Method and device for access control

FIELD: information technology.

SUBSTANCE: method contains reception of access-request from client to server for Digital Living Network Alliance (DLNA); obtain of MAC address of DLNA client; denial of access to DLNA client, if MAC address is in the blacklist, and search for MAC addresses in a pre-stored relationship of correspondence, if MAC address is not in the black list, to determine whether MAC address in pre-stored relationship of correspondence, that contains relationship of correspondence between different MAC addresses and different keys. Wherein MAC addresses in pre-stored relationship of correspondence represent the MAC addresses of DLNA clients, who once have successfully formed access connection; and determination, if address exists in pre-stored relationship of correspondence MAC, whether to authorise access to DLNA client, according to a key, corresponding to MAC address included in pre-stored relationship of correspondence.

EFFECT: preventing malicious access and potential security threats.

10 cl, 5 dwg

 



 

Same patents:

FIELD: radio engineering, communication.

SUBSTANCE: in a wireless transmission system 100, a first device 101 and a second device 102 perform wireless data transmission via a wireless transmission channel which uses a plurality of physical links in parallel. In each device, input/output ports 111-113 input and output data. A plurality of wireless signal processing means 141-143 controls different physical links. The wireless signal processing means 141-143 measure the signal strength level of the physical links and notify a peer-side device of the same. Link aggregation control means 130 determines the priority for each of the physical links based on the signal strength level for each physical link. Packet transfer processing means 141-143 select, among physical links configuring the wireless transmission path, a physical link which has a usable band of a predetermined capacity and which is of a high priority as a data receiver.

EFFECT: providing predetermined communication quality during wireless communication using link aggregation techniques.

10 cl, 4 dwg

FIELD: radio engineering, communication.

SUBSTANCE: invention relates to video monitoring in mobile communication. A method for acoustic translation in video monitoring involves the following: in a video monitoring system based on IMS, CU establishes a media channel with AS through basic IMS, and AS establishes a media channel with each PU, to which translation shall be separately delivered; and CU translates acoustic data to each above said PU through media channels installed between CU and AS and between AS and each above said PU when performing acoustic translation. Further, disclosure discloses a system for acoustic translation in video monitoring where an acoustic translation function of the IMS based video monitoring system is performed without any additional equipment in the video monitoring system, and acoustic translation is performed by sending signals through basic IMS, safety control is performed in a convenient manner, and use and distribution is easy.

EFFECT: implementation of acoustic translation based on IMS video monitoring.

9 cl, 3 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to security context signalling. A method for establishing a first security context between a remote station and a serving network, the first security context having a security property that is not supported by a second security context, the method comprising: the remote station forwarding a first message to the serving network, wherein the first message includes an information element; the remote station generating an integrity session key and an encryption session key in accordance with the first security context; the remote station receiving a second message having a message authentication code indicating that the serving network supports the first security context; the remote station verifying the message authentication code using the integrity session key; and the remote station, in response to successful verification of the message authentication code, performs wireless communication protected by the encryption session key.

EFFECT: providing signalling on support of an improved security context.

31 cl, 8 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to means of executing services on a server and a client of a client-server architecture. When making a user decision at a predefined point during the process of executing services, execution of services is suspended at the server and a user decision request is sent to the client. The user decision request includes information which requests the user to make a decision with respect to executing services after the user decision making point. After receiving information on the user decision generated by the client in response to the user decision request, the method includes determining action on executing services, which corresponds to the received information on the user decision, based on the corresponding link between information on the user decision and an instruction to execute services. Services are executed in accordance with the determined action on executing services.

EFFECT: enabling change in the sequence of actions on executing services on a server.

11 cl, 6 dwg

FIELD: radio engineering, communication.

SUBSTANCE: invention relates to the commercial communication system, especially to the system giving a possibility to any person or a computer user client connected to the Internet to establish bidirectional voice communication and the unidirectional video conference with a commercial agent. The system contains a server of web pages (2) from which one is available for access from the remote computer (52) of a user, the main server (1) and the communication centre (4) containing a telephone terminal (43), the computer (44) and the webcam (41) connected to the videoconference server (42) and used to connect an agent to a user. The system also contains automatic phone exchange or the secondary automatic private centre (3) connected to the main server (1) for the voice communication connecting a user, an agent and the main server (1), and combining computer gateway facilities (44) and the videoconference server of (42) communication centre (4).

EFFECT: improvement of communication quality when using low level data flow, required for Internet communication.

6 cl, 2 dwg

FIELD: physics; control.

SUBSTANCE: invention relates to a system and a method of managing an utility grid and more specifically to a system for filtering utility grid device commands based on given criteria. The system comprises a storage device and a command filter module, executable by processor to: receive a plurality of commands; retrieve at least one device command rule from a plurality of device command rules; retrieve utility grid historical data corresponding to operation of the respective device according to past execution of the plurality of commands; determine when at least one command from the plurality of commands is authorised for execution by the respective device; and transmit the at least one command to be received by the respective device.

