AU2011380272A1 - Security mechanism for external code - Google Patents

Security mechanism for external code Download PDF

Info

Publication number
AU2011380272A1
AU2011380272A1 AU2011380272A AU2011380272A AU2011380272A1 AU 2011380272 A1 AU2011380272 A1 AU 2011380272A1 AU 2011380272 A AU2011380272 A AU 2011380272A AU 2011380272 A AU2011380272 A AU 2011380272A AU 2011380272 A1 AU2011380272 A1 AU 2011380272A1
Authority
AU
Australia
Prior art keywords
server
external code
key
naf
bootstrapping key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
AU2011380272A
Other languages
English (en)
Inventor
Silke Holtmanns
Pekka Johannes Laitinen
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nokia Technologies Oy
Original Assignee
Nokia Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nokia Inc filed Critical Nokia Inc
Publication of AU2011380272A1 publication Critical patent/AU2011380272A1/en
Assigned to NOKIA TECHNOLOGIES OY reassignment NOKIA TECHNOLOGIES OY Request for Assignment Assignors: NOKIA CORPORATION
Abandoned legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/061Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/166Implementing security features at a particular protocol layer at the transport layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/168Implementing security features at a particular protocol layer above the transport layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/043Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
    • H04W12/0431Key distribution or pre-distribution; Key agreement
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/061Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying further key derivation, e.g. deriving traffic keys from a pair-wise master key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Storage Device Security (AREA)
  • Stored Programmes (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Information Transfer Between Computers (AREA)
  • Telephonic Communication Services (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
AU2011380272A 2011-10-31 2011-10-31 Security mechanism for external code Abandoned AU2011380272A1 (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/FI2011/050953 WO2013064716A1 (en) 2011-10-31 2011-10-31 Security mechanism for external code

Publications (1)

Publication Number Publication Date
AU2011380272A1 true AU2011380272A1 (en) 2014-05-22

Family

ID=48191420

Family Applications (1)

Application Number Title Priority Date Filing Date
AU2011380272A Abandoned AU2011380272A1 (en) 2011-10-31 2011-10-31 Security mechanism for external code

Country Status (18)

Country Link
US (1) US20150163669A1 (https=)
EP (1) EP2774068A4 (https=)
JP (1) JP2015501613A (https=)
KR (1) KR20140095523A (https=)
CN (1) CN104011730A (https=)
AP (1) AP3955A (https=)
AU (1) AU2011380272A1 (https=)
BR (1) BR112014010472A2 (https=)
CA (1) CA2853867A1 (https=)
IL (1) IL232374A0 (https=)
IN (1) IN2014CN03915A (https=)
MX (1) MX2014005223A (https=)
PH (1) PH12014500964A1 (https=)
RU (1) RU2582863C2 (https=)
SG (1) SG11201401950PA (https=)
UA (1) UA108957C2 (https=)
WO (1) WO2013064716A1 (https=)
ZA (1) ZA201403900B (https=)

Families Citing this family (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014067543A1 (en) * 2012-10-29 2014-05-08 Telefonaktiebolaget L M Ericsson (Publ) Method and apparatus for securing a connection in a communications network
US9253185B2 (en) * 2012-12-12 2016-02-02 Nokia Technologies Oy Cloud centric application trust validation
CN104348801B (zh) * 2013-07-31 2018-05-04 华为技术有限公司 认证方法、生成信任状的方法及相关装置
WO2015057116A1 (en) * 2013-10-15 2015-04-23 Telefonaktiebolaget L M Ericsson (Publ) Establishing a secure connection between a master device and a slave device
CN105814834B (zh) 2013-12-20 2019-12-20 诺基亚技术有限公司 用于公共云应用的基于推送的信任模型
US9736686B2 (en) * 2015-01-19 2017-08-15 Telefonaktiebolaget Lm Ericsson (Publ) Methods and apparatus for direct communication key establishment
CN106487501B (zh) * 2015-08-27 2020-12-08 华为技术有限公司 密钥分发和接收方法、密钥管理中心、第一和第二网元
US10129235B2 (en) 2015-10-16 2018-11-13 Qualcomm Incorporated Key hierarchy for network slicing
CN108702615B (zh) * 2016-02-12 2022-08-05 瑞典爱立信有限公司 保护接口以及用于建立安全通信链路的过程
EP3718330B1 (en) * 2017-11-29 2024-09-25 Telefonaktiebolaget LM Ericsson (publ) Session key establishment
FR3077175A1 (fr) * 2018-01-19 2019-07-26 Orange Technique de determination d'une cle destinee a securiser une communication entre un equipement utilisateur et un serveur applicatif
CN110831002B (zh) * 2018-08-10 2021-12-03 华为技术有限公司 一种密钥推演的方法、装置及计算存储介质
US20220086632A1 (en) * 2019-01-14 2022-03-17 Telefonaktiebolaget Lm Ericsson (Publ) Method and apparatus for security
CN113015159B (zh) * 2019-12-03 2023-05-09 中国移动通信有限公司研究院 初始安全配置方法、安全模块及终端
US12500744B2 (en) * 2021-09-17 2025-12-16 Qualcomm Incorporated Securing application communication

