公开(公告)号：US10979232B2

公开(公告)日：2021-04-13

申请号：US15994811

申请日：2018-05-31

Applicant: MOTOROLA SOLUTIONS, INC.

Inventor： Thomas S. Messerges ,  Brian W. Pruss ,  Kenneth C. Fuchs ,  Adam C. Lewis

IPC: H04L9/32 ,  G06F21/44 ,  H04L29/06

Abstract: Provisioning device certificates for electronic processors. One example method includes receiving a flashloader at the electronic processor. The method also includes validating the flashloader with the electronic processor. After validating the flashloader, the method includes receiving an encrypted provisioned key bundle at the electronic processor. The method also includes decrypting the encrypted provisioned key bundle with the electronic processor using a provisioning key to create a decrypted provisioned key bundle. The method further includes executing a provisioning process on the electronic processor using the decrypted provisioned key bundle.

公开(公告)号：US09450947B2

公开(公告)日：2016-09-20

申请号：US14282043

申请日：2014-05-20

Applicant: MOTOROLA SOLUTIONS, INC

Inventor： Thomas S. Messerges

IPC: H04L29/06 ,  H04L9/32 ,  G06F11/36 ,  G06F21/30 ,  G06F21/33

CPC classification number: H04L63/0823 ,  G06F11/36 ,  G06F11/3656 ,  G06F21/30 ,  G06F21/33 ,  H04L9/32 ,  H04L9/3263 ,  H04L9/3268 ,  H04L9/3297 ,  H04L63/166

Abstract: A device executes debugging instructions received from a debugging computer. The device receives a debugging establishment request from the debugging computer. The device transmits a unique identifier associated with the device and a secured expiration value to the debugging computer. The device receives a transport layer security (TLS) certificate from the debugging computer and establishes a secured and authenticated link with the debugging computer using the TLS certificate. The device enables a debugging mode, responsive to determining that an identifier in the TLS certificate matches the unique identifier and that a secured expiration value in the TLS certificate is valid and within a predefined validity range, and executes, in the debugging mode, debugging instructions received from the debugging computer.

Abstract translation: 设备执行从调试计算机接收的调试指令。 设备从调试计算机接收调试建立请求。 设备将与设备相关联的唯一标识符和安全的到期值发送到调试计算机。 设备从调试计算机接收传输层安全性（TLS）证书，并使用TLS证书与调试计算机建立安全和经过身份验证的链接。 该设备响应于确定TLS证书中的标识符与唯一标识符匹配并且TLS证书中的安全到期值有效并在预定义的有效范围内启用调试模式，并且在调试模式下执行调试指令 从调试电脑接收。

公开(公告)号：US10726117B2

公开(公告)日：2020-07-28

申请号：US15636302

申请日：2017-06-28

Applicant: MOTOROLA SOLUTIONS, INC

Inventor： Thomas S. Messerges ,  Katrin Reitsma

IPC: G06F21/34 ,  H04L29/06 ,  G06F21/35 ,  G06F21/62 ,  H04L9/08 ,  H04W12/06

Abstract: A method for recovering a digital file from a locked device is provided. An identity token is received at a recovery app on the locked device. The recovery app retrieves a digital file from the locked device and sends the digital file and the identity token to a service external to the device.

公开(公告)号：US11113424B2

公开(公告)日：2021-09-07

申请号：US16405454

申请日：2019-05-07

Applicant: MOTOROLA SOLUTIONS, INC.

Inventor： Brian W. Pruss ,  Ellis A. Pinder ,  Thomas S. Messerges

IPC: H04L9/08 ,  G06F21/78 ,  H04L29/06 ,  G06F21/57

Abstract: A device, system and method for installing encrypted data are provided. A device includes a processor comprising: immutable memory storing preconfigured trust anchor data; and a module storing preconfigured non-exportable data. The processor is configured to: receive an encrypted common protection key, encrypted using a manufacturing protection key, and an encrypted distribution private key, encrypted using a common protection key; obtain the manufacturing protection key using the preconfigured trust anchor data and the preconfigured non-exportable data; decrypt the encrypted common protection key using the manufacturing protection key to obtain the common protection key; decrypt the encrypted distribution private key using the common protection key to obtain a distribution private key; receive an encrypted data package including image-at-rest data encrypted with an image-at-rest key, the encrypted data package including encryption data for obtaining the image-at-rest key using the distribution private key; and install the encrypted data package at the memory.

公开(公告)号：US10721608B2

公开(公告)日：2020-07-21

申请号：US15844177

申请日：2017-12-15

Applicant: MOTOROLA SOLUTIONS, INC.

Inventor： Anthony R. Metke ,  Thomas S. Messerges

IPC: H04W4/90 ,  H04W12/00 ,  H04W12/08 ,  H04W12/10 ,  H04W8/22 ,  H04W16/18 ,  H04W88/06 ,  H04W8/18 ,  H04W8/20 ,  H04W12/06 ,  H04L29/06

Abstract: A deployable wireless communications system includes memory, an antenna, and a processor connected to the memory and the antenna. The processor is configured to execute instructions to control the antenna to provide a deployable wireless network to wireless communications devices and to provide access for the wireless communications devices to the deployable wireless network according to profiles of each of the plurality of wireless communications devices stored in the memory. The system further includes an import service executable by the processor to import into the memory a profile carried by a wireless communications device. The profile is to provide access for the wireless communications device to the deployable wireless network.

公开(公告)号：US09843451B2

公开(公告)日：2017-12-12

申请号：US14528524

申请日：2014-10-30

Applicant: MOTOROLA SOLUTIONS, INC

Inventor： Ellis A. Pinder ,  Thomas S. Messerges

IPC: H04L29/06 ,  H04L9/32 ,  G06F21/51 ,  G06F21/12

CPC classification number: H04L9/3268 ,  G06F21/121 ,  G06F21/51 ,  G06F2221/0704 ,  H04L9/0897 ,  H04L9/3234 ,  H04L9/3247 ,  H04L9/3265 ,  H04L63/08 ,  H04L63/0823 ,  H04L63/126

Abstract: An electronic device includes a memory configured to store a lab certificate, a code authentication certificate and the executable code. The electronic device also includes a processor associated with a unique device identifier. For a first operational condition of the plurality of operational conditions, the processor is configured to: retrieve the code authentication certificate associated with the executable code; determine that a valid lab certificate is present in the memory; authenticate the code authentication certificate by determining that the code authentication certificate is signed with a private developer key and that the signature is valid; and execute the executable code on the electronic device responsive to determining that the lab certificate is valid and authenticating the code authentication certificate.

公开(公告)号：US11349665B2

公开(公告)日：2022-05-31

申请号：US15853650

申请日：2017-12-22

Applicant: MOTOROLA SOLUTIONS, INC

Inventor： Katrin Reitsma ,  Dharamendra Kumar ,  Thomas S. Messerges ,  Robert Horvath ,  Adam C. Lewis

IPC: H04L9/32 ,  H04L9/40 ,  H04W12/37 ,  H04W12/084 ,  H04W12/08 ,  H04W12/06 ,  H04W12/69 ,  H04W12/106 ,  H04L29/06

Abstract: A device attestation server and method for attesting to the integrity of a mobile device is provided. An attestation request is sent from a mobile device to a device attestation server. The device attestation server runs an attestation method that is supported by the mobile device. The device attestation server creates an attestation token that includes a validation result and a plurality of attributes. The device attestation server sends the attestation token to the mobile device, which performs a validation method using the attestation token.