公开(公告)号：WO03009603A3

公开(公告)日：2003-08-28

申请号：PCT/EP0207526

申请日：2002-07-05

Applicant: ERICSSON TELEFON AB L M ,  HARTUNG FRANCK ,  SCHUBA MARKO

Inventor： HARTUNG FRANCK ,  SCHUBA MARKO

IPC: H04N19/895 ,  H04N7/68

CPC classification number: H04N19/895

Abstract: Method and apparatus for error concealment in an image allowing to conceal an error area in the image with estimated pixels. A first boundary section and a second boundary section adjacent to the error area is determined and correspondences between the boundary elements of the boundary sections are established using non-linear alignment operations. After establishing the correspondences pixels between respective boundary elements of the first boundary section and the second boundary section are estimated. The non-linear alignment operations may include dynamic programming techniques, including Needleman-Wunsch techniques, wherein a similarity measure is used for a matrix fill operation.

Abstract translation: 用于在允许以估计像素隐藏图像中的误差区域的图像中的错误隐藏的方法和装置。 确定与错误区域相邻的第一边界部分和第二边界部分，并且使用非线性对准操作来建立边界部分的边界元素之间的对应关系。 在建立第一边界部分和第二边界部分的各个边界元素之间的对应像素之后， 非线性对齐操作可以包括动态规划技术，包括Needleman-Wunsch技术，其中相似性度量用于矩阵填充操作。

公开(公告)号：WO02073542A3

公开(公告)日：2003-10-09

申请号：PCT/EP0202320

申请日：2002-03-04

Applicant: ERICSSON TELEFON AB L M ,  SCHUBA MARKO ,  WRONA KONRAD ,  QUINET RAPHAEL

Inventor： SCHUBA MARKO ,  WRONA KONRAD ,  QUINET RAPHAEL

IPC: H04L9/32

CPC classification number: H04L9/321 ,  H04L9/3231 ,  H04L2209/80

Abstract: A method for authentication of a user towards a unit (AR1) is described that uses unique biometric data of the user but avoids spreading of the sensitive biometric data. The method overcomes the problem of the lack of trustworthiness of a client (C1) operated by a user and the lack of trustworthinessof a unit (AR1) operate d by an institution offering services or goods introducing an authentication instance (AI1) operated by a third party that is trusted by both the user operating the client (C1) and the institution operating the unit. According to the invented method the responsability for the secure handling of the sensitive biometric data is taken from the institution operating the unit (AR1) requesting authentication and given to a trusted third party organization operating an authentication instance (AI1). The authentication instance (AI1) stores the sensitive biometric data and performs the authentication based on a pattern matching of a prestored pattern of biometric data and a pattern of biometric data recorded by the user.

Abstract translation: 描述了用户向单元（AR1）认证的方法，其使用用户的唯一生物测定数据，但是避免了敏感的生物特征数据的扩展。 该方法克服了由用户操作的客户端（C1）缺乏可信赖性以及由提供服务或提供由第三方操作的认证实例（AI1）的商品提供的单元（AR1）缺乏可信度的操作d的问题。 由操作客户端（C1）的用户和操作该单元的机构信任的一方。 根据本发明的方法，敏感生物特征数据的安全处理的责任是从操作单元（AR1）的机构请求认证，并给予操作认证实例（AI1）的受信任的第三方组织。 认证实例（AI1）存储敏感的生物统计数据，并且基于预先存储的生物特征数据模式和由用户记录的生物特征数据的模式的模式匹配来执行认证。

公开(公告)号：WO03036900A3

公开(公告)日：2003-09-04

申请号：PCT/EP0211416

申请日：2002-10-11

Applicant: ERICSSON TELEFON AB L M ,  HOLTMANNS SILKE ,  GERDES MARTIN ,  SCHUBA MARKO

Inventor： HOLTMANNS SILKE ,  GERDES MARTIN ,  SCHUBA MARKO

IPC: G06F21/24 ,  H04L29/00 ,  H04L29/06

CPC classification number: H04L63/0407 ,  H04L63/102

Abstract: For control of access of personal information in accordance with a privacy policy defined for a service provider, a method is disclosed, wherein the method comprises the steps of providing service provider request data from a service provider to an end user device, the service provider request data being indicative of personal information of a user of the end user device to be accessed by the service provider, providing to the service provider first user data including at least one of personal information of the user as requested by the service provider or rejections of personal information requested by the service provider, creating privacy receipt data including the first user data and data being indicative of the service provider, and providing the privacy receipt data to the end user device.

