公开(公告)号：US20150237502A1

公开(公告)日：2015-08-20

申请号：US14699509

申请日：2015-04-29

Applicant: InterDigital Patent Holdings, Inc.

Inventor： Andreas Schmidt ,  David G. Greiner ,  Louis J. Guccione ,  Dolores F. Howry ,  Michael V. Meyerstein ,  Sudhir B. Pattar ,  Yogendra C. Shah ,  Inhyok Cha ,  Andreas Leicher ,  Lawrence Case

IPC: H04W12/10 ,  H04W12/06 ,  H04W12/08

CPC classification number: H04W12/10 ,  G06F21/44 ,  G06F21/57 ,  H04L63/123 ,  H04W12/06 ,  H04W12/08

Abstract: Methods, components and apparatus for implementing platform validation and management (PVM) are disclosed. PVM provides the functionality and operations of a platform validation entity with remote management of devices by device management components and systems such as a home node-B management system or component. Example PVM operations bring devices into a secure target state before allowing connectivity and access to a core network.

Abstract translation: 公开了实现平台验证和管理（PVM）的方法，组件和设备。 PVM通过设备管理组件和系统（如家庭节点B管理系统或组件）提供对设备进行远程管理的平台验证实体的功能和操作。 示例PVM操作在允许连接和访问核心网络之前将设备置于安全目标状态。

公开(公告)号：US20150215281A1

公开(公告)日：2015-07-30

申请号：US14611770

申请日：2015-02-02

Applicant: Interdigital Patent Holdings, Inc.

Inventor： Andreas Schmidt ,  Andreas Leicher ,  Inhyok Cha ,  Sudhir B. Pattar ,  Yogendra C. Shah

IPC: H04L29/06 ,  H04W12/08 ,  G06F17/30

CPC classification number: G06F21/57 ,  G06F17/30327 ,  G06F21/53 ,  G06F21/64 ,  G06F2221/034 ,  H04L9/3234 ,  H04L9/3265 ,  H04L63/02 ,  H04L63/123 ,  H04L63/126 ,  H04L2209/30 ,  H04L2209/805 ,  H04W4/70 ,  H04W12/08 ,  H04W12/10

Abstract: Systems, methods, and apparatus are provided for generating verification data that may be used for validation of a wireless transmit-receive unit (WTRU). The verification data may be generated using a tree structure having protected registers, represented as root nodes, and component measurements, represented as leaf nodes. The verification data may be used to validate the WTRU. The validation may be performed using split-validation, which is a form of validation described that distributes validation tasks between two or more network entities. Subtree certification is also described, wherein a subtree of the tree structure may be certified by a third party.

Abstract translation: 提供了系统，方法和装置，用于产生可用于验证无线发射 - 接收单元（WTRU）的验证数据。 验证数据可以使用具有表示为叶节点的根节点和组件测量的受保护寄存器的树结构来生成。 验证数据可以用于验证WTRU。 可以使用拆分验证来执行验证，分裂验证是描述的验证形式，其在两个或多个网络实体之间分发验证任务。 还描述了子树认证，其中树结构的子树可以由第三方认证。

公开(公告)号：US20180159738A1

公开(公告)日：2018-06-07

申请号：US15809405

申请日：2017-11-10

Applicant: InterDigital Patent Holdings, Inc.

Inventor： Yogendra C. Shah ,  Inhyok Cha ,  Andreas Leicher ,  Andreas Schmidt ,  Dolores F. Howry ,  Sudhir B. Pattar ,  David G. Greiner ,  Louis J. Guccione ,  Michael V. Meyerstein ,  Lawrence Case

IPC: H04L12/24 ,  H04W12/10 ,  H04L29/06 ,  H04W84/04

CPC classification number: H04L41/0869 ,  H04L41/0654 ,  H04L41/0681 ,  H04L63/123 ,  H04L63/166 ,  H04W12/0023 ,  H04W12/10 ,  H04W84/045

Abstract: An apparatus and method for providing home evolved node-B (H(e)NB) integrity verification and validation using autonomous validation and semi-autonomous validation is disclosed herein.

公开(公告)号：US20180152841A1

公开(公告)日：2018-05-31

申请号：US15797197

申请日：2017-10-30

Applicant: InterDigital Patent Holdings, Inc.

