Class / Patent application number | Description | Number of patent applications / Date published |
380272000 | Including hand-off based cryptographic alteration | 28 |
20080205650 | Changing radio access network security algorithm during handover - The invention allows changing a Radio Access Network security algorithm during handover in a manner that is efficient and secure. A security message is received at a mobile station previously using a first security algorithm in communication with a first access point, which message instructs to use a second security algorithm required by a second access point. In response, the mobile station is changed to use the second security algorithm. | 08-28-2008 |
20080240439 | METHODS AND APPARATUS TO FACILITATE DATA AND SECURITY CONTEXT TRANSFER, AND RE-INITIALIZATION DURING MOBILE DEVICE HANDOVER - Security context transfer and ROHC context transfer to enable secure and efficient mobile device handoff is facilitated by the introduction of new information elements to the UL Allocation message or separate downlink (DL) physical channel, the use of reverse tunneling during hand off (HO) to provide the User Equipment (UE) with new security parameters, the generation of multiple key sets and automated or context based triggering of the Security Mode Command. | 10-02-2008 |
20090116647 | METHOD FOR PROVIDING FAST SECURE HANDOFF IN A WIRELESS MESH NETWORK - Disclosed is a method for providing fast secure handoff in a wireless mesh network. The method comprises configuring multiple first level key holders (R0KHs) within a radio access network to which supplicants within the multi-hop wireless mesh network are capable of establishing a security association, configuring a common mobility domain identifier within the first level key holders of a mobility domain, and propagating identity of a first level key holder and the mobility domain identifier through the wireless mesh network to enable the supplicants within the mobility domain to perform fast secure handoff. | 05-07-2009 |
20090136036 | COMMUNICATION METHOD FOR EXECUTING HANDOVER, AND BASE STATION APPARATUS, TERMINAL APPARATUS AND CONTROL APPARATUS USING THE COMMUNICATION METHOD - A receiving unit receives a handover request from a terminal apparatus. As the handover request is received, a requesting unit requests a control apparatus connected via a network that an encryption key used for wireless communication performed between the terminal apparatus and a handover source base station apparatus be outputted. As the encryption key is received from the control apparatus as a response to the request, a tentative execution unit performs wireless communication with the terminal using the encryption key using the encryption key. While wireless communication is being performed between the tentative execution unit and the terminal, a setting unit determines a new encryption key between the setting unit and the terminal and continues to perform wireless communication after updating the encryption key with the new encryption key. | 05-28-2009 |
20090175448 | WIRELESS NETWORK HANDOFF KEY - The present invention provides a method and system for handoff in a wireless communication network. In one embodiment, a common handoff encryption key is generated by an authentication server and transmitted to a first access point and a second access point. The first access point transmits the handoff encryption key to a wireless terminal. The wireless terminal encrypts output data with the handoff encryption key. When the wireless terminal is associated with the second access point, the second access point decrypts data from the wireless terminal with the handoff encryption key. In a second embodiment, a handoff WEP key generation secret parameter is provided to a first and a second access point. Both access points generate a handoff WEP key as a function of the handoff WEP key generation secret parameter and an address of a wireless terminal. The first access point transmits the handoff WEP key to the wireless terminal. The second access point communicates data packets encrypted with the handoff WEP key with the wireless terminal. | 07-09-2009 |
20090175449 | WIRELESS NETWORK HANDOFF KEY - The present invention provides a method and system for handoff in a wireless communication network. In one embodiment, a common handoff encryption key is generated by an authentication server and transmitted to a first access point and a second access point. The first access point transmits the handoff encryption key to a wireless terminal. The wireless terminal encrypts output data with the handoff encryption key. When the wireless terminal is associated with the second access point, the second access point decrypts data from the wireless terminal with the handoff encryption key. In a second embodiment, a handoff WEP key generation secret parameter is provided to a first and a second access point. Both access points generate a handoff WEP key as a function of the handoff WEP key generation secret parameter and an address of a wireless terminal. The first access point transmits the handoff WEP key to the wireless terminal. The second access point communicates data packets encrypted with the handoff WEP key with the wireless terminal. | 07-09-2009 |