Abstract translation: 为了根据为服务提供商定义的隐私策略来控制个人信息的访问，公开了一种方法，其中该方法包括以下步骤：从服务提供商向终端用户设备提供服务提供商请求数据，服务提供商请求 数据指示要由服务提供者访问的最终用户装置的用户的个人信息，向服务提供者提供第一用户数据，第一用户数据包括服务提供者所请求的用户的个人信息或个人的拒绝中的至少一个 由服务提供商请求的信息，创建包括第一用户数据和指示服务提供商的数据的隐私接收数据，并将隐私接收数据提供给最终用户装置。

公开(公告)号：WO2004034237A3

公开(公告)日：2004-08-19

申请号：PCT/EP0310780

申请日：2003-09-27

Applicant: ERICSSON TELEFON AB L M ,  SCHUBA MARKO

Inventor： SCHUBA MARKO

IPC: G06F1/00 ,  G06F21/36 ,  G06F21/42

CPC classification number: G06F21/36 ,  G06F21/42 ,  G06F2221/2129

Abstract: A method for linking of a first characteristic of a first device (PP1,PP2) and a second characteristic of a second device (NP1,NP2) by a server (S1,AS2) is disclosed. The method comprises the steps of selecting (75) a first linking information and a second linking information, the first linking information matching to the second linking information, sending (100,150) from the server (S1,AS2) the first linking information to the first device (PP1,PP2) and the second linking information to the second device (NP1,NP2), presenting (200,250) by the first device (PP1,PP2) the first linking information and by the second device (NP1,NP2) the second linking information, entering (300) into the first device (PP1,PP2) an indication of the matching of the first linking information and the second linking information, and based on the entered indication of the matching, sending (400) to the server (S1,AS2) a matching confirmation for confirming the matching to the server (S1,AS2), and associating (450) the first characteristic and the second characteristic based on the received matching confirmation.

Abstract translation: 公开了一种通过服务器（S1，AS2）链接第一设备（PP1，PP2）的第一特性和第二设备（NP1，NP2）的第二特性的方法。 该方法包括以下步骤：选择（75）第一链接信息和第二链接信息，第一链接信息与第二链接信息匹配，从服务器（S1，AS2）发送（100,150）第一链接信息到第一链接信息 由第一装置（PP1，PP2）呈现（200,250）第一连接信息和由第二装置（NP1，NP2）显示第二装置（PP1，PP2）和第二链接信息到第二装置（NP1，NP2） 链接信息，将（300）输入到第一设备（PP1，PP2）中，指示第一链接信息和第二链接信息的匹配，并且基于输入的匹配指示，向服务器发送（400） S1，AS2）用于确认与服务器（S1，AS2）的匹配的匹配确认，以及基于所接收的匹配确认关联（450）第一特性和第二特性。

公开(公告)号：AT382905T

公开(公告)日：2008-01-15

申请号：AT03807825

申请日：2003-09-27

Applicant: ERICSSON TELEFON AB L M

Inventor： SCHUBA MARKO

IPC: G06F1/00 ,  G06F21/36 ,  G06F21/42

Abstract: The method involves selecting a first linking data and a second linking data matching the first linking data, sending from a server the first linking data to a first device and the second linking data to a second device, and presenting by the first device the first linking data and by the second device the second linking data. The method further involves entering into the first device an indication of the matching of the first and second linking data, and based on the entered indication, sending to the server a matching confirmation for confirming the matching to the server, and associating the characteristics of the devices based on the received matching confirmation. Independent claims are also included for the following ; (1) a server for linking characteristics of devices. (2) stored software.

公开(公告)号：AT370594T

公开(公告)日：2007-09-15

申请号：AT01936247

申请日：2001-04-19

Applicant: ERICSSON TELEFON AB L M

Inventor： SCHUBA MARKO ,  WRONA KONRAD ,  ZAVAGLI GUIDO

IPC: H04L29/06 ,  G06Q20/00

Abstract: A method for the authorization of transactions is described, wherein a user equipment receives an authorization request with an identifier of a transaction and replies to the request with an authorization response. For an authorization request, an indication is determined which is output by the user equipment (UE). Preferably, the identifier is a hash value of the content which is to be authorized. After an input to approve or disapprove the authorization request, the identifier (H) is signed and the authorization response according to the input is sent, wherein an approving authorization response comprises the signed identifier (H). Devices and software programs adapted to the method are also described.