Inventor： Yogendra C. Shah ,  Louis J. Guccione ,  Inhyok Cha ,  Sudhir B. Pattar ,  Andreas Schmidt

IPC: H04W12/06 ,  H04W12/04 ,  H04L29/06

CPC classification number: H04W12/06 ,  H04L63/20 ,  H04W12/04 ,  H04W12/0806

Abstract: Methods and instrumentalities are disclosed that enable one or more domains on one or more devices to be owned or controlled by one or more different local or remote owners, while providing a level of system-wide management of those domains. Each domain may have a different owner, and each owner may specify policies for operation of its domain and for operation of its domain in relation to the platform on which the domain resides, and other domains. A system-wide domain manager may be resident on one of the domains. The system-wide domain manager may enforce the policies of the domain on which it is resident, and it may coordinate the enforcement of the other domains by their respective policies in relation to the domain in which the system-wide domain manager resides. Additionally, the system-wide domain manager may coordinate interaction among the other domains in accordance with their respective policies.

公开(公告)号：US20180077517A9

公开(公告)日：2018-03-15

申请号：US14857966

申请日：2015-09-18

Applicant: InterDigital Patent Holdings, Inc.

Inventor： Inhyok Cha ,  Michael Meyerstein ,  Yogendra C. Shah ,  Andreas Schmidt

IPC: H04W4/00 ,  H04W12/08 ,  H04L9/08 ,  H04W12/10

CPC classification number: H04W4/70 ,  G06F21/57 ,  G06F21/575 ,  G06F2221/2101 ,  G06F2221/2105 ,  G06F2221/2151 ,  G06F2221/2153 ,  H04L9/08 ,  H04L9/3234 ,  H04L63/062 ,  H04L63/0823 ,  H04L63/12 ,  H04L63/20 ,  H04L67/10 ,  H04L67/125 ,  H04W4/00 ,  H04W4/50 ,  H04W8/06 ,  H04W12/06 ,  H04W12/08 ,  H04W12/10 ,  H04W24/00 ,  H04W84/22

Abstract: A method and apparatus for performing secure Machine-to-Machine (M2M) provisioning and communication is disclosed. In particular a temporary private identifier, or provisional connectivity identification (PCID), for uniquely identifying machine-to-machine equipment (M2ME) is also disclosed. Additionally, methods and apparatus for use in validating, authenticating and provisioning a M2ME is also disclosed. The validation procedures disclosed include an autonomous, semi-autonomous, and remote validation are disclosed. The provisioning procedures include methods for re-provisioning the M2ME. Procedures for updating software, and detecting tampering with the M2ME are also disclosed.

公开(公告)号：US20180014192A1

公开(公告)日：2018-01-11

申请号：US15699843

申请日：2017-09-08

Applicant: InterDigital Patent Holdings, Inc.

Inventor： Sudhir B. Pattar ,  Inhyok Cha ,  Andreas Schmidt ,  Andreas Leicher ,  Yogendra C. Shah ,  Prabhakar R. Chitrapu ,  Lawrence Case

IPC: H04W12/06 ,  H04W4/00 ,  H04W12/10 ,  H04W12/08

CPC classification number: H04W12/06 ,  H04W4/00 ,  H04W4/70 ,  H04W12/04031 ,  H04W12/08 ,  H04W12/10

Abstract: Systems, methods, and instrumentalities are disclosed that provide for a gateway outside of a network domain to provide services to a plurality of devices. For example, the gateway may act as a management entity or as a proxy for the network domain. As a management entity, the gateway may perform a security function relating to each of the plurality of devices. The gateway may perform the security function without the network domain participating or having knowledge of the particular devices. As a proxy for the network, the gateway may receive a command from the network domain to perform a security function relating to each of a plurality of devices. The network may know the identity of each of the plurality of devices. The gateway may perform the security function for each of the plurality of devices and aggregate related information before sending the information to the network domain.

公开(公告)号：US09652320B2

公开(公告)日：2017-05-16

申请号：US14570301

申请日：2014-12-15

Applicant: InterDigital Patent Holdings, Inc.

Inventor： Yogendra C. Shah ,  Lawrence Case ,  Dolores F. Howry ,  Inhyok Cha ,  Andreas Leicher ,  Andreas Schmidt

IPC: G06F11/00 ,  G06F11/08 ,  G06F11/07 ,  G06F21/10 ,  G06F21/57 ,  H04W12/10 ,  H04M1/24 ,  H04W8/22 ,  H04W24/02 ,  H04L29/06

CPC classification number: G06F11/0709 ,  G06F11/0751 ,  G06F11/079 ,  G06F11/0793 ,  G06F11/08 ,  G06F21/10 ,  G06F21/575 ,  G06F2221/2103 ,  G06F2221/2111 ,  H04L63/123 ,  H04M1/24 ,  H04W8/22 ,  H04W12/10 ,  H04W24/02

Abstract: A wireless communications device may be configured to perform integrity checking and interrogation with a network entity to isolate a portion of a failed component on the wireless network device for remediation. Once an integrity failure is determined on a component of the device, the device may identify a functionality associated with the component and indicate the failed functionality to the network entity. Both the wireless network device and the network entity may identify the failed functionality and/or failed component using a component-to-functionality map. After receiving an indication of an integrity failure at the device, the network entity may determine that one or more additional iterations of integrity checking may be performed at the device to narrow the scope of the integrity failure on the failed component. Once the integrity failure is isolated, the network entity may remediate a portion of the failed component on the wireless communications device.