20090208013 | WIRELESS NETWORK HANDOFF KEY - The present invention provides a method and system for handoff in a wireless communication network. In one embodiment, a common handoff encryption key is generated by an authentication server and transmitted to a first access point and a second access point. The first access point transmits the handoff encryption key to a wireless terminal. The wireless terminal encrypts output data with the handoff encryption key. When the wireless terminal is associated with the second access point, the second access point decrypts data from the wireless terminal with the handoff encryption key. In a second embodiment, a handoff WEP key generation secret parameter is provided to a first and a second access point. Both access points generate a handoff WEP key as a function of the handoff WEP key generation secret parameter and an address of a wireless terminal. The first access point transmits the handoff WEP key to the wireless terminal. The second access point communicates data packets encrypted with the handoff WEP key with the wireless terminal. | 08-20-2009 |
20090220087 | Systems and method for performing handovers, or key management while performing handovers in a wireless communication system - Example embodiments provide a method for performing handovers and key management while performing handovers. The method includes communicating a random handover seed key protected by a secure protocol from a core component of a network to a user equipment. The secure protocol prevents the random handover seed key from being learned by base stations supported by the core component of the network. The secure protocol may be non-access stratum signaling of an evolved packet system environment for wireless communications. | 09-03-2009 |
20090274302 | METHOD FOR DERIVING TRAFFIC ENCRYPTION KEY - A mobile station is provided. The mobile station includes one or more radio transceiver module and a processor. The processor performs a handover negotiation procedure with a serving base station so as to handover communication services to a target base station by transmitting and receiving a plurality of handover negotiation messages via the radio transceiver module, and generates an Authorization Key (AK) context and derives at least one Traffic Encryption Key (TEK) for the target base station. The AK context includes a plurality of keys shared with the target base station for encrypting messages to be transmitted to the target base station, and the TEK is a secret key shared with the target base station for encrypting traffic data. | 11-05-2009 |
20100002883 | SECURITY PROCEDURE AND APPARATUS FOR HANDOVER IN A 3GPP LONG TERM EVOLUTION SYSTEM - A method and apparatus for implementing a security procedure during handover of a wireless transmit/receive unit (WTRU) in wireless communications that controls the behavior of a handover target if it cannot support the required security algorithms. The handover source can detect that the target does not support the required security algorithms and the WTRU can detect that security algorithms may change during handover. Security procedures for the WTRU include contingencies for Radio Link Failure and if the public land mobile network (PLMN) changes. | 01-07-2010 |
20100172500 | METHOD OF HANDLING INTER-SYSTEM HANDOVER SECURITY IN WIRELESS COMMUNICATIONS SYSTEM AND RELATED COMMUNICATION DEVICE - A method of handling inter-system handover security for a communication device in a wireless communication system includes creating a first security key set for security with a serving network, creating a second security key set with a deactivating state, receiving an inter-system handover command for an inter-system handover from the serving network to a target network, selecting either the first security key set or the second security key set during the inter-system handover, and using the selected security key set for security with the target network, wherein the selected security key set is identical with a third security key set that is used by the target network for security with the communication device. | 07-08-2010 |
20100220862 | Method, Apparatus And Computer Program Product For Providing Security During Handover Between A Packet-Switched Network And A Circuit-Switched Network - A method, apparatus and computer program product are provided to facilitate security in response to a handover from an initial network to a subsequent network, such as a handover between a packet-switched network and a circuit-switched network. The method, apparatus and computer program product may provide at least one security key for use in the subsequent network following handover from the initial network such that communications conducted via the subsequent network, including initial communications, may be secure. In order to provide at least one security key for use in the subsequent network, at least one security key of the initial network may be identified along with a nonce in response to a determination that a handover is to be made. The at least one security key of the subsequent network may then be determined based upon the at least one security key of the initial network and the nonce. | 09-02-2010 |
