Patent application number | Description | Published |
20090013381 | User Authentication and Authorisation in a Communications System - A method of authenticating a client to two or more servers coupled together via a communications network, wherein the client and a first server possess a shared secret. The method comprises authenticating the client to a first server using said shared secret, signalling associated with this authentication process being sent between the client and said first server via a second server, generating a session key at the client and at the first server, and providing the session key to said second server, and using the session key to authenticate the client to the second server. | 01-08-2009 |
20090077616 | Handling trust in an IP multimedia subsystem communication network - A method and apparatus for handling trust in an IP Multimedia Subsystem network. A node in the IP Multimedia Subsystem network receives a Session Initiation Protocol message from a remote node. The message includes an indicator indicating the level of trust of a communication sent from the remote node to the IP Multimedia Subsystem node. The node can then apply a security policy to the message, the security policy being determined by the indicator. | 03-19-2009 |
20110264913 | METHOD AND APPARATUS FOR INTERWORKING WITH SINGLE SIGN-ON AUTHENTICATION ARCHITECTURE - A method is provided for use in interworking a single sign-on authentication architecture and a further authentication architecture in a split terminal scenario. The split terminal scenario is one in which authentication under the single sign-on authentication architecture is required of a browsing agent ( | 10-27-2011 |
20120163601 | Method for Handling Ciphering Keys in a Mobile Station - Techniques for handling ciphering keys in a mobile station comprising a mobile equipment (ME) and a Universal Subscriber Identity Module (USIM) are disclosed. An example method includes obtaining a UMTS cipher key (CK), integrity key (IK), and ciphering key sequence number (CKSN) from the USIM, deriving a 128-bit ciphering key (Kc-128) from the CK and the IK, and storing the Kc-128 and the CKSN on the mobile equipment, separate from the USIM. The stored CKSN is associated with the stored Kc-128, so that the Kc-128's correspondence to the most current UMTS security context can be tracked. This example method applies to the generation and storage of a 128-bit ciphering key for either the packet-switched or circuit-switched domains. A corresponding user equipment apparatus is also disclosed. | 06-28-2012 |
20130195268 | Call Handover Between Cellular Communication System Nodes That Support Different Security Contexts - In the context of facilitating a circuit switched to packet switched handover of a call in a cellular communication system, a first node (e.g., packet switched target node) generates a security context for a client whose call is being handed over. This involves the first node receiving at least one cryptographic key from a second node (e.g., a circuit switched node supporting the existing connection) and receiving identities of security algorithms supported by the client from a third node (e.g., a packet switched node supporting the existing connection); The first node uses the at least one cryptographic key and the identities to generate the security context for the client. | 08-01-2013 |
20140150064 | Authentication of Warning Messages in a Network - There is described herein a device ( | 05-29-2014 |
20140304777 | SECURING DATA COMMUNICATIONS IN A COMMUNICATIONS NETWORK - A method of securing communications between first node attached to first network and second node attached to second network. At the second node, first and second information is received on whether the respective first and second networks have a secure network layer path to the respective first and second nodes or are known to use a secure network layer path to attached nodes. Third information is received on whether the first network has a secure internal network layer path and, where the first and second networks are different, whether the first network has a secure network layer path to the second network or is known to use a secure network layer path to the second network. The information determines whether the entire path between the first node and the second node is secured at the network layer level, and whether to establish application layer security for communications. | 10-09-2014 |
20150257003 | PROTECTING A PAYLOAD SENT IN A COMMUNICATIONS NETWORK - A method and apparatus for protecting a payload sent between a client device and a Network Application Function node (NAF) in a communications network. At either of the client device and the NAF a determination is made that no existing Security Association (SA) identifier between the client device and the NAF is locally available. An identifier embryo is obtained and an SA identifier is constructed using the identifier embryo. Payload sent between the client device and the NAF is protected using an SA associated with the constructed SA identifier. | 09-10-2015 |