公开(公告)号：AT343294T

公开(公告)日：2006-11-15

申请号：AT03724957

申请日：2003-04-04

Applicant: ERICSSON TELEFON AB L M

Inventor： BUSBOOM AXEL ,  HOLTMANNS SILKE ,  QUINET RAPHAEL ,  SCHUBA MARKO

IPC: H04L29/06

Abstract: A method for provision of access for a data requesting entity (IRE) to data related to a principal is disclosed, comprising the steps of (i) creating an access granting ticket comprising an access specification specifying a permission for an access to data related to the principal, said data being available at a data providing entity (IPE1), and a principal identifier representing the principal towards the data providing entity (IPE1), (ii) encrypting the access granting ticket with an encryption key of the data providing entity (IPE1), (iii) communicating to the data requesting entity (IRE) the encrypted access granting ticket accompanied by an identifier of the data providing entity (IPE1), (iv) communicating from the data requesting entity (IRE) to the data providing entity (IPE1) a request comprising the encrypted access granting ticket, (v) decrypting the encrypted access granting ticket with a decryption key of the data providing entity (IPE1) corresponding to the encryption key, (vi) providing to the data requesting entity (IRE) access to data related to the principal identifier according to the access specification.

公开(公告)号：AT335347T

公开(公告)日：2006-08-15

申请号：AT03730027

申请日：2003-05-14

Applicant: ERICSSON TELEFON AB L M

Inventor： BRANDRUD KNUT ,  SCHUBA MARKO ,  ZAVAGLI GUIDO

IPC: G06F13/00 ,  G07F19/00 ,  H04L29/06 ,  H04L29/08

Abstract: The invention relates to a method for providing information related to a client (C) to a first web server (WS1). The invention further relates to a proxy server, a program unit loadable into a proxy server, a web server, and a program unit loadable into a web server, all of them to perform the invented method. A second web server (WS2) stores the information related to the client (C), and the first web server (WS1) is connected to the client (C) via a proxy server (PS). The proxy server stores a cookie for the first web server (WS1), the cookie being related to the client (C) and the cookie comprising a network address of the second web server (WS2). The client (C) sends a message towards the first web server (WS1) via the proxy server (PS). The message is received in the proxy server (PS), that inserts the cookie into the message, and forwards the message to the first web server (WS1). The first web server (WS1) receives the message, retrieves the network address of the second web server (WS2) from the cookie, and requests the second web server (WS2) for the information related to the client (C). The second web server (WS2) sends information related to the client (C) to the first web server (WS1).

公开(公告)号：AU2002235929A1

公开(公告)日：2002-09-24

申请号：AU2002235929

申请日：2002-03-04

Applicant: ERICSSON TELEFON AB L M

Inventor： QUINET RAPHAEL ,  SCHUBA MARKO ,  WRONA KONRAD

IPC: H04L9/32

Abstract: A method for authentication of a user towards a unit (AR1) is described that uses unique biometric data of the user but avoids spreading of the sensitive biometric data. The method overcomes the problem of the lack of trustworthiness of a client (C1) operated by a user and the lack of trustworthiness of a unit (AR1) operated by an institution offering services or goods introducing an authentication instance (AI1) operated by a third party that is trusted by both the user operating the client (C1) and the institution operating the unit. According to the invented method the responsibility for the secure handling of the sensitive biometric data is taken from the institution operating the unit (AR1) requesting authentication and given to a trusted third party organization operating an authentication instance (AI1). The authentication instance (AI1) stores the sensitive biometric data and performs the authentication based on a pattern matching of a prestored pattern of biometric data and a pattern of biometric data recorded by the user.

公开(公告)号：AU6220901A

公开(公告)日：2001-11-20

申请号：AU6220901

申请日：2001-04-19

Applicant: ERICSSON TELEFON AB L M

Inventor： SCHUBA MARKO ,  WRONA KONRAD ,  ZAVAGLI GUIDO

IPC: G06Q20/00 ,  H04L29/06

Abstract: A method for the authorization of transactions is described, wherein a user equipment receives an authorization request with an identifier of a transaction and replies to the request with an authorization response. For an authorization request, an indication is determined which is output by the user equipment (UE). Preferably, the identifier is a hash value of the content which is to be authorized. After an input to approve or disapprove the authorization request, the identifier (H) is signed and the authorization response according to the input is sent, wherein an approving authorization response comprises the signed identifier (H). Devices and software programs adapted to the method are also described.