Patent application number | Description | Published |
20100262831 | Method and Apparatus for Providing Secure Linking to a User Identity in a Digital Rights Management System - Disclosed is a DRM device and method for providing secure linking to a user identity. A first request is sent to a subscriber identity module. A message is received from the subscriber identity module via a secure authenticated channel. The message comprises at least a a master key identifier, a random number, and a derived key. In response to the message, a second request is sent to a DRM server. The second request comprises at least a master key identifier, the device identifier, and a random number. Also disclosed is a DRM server and method for providing secure linking to a user identity. A first request is received from a DRM device. The first request comprises at least master key identifier, a device identifier, and a random number. The DRM device is authenticated. A second request for an application specific key is sent to a trusted key management server. The second request comprises at least a master key identifier. At least a key is received from the trusted key management server. A derived key is determined from the key received from the trusted key management server based at least on the device identifier and the random number. A challenge/response scheme is used to determine whether the derived key of the DRM server matches a derived key of the DRM device. | 10-14-2010 |
20100268937 | KEY MANAGEMENT FOR SECURE COMMUNICATION - A method and arrangement is disclosed for managing session keys for secure communication between a first and at least a second user device in a communications network. The method is characterized being independent of what type of credential each user device implements for security operations. A first user receives from a first key management server keying information and a voucher and generates a first session key. The voucher is forwarded to at least a responding user device that, with support from a second key management server communicating with the first key management server, resolves the voucher and determines a second session keys. First and second session keys are, thereafter, used for secure communication. In one embodiment the communication traverses an intermediary whereby first and second session keys protect communication with respective leg to intermediary. | 10-21-2010 |
20100281262 | Method for Digital Rights Management in a Mobile Communications Network - The present invention relates to a method and an operator network node for enabling a user-defined DRM domain of *SIMs hosted by *SIM-enabled devices. The operator network node is connectable to a *SIM based device and to a content provider node, and comprises means for establishing a secure channel between a *SIM-based device and an operator network node, means for creating a DRM domain defined by at least one user of *SIM-based devices, means for receiving at the operator network node a registration request from the *SIM-based device to register the *SIM of the *SIM-based device into the created user-defined DRM domain, means for registering at the operator network node the *SIM of the *SIM-based device into the registered user-defined DRM domain, and means for making the registered information associated with the user-defined DRM domain available to the content provider. The invention also relates to a further method and the content provider comprising means for accessing in the operator network node registered information associated with a registered user-defined DRM domain comprising *SIMs of a user, and means for establishing a content provider defined DRM domain comprising at least one of the *SIMs of the user-defined DRM domain. | 11-04-2010 |
20110010768 | Method and Apparatuses for End-to-Edge Media Protection in ANIMS System - An IMS system includes an IMS initiator user entity. The system includes an IMS responder user entity that is called by the initiator user entity. The system includes a calling side S-CSCF in communication with the caller entity which receives an INVITE having a first protection offer and parameters for key establishment from the caller entity, removes the first protection offer from the INVITE and forwards the INVITE without the first protection offer. The system includes a receiving end S-CSCF in communication with the responder user entity and the calling side S-CSCF which receives the INVITE without the first protection offer and checks that the responder user entity supports the protection, inserts a second protection offer into the INVITE and forwards the INVITE to the responder user entity, wherein the responder user entity accepts the INVITE including the second protection offer and answers with an acknowledgment having a first protection accept. A method for supporting a call by a telecommunications node. | 01-13-2011 |
20110093609 | Sending Secure Media Streams - A method and apparatus for sending a first secured media stream having a payload via an intermediate node. The intermediate node receives from a sender the first secured media stream. An end-to-end context identifier and a hop-by-hop context identifier are determined for the first secured media stream, where the hop-by-hop context identifier relates to the intermediate node and the end-to-end identifier relates to the sender. A second secured media stream is generated, which includes at least the payload of the first secured media stream and the context identifiers to identify the first secured media stream. The second secured media stream is sent to a receiving node, and the context identifiers are also sent to the receiving node. The context identifiers are usable by the receiving node to recover the first secured media stream. | 04-21-2011 |
