WO2003049365A1 - Nutzung eines public-key-schlüsselpaares im endgerät zur authentisierung und autorisierung des telekommunikations-teilnehmers gegenüber dem netzbetreiber und geschäftspartnern - Google Patents
Nutzung eines public-key-schlüsselpaares im endgerät zur authentisierung und autorisierung des telekommunikations-teilnehmers gegenüber dem netzbetreiber und geschäftspartnern Download PDFInfo
- Publication number
- WO2003049365A1 WO2003049365A1 PCT/DE2001/004461 DE0104461W WO03049365A1 WO 2003049365 A1 WO2003049365 A1 WO 2003049365A1 DE 0104461 W DE0104461 W DE 0104461W WO 03049365 A1 WO03049365 A1 WO 03049365A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- network
- telecommunication
- telecommunications
- certificate
- access device
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
- H04L9/3268—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
- H04W12/068—Authentication using credential vaults, e.g. password manager applications or one time password [OTP] applications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/56—Financial cryptography, e.g. electronic payment or e-cash
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/065—Network architectures or network communication protocols for network security for supporting key management in a packet data network for group communications
Definitions
- the invention relates to devices and methods for checking the authorization (authentication and / or authorization) of a subscriber against an access device of a telecommunications network or against another service provider that can be reached via this network.
- a GSM mobile station uses a SIM card of a subscriber, which contains a secret that identifies the SIM card, which is also known to the network operator (shared secret) and a PIN number queried by the subscriber using the mobile radio station , Using a suitable protocol (e.g. the challenge-response protocol for GSM authentication), a network operator can identify a user's SIM card and, for example, allow or deny the subscriber the use of the mobile network.
- a suitable protocol e.g. the challenge-response protocol for GSM authentication
- the object of the present invention is therefore to provide a simple and efficient authentication and authorization of a telecommunications subscriber for certain services or transactions via a telecommunications network to an access device of a telecommunications network which the telecommunications subscriber uses a telecommunications terminal with a telecommunications subscriber identity dul wants to use.
- the object is achieved in each case by the subject matter of the independent claims.
- the invention allows simple and efficient authentication of a telecommunication subscriber to the telecommunication network via which he communicates (for processing services such as transactions etc.) and also simple and efficient authentication and / or authorization to third parties for predetermined services such as transactions (confidential Email, banking, payments etc.).
- the method according to the invention also works in the case of n: m relationships, such as the authentication of potential telecommunication subscribers by means of telecommunication subscriber identity modules in telecommunication terminals to several (m) connectivity providers for peer-to-peer transactions between end users, in ad hoc networks, etc.
- Generation of an additional benefit (for legally binding orders, transfers, etc.) when using public-ey key pairs, allows multiple use of existing components (telecommunications subscriber identity modules) without increasing hardware-side device costs and creates a very high level of security ,
- the method is particularly suitable for authenticating mobile devices to an Internet protocol network for the use of this network itself and for services which third parties offer via the Internet protocol network.
- FIG. 1 shows schematically an authorization check according to the invention
- a telecommunications terminal 1 mobile node MN, for example a cellular mobile radio terminal for GSM, UMTS, etc.
- a telecommunications subscriber identity module 2 for example SIM, W-SIM, UICC of a U-SIM etc.
- Visited telecommunications network 3 for example an internet protocol network of a mobile telecommunications network etc.
- AP Access Point
- NMT Network Management Tool
- PDP Poli - cy decision point
- a certification device 7 which also offers a publicly accessible list of the certificates generated by it and the status information assigned to these certificates (in the same telecommunication network 3 or in another telecommunication network 8 or at another operator or in a trust center, which can be accessed by elements of the telecommunications network 3), be contacted to check identity information (MSISDN etc) stored in the telecommunications terminal 1, certificates and to query the associated status data of the telecommunications subscriber 1 regarding the Implementation of services.
- These services include, for example, transport services, in particular the use of the telecommunications network 3 itself, and / or application services such as location-based services and / or transactions such as orders, transfers, etc. with provider 9 via the telecommunications network 3.
- the user of the telecommunications terminal 1 would like to tell the operator of the network 3 and / or a provider 9 (within the telecommunications network 3 or outside the telecommunications network 3, for example also a third provider independent of the telecommunications network, who only offers his services via the telecommunications network 3), his right to use the services of Provide provider of 3 or 9, i.e. perform authentication and / or authorization.