EFFECT: high efficiency of filtering commands.

18 cl, 28 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to systems of multimedia flow transmission, particularly, to systems and methods adapted to conditions of network and buffers. Proposed system of flow transmission with request of blocks comprises perfection of user perception and efficiency of application of frequency band of such systems, normally, using the usage system. The latter generates data in the form that should be serviced by common file-server (HTTP, FTP or the like). Note here that said usage system consumes the content to shape it to files or data elements to be serviced by file-server. This system includes the control over sequence, clocking and structuring of blocks requests. This is based on time of indexing, varying the blocks sizes, optimum separation to blocks and control over location of arbitrary access points. The latter comprises versions of multiple representation, dynamic updating of data representation and/or efficient presentation of content in real time and time shift.

EFFECT: optimised representation transmitted as multimedia flow, efficient simultaneous or time distributed delivery of multimedia data flow.

8 cl, 32 dwg

FIELD: radio engineering, communication.

SUBSTANCE: invention relates to methods, machine-readable mediums and devices of determination of necessity in information message encryption. According to the method a device determines an information message contents to be transmitted through the control channel, and the device is a mobile communication device or a network access node containing a base station controller and a base transmitter-receiver station, decision making by the device, whether it is necessary to perform encryption of an information message, on the basis of the named certain content and execution or non-execution of an information message encryption on the basis of the named decision; in case the named certain content represents an information message of short message transmission service, the decision on an information message encryption, and in case the named certain content represent a system information message, the decision is made on refusal on information message encryption is made.

EFFECT: improvement of security of data transmission.

64 cl, 20 dwg

FIELD: radio engineering, communication.

SUBSTANCE: invention relates to means of controlling media streaming. The method includes receiving (32) a multimedia description (100) for a media stream, where the multimedia description (100) indicates an initial element (92) from stream elements (84); sending (34) a request for the initial stream element (92); initiating (36) a communication session management procedure; after the step of sending (34) a request for the initial stream element (92), associating the media stream with the communication session in the communication session management procedure and controlling (40) transmission of the next element (94) from stream elements in accordance with a communication session management rule.

EFFECT: eliminating fluctuation of the quality level when playing back a media stream.

28 cl, 11 dwg

FIELD: physics, communications.

SUBSTANCE: invention relates to authentication methods. The method comprises steps of: ensuring availability of a first call-reply pair on a source device, wherein the first call-reply pair is assigned to one or more called devices; downloading the first call-reply pair from the source device onto a calling device when the source device is actively connected to the calling device; performing call-reply authentication between the calling device and one of the one or more called devices to which the first call-reply pair is assigned, using the first call-reply pair assigned to the called device; downloading one or more second call-reply pairs from the source device onto the calling device when the source device is actively connected to the calling device, wherein the downloading step is characterised by that the first call-reply pair is downloaded from the source device onto the calling device before the calling device receives any information from one of the called devices assigned the first call-reply pair.

EFFECT: more secure data transmission.

12 cl, 4 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to means of unlocking and providing access to a device. The method includes receiving a request to unlock an encrypted device connected to a system, wherein the request is received by a secure partition of the system via a secure link established between a trusted remote console and the secure partition, and the secure partition is insulated from the primary operating system in the system; receiving a marker from the trusted remote console through the secure partition; using, through the secure partition, said marker to turn the encryption key of the device stored in a secure storage region, wherein the encryption key of the device is used to encrypt units of the encrypted device, and the secure storage region is concealed from the primary operating system; unlocking, through the secure partition, the encrypted device using the encryption key of the device in response to the request and without involving the primary operating system.

EFFECT: improved security of the device.

21 cl, 9 dwg

FIELD: physics, computation hardware.

SUBSTANCE: invention relates to safety of info systems. Standard technical conditions of active network hardware are, first, recorded. The list of open network ports, check sums of configuration files and software files, check sums of the results of control effects over active network hardware control system are recorded. Intermittent monitoring of active network hardware is executed. Reference and current states of said reference and current hardware are compared. In case current technical state does not comply with reference state, appropriate message is generated.

EFFECT: higher level of active network hardware protection.

2 cl, 2 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to computer engineering. A robust and secure hardware-computer system in a cloud computing environment includes, interconnected and connected over a network, a first group of operating computers and a second group of computers for storing program sessions, as well as a control computer, through which the second group of computers for storing program sessions, high-performance computing resources and partitioned file storages are connected, wherein the system additionally includes a hypervisor, a security system which includes an attack detection and prevention module, a firewall module and a module for protection from unauthorised access and a system for providing fault-tolerance, which includes a module for providing fault-tolerance at the hardware resource level, a module for monitoring service virtual machines and a module for providing fault-tolerance of services.

EFFECT: improved reliability of the system and fast recovery of resources lost due to faulty equipment.

FIELD: physics, computation hardware.

