公开(公告)号：US20160316409A1

公开(公告)日：2016-10-27

申请号：US15180374

申请日：2016-06-13

Applicant: MOTOROLA SOLUTIONS, INC.

Inventor： Steven D. Upp ,  Anthony R. Metke

IPC: H04W36/22 ,  H04W8/18 ,  H04L29/08 ,  H04W28/08

CPC classification number: H04W36/22 ,  H04L63/18 ,  H04L67/30 ,  H04W8/18 ,  H04W12/04 ,  H04W12/06 ,  H04W28/08 ,  H04W88/06

Abstract: A method and apparatus for bootstrapping secure connections between wireless devices and deployable wireless communications networks. Using the method, a wireless device establishes a connection to an auxiliary network, and then establishes a connection with a deployable subscription bootstrapping service. The deployable subscription bootstrapping service generates a temporary subscription profile, including a temporary shared symmetric key, for the wireless device, writes the temporary profile to a deployable home subscriber server, and communicates the temporary profile to the wireless device, which stores the temporary profile. The wireless device then terminates the connection to the auxiliary network, and initiates a connection with the deployable wireless communications network using the temporary subscription profile.

Abstract translation: 一种用于引导无线设备和可部署无线通信网络之间的安全连接的方法和装置。 使用该方法，无线设备建立到辅助网络的连接，然后建立与可部署的订阅引导服务的连接。 可部署的订阅引导服务为无线设备生成包括临时共享对称密钥的临时订阅简档，将临时配置文件写入可部署的归属订户服务器，并将临时配置文件传送到存储临时配置文件的无线设备。 无线设备然后终止与辅助网络的连接，并且使用临时订阅简档来发起与可部署的无线通信网络的连接。

公开(公告)号：US08955081B2

公开(公告)日：2015-02-10

申请号：US13728521

申请日：2012-12-27

Applicant: Motorola Solutions, Inc.

Inventor： Anthony R. Metke ,  Katrin Reitsma ,  Adam C. Lewis ,  George Popovich ,  Steven D. Upp

IPC: G06F7/04 ,  H04L29/06 ,  H04W12/06 ,  G06F21/41 ,  G06F17/30 ,  H04W88/04

CPC classification number: H04L63/0884 ,  G06F21/41 ,  H04L63/0815 ,  H04W12/06 ,  H04W88/04

Abstract: An apparatus for, and method of, single sign-on collaboration among a plurality of mobile devices, includes a server for issuing a first identity token to subsequently authenticate a user of a first of the mobile devices to a service provider, and for generating and sending a collaboration key to the first device based on the first identity token or user authentication. The first device generates and sends a collaboration credential based on the collaboration key to a second device paired with the first device. The server also issues a second identity token to subsequently authenticate to the service provider the user of the second device based on the collaboration credential received from the first device, to support single sign-on collaboration for the user across the plurality of mobile devices.

Abstract translation: 用于多个移动设备之间的单点登录协作的装置和方法包括用于发布第一身份令牌以随后向服务提供商认证第一移动设备的用户的服务器，以及用于生成和 基于第一身份令牌或用户认证向第一设备发送协作密钥。 第一设备基于协作密钥生成并发送与第一设备配对的第二设备的协作凭证。 服务器还发出第二身份令牌，以随后基于从第一设备接收到的协作凭证向服务提供商验证第二设备的用户，以支持跨多个移动设备的用户的单点登录协作。

公开(公告)号：US20140189827A1

公开(公告)日：2014-07-03

申请号：US13728752

申请日：2012-12-27

Applicant: MOTOROLA SOLUTIONS, INC.

Inventor： George Popovich ,  Adam C. Lewis ,  Anthony R. Metke ,  Steven D. Upp

IPC: H04L29/06

CPC classification number: H04L63/08 ,  H04L63/0815 ,  H04W12/06

Abstract: A system and method for enabling a primary and a secondary communication device to share a user identity assertion is presented. The user identity assertion enables the devices to access an application system. The primary and secondary devices are paired to place them in collaboration with each other. The primary device requests an identity provider system to issue a user identity assertion scoped to the primary and secondary communication device. The identity provider system authenticates the primary device and generates the user identity assertion scoped to the primary device and the secondary device identified in the request. The primary communication device receives the user identity assertion and communicates the user identity assertion to the secondary device. The primary device may request the user identity assertion by communicating a user identity assertion scoped to the primary device and a single sign on session cookie or a request for an extension assertion.

Abstract translation: 提出了一种能够使主要和次要通信设备共享用户身份断言的系统和方法。 用户身份断言使设备能够访问应用系统。 主设备和辅助设备配对，使它们彼此协作。 主设备请求身份提供者系统发布对主要和次要通信设备的用户身份断言。 身份提供者系统对主设备进行身份验证，并生成范围为主设备的用户身份断言和请求中标识的辅助设备。 主要通信设备接收用户身份断言，并将用户身份声明传达给辅助设备。 主设备可以通过传送作用于主设备的用户身份断言和会话cookie上的单一登录或扩展断言的请求来请求用户身份断言。

公开(公告)号：US09980194B2

公开(公告)日：2018-05-22

申请号：US15180374

申请日：2016-06-13

Applicant: MOTOROLA SOLUTIONS, INC.

