Cellular Telephone Cryptographic Authentication Patents (Class 380/247)
-
Security authentication and key management within an infrastructure based wireless multi-hop network
Patent number: 7499547Abstract: A system and method of security authentication and key management scheme in a multi-hop wireless network is provided herein with a hop-by-hop security model. The scheme adapts the 802.11r key hierarchy into the meshed AP network. In this approach, a top key holder (R0KH) derives and holds the top Pairwise Master Key (PMK—0) for each supplicant wireless device after the authentication process. All authenticator AP take the level one key holder (R1KH) role and receive the next level Pairwise Master Key (PMK—1) from R0KH. The link level data protection key is derived from PMK—1 via the 802.11i 4-way handshaking.Type: GrantFiled: September 7, 2006Date of Patent: March 3, 2009Assignee: Motorola, Inc.Inventors: Heyun Zheng, Charles R. Barker, Jr., Amit Gandhi, Keith J. Goldberg, Samer S. Hanna, Surong Zeng -
Patent number: 7496199Abstract: The cryptographic resources are supplied by at least one cryptographic source having a specific access interface. The application is presented with a mutualized interface substantially independent of the cryptographic sources and of their respective access interfaces. A translation module is placed between the mutualized interface and each interface for accessing a cryptographic source to provide access to the cryptographic resources from the application via the mutualized interface.Type: GrantFiled: May 16, 2003Date of Patent: February 24, 2009Assignee: France TelecomInventors: Sylvie Camus, Laurent Frisch, Dimitri Mouton
-
Patent number: 7496754Abstract: An improved system, apparatus, and method for securing a network using MAC address filtering is provided. Advantageously, the present invention does not require that a client computer be powered on, and instead provides an efficient user interface for displaying a requestor's MAC address and for allowing or denying the device with an associated MAC address access to the network. Parameters per allowed MAC address may also be provided.Type: GrantFiled: April 1, 2005Date of Patent: February 24, 2009Assignee: Cisco Technology, Inc.Inventors: Calvin Y. Liu, Sheng-Chiao Chang
-
Publication number: 20090046644Abstract: An ad hoc mobile service provider for a wireless network includes a processing system configured to support a public service set, comprising the ad hoc mobile service provider and one or more mobile clients, and a private service set, comprising the ad hoc mobile service provider and one or more authenticated mobile clients. The processing system is further configured to authenticate a mobile client with a server, the mobile client being associated with the public service set, and transfer an authenticated mobile client from the public service set to the private service set.Type: ApplicationFiled: August 8, 2008Publication date: February 19, 2009Applicant: QUALCOMM IncorporatedInventors: Dilip Krishnaswamy, Atul Suri
-
Publication number: 20090041240Abstract: The technology described in this case facilitates random access by a user terminal with a radio base station. A user terminal determines one of a first type of uplink scrambling sequences and generates a random access message using the determined one of the first type of uplink scrambling sequences. The random access message is transmitted to the base station. The user terminal receives from the base station a second, different type of uplink scrambling sequence and uses it for subsequent communication with the radio base station. For example, the first uplink scrambling sequences may be specifically associated with the radio base station's cell area or a random access radio channel associated with the radio base station, but they are not specifically assigned to any user terminal, and the second uplink scrambling sequence may be selected from a second set of uplink scrambling sequences specifically assignable to individual user terminals.Type: ApplicationFiled: August 8, 2007Publication date: February 12, 2009Applicant: Telefonaktiebolaget LM Ericsson (publ)Inventors: Stefan Parkvall, Erik Dahlman, Tobias Tynderfeldt
-
Patent number: 7487547Abstract: A contents processing device permitting, when contents are to be stored in a recording medium, only a specified device to read out the stored contents is to be provided, and a contents processing device capable, where it is a mobile telephone, of flexibly adapting to a change of a unique telephone number or a type of the mobile telephone. For the purpose, the contents processing device for inputting and outputting contents to and from a recording medium is provided with contents storage means (RAM) for storing contents, an ID storage unit (ROM) for storing an ID capable of identifying the contents processing device, a recording medium input/output unit (memory card I/F) for inputting to and outputting from the recording medium, and a ciphering unit (ciphering program) for enciphering contents within the contents storage unit by use of a ciphering key generated from the ID within the ID storage unit and storing it from the recording medium input/output unit into the recording medium.Type: GrantFiled: October 11, 2002Date of Patent: February 3, 2009Assignee: Matsushita Electric Industrial Co. Ltd.Inventors: Shinichi Nakai, Naohiko Noguchi, Shinichi Matsui, Taihei Yagawa, Shunji Harada, Ryuji Inoue
-