- the authentication and / or authorization takes place vis-à-vis the telecommunications network 3 or the provider of the service 9 (for example from the NMT (5)) as soon as the identity information (MSISDN etc.) and the authorization of the telecommunications subscriber 1 (or the telecommunications subscriber identity module 2) are checked has been.
- the identity information and authorization of the telecommunications subscriber 1 are checked here by checking one or more certificates (s) stored in its telecommunications subscriber identity module 2 and using a private key of an asymmetric (PKI-based) key pair also stored in the subscriber identity module 2.
- the check is carried out, for example, when an attempt is made to log on the telecommunications subscriber terminal 1 to the telecommunications network 3 as part of an authorization verification process between the NMT, access device AP 4 and the telecommunications subscriber terminal 1 by checking the certificate / certificates and querying the assigned status data in the certification body 7 performed.
- the NMT verifies the validity of the certificate by an OCSP or CRL query at CA 7.
- the telecommunications subscriber identity module 1 If it wishes to authorize the access device 4, the telecommunications subscriber identity module 1, after entering a PIN or any other input specific to the telecommunications subscriber (fingerprint, etc.), transmits the access device 4 (for example, to an offer (challenge) from the access device 4 below Transmission of a challenge number) an identity information (relating to the identity of the telecommunications subscriber identity module or the terminal and / or the user), one or more (from an identity and / or assigned authorization information, a public key of an asymmetric key pair with a through only the certification 7 known certificate generation method) certificate, as well as a protection signed by the private key from the telecommunication subscriber identity module against an improper repetition of an intercepted request by a third party (replay protection, nonce).
- an identity information relating to the identity of the telecommunications subscriber identity module or the terminal and / or the user
- one or more from an identity and / or assigned authorization information, a public key of an asymmetric
- NMT Network Management Tool
- the certificate confirms the identity information if the certification body can generate the identity information from the certificate using a method known to it.
- the public key and the identity / authorizations of the telecommunications subscriber 1, 2 and / or the mobile terminal can be obtained from the certificate (s) by the certification body 7 and the status information (certificate not expired, not revoked, authorizations etc.) is determined the status of the certificate is communicated by the certification device 7 to the network management device 5 in the network 3 (13).
- the network management device 5 decides on the basis of the communicated status information and authorizations on the scope of the authorizations of the MN 1, services and resources of the telecommunications network 3 and notifies this in step 14 of the access management entity PDP 6.
- PDP 6 then releases the use of the telecommunications network 3 by transmitting a corresponding policy to the AP 4 for the telecommunications subscriber 1 or it remains blocked if the NMT 5 has made a completely negative decision.
- the network management device 5 can communicate centrally for the network 3 whether and for which services etc. a mobile radio terminal (1) is currently considered to be authorized by the certification device 7. Furthermore, if the certificate status is positive (certificate valid, etc.), a secret generated by the NMT (5) (e.g. session key) is sent to the access device 4 using an encryption method used in the network 3 and decrypted there. Furthermore, the same secret is encrypted by the network management device 5 with the public key of the telecommunication identity module 2 (which public key the network management device can receive from the terminal 1 via the access device 4 in step 10 when logging in). Furthermore, the NMT 5 can transmit its own certificate to the NM 1 via the AP 4. The access device 4 then uses the key known to it (provided in the telecommunications network) for the key
- Secret is decrypted and then in step 16 the secret still encrypted with the public key of the telecommunications subscriber identity module 2 is transmitted to the telecommunications subscriber identity module 2.
- the private key associated with the public key mentioned is also stored in the telecommunications subscriber identity module 2 and is used to decrypt the secret. This secret can then be used, for example, for confidential communication between the terminal 1 and the access device 4.
- the access device (4) takes the subscriber into a list of telecommunications subscribers with access to the telecommunications cation network (3) and / or service (9), and grants access to the telecommunications network and / or service (9) only in the list of subscribers.
- a telecommunication terminal 1 with the telecommunication subscriber identity module 2 can, for example (depending on what the certificate (s) allow / allow), use other services and resources, order goods, pay electronically, etc., with a third party (9) the third party (9) either has the facility of NMT 5 of the telecommunications network 3 to confirm the level of authorization or asks the CA 7 (see above).