Inventor： Steven D. Upp ,  Anthony R. Metke

IPC: H04W36/22 ,  H04L29/08 ,  H04W28/08 ,  H04W8/18 ,  H04W12/04 ,  H04W12/06 ,  H04L29/06 ,  H04W88/06

CPC classification number: H04W36/22 ,  H04L63/18 ,  H04L67/30 ,  H04W8/18 ,  H04W12/04 ,  H04W12/06 ,  H04W28/08 ,  H04W88/06

Abstract: A method and apparatus for bootstrapping secure connections between wireless devices and deployable wireless communications networks. Using the method, a wireless device establishes a connection to an auxiliary network, and then establishes a connection with a deployable subscription bootstrapping service. The deployable subscription bootstrapping service generates a temporary subscription profile, including a temporary shared symmetric key, for the wireless device, writes the temporary profile to a deployable home subscriber server, and communicates the temporary profile to the wireless device, which stores the temporary profile. The wireless device then terminates the connection to the auxiliary network, and initiates a connection with the deployable wireless communications network using the temporary subscription profile.

公开(公告)号：US08806205B2

公开(公告)日：2014-08-12

申请号：US13728797

申请日：2012-12-27

Applicant: Motorola Solutions, Inc.

Inventor： Anthony R. Metke ,  Katrin Reitsma ,  Steven D. Upp

IPC: H04L29/06 ,  G06F21/00 ,  G06F21/40

CPC classification number: G06F21/40 ,  H04L63/0815

Abstract: Multi-factor authentication is enabled across a plurality of communication devices. A user performs authentication by using a first authentication factor on a first of the communication devices, and by using a second authentication factor on a second of the communication devices. A collaboration credential is shared among the devices to enable the devices to collaborate with each other. Both of the authentication factors are bound together. A multi-factor identification token is issued to each device, to support multi-factor authentication for the user across the devices.

Abstract translation: 跨多个通信设备启用多因素认证。 用户通过在第一通信设备上使用第一认证因子并且通过在第二通信设备上使用第二认证因子来执行认证。 在设备之间共享协作凭证，以使设备能够相互协作。 这两个认证因素都绑定在一起。 向每个设备发出一个多因素识别令牌，以支持用户跨设备的多因素身份验证。

公开(公告)号：US20140189840A1

公开(公告)日：2014-07-03

申请号：US13728422

申请日：2012-12-27

Applicant: MOTOROLA SOLUTIONS, INC.

Inventor： ANTHONY R. METKE ,  Katrin Reitsma ,  Adam C. Lewis ,  George Popovich ,  Steven D. Upp

IPC: H04W12/06

CPC classification number: H04L63/0884 ,  G06F21/41 ,  H04L63/08 ,  H04L63/0815 ,  H04W12/06

Abstract: A system for, and method of, single sign-on collaboration among a plurality of mobile devices, includes a server for issuing a first identity token to subsequently authenticate a user of a first of the mobile devices to a service provider, and for generating and sending a collaboration credential to the first device based on the first identity token or user authentication. The first device sends the collaboration credential generated by the server to a second device paired with the first device. The server also issues a second identity token to subsequently authenticate to the service provider the user of the second device based on the collaboration credential received from the first device, to support single sign-on collaboration for the user across the plurality of mobile devices.

Abstract translation: 用于多个移动设备之间的单点登录协作的系统和方法包括用于发出第一身份令牌以随后向服务提供商认证第一移动设备的用户的服务器，以及用于生成和 基于第一身份令牌或用户认证向第一设备发送协作凭证。 第一个设备将由服务器生成的协作凭证发送到与第一个设备配对的第二个设备。 服务器还发出第二身份令牌，以随后基于从第一设备接收到的协作凭证向服务提供商验证第二设备的用户，以支持跨多个移动设备的用户的单点登录协作。

公开(公告)号：US20140189789A1

公开(公告)日：2014-07-03

申请号：US13728711

申请日：2012-12-27

Applicant: MOTOROLA SOLUTIONS, INC.

Inventor： Adam C. Lewis ,  Alejandro G. Blanco ,  Steven D. Upp

IPC: H04L29/06

CPC classification number: H04L63/08 ,  H04L63/0492 ,  H04L67/10 ,  H04W4/80 ,  H04W12/003 ,  H04W12/08

Abstract: A network device is configured to authenticate a collaborative session between at least two communication devices. The network component receives an indication that at least two devices located within a predefined physical range are attempting to collaborate. The network component determines, based on the indication, that the two devices are authentic and that the two devices are attempting to collaborate. Responsive to determining that the two devices are authentic and attempting to collaborate, the network component determines that the two devices are authorized to collaborate and a level on which the two devices are authorized to collaborate. The network component sends an authorization response to at least one of the at least two devices, wherein if the two devices are authorized to collaborate the authorization response includes the level on which the two devices are authorized to collaborate.