20100303238 | Session Key Generation and Distribution with Multiple Security Associations per Protocol Instance - A single instance of a session key generation protocol is executed in a manner that generates a plurality of security associations between user equipment and a first network element of a communication system. In one aspect, a first one of the security associations is utilized to secure data sent between the user equipment and the first network element in an ongoing communication. In conjunction with a handoff of the ongoing communication from the first network element to a second network element of the communication system, another one of the security associations is selected, and the other selected security association is utilized to secure data sent between the user equipment and the second network element in the ongoing communication. The security associations may comprise respective sets of session keys derived from a single pairwise master key. | 12-02-2010 |
20110002465 | INTEGRATED HANDOVER AUTHENTICATING METHOD FOR NEXT GENERATION NETWORK (NGN) WITH WIRELESS ACCESS TECHNOLOGIES AND MOBILE IP BASED MOBILITY CONTROL - Integrated handover authentication technology for a next generation network (NGN) environment to which wire-less access technology and mobile IP based mobility control technology are applied is provided. In a method of operating a mobile terminal MN in order to perform the integrated handover authentication in the NGN environment including an access router PAR, a target router NAR, and an authentication(AAA) server. First, a handover authentication key HK | 01-06-2011 |
20110002466 | CLIENT APPARATUS FOR SUPPORTING MOBILITY AND SECURITY BETWEEN HETEROGENEOUS NETWORKS USING MOBIKE PROTOCOL - A client apparatus includes a wireless network access unit configured to access wireless networks, a packet analysis unit configured to analyze uplink and downlink data packets, a security tunnel processor configured to establish a mobile security tunnel and to maintain the established mobile security tunnel when handover is performed in heterogeneous networks, a wireless network controller configured to control a wireless network accessing process and a connection releasing process of the wireless network access unit, a mobile security tunnel controller configured to perform a MOBIKE protocol and to control a process of establishing and maintaining a mobile security tunnel of the security tunnel processor, and a wireless network connection manager configured to request the mobile security tunnel controller to perform a MOBIKE protocol by managing MOBIKE information and to control handover by setting up and managing a wireless network access policy. | 01-06-2011 |
20110033053 | SECURITY KEY GENERATING METHOD, DEVICE AND SYSTEM - A security key generating method, device and system are provided, wherein, the method is used for generating a security key in the process of the handover to an EUTRAN network from other network, the method includes: an MME generates a security key based on a root key K | 02-10-2011 |
20110123029 | Method and system for generating an identity identifier of a key - A method for generating an identifier of a key, comprises that: when a user equipment (UE) transfers from an evolved UMTS terrestrial radio access network (EUTRAN) to a universal terrestrial radio access network (UTRAN) or a global system for mobile communications (GSM), or an enhanced data rate for GSM evolved radio access network (GERAN), an identifier of a system key after transfer is generated by mapping an identifier KSI | 05-26-2011 |
20110135095 | Method and system for generating key identity identifier when user equipment transfers - A method for generating a key identity identifier when a user equipment (UE) transfers is disclosed. The method includes the following steps: a mobility management entity (MME) of an evolved UMTS terrestrial radio access network (EUTRAN) sends an identity identifier of an access security management entity key (KSI | 06-09-2011 |
20110222690 | Method and system for deriving keys - A method for deriving keys is disclosed. When Handover or Routing Area Update of User Equipment (UE) from an Evolved Universal Terrestrial Radio Access Network (E-UTRAN) to a Universal Terrestrial Radio Access Network (UTRAN) or Global System for Mobile Communication/Enhanced Data Rate for GSM Evolution Radio Access Network (GERAN) occurs, the keys for the UTRAN or the GERAN are derived by a Mobility Management Entity (MME) and/or the UE by using predefined parameters. The predefined parameters include a root key of the E-UTEAN and a value of a Non Access Stratum (NAS) Count. A keys derivation system for deriving the keys is also disclosed. | 09-15-2011 |
20110274276 | METHOD AND SYSTEM FOR POSITIONING MOBILE STATION IN HANDOVER PROCEDURE - A method for obtaining a secure key is provided. The method includes sending an Access Safety Management Entity Key (K | 11-10-2011 |