Patent number: 7484240Abstract: The invention proposes a method of performing authentication of a subscriber during a subscriber equipment terminated call, comprising the steps of sending a session invitation message (S4, S5) to the subscriber equipment, the session invitation message including authentication information (AuthData1), and performing an authentication procedure in the subscriber equipment by using the authentication information. The invention also proposes a corresponding network system, network control element and subscriber entity.Type: GrantFiled: July 13, 2001Date of Patent: January 27, 2009Assignee: Nokia CorporationInventors: Stefano Faccin, Franck Le
-
Patent number: 7480939Abstract: A method and system for using a key lease in a secondary authentication protocol after a primary authentication protocol has been performed is described. In one embodiment, the primary authentication protocol comprises a strong, secure, computationally complex authentication protocol. Moreover, the secondary authentication protocol comprises a less complex (compared to the primary authentication protocol) and less secure (compared to the primary authentication protocol) authentication protocol which can be performed in a length of time that is shorter than a length of time required to perform the primary authentication protocol. In an embodiment, the key lease includes context information.Type: GrantFiled: July 6, 2001Date of Patent: January 20, 2009Assignee: 3Com CorporationInventors: Danny M. Nessett, Albert Young
-
Patent number: 7477747Abstract: A method and system for performing pre-authentication across inter-subnets. A pre-authentication request is received by a first access point associated with a first subnet from a mobile node requesting that is requesting pre-authentication with a second access point associated with a second subnet. The request is forwarded by the access point to a first authenticator that is the authenticator for the first subnet. The first authenticator obtains from a root infrastructure node the address for a second authenticator that is the authenticator for the second access point. The first authenticator then pre-authenticates the mobile node with the second authenticator by sending a message to the address for the second authenticator.Type: GrantFiled: February 4, 2005Date of Patent: January 13, 2009Inventors: Jeremy Stieglitz, Nancy Cam Winget
-
Patent number: 7472280Abstract: A method of managing digital rights comprises the following steps. First, a physical electronic key containing a first activation code is provided to a requesting user. Second, locked digital content is provided to the requesting user. The digital content is encoded with a second activation code associated with the first activation code. Third, the locked digital content is received in a playing device that reads the first activation code and determines whether the first activation code is associated with the second activation code. Fourth, the playing device is enabled to unlock and play the digital content if the first activation code is associated with the second activation code. A digital right management system for implementing the foregoing method is also disclosed.Type: GrantFiled: May 23, 2002Date of Patent: December 30, 2008Assignee: Proxense, LLCInventor: John J. Giobbi
-
Patent number: 7466976Abstract: Data traffic between a mobile radio network and an IMS network is secured by first authenticating a mobile subscriber in the mobile radio network and in the IMS network. Next, an examination is carried out to check whether the identity of the mobile subscriber authenticated in the IMS network corresponds to the identity of the subscriber authenticated in the mobile radio network. If so, a confirmation message is sent from the IMS network to the mobile subscriber in the even of corresponding identities and a data exchange is carried out between the mobile subscriber and the IMS network by a security protocol protected by a common key derived from the confirmation message.Type: GrantFiled: October 13, 2004Date of Patent: December 16, 2008Assignee: Siemens AktiengesellschaftInventor: Dirk Kröselberg
-
Patent number: 7463861Abstract: A method, apparatus, and system for using Bluetooth devices to secure sensitive data on other Bluetooth devices is described. A Bluetooth device is paired with a “trusted” Bluetooth device. When contact with the trusted device is lost, designated sensitive data on the secured Bluetooth device is automatically encrypted. When contact is restored, the data is automatically decrypted. In an alternate embodiment, a secured device can be associated with multiple trusted devices, and the secured device designate different sensitive data for each trusted device. In this way, multiple users can share a common, “public” Bluetooth device without concern that the other users will access their sensitive data on the device when the device is not being used by that user.Type: GrantFiled: March 7, 2005Date of Patent: December 9, 2008Assignee: Broadcom CorporationInventor: Andre Eisenbach
-
Patent number: 7458095Abstract: The invention is a method of connecting user equipment to at least one network, a communication system, and a user equipment. In a communication system comprising at least one network, including network entities which provide connectivity to user equipment, a method of connecting the user equipment to the at least one network in accordance with the invention includes establishing a secure tunnel which provides connection between the user equipment and one of the network entities; and authenticating the user equipment with another of the network entities; and wherein the authenticating of the user equipment with the another of the network entities occurs at least partially simultaneously with the establishing of the secure tunnel.Type: GrantFiled: November 18, 2003Date of Patent: November 25, 2008Assignee: Nokia Siemens Networks OyInventor: Dan Forsberg