Abstract translation: 网络设备被配置为对至少两个通信设备之间的协作会话进行认证。 网络组件接收指示位于预定义物理范围内的至少两个设备正在尝试协作。 网络组件基于该指示确定两个设备是真实的，并且两个设备正尝试协作。 响应于确定两个设备是真实的并且尝试协作，网络组件确定两个设备被授权协作，以及两个设备被授权协作的级别。 所述网络组件向所述至少两个设备中的至少一个发送授权响应，其中如果所述两个设备被授权协作，所述授权响应包括所述两个设备被授权协作的级别。

公开(公告)号：US10039151B1

公开(公告)日：2018-07-31

申请号：US15422177

申请日：2017-02-01

Applicant: MOTOROLA SOLUTIONS, INC.

Inventor： Steven D. Upp ,  Anthony R. Metke ,  Karen M. Upp

IPC: H04W4/00 ,  H04W76/19 ,  H04W76/02 ,  H04W8/20 ,  H04W12/06

Abstract: Methods and systems for connecting a wireless communications device to a deployable wireless communications network. The method includes receiving, from the wireless communications device via a mobile management entity (MME) configured to operate as an extensible authentication protocol (EAP) authenticator, an extensible authentication protocol packet. The method further includes authenticating the wireless communications device based on the extensible authentication protocol packet. The method further includes establishing a first wireless connection between the wireless communications device and a deployable subscription bootstrapping service of the deployable wireless communications network. The method further includes generating a subscription profile for the wireless communications device, and communicating the subscription profile to the wireless communications device via the first wireless connection. The method further includes discontinuing the first wireless connection, and establishing a second wireless connection between the wireless communications device and the deployable wireless communications network using the subscription profile.

公开(公告)号：US20140189834A1

公开(公告)日：2014-07-03

申请号：US13728521

申请日：2012-12-27

Applicant: MOTOROLA SOLUTIONS, INC.

Inventor： Anthony R. Metke ,  Katrin Reitsma ,  Adam C. Lewis ,  George Popovich ,  Steven D. Upp

IPC: H04L29/06

CPC classification number: H04L63/0884 ,  G06F21/41 ,  H04L63/0815 ,  H04W12/06 ,  H04W88/04

Abstract: An apparatus for, and method of, single sign-on collaboration among a plurality of mobile devices, includes a server for issuing a first identity token to subsequently authenticate a user of a first of the mobile devices to a service provider, and for generating and sending a collaboration key to the first device based on the first identity token or user authentication. The first device generates and sends a collaboration credential based on the collaboration key to a second device paired with the first device. The server also issues a second identity token to subsequently authenticate to the service provider the user of the second device based on the collaboration credential received from the first device, to support single sign-on collaboration for the user across the plurality of mobile devices.

Abstract translation: 用于多个移动设备之间的单点登录协作的装置和方法包括用于发布第一身份令牌以随后向服务提供商认证第一移动设备的用户的服务器，以及用于生成和 基于第一身份令牌或用户认证向第一设备发送协作密钥。 第一设备基于协作密钥生成并发送与第一设备配对的第二设备的协作凭证。 服务器还发出第二身份令牌，以随后基于从第一设备接收到的协作凭证向服务提供商验证第二设备的用户，以支持跨多个移动设备的用户的单点登录协作。

公开(公告)号：US20180220471A1

公开(公告)日：2018-08-02

申请号：US15422177

申请日：2017-02-01

Applicant: MOTOROLA SOLUTIONS, INC.

Inventor： Steven D. Upp ,  Anthony R. Metke ,  Karen M. Upp

IPC: H04W76/02 ,  H04W8/20 ,  H04W12/06

CPC classification number: H04W76/19 ,  H04L9/0838 ,  H04L63/08 ,  H04W8/20 ,  H04W12/04 ,  H04W12/06 ,  H04W76/50 ,  H04W88/06

Abstract: Methods and systems for connecting a wireless communications device to a deployable wireless communications network. The method includes receiving, from the wireless communications device via a mobile management entity (MME) configured to operate as an extensible authentication protocol (EAP) authenticator, an extensible authentication protocol packet. The method further includes authenticating the wireless communications device based on the extensible authentication protocol packet. The method further includes establishing a first wireless connection between the wireless communications device and a deployable subscription bootstrapping service of the deployable wireless communications network. The method further includes generating a subscription profile for the wireless communications device, and communicating the subscription profile to the wireless communications device via the first wireless connection. The method further includes discontinuing the first wireless connection, and establishing a second wireless connection between the wireless communications device and the deployable wireless communications network using the subscription profile.