公开(公告)号：US08995921B2

公开(公告)日：2015-03-31

申请号：US11022709

申请日：2004-12-27

Applicant: Ana Lucia Iacono ,  Arty Chandra ,  Inhyok Cha ,  Paul Marinier ,  Vincent Roy

Inventor： Ana Lucia Iacono ,  Arty Chandra ,  Inhyok Cha ,  Paul Marinier ,  Vincent Roy

IPC: H04B17/00 ,  H04B7/04 ,  H04B7/06 ,  H04B7/08

CPC classification number: H04B7/0632 ,  H04B7/0408 ,  H04B7/0619 ,  H04B7/0695 ,  H04B7/088 ,  H04B17/10 ,  H04B17/24 ,  H04B17/318 ,  H04B17/336 ,  H04L5/14 ,  H04W24/08 ,  H04W84/12

Abstract: A method for taking measurements with a smart antenna in a wireless communication system having a plurality of STAs begins by sending a measurement request from a first STA to a second STA. At least two measurement packets are transmitted consecutively from the second STA to the first STA. Each measurement packet is received at the first STA using a different antenna beam. The first STA performs measurements on each measurement packet and selects an antenna beam direction based on the measurement results.

Abstract translation: 在具有多个STA的无线通信系统中用智能天线进行测量的方法，是从第一STA向第二STA发送测量请求开始的。 至少两个测量分组从第二STA连续发送到第一STA。 使用不同的天线波束在第一STA处接收每个测量分组。 第一STA对每个测量分组进行测量，并根据测量结果选择天线波束方向。

公开(公告)号：US20140129815A9

公开(公告)日：2014-05-08

申请号：US12760690

申请日：2010-04-15

Applicant: Yogendra C. Shah ,  Inhyok Cha ,  Andreas Schmidt ,  Andreas Leicher ,  Joseph Gredone ,  Samian J. Kaur

Inventor： Yogendra C. Shah ,  Inhyok Cha ,  Andreas Schmidt ,  Andreas Leicher ,  Joseph Gredone ,  Samian J. Kaur

IPC: G06F21/02 ,  G06F9/445

CPC classification number: H04W12/10 ,  H04L63/123

Abstract: A device may include a trusted component. The trusted component may be verified by a trusted third party and may have a certificate of verification stored therein based on the verification by the trusted third party. The trusted component may include a root of trust that may provide secure code and data storage and secure application execution. The root of trust may also be configured to verify an integrity of the trusted component via a secure boot and to prevent access to the certain information in the device if the integrity of the trusted component may not be verified.

Abstract translation: 设备可以包括可信组件。 受信任的组件可以由受信任的第三方验证，并且可以基于可信赖的第三方的验证来存储其中的验证证书。 受信任的组件可以包括可以提供安全代码和数据存储以及安全应用执行的信任根。 还可以配置信任根以通过安全引导来验证可信组件的完整性，并且如果可信组件的完整性可能未被验证，则阻止访问设备中的某些信息。

公开(公告)号：US08510559B2

公开(公告)日：2013-08-13

申请号：US12419798

申请日：2009-04-07

Applicant: Louis J. Guccione ,  Yevgeniy Dodis ,  Yogendra C. Shah ,  Inhyok Cha

Inventor： Louis J. Guccione ,  Yevgeniy Dodis ,  Yogendra C. Shah ,  Inhyok Cha

IPC: H04L9/00

CPC classification number: H04L63/0428 ,  H04L63/061 ,  H04W12/02 ,  H04W12/04 ,  H04W88/02

Abstract: A method and apparatus for securing the interface between a Universal Integrated Circuit Card (UICC) and a Terminal in wireless communications is disclosed. The security of Authentication and Key Agreement (AKA) and application level generic bootstrapping architecture (GBA) with UICC-based enhancements (GBA_U) procedures is improved. A secure shared session key is used to encrypt communications between the UICC and the Terminal. The secure shared session key generated using authenticating or non-authenticating procedures.

Abstract translation: 公开了一种在无线通信中用于固定通用集成电路卡（UICC）和终端之间的接口的方法和装置。 基于UICC的增强（GBA_U）程序的身份验证和密钥协商（AKA）和应用级通用引导体系结构（GBA）的安全性得到了改进。 安全的共享会话密钥用于加密UICC和终端之间的通信。 使用验证或非验证过程产生的安全共享会话密钥。

公开(公告)号：US20120254959A1

公开(公告)日：2012-10-04

申请号：US13237344

申请日：2011-09-20

Applicant: Andreas SCHMIDT ,  Michael V. MEYERSTEIN ,  Andreas LEICHER ,  Yogendra C. SHAH ,  Louis J. GUCCIONE ,  Inhyok CHA