Family Cites Families (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7558957B2 (en) * 2005-04-18 2009-07-07 Alcatel-Lucent Usa Inc. Providing fresh session keys
CN100379315C (zh) * 2005-06-21 2008-04-02 华为技术有限公司 对用户终端进行鉴权的方法
CN1929370A (zh) * 2005-09-05 2007-03-14 华为技术有限公司 用户接入认证代理时确定认证使用的密钥的方法及系统
US20070101122A1 (en) * 2005-09-23 2007-05-03 Yile Guo Method and apparatus for securely generating application session keys
US20070086590A1 (en) * 2005-10-13 2007-04-19 Rolf Blom Method and apparatus for establishing a security association
US8522025B2 (en) * 2006-03-28 2013-08-27 Nokia Corporation Authenticating an application
CN103001940A (zh) * 2007-10-05 2013-03-27 交互数字技术公司 由wtru使用的用于建立安全本地密钥的方法
WO2009070075A1 (en) * 2007-11-30 2009-06-04 Telefonaktiebolaget Lm Ericsson (Publ) Key management for secure communication
EP2399376A1 (en) * 2009-02-18 2011-12-28 Telefonaktiebolaget L M Ericsson (publ) User authentication
CN102379114B (zh) * 2009-04-01 2015-10-07 瑞典爱立信有限公司 基于ims的多媒体广播和多播服务(mbms)中的安全密钥管理
RU101231U1 (ru) * 2010-03-02 2011-01-10 Закрытое акционерное общество "Лаборатория Касперского" Система управления безопасностью мобильного вычислительного устройства
EP2695410B1 (en) * 2011-04-01 2017-04-19 Telefonaktiebolaget LM Ericsson (publ) Methods and apparatuses for avoiding damage in network attacks

Also Published As

Publication number Publication date
MX2014005223A (es) 2014-09-01
EP2774068A4 (en) 2015-08-05
US20150163669A1 (en) 2015-06-11
WO2013064716A1 (en) 2013-05-10
BR112014010472A2 (pt) 2017-04-18
AP2014007624A0 (en) 2014-05-31
EP2774068A1 (en) 2014-09-10
SG11201401950PA (en) 2014-09-26
RU2582863C2 (ru) 2016-04-27
IL232374A0 (en) 2014-06-30
RU2014118918A (ru) 2015-12-10
JP2015501613A (ja) 2015-01-15
KR20140095523A (ko) 2014-08-01
IN2014CN03915A (https=) 2015-10-16
CN104011730A (zh) 2014-08-27
AP3955A (en) 2016-12-22
UA108957C2 (uk) 2015-06-25
CA2853867A1 (en) 2013-05-10
PH12014500964A1 (en) 2014-06-30
ZA201403900B (en) 2017-05-31

Similar Documents

Publication Publication Date Title
US20150163669A1 (en) Security mechanism for external code
US10223520B2 (en) System and method for integrating two-factor authentication in a device
CN103004244B (zh) 结合Web应用和网页的通用引导架构使用
US8533803B2 (en) Method and apparatus for trusted federated identity
US8606234B2 (en) Methods and apparatus for provisioning devices with secrets
US8943321B2 (en) User identity management for permitting interworking of a bootstrapping architecture and a shared identity service
US9154955B1 (en) Authenticated delivery of premium communication services to trusted devices over an untrusted network
CN111327583B (zh) 一种身份认证方法、智能设备及认证服务器
JP5599870B2 (ja) 特権署名を用いてセキュアなウェブブラウジング環境を作成するための方法および装置
US11910194B2 (en) Secondary device authentication proxied from authenticated primary device
US20110264913A1 (en) Method and apparatus for interworking with single sign-on authentication architecture
EP2269357A1 (en) Methods, apparatuses, and computer program products for providing a single service sign-on
US11570620B2 (en) Network profile anti-spoofing on wireless gateways
CN103733591B (zh) 将可移除模块绑定到接入终端
CN109286933B (zh) 认证方法、装置、系统、计算机设备和存储介质
US8091122B2 (en) Computer program product, apparatus and method for secure HTTP digest response verification and integrity protection in a mobile terminal
Rath et al. Encryption-based second authentication factor solutions for qualified server-side signature creation
CN101317181B (zh) 用于移动终端中安全鉴权响应的设备以及方法
CN118265031B (zh) 信息安全方法、装置、通信设备和存储介质
EP4521711A1 (en) Communication method, apparatus and system
CN118803762A (zh) 认证能力开放方法、装置、设备、系统、介质及程序产品
KR20100050622A (ko) 악성 코드 처리 방법 및 이를 위한 장치 및 시스템
CN108684034A (zh) 数据传输方法及装置

Legal Events

Date Code Title Description
PC1 Assignment before grant (sect. 113)

Owner name: NOKIA TECHNOLOGIES OY

Free format text: FORMER APPLICANT(S): NOKIA CORPORATION

MK1 Application lapsed section 142(2)(a) - no request for examination in relevant period