-
Patent number: 7450554Abstract: Disclosed herein is a method for the establishment of a service tunnel in a wireless local area network (WLAN). The method includes a service authentication authorization unit making authentication and authorization to a WLAN user terminal currently requesting a service, and judging whether the authentication and authorization is successful. If successful, the method includes generating service authorization information that includes a shared communication key used for communication between the WLAN user terminal and a destination packet data gateway (PDG), and otherwise ending the procedure. The method further includes the service authentication authorization unit sending to the destination PDG the generated service authorization information including the shared communication key, and the destination PDG, according to the shared communication key, establishing a trust relation with the WLAN user terminal through negotiation with the WLAN user terminal.Type: GrantFiled: October 28, 2005Date of Patent: November 11, 2008Assignee: Huawei Technologies Co., Ltd.Inventor: Wenlin Zhang
-
Patent number: 7448072Abstract: A technique for authenticating a user to a server using SIP messages includes forwarding an SIP request from the user agent to the server. The server then forwards a request for authentication to the user agent in response to the invite request, the request for authentication including information that the authentication will be performed using a UMTS AKA mechanism. The user agent then forwards and authentication response to the server in accordance with the UMTS AKA mechanism and the server then performs the appropriate actions to perform an invoked SIP procedure in response to the SIP request. The SIP request may include any standardized SIP request including an SIP INVITE request or an SIP REGISTER request.Type: GrantFiled: February 17, 2006Date of Patent: November 4, 2008Assignee: Nokia CorporationInventors: Stefano Faccin, Franck Le, György Wolfner
-
Patent number: 7444513Abstract: A client 110 may be authenticated by transmitting or beaming a telecommunication network subscriber's authentication to the client from a device 120, over a wireless link. For example, a GSM telephone 120 may authenticate an electronic book 110 to a content providing service within the Internet. The service verifies the authentication using the subscriber's GSM network operator's Authentication Center 161 to generate an authenticator and the client correspondingly generates a local copy of the authenticator using a GSM SIM over the wireless local link. The authentication is then determined by checking that these authenticators match and thereafter the authenticator can be used as a session key to encrypt data in the service.Type: GrantFiled: May 29, 2001Date of Patent: October 28, 2008Assignee: Nokia CorporiationInventors: Kai Nyman, Mikko Olkkonen, Jari T. Malinen
-
Publication number: 20080260149Abstract: Methods and systems taught herein allow mobile device manufacturers to preconfigure mobile devices for subscription with any network operator having access to a centralized device directory server. The directory server stores device records, each including a preliminary subscription identity. Manufacturers individually provision new mobile devices with these preliminary subscription identities, and network operators preliminarily register subscribers by submitting requests to the directory server that cause it to link individual device records with the appropriate credential server addresses. Mobile devices gain temporary network access by submitting their preliminary subscription identities, which get passed along to the directory server for verification. In turn, the directory server generates authentication vectors giving the mobile devices temporary network access, and returns the appropriate credential server addresses.Type: ApplicationFiled: November 30, 2007Publication date: October 23, 2008Inventor: Christian M. Gehrmann
-
Patent number: 7441126Abstract: A secure wireless LAN device includes a housing, a wireless transceiver carried by the housing, and a cryptography circuit carried by the housing. The cryptography circuit may operate using cryptography information and may also render unuseable the cryptography information based upon tampering. The cryptography circuit may include at least one volatile memory for storing the cryptography information, and a battery for maintaining the cryptography information in the at least one volatile memory. Accordingly, the cryptography circuit may further include at least one switch operatively connected to the housing for disconnecting the battery from the at least one volatile memory so that the cryptography information therein is lost based upon breach of the housing. The cryptographic information may comprise a cryptography key and/or at least a portion of a cryptography algorithm. This cryptographic information remains relatively secure and is lost upon tampering, such as removing the housing.Type: GrantFiled: January 16, 2001Date of Patent: October 21, 2008Inventors: Russell Dellmo, James Bergman, David W. Hall
-