20110093698 | SENDING MEDIA DATA VIA AN INTERMEDIATE NODE - A method and apparatus for sending protected media data from a data source node to a client node via an intermediate node. The data source node establishes a first hop-by-hop key to be shared with the intermediate node and an end-to-end key to be shared with the client node. A single security protocol instance is configured and used to trans-protocol form data from a media stream into transformed data using the keys. The transformed data is then sent to the intermediate node. The intermediate node uses the first hop-by-hop key to apply a security processing to the transformed data, and establishes a second hop-by-hop key with the client node. A second transformation is performed on the transformed data using the second hop-by-hop key to produce further transformed media data, which is then sent to the client node. At the client node a single security protocol instance is configured with the second hop-by-hop key and the end-to-end key, which are used to apply further security processing to the transformed media data. | 04-21-2011 |
20110131414 | METHODS AND SYSTEMS FOR END-TO-END SECURE SIP PAYLOADS - Methods, systems and communication nodes for protecting Session Initiation Protocol (SIP) message payloads are described. Different protection techniques can be used to protect SIP payloads depending upon, for example, whether a recipient client application resides in a user equipment or an application server and/or whether a recipient client application resides in a same SIP/IP domain as the target SIP application server which is sending the SIP payloads. | 06-02-2011 |
20110154022 | Method and Apparatus for Machine-to-Machine Communication - According to a first aspect of the present invention there is provided a method of at least partly delegating processing of data in a machine-to-machine system to reduce computational load on a broker entity | 06-23-2011 |
20110283365 | METHOD FOR USER PRIVACY PROTECTION - A system for generation of processed data for use in third party relationship monitoring is described. The system includes a communications system providing services to subscribing users. The communications system includes a rules database for storing rules, a data mining agent for mining and storing data relating to subscribing users, a content generator for generating protected user-related data from the mined data and communicating said user-related data over an interface, and a rights object generator for generating a usage rights object in response to the rules stored in the rules database and communicating said usage rights object over the interface. A tamper proof processing arrangement is connected to the interface. The tamper proof processing arrangement receives the user-related data and usage rights object from the communications system and processes the user-related data under control of the usage rights object. A signal output generator generates an output signal representative of processed data received from the processing arrangement. | 11-17-2011 |
20120198527 | IP Multimedia Security - A method of establishing keys for at least partially securing media plane data exchanged between first and second end users via respective first and second media plane network nodes. The method comprises sending session set-up signalling from said first end point towards said second end point, said session set-up signalling including a session key generated by said first end point. The set-up signalling is intercepted at a first signalling plane network node and a determination made as to whether or not a signalling plane key has already been established for securing the signalling plane between said first end point and said first signalling plane network node. If a signalling plane key has already been established, then a media plane key is derived from that signalling plane key, and the media plane key sent to said first media plane network node for securing the media plane between said first end user and said first media plane network node. If a signalling plane key has not already been established, then an alternative media plane key is derived from said session key and sent to said first media plane network node for securing the media plane between said first end user and said first media plane network node. | 08-02-2012 |
20120246480 | Method and Arrangement for Enabling Play-Out of Media - Methods and arrangements for enabling the use of a first device ( | 09-27-2012 |
20130024951 | Method and Device for Imposing Usage Constraints of Digital Content - A method for imposing one or more usage constraints on digital content, the method comprising communicating a digital content data item to a digital content receiver system; wherein the digital content data item includes the digital content and a usage constraint data item different from a digital license data item, or a reference to said usage constraint data item, the use case item being indicative of the one or more usage constraints. | 01-24-2013 |