Abstract
Description
Claims
Priority Applications (13)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP01995536A EP1449324B1 (de) | 2001-11-29 | 2001-11-29 | Nutzung eines public-key-schlüsselpaares im endgerät zur authentisierung und autorisierung des telekommunikations-teilnehmers gegenüber dem netzbetreiber und geschäftspartnern |
DE50107864T DE50107864D1 (de) | 2001-11-29 | 2001-11-29 | Nutzung eines public-key-schlüsselpaares im endgerät zur authentisierung und autorisierung des telekommunikations-teilnehmers gegenüber dem netzbetreiber und geschäftspartnern |
CNB018238467A CN100444545C (zh) | 2001-11-29 | 2001-11-29 | 在终端设备中使用公开密钥密钥对,让网络运营商和商业伙伴对电信用户进行鉴别和授权 |
DE10197165T DE10197165D2 (de) | 2001-11-29 | 2001-11-29 | Nutzung eines Public-Key-Schlüsselpaares im Endgerät zur Authentisierung und Autorisierung des Telekommunikationsteilnehmers gegenüber dem Netzbetreiber und Geschäftspartnern |
KR1020047008242A KR100882033B1 (ko) | 2001-11-29 | 2001-11-29 | 네트워크 오퍼레이터 및 사업 파트너들에 대한 원격통신 가입자의 인증 및 허가를 위한 단말기 내의 공개키 키 쌍의 사용 |
US10/497,019 US9088565B2 (en) | 2001-11-29 | 2001-11-29 | Use of a public key key pair in the terminal for authentication and authorization of the telecommunication user with the network operator and business partners |
CA2468599A CA2468599C (en) | 2001-11-29 | 2001-11-29 | Use of a public key key pair in the terminal for authentication and authorization of the telecommunication subscriber in respect of the network operator and business partners |
IL16201101A IL162011A0 (en) | 2001-11-29 | 2001-11-29 | Use of a public key pair in the terminal for authentication and authorisation of the telecommunication user with the network op |
AU2002226278A AU2002226278B2 (en) | 2001-11-29 | 2001-11-29 | Use of a public key key pair in the terminal for authentication and authorisation of the telecommunication user with the network operator and business partners |
PCT/DE2001/004461 WO2003049365A1 (de) | 2001-11-29 | 2001-11-29 | Nutzung eines public-key-schlüsselpaares im endgerät zur authentisierung und autorisierung des telekommunikations-teilnehmers gegenüber dem netzbetreiber und geschäftspartnern |
JP2003550434A JP4170912B2 (ja) | 2001-11-29 | 2001-11-29 | ネットワークプロバイダ及びビジネスパートナーに対する遠隔通信加入者の認証及び許可のための端末における公開鍵ペアの利用 |
ES01995536T ES2247199T3 (es) | 2001-11-29 | 2001-11-29 | Aprovechamiento de un par de claves publicas en el aparato terminal para la auntentificacion y autorizacion del abonado de telecomunicaciones ante el operador de red e interlocutores de negocio. |
IL162011A IL162011A (en) | 2001-11-29 | 2004-05-16 | Using a pair of public keys in common for user authentication and authorization and communication with the network operator and trading colleagues |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/DE2001/004461 WO2003049365A1 (de) | 2001-11-29 | 2001-11-29 | Nutzung eines public-key-schlüsselpaares im endgerät zur authentisierung und autorisierung des telekommunikations-teilnehmers gegenüber dem netzbetreiber und geschäftspartnern |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2003049365A1 true WO2003049365A1 (de) | 2003-06-12 |
Family
ID=5648318
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/DE2001/004461 WO2003049365A1 (de) | 2001-11-29 | 2001-11-29 | Nutzung eines public-key-schlüsselpaares im endgerät zur authentisierung und autorisierung des telekommunikations-teilnehmers gegenüber dem netzbetreiber und geschäftspartnern |
Country Status (11)
Country | Link |