20110305341 | Security Performance Negotiation Method And A Tek Management Method - The present invention relates to methods for sending and receiving security related information during handover on a wireless access system and methods for managing a traffic encoding key (TEK). In one example of the present invention, a security performance negotiation method for supporting the hand-over of mobile handsets comprises the steps of: carrying out, in advance, a security performance negotiation procedure with a first base station (T-ABS), prior to registration on the first base station; generating a traffic encoding key (TEK) by using security related information acquired by means of the security performance negotiation procedure; and carrying out a general performance exchange procedure encoded by means of the TEK and a zone switch with the first base station. | 12-15-2011 |
20110311053 | Apparatus and method for transitioning enhanced security context from a UTRAN/GERAN-based serving network to an E-UTRAN-based serving network - Disclosed is a method for transitioning an enhanced security context from a UTRAN/GERAN-based serving network to an E-UTRAN-based serving network. In the method, the remote station the remote station generates first and second session keys, in accordance with the enhanced security context, using a first enhanced security context root key associated with a UTRAN/GERAN-based serving network and a first information element. The remote station receives a first message from the E-UTRAN-based serving network. The first message signals to the remote station to generate a second enhanced security context root key for use with the E-UTRAN-based serving network. The remote station generates, in response to the first message, the second enhanced security context root key from the first enhanced security context root key using the s first and second session keys as inputs. The remote station protects wireless communications, on the E-UTRAN-based serving network, based on the second enhanced security context root key. | 12-22-2011 |
20120033815 | METHOD OF HANDLING SECURITY KEY CHANGE AND RELATED COMMUNICATION DEVICE - A method of handling security key change for a user equipment in a wireless communication system includes applying a radio resource control procedure to activate key change, where the radio resource control procedure covers two conditions where the key change is accompanied with an authentication and key agreement run and without an authentication and key agreement run. | 02-09-2012 |
20120057706 | METHOD AND SYSTEM FOR OPTIMIZING AUTHENTICATION PROCEDURES IN MEDIA INDEPENDENT HANODVER SERVICES - A method and system for establishing security association mechanism between a Mobile Node (MN) and a plurality of Point of Services (PoS) are provided. The method includes sending a first request from primary PoS to secondary PoS. The primary PoS then receives a first response along with a derived first key. The first key is derived at the secondary PoS. The method further includes receiving a second request from the MN at the primary PoS. The method then derives a second key based on a MN identity and the derived first key. Thereafter, the method sends a second response along with a second key from the primary PoS to the MN. Further, the method establishes communication between the MN and secondary PoS based on the second key received by the MN and the second key generated at the secondary PoS. | 03-08-2012 |
20120082315 | METHOD AND SYSTEM FOR GENERATING CIPHER KEY DURING SWITCHING - A method and a system for generating a key in a handover process, wherein the method comprises the following steps of: according to an evolved Node-B (eNB) ( | 04-05-2012 |
20120183141 | MOBILE COMMUNICATION METHOD AND RADIO BASE STATION - A mobile communication method according to the present invention comprising the relay node RN configured to the method comprising a step in which the relay node RN transmits the “X2-AP (UE): Handover Request” to the radio base station DeNB # | 07-19-2012 |
20140233737 | Method and system for generating an identifier of a key - A method for generating an identifier of a key includes that: when a user equipment (UE) transfers from an evolved UMTS terrestrial radio access network (EUTRAN) to a universal terrestrial radio access network (UTRAN) or a global system for mobile communications (GSM), or an enhanced data rate for GSM evolved radio access network (GERAN), an identifier of a system key after transfer is generated by mapping an identifier KSI | 08-21-2014 |
20150104020 | Method, Network Element, and Mobile Station for Negotiating Encryption Algorithms - A method, network element, and mobile station (MS) are disclosed. The method includes: obtaining information that a plug-in card of the MS does not support a first encryption algorithm; deleting the first encryption algorithm from an encryption algorithm list permitted by a core network element according to the information that the plug-in card of the MS does not support the first encryption algorithm; sending the encryption algorithm list excluding the first encryption algorithm to an access network element, so that the access network element selects an encryption algorithm according to the encryption algorithm list excluding the first encryption algorithm and the MS capability information sent from the MS and sends the selected encryption algorithm to the MS. By using the method, network element, and MS, errors due to the fact that the plug-in card of the MS does not support an encryption algorithm may be avoided during the encryption process. | 04-16-2015 |