20130047264 | Method and Device for Communicating Digital Content - A method for establishing a secured communication channel, between a first processing component and a second processing component; the method comprising executing a digital rights management agent on a processing unit, the digital rights management agent being configured to enforce permissions associated with digital content based on a digital rights management protection mechanism; receiving, by the digital rights management agent at least a security data item, the security data item including a session key data item; verifying authenticity of the received session key data item by the digital rights management agent using said digital rights management protection mechanism; providing the verified session key data item by the digital rights management agent to at least the second processing component; establishing a secured communication channel between the first and second processing components using at least the provided session key data item. | 02-21-2013 |
20130054965 | Usage Control of Digital Data Exchanged Between Terminals of a Telecommunications Network - The invention refers to a method of supporting a sending user device ( | 02-28-2013 |
20130054970 | Apparatuses and Methods for Enabling a User to Consume Protected Contents of a Content Provider - The embodiments of the present invention relate to apparatuses, in terms of a client device ( | 02-28-2013 |
20130268681 | Method and Apparatuses for End-to-Edge Media Protection in ANIMS System - An IMS system includes an IMS initiator user entity. The system includes an IMS responder user entity that is called by the initiator user entity. The system includes a calling side S-CSCF in communication with the caller entity which receives an INVITE having a first protection offer and parameters for key establishment from the caller entity, removes the first protection offer from the INVITE and forwards the INVITE without the first protection offer. The system includes a receiving end S-CSCF in communication with the responder user entity and the calling side S-CSCF which receives the INVITE without the first protection offer and checks that the responder user entity supports the protection, inserts a second protection offer into the INVITE and forwards the INVITE to the responder user entity, wherein the responder user entity accepts the INVITE including the second protection offer and answers with an acknowledgment having a first protection accept. A method for supporting a call by a telecommunications node. | 10-10-2013 |
20140006512 | Methods for Exchanging User Profile, Profile Mediator Device, Agents, Computer Programs and Computer Program Products | 01-02-2014 |
20150278486 | METHODS AND NODES FOR HANDLING USAGE POLICY - Methods and nodes ( | 10-01-2015 |
20150288704 | METHODS AND NODES FOR VERIFICATION OF DATA - A first data handling node ( | 10-08-2015 |
Patent application number | Description | Published |
20090013174 | METHODS AND SYSTEMS FOR HANDLING DIGITAL RIGHTS MANAGEMENT - Systems and methods according to the present invention address this need and others by providing methods and systems for translating media encrypted by various Digital Rights Management (DRM) techniques. This allows end user equipment to receive media in an IMS/IPTV environment when the end user equipment uses a DRM that is different from the media server which is providing the desired media in both unicast and multicast applications. | 01-08-2009 |
20090235299 | IMS-Enabled Control Channel for IPTV - An IMS-enabled control channel for an IPTV service is provided by receiving at a Serving Call/State Control Function (S-CSCF) a Session Initiation Protocol (SIP) REGISTER message, the SIP REGISTER message identifying the originating user, receiving at the originating user a response from the S-CSCF indicating that the originating user has been authorised, and sending a SIP INVITE message from the S-CSCF to establish an open channel connection with a selected IPTV Application Server (AS). This open channel connection can then be used for the transmission of control messages, such as for starting play, starting recording, stopping play, etc., between the STB and the IPTV applications server, as well as for the delivery of personalized content, such as advertisements, voting responses, personalized voting triggers and targeted interactive events. By maintaining an open control channel with the IPTV AS, this offers a substantial reduction in the setup delay times for different applications. | 09-17-2009 |
20100223339 | DIAS-DYNAMIC IMPU ASSIGNMENT SERVICE - A method and arrangement in a multimedia gateway connected to a multimedia service network, for providing access to multimedia services for communication devices connected to a private network. In the multimedia gateway, a communication unit receives a request from a device in the private network for a public identity associated with the multimedia gateway. An identity manager then selects and allocates an associated public identity from a pool of public identities associated with the multimedia gateway which have been predefined as valid in the multimedia service network. The communication unit then registers the device by activating the allocated associated public identity in the multimedia service network. Thereby, the multimedia gateway can establish a multimedia session on behalf of the device, using the allocated associated public identity. | 09-02-2010 |