Patent number: 7440572Abstract: A secure wireless LAN device includes a housing, a wireless transceiver carried by the housing, a medium access controller (MAC) carried by the housing, and a cryptography circuit carried by the housing and connected to the MAC and the wireless transceiver. The cryptography circuit may encrypt both address and data information for transmission, and decrypt both address and data information upon reception. Accordingly, a higher level of security may be provided. The cryptography circuit may implement an algorithm and use a key to provide a predetermined security level, such as up to Type 1 security, although lower levels may also be implemented. Of course, the secure wireless LAN device may be used with other LAN devices, such as user stations and/or access points, in any of a number of different LAN configurations. The MAC may implement a predetermined wireless LAN MAC protocol. For example, the LAN MAC protocol may be based upon the IEEE 802.11 standard.Type: GrantFiled: January 16, 2001Date of Patent: October 21, 2008Assignee: Harris CorportationInventors: Russell Dellmo, James Bergman, David W. Hall
-
Patent number: 7437161Abstract: In the method of packet transmission, data packet fragments received from a first mobile station are sent to a second mobile station without assembling and re-fragmenting the received data packet fragments if the first and second mobile stations are in a same cell.Type: GrantFiled: March 16, 2005Date of Patent: October 14, 2008Assignee: Lucent Technologies Inc.Inventors: Mark Haner, Danielle Hinton, Thierry Etienne Klein
-
Patent number: 7437752Abstract: In a particular embodiment, a client module is deployed on a wireless device. The client module comprises a policy database including a list of authorized devices to which the wireless device may communicate. In another embodiment, the client module comprises a policy database including at least two user profiles on a wireless device, such as a personal profile and a business profile.Type: GrantFiled: September 23, 2002Date of Patent: October 14, 2008Assignee: Credant Technologies, Inc.Inventors: Robert W. Heard, Dwayne R. Mann, Christopher D. Burchett, Ian R. Gordon
-
Publication number: 20080220741Abstract: A mobile device (100) for establishing a connection with an access point (200) includes an interface module (110), an authentication module (120), and an association module (130). The interface module receives a user authentication instruction to launch authentication. The authentication module authenticates the access point via a first service set identifier (SSID) in order to acquire a second SSID and a key from the access point when the authentication is successfully launched. The association module re-associates with the access point via the second SSID and the key. A communication system and a connection establishing method are also provided.Type: ApplicationFiled: June 21, 2007Publication date: September 11, 2008Applicant: HON HAI PRECISION INDUSTRY CO., LTD.Inventor: YU-CHIANG HUNG
-
Patent number: 7424116Abstract: A method includes receiving an authentication request from a mobile station (401) and determining whether to forward the request to an authentication agent. When it is determined to forward the request, the request is forwarded to the authentication agent (107). A random number and a random seed are received from the authentication agent (107). The random number and the random seed are forwarded to the mobile station (401). A response to the random number and the random seed from the mobile station (401) is received and forwarded to the authentication agent (107). The authentication agent (107) compares the response with an expected response. When the authentication agent (107) authenticates the mobile station (401), a derived cipher key is received from the authentication agent (107).Type: GrantFiled: August 31, 2006Date of Patent: September 9, 2008Assignee: Motorola, Inc.Inventors: Hans Christopher Sowa, Daniel J. McDonald, David J. Chater-Lea, Scott J. Pappas, Jason Johur, Dennis Newkirk, Randy Kremske, Walter F. Anderson
-
Patent number: 7424284Abstract: A method of authenticating a user access network to a mobile node, where the mobile node wishes to access a service via the access network, the method comprising: establishing a secure transport channel between the mobile node and a service access node of the visited network, said channel being bound to an identity of the service access node; sending an authorization request from the mobile node to the service access node, incorporating an identity of the service access node into the request at the service access node, and forwarding the request to an authorization node of the user's home network; at said authorization node of the home network, authorizing the service access node, and sending to the service access node a user challenge including the identity of the service access node, said identity being included in such a way that a change to the identity can be detected by a recipient; at the serving access node, forwarding the received user challenge to the mobile node; and at the mobile node verifyingType: GrantFiled: November 2, 2005Date of Patent: September 9, 2008Assignee: Telefonaktiebolaget LM Ericsson (publ)Inventors: Vesa Torvinen, Bengt Sahlin, Jani Hautakorpi
-
Patent number: 7421077Abstract: Methods and apparatus for authenticating a mobile node are disclosed. A server is configured to provide a plurality of security associations associated with a plurality of mobile nodes. A packet identifying a mobile node may then be sent to the server from a network device such as a Home Agent. A security association for the mobile node identified in the packet may then be obtained from the server. The security association may be sent to the network device to permit authentication of the mobile node. Alternatively, authentication of the mobile node may be performed at the server by applying the security association.Type: GrantFiled: November 8, 2006Date of Patent: September 2, 2008Assignee: Cisco Technology, Inc.Inventor: Kent K. Leung