---|---|
US (1) | US9088565B2 (de) |
EP (1) | EP1449324B1 (de) |
JP (1) | JP4170912B2 (de) |
KR (1) | KR100882033B1 (de) |
CN (1) | CN100444545C (de) |
AU (1) | AU2002226278B2 (de) |
CA (1) | CA2468599C (de) |
DE (2) | DE10197165D2 (de) |
ES (1) | ES2247199T3 (de) |
IL (2) | IL162011A0 (de) |
WO (1) | WO2003049365A1 (de) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE10344483A1 (de) * | 2003-09-24 | 2005-05-12 | Vodafone Holding Gmbh | Verfahren zur Berechtigungsprüfung beim Aufbau und/oder Weitervermittlung einer Telekommunikationsverbindung |
CN100433888C (zh) * | 2006-09-18 | 2008-11-12 | 中国联合通信有限公司 | 一种利用多个802.16d基站密集覆盖用户群的方法及系统 |
US7600113B2 (en) * | 2004-02-20 | 2009-10-06 | Microsoft Corporation | Secure network channel |
JP2010514288A (ja) * | 2006-12-19 | 2010-04-30 | テレフオンアクチーボラゲット エル エム エリクソン(パブル) | 通信ネットワークにおけるユーザアクセス管理 |
Families Citing this family (24)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1215386C (zh) * | 2002-04-26 | 2005-08-17 | St微电子公司 | 根据量子软计算控制过程或处理数据的方法和硬件体系结构 |
EP1514208A4 (de) | 2002-06-06 | 2010-11-17 | Thomson Licensing | Maklergestütztes interworking unter verwendung hierarchischer zertifikate |
US7490348B1 (en) | 2003-03-17 | 2009-02-10 | Harris Technology, Llc | Wireless network having multiple communication allowances |
JP4690007B2 (ja) * | 2004-01-22 | 2011-06-01 | Kddi株式会社 | 通信システムおよび通信端末 |
JP4601979B2 (ja) * | 2004-03-22 | 2010-12-22 | エヌ・ティ・ティ・コムウェア株式会社 | 証明書相互認証システム、及び証明書相互認証方法 |
US8141142B2 (en) | 2005-02-14 | 2012-03-20 | International Business Machines Corporation | Secure authentication of service users of a remote service interface to a storage media |
US20090170511A1 (en) * | 2005-07-04 | 2009-07-02 | Yoshihiko Takei | Group network forming method and group network system |
CN100349496C (zh) * | 2005-07-15 | 2007-11-14 | 华为技术有限公司 | 一种消息认证方法 |
EP1752937A1 (de) * | 2005-07-29 | 2007-02-14 | Research In Motion Limited | System und Verfahren zur verschlüsselten Eingabe einer persönlichen Identifizierungsnummer für eine Chipkarte |
US11418318B2 (en) * | 2006-08-18 | 2022-08-16 | Motorola Solutions, Inc. | Portable certification authority |
PT1912413E (pt) * | 2006-10-13 | 2010-04-20 | Quipa Holdings Ltd | Método para formar uma rede privada virtual segura facilitando a comunicação entre pares |
JP4488018B2 (ja) * | 2007-03-28 | 2010-06-23 | 株式会社日立製作所 | 公開鍵証明書検証システム |
CN101345623B (zh) * | 2007-07-09 | 2010-11-10 | 中茂电子(深圳)有限公司 | 具有认证功能的控制系统及方法 |
KR101383810B1 (ko) * | 2011-11-14 | 2014-04-14 | 한전케이디엔주식회사 | 스마트 그리드 기기 보안인증 시스템 및 방법 |
CN104704769B (zh) | 2012-10-15 | 2018-07-27 | 皇家飞利浦有限公司 | 无线通信系统 |
US9350550B2 (en) | 2013-09-10 | 2016-05-24 | M2M And Iot Technologies, Llc | Power management and security for wireless modules in “machine-to-machine” communications |
US9100175B2 (en) | 2013-11-19 | 2015-08-04 | M2M And Iot Technologies, Llc | Embedded universal integrated circuit card supporting two-factor authentication |
US10498530B2 (en) | 2013-09-27 | 2019-12-03 | Network-1 Technologies, Inc. | Secure PKI communications for “machine-to-machine” modules, including key derivation by modules and authenticating public keys |
US9397892B2 (en) * | 2013-11-04 | 2016-07-19 | Illumio, Inc. | Managing servers based on pairing keys to implement an administrative domain-wide policy |
US10700856B2 (en) | 2013-11-19 | 2020-06-30 | Network-1 Technologies, Inc. | Key derivation for a module using an embedded universal integrated circuit card |
