Content and security proxy in a mobile communications system

US 7,779,246 B2
Filed: 06/13/2003
Issued: 08/17/2010
Est. Priority Date: 06/14/2002
Status: Active Grant

First Claim

Patent Images

1. A method for making available security functions for the transmission of data from and to a subscriber terminal unit of a mobile communications network, comprising:

carrying out a real-time analysis of the data flow from and to the subscriber terminal unit in a device of a network node of the mobile communications network, the data having contents specified previously by one of a subscriber and a network operator being recognized and processed further; and

carrying out first an authentication method by which the subscriber is authenticated via the device of the network node,wherein at least one of an arising data transfer volume and an arising data transfer cost is limited to a predefined measure, and wherein the authentication method is adjustable at least one of dynamically and interactively.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and device is provided for making available security functions during the transmission of data from and to a subscriber terminal of a mobile communications network. A real-time analysis of the data flow from and to the subscriber terminal is carried out in a device of a network node of the mobile communications network during which data with contents defined beforehand by the subscriber or by a network operator/provider are identified and processed. This results in protecting the terminal and subscriber'"'"'s devices connected thereto from external attacks.

7 Citations

12 Claims

1. A method for making available security functions for the transmission of data from and to a subscriber terminal unit of a mobile communications network, comprising:
- carrying out a real-time analysis of the data flow from and to the subscriber terminal unit in a device of a network node of the mobile communications network, the data having contents specified previously by one of a subscriber and a network operator being recognized and processed further; and
  
  carrying out first an authentication method by which the subscriber is authenticated via the device of the network node,wherein at least one of an arising data transfer volume and an arising data transfer cost is limited to a predefined measure, and wherein the authentication method is adjustable at least one of dynamically and interactively.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, further comprising recognizing and processing further data traffic from and to specified senders and receivers.
  - 3. The method of claim 1, wherein the recognized data is at least one of selected, isolated, deleted and made available to one of the subscriber and the network operator for further processing.
  - 4. The method of claim 1, wherein a filtering of the IP/TCP-based data traffic is carried out.
  - 5. The method of claim 1, wherein the predefined measure is established by one of the subscriber and the network operator.
  - 6. The method of claim 1, further comprising notifying at least one of the subscriber and network operator upon the recognition of at least one of certain data content and sender.
  - 7. The method of claim 1, further comprising:
    - storing temporarily the data such that the stored data is retrievable by the subscriber.
  - 8. The method of claim 1, further comprising:
    - filtering data traffic such that the data packets in the traffic of at least one of a certain IP address and a certain a service port are refused transmission.
  - 9. The method of claim 1, wherein the contents of the data are analyzed and searched according to a predefined pattern.

10. A device for making available security functions for the transmission of data from and to a subscriber terminal unit of a mobile communications network, including a security and filtering device comprising:
- a filter component for the real-time analysis of the data flow from and to the subscriber terminal unit;
  
  an authentication component for authenticating the subscriber vis-a-vis the security and filtering device, the authentication component being adjustable at least one of dynamically and interactively;
  
  an administrative component as the interface to the subscriber; and
  
  a database for storing subscriber-specific and network operator-specific data and security and filtering functions.
- View Dependent Claims (11, 12)
- - 11. The device of claim 10, wherein the security and filtering component is positioned in one or more network nodes of the mobile communications network.
  - 12. The device of claim 11, wherein special filter components are established for certain data contents.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Deutsche Telekom AG
Original Assignee
Deutsche Telekom AG
Inventors
Breitbach, Thomas
Primary Examiner(s)
SMITHERS, MATTHEW

Application Number

US10/518,116
Publication Number

US 20050204152A1
Time in Patent Office

2,622 Days
Field of Search

713/154
US Class Current

713/154
CPC Class Codes

H04L 63/02   for separating internal fro...

H04L 63/0853   using an additional device,...

H04L 63/20   for managing network securi...

H04W 12/069   using certificates or pre-s...

H04W 12/084   using delegated authorisati...

H04W 12/088   using filters or firewalls

Content and security proxy in a mobile communications system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

7 Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Content and security proxy in a mobile communications system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

7 Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links