-
Patent number: 7418594Abstract: Before obtaining service from an installed terminal, a mobile unit can be authenticated (subauthenticated) only by the operation of the mobile unit such as an unauthenticated digital camera, etc. using an authenticated mobile phone. A digital camera is radio-connected with an installed terminal, and the digital camera is also radio-connected with a mobile phone of a user. The installed terminal center is notified of the identification code of the mobile phone through the digital camera and the installed terminal. The installed terminal center inquires of the carrier center about the validity/invalidity of the mobile phone. Upon receipt of the notification of the validity of the mobile phone from the carrier center, the installed terminal center permits service to the installed terminal in the installed terminal.Type: GrantFiled: February 4, 2002Date of Patent: August 26, 2008Assignee: Fujifilm CorporationInventors: Hiroshi Tanaka, Izumi Miyake
-
Patent number: 7418596Abstract: Systems and methods disclosed herein provide secure, efficient, and mutually authenticated cryptographic key distribution. A client or client manufacturer may pre-generate and pre-encrypt the cryptographic keys, store the encrypted keys within the client, and deliver such keys to the serving network's access server via the client, while also relying upon, if available, the authentication performed by a trusted access server of an intermediate network which the client must traverse in order to obtain access the serving network. If not available, a client password stored within the client may be used to enable client authentication by the serving network prior to acceptance of the delivered cryptographic keys.Type: GrantFiled: July 23, 2002Date of Patent: August 26, 2008Assignee: Cellco PartnershipInventors: Christopher Carroll, Varsha Clare, Gerry Flynn, Brian Green, Steve Rados, Steve Thomas
-
Publication number: 20080181401Abstract: In a method of establishing a secure communication link between a first terminal and a second terminal, the first terminal is connected to a third terminal which can be connected to a mobile telephone network and the second terminal is connected to an authentication element of the telephone network. The method includes: transfer of an authentication datum from the third terminal to the network authentication element; following authentication of the third terminal, the transfer of a random variable from the network authentication element to the third terminal; the parallel generation of a session key by the third terminal and the network authentication element from the random variable; the generation by the first and second terminals of a shared key from the session key; and the opening of a secure communication link with the use of the shared key.Type: ApplicationFiled: March 2, 2006Publication date: July 31, 2008Applicant: FRANCE TELECOMInventors: David Picquenot, Gilles Macario-Rat, Pierre Lemoine
-
Patent number: 7404088Abstract: A Personal Digital Key Digital Content Security System (PDK-DCSS) is used to protect computers from unauthorized use and protect the digital content stored on computers from being wrongfully accessed, copied, and/or distributed. The basic components of the PDK-DCSS are (1) a standard hard drive device, with the addition of a PDK Receiver/Decoder Circuit (PDK-RDC) optionally integrated into the hard drive's controller, and (2) a PDK-Key associated with the PDK-RDC. The PDK-Key and RDC technology is utilized to provide two categories of protection: (1) hard drive access control for providing Drive-Level and Sector-Level protection and (2) operating system-level independent file protection for providing File-Level and Network-Level protection.Type: GrantFiled: November 7, 2005Date of Patent: July 22, 2008Assignee: Proxense, LLCInventor: John J. Giobbi
-
Publication number: 20080159534Abstract: An apparatus (100) used by a plurality of devices to authenticate an accessory (120) is configured to operate with a device (110) of the plurality of devices. The accessory (120) applies an authentication algorithm to a key and a challenge (130) received from the device (110) and generates a response (132) thereto. A challenge and response memory (114) stores a subset of a set of challenges (232) and pre-computed responses (230). The enabling circuit transmits a challenge (130) to the accessory (120) and receives a received response (132) therefrom. The enabling circuit (112) also compares the received response (132) to the stored response (230) corresponding to the stored challenge (232) sent to the accessory (120).Type: ApplicationFiled: December 28, 2006Publication date: July 3, 2008Applicant: MOTOROLA, INC.Inventors: KENT D. RAGER, JOSEPH M. HANSEN
-
Patent number: 7395050Abstract: The invention relates to a method and system for authenticating a user of a data transfer device (such as a terminal in a wireless local area network, i.e. WLAN). The method comprises: setting up a data transfer connection from the data transfer device to a service access point. Next, identification data of the mobile subscriber (for example an MSISDN) are inputted to the service access point. This is followed by checking from the mobile communications system whether the mobile subscriber identification data contains an access right to the service access point. If a valid access right exists, a password is generated, then transmitted to a subscriber terminal (for example a GSM mobile phone) corresponding to the mobile subscriber identification data, and login from the data transfer device to the service access point takes place with the password transmitted to the subscriber terminal.Type: GrantFiled: December 17, 2002Date of Patent: July 1, 2008Assignee: Nokia CorporationInventors: Jukka Tuomi, Henry Haverinen, Niklas Lybäck, Sami Pienimäki