US9853977B1 (en) | 2015-01-26 | 2017-12-26 | Winklevoss Ip, Llc | System, method, and program product for processing secure transactions within a cloud computing system |
WO2019022738A1 (en) | 2017-07-26 | 2019-01-31 | Hewlett-Packard Development Company, L.P | ENABLING MANAGEMENT |
US10855674B1 (en) * | 2018-05-10 | 2020-12-01 | Microstrategy Incorporated | Pre-boot network-based authentication |
US10686369B1 (en) | 2019-07-24 | 2020-06-16 | Dean Hatsuo Motoyama | Device and process for detecting and mitigating reverse power-flow |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0903887A2 (de) * | 1991-09-13 | 1999-03-24 | AT&T Corp. | Authentifizierungsvorrichtung für zellulare Telefone |
WO2001002940A1 (en) * | 1999-06-30 | 2001-01-11 | Silverbrook Research Pty Ltd | Method and system for conferencing |
Family Cites Families (19)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5222140A (en) * | 1991-11-08 | 1993-06-22 | Bell Communications Research, Inc. | Cryptographic method for key agreement and user authentication |
US5371794A (en) * | 1993-11-02 | 1994-12-06 | Sun Microsystems, Inc. | Method and apparatus for privacy and authentication in wireless networks |
JPH08223152A (ja) | 1995-02-14 | 1996-08-30 | Nec Corp | 暗号化方法および暗号情報変換装置 |
JP2877199B2 (ja) * | 1996-06-21 | 1999-03-31 | 日本電気株式会社 | ローミング方式 |
JPH10112883A (ja) * | 1996-10-07 | 1998-04-28 | Hitachi Ltd | 無線通信交換システム、交換機、公開鍵管理装置、移動端末および移動端末認証方法 |
US6934838B1 (en) * | 1998-06-01 | 2005-08-23 | Entrust Technologies Ltd. | Method and apparatus for a service provider to provide secure services to a user |
JP3640237B2 (ja) | 1998-06-11 | 2005-04-20 | 株式会社エヌ・ティ・ティ・ドコモ | 移動通信網における情報配信方法 |
US6628652B1 (en) * | 1998-09-18 | 2003-09-30 | Lucent Technologies Inc. | Flexible telecommunications switching network |
US6463534B1 (en) * | 1999-03-26 | 2002-10-08 | Motorola, Inc. | Secure wireless electronic-commerce system with wireless network domain |
FI991105A (fi) * | 1999-05-14 | 2000-11-15 | Nokia Networks Oy | Menetelmä ja digitaalinen matkaviestinjärjestelmä |
PL354839A1 (en) | 1999-05-21 | 2004-02-23 | Ibm | Method and apparatus for initializing secure communications among, and for exclusively pairing wireless devices |
JP3412687B2 (ja) | 1999-06-15 | 2003-06-03 | 日本電気株式会社 | Lan間接続方法、アクセスポイント装置及びlanシステム |
DE50013577D1 (de) * | 1999-06-15 | 2006-11-16 | Siemens Ag | Verfahren und Anordnung zur Überprüfung der Authentizität eines Dienstanbieters in einem Kommunikationsnetz |
EP1094682B1 (de) | 1999-10-22 | 2005-06-08 | Telefonaktiebolaget LM Ericsson (publ) | Mobiltelefon mit eingebauter Sicherheitsfirmware |
US7028186B1 (en) * | 2000-02-11 | 2006-04-11 | Nokia, Inc. | Key management methods for wireless LANs |
FI20000760A0 (fi) * | 2000-03-31 | 2000-03-31 | Nokia Corp | Autentikointi pakettidataverkossa |
FI20001837A (fi) * | 2000-08-18 | 2002-02-19 | Nokia Corp | Autentikointi |
US7017041B2 (en) * | 2000-12-19 | 2006-03-21 | Tricipher, Inc. | Secure communications network with user control of authenticated personal information provided to network entities |
KR20010079161A (ko) * | 2001-06-19 | 2001-08-22 | 김영진 | 무선통신환경에서 인증서를 사용한 장치 인증 및 통신암호 키 분배 방법 |
-
2001
- 2001-11-29 JP JP2003550434A patent/JP4170912B2/ja not_active Expired - Fee Related
- 2001-11-29 CN CNB018238467A patent/CN100444545C/zh not_active Expired - Fee Related
- 2001-11-29 ES ES01995536T patent/ES2247199T3/es not_active Expired - Lifetime
- 2001-11-29 US US10/497,019 patent/US9088565B2/en active Active