SUBSTANCE: invention relates to computer engineering. Programme module code is loaded to main memory by safety system processor unless the actuation of OS execution in main memory address range located outside that used by said OS. Started OS readdress the access to said programme module from user programme to main memory address whereto programme module is loaded before OS execution actuation. This is performed with the help of file system which associates automatically the programme module address in user programme virtual memory space with physical address of main memory programme module.

EFFECT: ruled out faults on OS operation.

15 cl, 5 dwg

FIELD: information technology.

SUBSTANCE: method is performed by using the principle of masking the side electromagnetic radiation and leakage (SEMRL) of the main tablet computer similar to false SEMRL of the second tablet computer, the identical false SEMRL inseparable from the main SEMRL are created, masking the operation of the main tablet computer. At that the main and the additional tablet computer completely identical in hardware components and internal topology are used. The additional tablet computer is located with its screen under the bottom of the main tablet computer in parallel and symmetrically on the same-name sides without mutual touching at a distance of less than a quarter of the wavelength of oscillation of the same processor speed.

EFFECT: providing protection of the tablet computer from information leakage without the use of a noise generator.

FIELD: radio engineering, communication.

SUBSTANCE: method is carried out by inputting identification code information of identified objects into the differential time offset of noise-like signals used as request and response signals. The system consists of an identifier placed on an aircraft and a ground-based identification device. The main parts of said devices are correlation meters for determining the differential time offset of noise-like signals used for identification.

EFFECT: high security of the identification owing to invariance to interception of confidential information, high noise-immunity of the system.

4 cl, 3 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to computer engineering. A method of preventing unauthorised use of vehicle equipment, based on use of software, the method comprising determining, using a vehicle computer system, that the infotainment system is turned on; receiving a unique identification number of the vehicle from a vehicle network associated with the vehicle in which the infotainment system is installed; comparing the unique identification number of the vehicle with a stored identification number of the vehicle, previously associated with the infotainment system; providing access to the infotainment system only if the unique identification number of the vehicle matches the stored identification number of the vehicle; otherwise blocking use of the infotainment system.

EFFECT: effective prevention of unauthorised use of stolen equipment in another vehicle.

3 cl, 5 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to computer engineering. A method for electronic notary certification of text information, which includes preliminary registration of a contractor in an "electronic notary" system; when sending information by electronic mail, indicating in the "copy" field the address of the automatic "electronic notary" system; upon receiving a copy of the sent information, the automatic mail enters the copy into the personal accounts of the sender and the receiver with indication of the time of sending, the sender, the addressee of the information and all attachments comprising the information, wherein the automatic mail further notifies the addressee on the sending of information and storage of the certified copy of the sent information on the website in the personal account of the contractor.

EFFECT: confirming the sending of a document or file with indication of the date and time of sending via electronic mail.

4 cl

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to data processing. A data processing system has a browser with scripting engine means for executing a script. The scripting engine means implements a public scripting engine and a private scripting engine. The browser is configured to have the script executed by the public scripting engine if the script does not require access to a pre-determined resource at the system. The browser is configured to have the script executed by the private scripting engine if the script requires access to the pre-determined resource. Only the private scripting engine has an interface for enabling the script to access the predetermined resource. The scripting engine means is configured to prevent the private scripting engine from communicating data to the public scripting engine or to a server external to the data processing system if said data communication is not confirmed.

EFFECT: protecting private user data.

5 cl, 1 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to data memory method for storage of software product and to devices for secure data transmission. The device contains the assignment unit (2) for assigning of connections of data (DV) from various initial components (SK) through, respectively, at least, one intermediate component (ZK) to the common target component (ZK), the combining unit (3) for combining of intermediate components (ZK) depending on cryptographic information (KI) in one intermediate component (ZK) by means of, at least, one exchange of messages, and the exchange of messages is performed according to a method with a shared key, to Http-Digest-Authentication method, a request-answer method, key hash method, hash function, to Diffie-Hellman method and/or to the digital signature method and the data transmission unit (4) for data transmission (D) from initial components (SK) through the integrated intermediate component (ZK) to the target component (ZK).

EFFECT: improvement of security of data transmission.

14 cl, 12 dwg

FIELD: engineering of devices and methods for using server for access to processing server, which performs given processing.

SUBSTANCE: for this in accordance to method reservation is requested, reservation is confirmed, authentication information included in reservation information is stored, service is requested on basis of authentication information, server utilization is authenticated and server is utilized on basis of authentication result, while on stage of reservation confirmation device for controlling reservation transfers reservation setting information, and on stage of authentication server utilization is only confirmed when authentication information matches authentication information transferred from user terminal. Device contains receiving means, information generation device and transmitting means.

EFFECT: creation of method for using server, device for controlling server reservation and means for storing a program, capable of providing multiple users with efficient utilization of functions of processing server with simultaneous decrease of interference from unauthorized users without complicated processing or authentication operations.

6 cl, 51 dwg

Up!