公开(公告)号：US20080065895A1

公开(公告)日：2008-03-13

申请号：US11697601

申请日：2007-04-06

申请人： Shuling Liu ,  Jiwei Wei ,  Chao Li

发明人： Shuling Liu ,  Jiwei Wei ,  Chao Li

IPC分类号： H04L9/00

CPC分类号： H04L9/3231 ,  H04L9/3263 ,  H04L63/0861

摘要： Methods and systems for implementing authentication on information security are disclosed, and the process includes: receiving from a user an access request which carries an attribute certificate, wherein the attribute certificate includes an extension identifier for indicating a biometric certificate associated with the attribute certificate; acquiring the biometric certificate, determining, according to the extension identifier, whether the acquired biometric certificate is associated with the attribute certificate carried in the access request; if the biometric certificate is associated with the attribute certificate, acquiring biometric feature data of the user, and performing identity authentication based on the biometric feature data and the biometric certificate; performing privilege authentication based on the attribute certificate; and controlling the access based on the results of the identity authentication and privilege authentication. A corresponding relation is established between the privilege authentication and the identity authentication so that the privilege management can be performed accurately and reliably.

摘要翻译： 公开了实现信息安全认证的方法和系统，该过程包括：从用户接收携带属性证书的访问请求，其中属性证书包括用于指示与属性证书相关联的生物特征证书的扩展标识符; 获取所述生物特征证书，根据所述扩展标识确定所获取的生物特征证书是否与所述访问请求中携带的属性证书相关联; 如果所述生物特征证书与所述属性证书相关联，则获取所述用户的生物特征数据，并且基于所述生物特征数据和所述生物特征证书执行身份认证; 基于属性证书执行特权认证; 并根据身份认证和特权认证的结果来控制访问。 在特权认证和身份认证之间建立对应关系，使得权限管理能够准确可靠地执行。

公开(公告)号：US20070088948A1

公开(公告)日：2007-04-19

申请号：US11580591

申请日：2006-10-13

申请人： Changfeng Ji ,  Jiwei Wei ,  Shuling Liu ,  Zhibin Zheng

发明人： Changfeng Ji ,  Jiwei Wei ,  Shuling Liu ,  Zhibin Zheng

IPC分类号： H04L9/00

CPC分类号： H04L63/102 ,  H04L63/145 ,  H04L67/34 ,  H04W8/22 ,  H04W8/245 ,  H04W12/08 ,  H04W12/12

摘要： A correlative reacting system and a method for implementing security update of mobile station. The correlative reacting system includes a security correlative agent at a terminal side and a security correlative server at a network side communicated with the security correlative agent via an air interface. In the present invention, the correlative reacting system performs an information interaction with the mobile station, controls the mobile station to carry out an automatic security update. The automatic security update includes automatic downloading and installation, update of the security correlative agent, and automatic recovery of the insecurity factors of the mobile station and the like.

摘要翻译： 一种相关的反应系统和一种实现移动台安全更新的方法。 相关反应系统包括终端侧的安全相关代理和网络侧的安全相关服务器，其通过空中接口与安全性相关代理进行通信。 在本发明中，相关反应系统与移动台进行信息交互，控制移动台进行自动安全更新。 自动安全更新包括自动下载和安装，安全相关代理的更新以及移动台的不安全因素的自动恢复等。

公开(公告)号：US20070089165A1

公开(公告)日：2007-04-19

申请号：US11549186

申请日：2006-10-13

申请人： Jiwei Wei ,  Zhibin Zheng ,  Shuling Liu

发明人： Jiwei Wei ,  Zhibin Zheng ,  Shuling Liu

IPC分类号： H04L9/32

CPC分类号： H04L51/12 ,  H04L63/0227 ,  H04L63/104 ,  H04L63/1433

摘要： This invention provides a method and system for network security control. A server at the network side analyzes local security correlation information collected and reported by terminal devices, and determines a security strategy according to the result of the analysis. Since correlative reacting between the network side and the terminal side is implemented and the security strategy is established according to the information from the terminal devices, threats against security from a terminal device can be resisted from the beginning. A relative large number of information sources can be taken into account when determining the security strategy such that the determined security strategy is more reasonable and accurate. Furthermore, a differential security service can be provided for terminal devices with different subscriber levels. This invention also provides a method and system for preventing junk mails based on the concept of correlative reacting between a terminal and a server.

摘要翻译： 本发明提供了一种用于网络安全控制的方法和系统。 网络侧的服务器分析终端设备收集和报告的本地安全关联信息，并根据分析结果确定安全策略。 由于实现了网络侧和终端侧的相关反应，根据终端设备的信息建立安全策略，从一开始就可以抵制来自终端设备的安全威胁。 在确定安全策略时，可以考虑相对较大数量的信息源，使得确定的安全策略更为合理和准确。 此外，可以为具有不同订户级别的终端设备提供差分安全服务。 本发明还提供了一种基于终端和服务器之间的相关反应概念来防止垃圾邮件的方法和系统。

