Showing papers by "Nadarajah Asokan published in 2004"

Linking security association to entries in a contact directory of a wireless device

Abstract: A system, apparatus and method for relating a security association to a contact in a namespace familiar to the user, and using this association to make access control decisions. An identifier of a first device is received at a second device. Using the identifier, the second device locates a contact entry corresponding to the identifier in a contact directory. A contact name associated with the identified contact entry is presented to the user of the second device to facilitate user authorization of the wireless proximity connection. An authorization identifier, e.g., a Bluetooth link key, is associated with the contact entry if authorized by the user of the second device. A wireless proximity connection, e.g., a Bluetooth connection, is established between the first and second devices in response to associating the authorization identifier with the entry. When subsequent wireless proximity connection are attempted between the first and second devices, the connection may be automatically established.

Accessing protected data on network storage from multiple devices

Abstract: The present invention relates to a method and a sys­tem of securely storing data on a network (100) for ac­cess by an authorized domain (101, 102, 103), which au­thorized domain includes at least two devices that share a confidential domain key (K), and an authorized domain management system for securely storing data on a network for access by an authorized domain. The present invention enables any member device to store protected data on the network such that any other member device can access the data in plaintext without having to communicate with the device that actually stored the data.

Method and device for verifying the integrity of platform software of an electronic device

Abstract: A method for verifying the integrity of platform software of an electronic device is provided, the method comprising accessing a module of said platform software, obtaining a signature (S), obtaining a verification key (VK), said verification key (VK) corresponding to a signing key (SK), verifying if said signature (S) was derived by signing said platform software module with said signing key (SK), by using said verification key (VK), and establishing a positive verification of said platform software module if said verification is successful. The invention also provides a method for providing a platform software module to perform the aforementioned method, and a device on which the aforementioned method can be performed.

Shared secret usage for bootstrapping

Abstract: There is disclosed a communication system including at least one user equipment and at least one network application functional entity, the system further including a bootstrapping functional entity, wherein the user equipment includes means to transmit a request to push authentication information to at least one network application function, the bootstrapping functional entity includes: receiving means for receiving the request from the user equipment, and transmitting means for transmitting said authentication information to the at least one network application function entity, and the at least one network application function includes means adapted to receive unsolicited bootstrapping information from the bootstrapping functional entity.

Accessing data on remote storage servers

Abstract: This invention describes a methodology for accessing data on a legacy file server (or a remote storage server) by a communication device (e.g., a mobile device or a mobile phone) using an access gateway, wherein said communication device cannot support the legacy file system protocol. The basic idea of the invention is to provide an access gateway that functions as an application-level protocol translator in a situation when the communication device cannot support the legacy file system protocol for entering the legacy file server.