-
Publication number: 20080152139Abstract: Apparatus, and an associated method, for a mobile station, or other radio communication device, operable pursuant to an instant message, or other push message, service. Prior to effectuation of the communications pursuant to the service, the mobile station logs-in. The log-in utilizes encrypted log-in information pursuant to a log-in procedure, e.g., keys are exchanged between the mobile station and a communication network. The network approves the log-in of the mobile station, and admits the mobile station. A detector at the mobile station detects the admittance. Subsequently, messages are generated and sent and received pursuant to the instant message, or other push message, service.Type: ApplicationFiled: December 20, 2007Publication date: June 26, 2008Applicant: RESEARCH IN MOTION LIMITEDInventors: GERHARD DIETRICH KLASSEN, MICHAEL HUNG, MICHAEL STEPHEN BROWN, HERB LITTLE
-
Patent number: 7392037Abstract: Embodiments of wireless communication devices and methods for protecting broadcasted management control messages from insider forgery in wireless network are generally described herein.Type: GrantFiled: August 19, 2005Date of Patent: June 24, 2008Assignee: Intel CorporationInventors: Emily H. Qi, Jesse R. Walker, Kapil Sood
-
Publication number: 20080137853Abstract: The present invention provides a method of operating a mobile unit in a wireless communication system. Embodiments of the method may include providing access request message(s) including information indicative of a first counter and a message authentication code formed using a first key. The first key is derived from a second key and the first counter. The second key is derived from a third key established for a security session between the mobile unit and an authenticator. The first counter is incremented in response to each access request provided by the mobile unit.Type: ApplicationFiled: March 6, 2007Publication date: June 12, 2008Inventors: Semyon B. Mizikovsky, Robert J. Rance
-
Patent number: 7386727Abstract: A method and apparatus for the digital signing of a message to be signed, the message to be signed is transmitted via a communication network to a mobile radio telephone to be used as a signing unit. A message to be signed is transmitted from a transmitter to a receiver and then from the receiver to the mobile radio telephone via a telephone network. The mobile radio telephone user indicates that the message to be signed should be signed, and the mobile radio telephone generates a signed message. The signed message is then transmitted from the mobile radio telephone to the receiver and from the receiver to an addressee.Type: GrantFiled: October 24, 1998Date of Patent: June 10, 2008Assignee: Encorus Holdings LimitedInventors: Stefan Röver, Hans-Dieter Groffman
-
Patent number: 7382882Abstract: Method, apparatus, memory card, and system for establishing a secure connection between a wireless communication apparatus and a data communication apparatus based on a wireless application protocol. The wireless communication apparatus is provided with contact means for receiving information from a separate unit provided with memory means. The memory means comprising information to control the access of the wireless communication apparatus through a wireless communication network connected to said data communication apparatus.Type: GrantFiled: July 2, 1999Date of Patent: June 3, 2008Assignee: Nokia CorporationInventor: Olli Immonen
-
Patent number: 7380124Abstract: The present invention supports a secure transmissions protocol for information packet transmission between a Mobile Node and a Foreign Agent. The information packets are encrypted and decrypted using an integrated software client that combines mobile IP communication support and encrypting and decrypting protocols.Type: GrantFiled: March 28, 2002Date of Patent: May 27, 2008Assignee: Nortel Networks LimitedInventors: Jerry Mizell, David Lauson, Peter Wenzel, Steven Currin
-
Publication number: 20080115211Abstract: A method for accessing content is provided. In this method, information from a first memory device is retrieved. A parameter is generated based on the information and an account on a second memory device is accessed based on the parameter. The second memory device is configured to store the content and the account is associated with the content. The first and second memory devices are configured to be removably coupled to a computing device.Type: ApplicationFiled: November 14, 2006Publication date: May 15, 2008Inventors: Fabrice Jogand-Coulomb, Farshid Sabet Sharghi, Bahman Qawami
-