- 2001-11-29 AU AU2002226278A patent/AU2002226278B2/en not_active Ceased
- 2001-11-29 KR KR1020047008242A patent/KR100882033B1/ko not_active IP Right Cessation
- 2001-11-29 DE DE10197165T patent/DE10197165D2/de not_active Expired - Fee Related
- 2001-11-29 IL IL16201101A patent/IL162011A0/xx unknown
- 2001-11-29 CA CA2468599A patent/CA2468599C/en not_active Expired - Fee Related
- 2001-11-29 DE DE50107864T patent/DE50107864D1/de not_active Expired - Lifetime
- 2001-11-29 WO PCT/DE2001/004461 patent/WO2003049365A1/de active IP Right Grant
- 2001-11-29 EP EP01995536A patent/EP1449324B1/de not_active Expired - Lifetime
-
2004
- 2004-05-16 IL IL162011A patent/IL162011A/en not_active IP Right Cessation
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0903887A2 (de) * | 1991-09-13 | 1999-03-24 | AT&T Corp. | Authentifizierungsvorrichtung für zellulare Telefone |
WO2001002940A1 (en) * | 1999-06-30 | 2001-01-11 | Silverbrook Research Pty Ltd | Method and system for conferencing |
Non-Patent Citations (2)
Title |
---|
PARK CH-S: "ON CERTIFICATE-BASED SECURITY PROTOCOLS FOR WIRELESS MOBILE COMMUNICATION SYSTEMS", IEEE NETWORK, IEEE INC. NEW YORK, US, vol. 11, no. 5, 1 September 1997 (1997-09-01), pages 50 - 55, XP000699941, ISSN: 0890-8044 * |
PUTZ S ET AL: "Authentication schemes for third generation mobile radio systems", PERSONAL, INDOOR AND MOBILE RADIO COMMUNICATIONS, 1998. THE NINTH IEEE INTERNATIONAL SYMPOSIUM ON BOSTON, MA, USA 8-11 SEPT. 1998, NEW YORK, NY, USA,IEEE, US, 8 September 1998 (1998-09-08), pages 126 - 130, XP010314761, ISBN: 0-7803-4872-9 * |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE10344483A1 (de) * | 2003-09-24 | 2005-05-12 | Vodafone Holding Gmbh | Verfahren zur Berechtigungsprüfung beim Aufbau und/oder Weitervermittlung einer Telekommunikationsverbindung |
US7600113B2 (en) * | 2004-02-20 | 2009-10-06 | Microsoft Corporation | Secure network channel |
CN100433888C (zh) * | 2006-09-18 | 2008-11-12 | 中国联合通信有限公司 | 一种利用多个802.16d基站密集覆盖用户群的方法及系统 |
JP2010514288A (ja) * | 2006-12-19 | 2010-04-30 | テレフオンアクチーボラゲット エル エム エリクソン(パブル) | 通信ネットワークにおけるユーザアクセス管理 |
Also Published As
Publication number | Publication date |
---|---|
AU2002226278A1 (en) | 2003-06-17 |
KR100882033B1 (ko) | 2009-02-09 |
EP1449324A1 (de) | 2004-08-25 |
DE10197165D2 (de) | 2004-10-28 |
AU2002226278B2 (en) | 2007-01-04 |
CA2468599A1 (en) | 2003-06-12 |
EP1449324B1 (de) | 2005-10-26 |
IL162011A0 (en) | 2005-11-20 |
JP2005512396A (ja) | 2005-04-28 |
JP4170912B2 (ja) | 2008-10-22 |
CN100444545C (zh) | 2008-12-17 |
US9088565B2 (en) | 2015-07-21 |
DE50107864D1 (de) | 2005-12-01 |
ES2247199T3 (es) | 2006-03-01 |
KR20040058354A (ko) | 2004-07-03 |
CN1559117A (zh) | 2004-12-29 |
CA2468599C (en) | 2011-08-30 |
IL162011A (en) | 2009-08-03 |
US20050120202A1 (en) | 2005-06-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP1449324B1 (de) | Nutzung eines public-key-schlüsselpaares im endgerät zur authentisierung und autorisierung des telekommunikations-teilnehmers gegenüber dem netzbetreiber und geschäftspartnern | |
EP2443853B1 (de) | Verfahren zum einbuchen eines mobilfunkgeräts in ein mobilfunknetz | |
DE602004002140T2 (de) | Universeller sicherer Datenaustausch für kryptographischen Modulen | |
DE602004012233T2 (de) | Verfahren zur Bereitstellung eines Signierungsschlüssels zur digitalen Signierung, Überprüfung oder Verschlüsselung von Daten | |
DE4406602C2 (de) | Sicherheitssystem zum Identifizieren und Authentisieren von Kommunikationspartnern | |