公开(公告)号：US07933584B2

公开(公告)日：2011-04-26

申请号：US11580591

申请日：2006-10-13

申请人： Changfeng Ji ,  Jiwei Wei ,  Shuling Liu ,  Zhibin Zheng

发明人： Changfeng Ji ,  Jiwei Wei ,  Shuling Liu ,  Zhibin Zheng

IPC分类号： H04M1/65 ,  H04M1/68 ,  H04M3/16

CPC分类号： H04L63/102 ,  H04L63/145 ,  H04L67/34 ,  H04W8/22 ,  H04W8/245 ,  H04W12/08 ,  H04W12/12

摘要： A correlative reacting system and a method for implementing security update of mobile station. The correlative reacting system includes a security correlative agent at a terminal side and a security correlative server at a network side communicated with the security correlative agent via an air interface. In the present invention, the correlative reacting system performs an information interaction with the mobile station, controls the mobile station to carry out an automatic security update. The automatic security update includes automatic downloading and installation, update of the security correlative agent, and automatic recovery of the insecurity factors of the mobile station and the like.

摘要翻译： 一种相关的反应系统和一种实现移动台安全更新的方法。 相关反应系统包括终端侧的安全相关代理和网络侧的安全相关服务器，其通过空中接口与安全性相关代理进行通信。 在本发明中，相关反应系统与移动台进行信息交互，控制移动台进行自动安全更新。 自动安全更新包括自动下载和安装，安全相关代理的更新以及移动台的不安全因素的自动恢复等。

公开(公告)号：US20090271635A1

公开(公告)日：2009-10-29

申请号：US12388315

申请日：2009-02-18

申请人： Hongwei Liu ,  Shuling Liu ,  Jiwei Wei ,  Bing Liu

发明人： Hongwei Liu ,  Shuling Liu ,  Jiwei Wei ,  Bing Liu

IPC分类号： G06F21/00

CPC分类号： G06F21/32 ,  G06Q20/3578 ,  G06Q20/388 ,  G06Q20/405 ,  G06Q20/40975 ,  G07C9/00158 ,  G07F7/1008 ,  G07F7/122 ,  H04L9/3231 ,  H04L9/3263 ,  H04L9/3273 ,  H04L2209/56

摘要： The present invention discloses a method and system for authentication. The method for authentication includes: acquiring the privilege security level corresponding to a client-end; inquiring the identity security level corresponding to the privilege security level according to an established relation of association between privilege security level and identity security level; determining the authentication parameters for identity authentication according to the identity security level; performing identity authentication on the client-end using the authentication parameters; and obtaining an authentication result. The identity authentication and privilege authentication are combined, and identity authentication is performed according to the identity security level in accord with the privilege security level so that rules of identity authentication can be adjusted, and the flexibility of the process of authentication may be improved.

摘要翻译： 本发明公开了一种认证方法和系统。 验证方法包括：获取对应于客户端的特权安全级别; 根据特权安全级别与身份认证级别之间建立的关联关系，查询对应于特权安全级别的身份安全级别; 根据身份安全级别确定身份认证的认证参数; 使用认证参数在客户端执行身份认证; 并获得认证结果。 组合身份认证和特权认证，根据身份认证安全级别，根据特权安全级别进行身份认证，从而可以调整身份认证规则，提高认证过程的灵活性。

公开(公告)号：US07139576B2

公开(公告)日：2006-11-21

申请号：US10734982

申请日：2003-12-12

申请人： Yuehua Chen ,  Zhibin Zheng ,  Shuling Liu

发明人： Yuehua Chen ,  Zhibin Zheng ,  Shuling Liu

IPC分类号： H04Q7/20

CPC分类号： H04B7/022 ,  H04W52/143 ,  H04W52/40 ,  H04W88/08

摘要： A method for identifying the primary cell under Site Selective Diversity Transmit comprises the steps of: (1) An ID is assigned by the system to each cell; (2) The ID indicating the primary cell is transmitted periodically by UE to the connected cells via the up link FBI fields; (3) The ID indicating the primary cell transmitted by the mobile station is received by the base station, if the signals received by the base station satisfy with one of the following conditions, then the said base station will consider itself as a primary cell; the identification conditions are: A. The ID code word indicating the primary cell received by the base station is matched with the ID code word of itself; B. The quality of the up link signals received does not satisfy with a quality threshold Qth, at the same time, there is a certain matching degree between the received ID code word indicating the primary cell and the ID code word of the cell itself; and C. The bits of dropping of the ID code word caused by using the up link compression mode excess a limitation. The signals transmitted form some of the non-primary cells having extremely bad quality to UE can be prevented, thereby the system interference is reduced, and the system stability and the system capacity are increased.

摘要翻译： 一种用于在站点选择分集发送下识别主要小区的方法包括以下步骤：（1）系统向每个小区分配一个ID; （2）指示主小区的ID由UE周期性地通过上行链路FBI字段发送到连接的小区; （3）由基站接收表示移动台发送的主小区的ID，如果基站接收的信号满足以下条件之一，则所述基站将自身视为主小区; 识别条件为：A.表示基站接收到的主小区的ID码字与其自身的ID码字匹配; 接收到的上行链路信号的质量不符合质量阈值Qth，同时在指示主小区的接收到的ID码字与小区本身的ID码字之间存在一定的匹配度; 和C.使用上行链路压缩模式引起的ID码字的丢弃比特超出限制。 可以防止从UE的质量极差的一些非小区发送的信号，从而降低系统干扰，提高系统稳定性和系统容量。