Then, the server determines to authenticate the request based, at least in part, on a comparison of the service-specific secret or the derivation of the service-specific secret against the server-computed secret or a derivation of the server-computed secret. The service receives credentials from a credential manager. The secret is part of the credentials. The credential manager and the server share some secret pre-configured data like key tables. The generation of the service specific secrets is based on the shared data.Type: ApplicationFiled: September 13, 2010Publication date: March 15, 2012Applicant: Nokia CorporationInventor: Markku Kalevi Vimpari
-
Publication number: 20120066767Abstract: An approach is presented for providing communication with a service using a recipient identifier. The data communication platform receives a request to generate a recipient identifier for indicating data exchanged between a service and an application on a device. Further, the data communication platform determines user identifier, one or more device identifiers associated with the device, one or more application identifiers associated with the application, or a combination thereof. Then, the data communication platform determines to generate the recipient identifier by encoding, at least in part, the user identifier, the one or more device identifiers, the one or more application identifiers, or a combination thereof in the recipient identifier. In one embodiment, the recipient identifier may be encrypted. The user identifier, the one or more device identifiers, the one or more application identifiers, or a combination thereof are decodable directly from the recipient identifier.Type: ApplicationFiled: September 13, 2010Publication date: March 15, 2012Applicant: Nokia CorporationInventor: Markku Kalevi Vimpari
-
Publication number: 20120059627Abstract: An approach is provided for determining an optimal keep-alive time period. A request is received from a probe platform for measuring one or more probe values that relate to a keep-alive timer value associated with a network. The device receiving the request then determines to measure whether the one or more probe values comprise one or more successful probe values, one or more unsuccessful probe values, or a combination thereof. The keep-alive timer is then determined based, at least in part, on a statistical analysis of the one or more probe values.Type: ApplicationFiled: September 27, 2011Publication date: March 8, 2012Applicant: Nokia CorporationInventors: Markku Kalevi VIMPARI, Jukka Sakari ALAKONTIOLA
-
Publication number: 20100332834Abstract: An approach is provided for building a scalable service platform by initiating transmission of encrypted data from a public network cache. An access control server platform determines a first authorization key for a user and a second authorization key for a resource, and then encrypts the resource with the second authorization key, and encrypts the second authorization key with the first authorization key. The access control server platform initiates distribution of the encrypted second authorization key with the encrypted resource over a network. The access control server platform further initiates caching the encrypted second authorization key with the encrypted resource that meets a predefined threshold value (e.g., a data size, an access frequency, a modification frequency, or an auditing requirement) in a cache in the network, and initiates transmission of the cached and encrypted second authorization key with the cached and encrypted resource from the cache to at least one authorized entity.Type: ApplicationFiled: June 30, 2009Publication date: December 30, 2010Applicant: Nokia CorporationInventors: Yan Fu, Ari M. Vepsalainen, Ari Antero Aarnio, Markku Kalevi Vimpari, Pekka Laitinen
-
Publication number: 20100325260Abstract: An approach is provided for optimizing message routing without repeatedly resolving a home location. A login request from a user equipment associated with a resource identifier is received. The user equipment is configured to operate within a network including a plurality of clusters. The resource identifier of the user equipment is modified to include home cluster information indicating a corresponding one of the clusters serving the user equipment.Type: ApplicationFiled: June 18, 2009Publication date: December 23, 2010Applicant: Nokia CorporationInventors: Tero Mikael HALLA-AHO, Petri Tapani Liimatta, Matti Juhani Oikarinen, Juha Petri Hartikainen, Kristian Andreas Luoma, Markku Kalevi Vimpari
-
Publication number: 20100325306Abstract: An approach is provided for determining an optimal keep-alive time period. A request is received from one of a plurality of user equipments for a keep-alive timer value. A specific network information related to a network serving the one user equipment is determined. A keep-alive timer value is determined based on the network information and advantageously using statistical analysis.Type: ApplicationFiled: June 23, 2009Publication date: December 23, 2010Applicant: Nokia CorporationInventors: Markku Kalevi VIMPARI, Jukka Sakari Alakontiola
-
Publication number: 20100322236Abstract: An approach is provided for message routing among clusters via a proxy channel. A subscription request is received from a node within a local cluster. The subscription request is for a service. It is determined that the service is provided by a remote cluster. A transmission of the subscription request to a service platform of the remote cluster is initiated. The service is provided to the node via a proxy channel.Type: ApplicationFiled: June 18, 2009Publication date: December 23, 2010Applicant: Nokia CorporationInventors: Markku Kalevi Vimpari, Petri Tapan Liimatta, Matti Juhani Oikarinen, Juha Petri Hartikainen, Tero Mikael Halla-Aho, Kristain Andreas Luoma