EP2415228A2 (de) | Verfahren zum lesen von attributen aus einem id-token über eine mobilfunkverbindung | |
DE102013203257A1 (de) | Lesen eines Attributs aus einem ID-Token | |
DE112008002860T5 (de) | Verfahren und Vorrichtung für das Bereitstellen einer sicheren Verknüpfung mit einer Benutzeridentität in einem System für digitale Rechteverwaltung | |
WO2012150160A1 (de) | Beantwortung von anfragen mittels des kommunikationsendgeräts eines nutzers | |
DE102020108828A1 (de) | Personalisierter, serverindividueller Authentifizierungsmechanismus | |
EP3540623B1 (de) | Verfahren zur erzeugung eines pseudonyms mit hilfe eines id-tokens | |
DE102005003208B4 (de) | Authentisierung eines Benutzers | |
EP2397960B1 (de) | Verfahren zum Lesen von Attributen aus einem ID-Token über eine Telekommunikations-Chipkarte und ein Server-Computersystem | |
EP2783320A1 (de) | Verfahren zum authentisieren einer person an einer serverinstanz | |
EP2381712B1 (de) | Sicheres Auslesen von Daten aus einem Funkgerät mit festintegriertem TPM | |
DE102012009128A1 (de) | Verfahren zur Kommunikation zwischen einem mobilen Endgerät und einem Gerät der Gebäudesystemtechnik oder der Türkommunikation | |
EP4016339B1 (de) | Provisionieren eines sicherheitsapplets auf einem mobilen endgerät | |
DE102004024648A1 (de) | Verfahren zur Authentifizierung einer Kommunikationseinheit | |
WO2023280583A1 (de) | Verfahren, vorrichtungen und system zum zugriff auf eine produktionseinrichtung | |
DE102021110144A1 (de) | Provisionieren eines Sicherheitsapplets auf einem mobilen Endgerät | |
DE102021110142A1 (de) | Personalisieren eines Sicherheitsapplets auf einem mobilen Endgerät | |
DE102021105434A1 (de) | Abstimmungssystem für eine virtuelle Konferenz | |
EP1985086B1 (de) | Verfahren zur übermittlung von daten in einem kommunikationsnetz | |
EP1773089B1 (de) | Verfahren, System und Vorrichtung zur Erzeugung und/oder Nutzung von Identitäten von Klienten in einem Kommunikationssystem | |
DE10309883A1 (de) | Zertifikatsbasierte Authentifikation und Autorisation für die Benutzung von Diensten |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR |
|
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWE | Wipo information: entry into national phase |
Ref document number: 2001995536 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 162011 Country of ref document: IL |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2468599 Country of ref document: CA |
|
WWE | Wipo information: entry into national phase |
Ref document number: 1020047008242 Country of ref document: KR |
|
WWE | Wipo information: entry into national phase |
Ref document number: 20018238467 Country of ref document: CN Ref document number: 2003550434 Country of ref document: JP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2002226278 Country of ref document: AU |
|
WWP | Wipo information: published in national office |
Ref document number: 2001995536 Country of ref document: EP |
|
REF | Corresponds to |
Ref document number: 10197165 Country of ref document: DE Date of ref document: 20041028 Kind code of ref document: P |
|
WWE | Wipo information: entry into national phase |
Ref document number: 10197165 Country of ref document: DE |
|
WWE | Wipo information: entry into national phase |
Ref document number: 10497019 Country of ref document: US |
|
WWG | Wipo information: grant in national office |
Ref document number: 2001995536 Country of ref document: EP |