公开(公告)号：US09614831B2

公开(公告)日：2017-04-04

申请号：US14684906

申请日：2015-04-13

Applicant: InterDigital Patent Holdings, Inc.

Inventor： Yogendra C. Shah ,  Inhyok Cha ,  Andreas Schmidt ,  Louis J. Guccione ,  Lawrence Case ,  Andreas Leicher ,  Yousif Targali

IPC: G06F21/00 ,  H04L29/06 ,  H04W12/08 ,  H04W12/06 ,  H04W36/00 ,  H04W12/04

CPC classification number: H04L63/08 ,  H04L63/0209 ,  H04L63/0815 ,  H04L63/0892 ,  H04L63/10 ,  H04L63/18 ,  H04W12/04 ,  H04W12/06 ,  H04W12/08 ,  H04W36/0038

Abstract: Persistent communication layer credentials generated on a persistent communication layer at one network may be leveraged to perform authentication on another. For example, the persistent communication layer credentials may include application-layer credentials derived on an application layer. The application-layer credentials may be used to establish authentication credentials for authenticating a mobile device for access to services at a network server. The authentication credentials may be derived from the application-layer credentials of another network to enable a seamless handoff from one network to another. The authentication credentials may be derived from the application-layer credentials using reverse bootstrapping or other key derivation functions. The mobile device and/or network entity to which the mobile device is being authenticated may enable communication of authentication information between the communication layers to enable authentication of a device using multiple communication layers.

公开(公告)号：US20160226710A1

公开(公告)日：2016-08-04

申请号：US15000440

申请日：2016-01-19

Applicant: InterDigital Patent Holdings, Inc.

Inventor： Inhyok Cha ,  Andreas Leicher ,  Yogendra C. Shah ,  Andreas Schmidt ,  Dolores F. Howry ,  Sudhir B. Pattar ,  David G. Greiner ,  Louis J. Guccione ,  Michael V. Meyerstein ,  Lawrence L. Case

IPC: H04L12/24

CPC classification number: H04L41/0869 ,  H04L41/0654 ,  H04L41/0681 ,  H04L63/123 ,  H04L63/166 ,  H04W12/0023 ,  H04W12/10 ,  H04W84/045

Abstract: An abstract and method for providing home evolved node-B (H(e)NB) integrity verification and validation using autonomous validation and semi-autonomous validation is disclosed herein.

Abstract translation: 本文公开了一种使用自主验证和半自动验证来提供家庭演进节点B（H（e）NB）完整性验证和验证的抽象和方法。

公开(公告)号：US20150067813A1

公开(公告)日：2015-03-05

申请号：US14531621

申请日：2014-11-03

Applicant: InterDigital Patent Holdings, Inc.

Inventor： Inhyok Cha ,  Yogendra C. Shah ,  Andreas Schmidt ,  Andreas Leicher

IPC: H04W12/06 ,  G06F21/33 ,  H04L29/06

CPC classification number: H04W12/06 ,  G06F21/335 ,  G06F21/57 ,  G06F2221/2115 ,  H04L63/0807 ,  H04L2463/121

Abstract: Systems, methods, and instrumentalities are disclosed that may provide for integration of trusted OpenID (TOpenID) with OpenID. The authentication may be accomplished, in part, via communications between a trusted ticket server on a UE and a network application function. The UE may retrieve platform validation data (e.g., from a trusted platform module on the UE). The UE may receive a platform verification in response to the platform validation data. The platform verification may indicate that the network application function has verified the platform validation data and the user. The platform verification may indicate that the platform validation data matches a previously generated reference value.

Abstract translation: 公开了可以提供可信OpenID（TOpenID）与OpenID的集成的系统，方法和工具。 认证可以部分地通过UE上的信任票据服务器和网络应用功能之间的通信来实现。 UE可以检索平台验证数据（例如，从UE上的可信平台模块）。 UE可以响应于平台验证数据而接收平台验证。 平台验证可以指示网络应用功能已经验证了平台验证数据和用户。 平台验证可以指示平台验证数据与先前生成的参考值相匹配。