Patent number: 7370200Abstract: The present invention provides for validating an association between computing devices using a succession of human-perceptible stimuli such as sounds, lights colors or shapes. Commands are sent from the initiating device to the responding device in encrypted messages. Human-perceptible stimuli are formed at the responding device in response to at least some of the commands. The responder searches for messages that the responder is unable to decrypt and that are received in a time interval before messages that the responder is able to decrypt. The succession of human-perceptible stimuli may be harmonized, in which case, an association between the initiating device and the responding device is validated when the human-perceptible stimuli formed by the initiating device and the human-perceptible stimuli formed by the responding device are harmonized together.Type: GrantFiled: January 30, 2004Date of Patent: May 6, 2008Assignee: Hewlett-Packard Development Company, L.P.Inventors: Timothy Paul James Gerard Kindberg, Jean Tourrilhes, Kan Zhang
-
Patent number: 7366913Abstract: A wireless electronic authentication device with an authenticating smart chip, a local radio communication circuit, an input circuit that receives user input, and a power supply, all housed in a portable housing. Preferably, the authentication device is a mobile telephone with an authenticating smart chip. The user enters a knowledge token, such as a password stated by voice or a personal identification number input at the keyboard, to indicate that he is both in possession of the authorization device and knows the critical information. The knowledge token may be entered in advance and merely confirmed by the user pressing a key on the keypad when a confirmation is requested. A method is provided for making use of the authentication device to perform authorizations. A similar method is disclosed for use in existing systems and then achieving a gradual transition from existing systems to the new authentication device.Type: GrantFiled: September 4, 2002Date of Patent: April 29, 2008Inventor: Jeffrey T. Haley
-
Patent number: 7366303Abstract: A network system is proposed comprising a network control element and a communication device (UE) associated to a subscriber, wherein the communication device (UE) is adapted to send a registration message (A8) including subscriber information to be protected and an integrity code (MAC), to the network control element, wherein the communication device (UE) is adapted to calculate the integrity code (MAC) by using a part or whole of the registration message (A8) including the subscriber information to be protected, and the network element is adapted to verify the integrity code (MAC) included in the registration message. Also a case is proposed in which the integrity code is calculated in the network control element and verified in the communication device (UE). Furthermore, corresponding methods are proposed.Type: GrantFiled: May 21, 2001Date of Patent: April 29, 2008Assignee: Nokia Siemens Networks OyInventors: Patrik Flykt, Valtterie Niemi, Jaakko Rajaniemi, Aki Niemi
-
Patent number: 7366901Abstract: A device, method, system and computer readable medium allows for using a short-range address, such as a Bluetooth™ address, to identify a cellular device and authenticate cellular messages to the cellular device. In an embodiment of the present invention, a first short-range radio address for a cellular device is stored in a processing device, such as a server coupled to a cellular network. An authentication message is obtained by the processing device. A second short-range radio address is stored in the cellular device. A first message digest is calculated responsive to the authentication message and first short-range radio address. A cellular message, including the authentication message and the first message digest, is transmitted to the cellular device. The cellular device receives the cellular message and calculates a second message digest responsive to the authentication message and the second short-range radio address stored in the cellular device.Type: GrantFiled: August 1, 2003Date of Patent: April 29, 2008Assignee: IXI Mobile (R&D), Ltd.Inventors: Ziv Hapamas, Amit Shachak
-
Patent number: 7362781Abstract: Wireless devices and methods employ steganography to convey auxiliary data in addition to audio information. An exemplary application is a battery-powered cell phone, having, e.g., a microphone, a speaker, a modulator, an antenna, and an RF amplifier. The steganographically-encoded auxiliary data can be sent to, and/or sent from, such a device, and used for purposes including authentication, system administration, etc.Type: GrantFiled: August 7, 2001Date of Patent: April 22, 2008Assignee: Digimarc CorporationInventor: Geoffrey B. Rhoads
-
Patent number: 7360089Abstract: A network including an optical sensing device, and a registration server, wherein a secret key and a unique public identifier are installed in the optical sensing device and in a database of the registration server; wherein the optical sensing device is adapted to communicate with the registration server; wherein, the registration server is adapted to authenticate the optical sensing device when the optical sensing device is connected to the network by verifying the optical sensing device's encryption, using the secret key, of a challenge message; wherein, if the authentication succeeds, the optical sensing device is registered in the database of the registration server; wherein the optical sensing device is adapted to capture a sequence of time-stamped positions of the optical sensing device relative to a surface including coded data.Type: GrantFiled: August 9, 2004Date of Patent: April 15, 2008Assignee: Silverbrook Research Pty LtdInventors: Paul Lapstun, Kia Silverbrook
-
Patent number: 7359516Abstract: A method and device are provided for handling network activation between a computer and a carrier. In one example, the method involves receiving a command to initiate network activation procedures. The network activation status of the computer is then determined. If the computer is network enabled, a request is sent to a device having network activation information. The network activation information is received from the device. The computer is then configured with the network activation information in order to establish network activation with the carrier.Type: GrantFiled: December 7, 2000Date of Patent: April 15, 2008Assignee: PalmSource, Inc.Inventors: Craig Skinner, William Shu-woon Wong, Brian Gerald Kuhn
-
Publication number: 20080085001Abstract: An authentication method between a secure host processor and a controller of an NFC system, the controller being equipped with an NFC interface circuit sending and receiving contactless data, includes connecting the host processor to the controller and checking that there is a predefined relation between a first secret data stored by the host processor and a second secret data stored by the controller. The method further includes transmitting the second secret data to the controller and storing of the second secret data by the controller. The host processor may be removably associated with a contactless component storing the second secret data which is contactlessly transmitted to the controller.Type: ApplicationFiled: October 4, 2007Publication date: April 10, 2008Applicant: INSIDE CONTACTLESSInventors: Bruno CHARRAT, Philippe MARTINEAU
-
Patent number: 7356145Abstract: Arranging data ciphering in a telecommunication system comprising at least one wireless terminal, a wireless local area network and a public land mobile network. At least one first ciphering key according to the mobile network is calculated in the mobile network and in the terminal for a terminal identifier using a specific secret key for the identifier. Data transmission between the mobile network and the terminal is carried out through the wireless local area network. A second ciphering key is calculated in the terminal and in the mobile network using said at least one first ciphering key. The second ciphering key is sent from the mobile network to the wireless local area network. The data between the terminal and the network is ciphered using said second ciphering key.Type: GrantFiled: June 29, 2001Date of Patent: April 8, 2008Assignee: Nokia CorporationInventors: Juha Ala-Laurila, Jukka-Pekka Honkanen, Jyri Rinnemaa
-
Patent number: 7356329Abstract: A method of providing certificate issuance and revocation checks involving mobile devices in a mobile ad hoc network (MANET). The wireless devices communicate with each other via Bluetooth wireless technology in the MANET, with an access point (AP) to provide connectivity to the Internet. A Certificate authority (CA) distributes certificates and certification revocation lists (CRLs) to the devices via the access point (AP). Each group of devices has the name of the group associated with the certificate and signed by the CA. A device that is out of the radio range of the access point may still connect to the CA to validate a certificate or download the appropriate CRL by having all the devices participate in the MANET.Type: GrantFiled: August 6, 2003Date of Patent: April 8, 2008Assignee: Certicom Corp.Inventors: William Daniel Willey, Simon Blake-Wilson
-
Publication number: 20080069358Abstract: A portable storage device with wireless encryption protection is provided, including wireless identification remote control, for transmitting identification signal and information or lock control signal through wireless transmission, a memory interface connected to a data access host, for inputting decryption information from the data access host and for outputting to data access host, a wireless protection gate unit connected to the memory interface for receiving the identification signal and information or lock control signal issued by the wireless identification remote control, and enabling or disabling the data transmission to the memory interface according to the identification result, and at least a protected data region connected to the wireless protection gate unit, for the protected data region to output data to data access host when the wireless protection gate unit being enabled, so that the portable storage device can achieve the objects of accurate and permanently effective wireless encryption.Type: ApplicationFiled: September 13, 2007Publication date: March 20, 2008Applicant: Genesys Logic, Inc.Inventor: Cheng-chih Yang
-
Patent number: 7346772Abstract: A method wherein an access point authenticates itself with neighboring access points and establishes secure and mutually authenticated communication channels with its neighboring access points. When an access point learns of a neighboring access point, it initiates an authentication with an authentication server through the neighboring access point. Once access points have mutually authenticated each other, whenever a station authenticates itself with a first access point, the first access point communicates the station's authentication context information, for example session key and session identifier, to each neighboring access point. Thus, when the station roams to a neighboring access point, the neighboring access point presents the station with a reauthentication protocol, for example LEAP reauthentication, and if the reauthentication is successful, communication between the station and the neighboring access point takes place immediately and no new EAP authentication needs to occur.Type: GrantFiled: January 17, 2003Date of Patent: March 18, 2008Assignee: Cisco Technology, Inc.Inventors: Richard D. Rebo, Victor J. Griswold