Inventor： Andreas SCHMIDT ,  Michael V. MEYERSTEIN ,  Andreas LEICHER ,  Yogendra C. SHAH ,  Louis J. GUCCIONE ,  Inhyok CHA

IPC: H04W12/04

CPC classification number: H04W12/06 ,  H04L63/061 ,  H04L63/068 ,  H04L63/08 ,  H04L63/0815 ,  H04L63/0853 ,  H04L67/02 ,  H04L2463/061 ,  H04L2463/081 ,  H04W12/04 ,  H04W88/02

Abstract: A wireless device may perform a local authentication to reduce the traffic on a network. The local authentication may be performed using a local web server and/or a local OpenID provider (OP) associated with the wireless device. The local web server and/or local OP may be implemented on a security module, such as a smartcard or a trusted execution environment for example. The local OP and/or local web server may be used to implement a provisioning phase to derive a session key, associated with a service provider, from an authentication between the wireless device and the network. The session key may be reusable for subsequent local authentications to locally authenticate a user of the wireless device to the service provider.

Abstract translation: 无线设备可以执行本地认证以减少网络上的流量。 可以使用与无线设备相关联的本地Web服务器和/或本地OpenID提供商（OP）来执行本地认证。 本地Web服务器和/或本地OP可以在例如智能卡或可信执行环境的安全模块上实现。 可以使用本地OP和/或本地Web服务器实现供应阶段，以从无线设备和网络之间的认证导出与服务提供商相关联的会话密钥。 会话密钥可以可重用于随后的本地认证，以向服务提供商本地认证无线设备的用户。

公开(公告)号：US20110265153A1

公开(公告)日：2011-10-27

申请号：US12910596

申请日：2010-10-22

Applicant: Louis J. Guccione ,  Inhyok Cha ,  Andreas Schmidt ,  Andreas Leicher ,  David G. Greiner ,  Dolores F. Howry

Inventor： Louis J. Guccione ,  Inhyok Cha ,  Andreas Schmidt ,  Andreas Leicher ,  David G. Greiner ,  Dolores F. Howry

IPC: H04L9/32 ,  G06F15/16 ,  G06F21/00

CPC classification number: H04L63/101 ,  G06F21/33 ,  G06F21/36 ,  H04L51/12 ,  H04L63/0227 ,  H04L63/08 ,  H04L63/0869 ,  H04L63/145 ,  H04L65/1016 ,  H04W12/06

Abstract: Methods and apparatus are disclosed to provide protection against Unsolicited Communication (UC) in a network, such as, without limitation, an Internet Protocol (IP) Multimedia Subsystem (IMS). A communication may originate from a sending device and may be intended for delivery to a receiving device. A network may determine authentication information associated with the sending device. The network may send the authentication information to a receiving entity to evaluate if the communication is unsolicited using the authentication information. If the communication is determined to be acceptable, a connection associated with the communication may be allowed.

Abstract translation: 披露了一种方法和装置，用于提供对网络中的非请求通信（UC）的保护，例如但不限于互联网协议（IP）多媒体子系统（IMS）。 通信可以来自发送设备，并且可以用于传送到接收设备。 网络可以确定与发送设备相关联的认证信息。 网络可以将认证信息发送到接收实体，以使用认证信息评估该通信是否是主动的。 如果通信被确定为可接受的，则可以允许与该通信相关联的连接。

公开(公告)号：US08015408B2

公开(公告)日：2011-09-06

申请号：US11733536

申请日：2007-04-10

Applicant: Sasidhar Movva ,  Richard Dan Herschaft ,  Inhyok Cha

Inventor： Sasidhar Movva ,  Richard Dan Herschaft ,  Inhyok Cha

IPC: H04L9/32

CPC classification number: H04W12/10 ,  H04L63/12 ,  H04W12/12

Abstract: A method and system for performing trust evaluation for a mobile software agent on a trusted computing platform are disclosed. A sending entity, which includes a mobile software agent, verifies if a receiving entity is trustworthy before transferring the mobile software agent to the receiving entity. The receiving entity may verify the state and details of the mobile software agent and/or the state of the sending entity, and receive the mobile software agent if the state of the mobile software agent and the sending entity are trustworthy. The mobile software agent may include its own virtual trusted platform module (TPM) which is tied to an agent's identity. The agent's virtual TPM is part of the agent and transferred along with the mobile code when the mobile code is transferred.

Abstract translation: 公开了一种用于对可信计算平台上的移动软件代理执行信任评估的方法和系统。 包括移动软件代理的发送实体在将移动软件代理传送到接收实体之前验证接收实体是否可信任。 接收实体可以验证移动软件代理的状态和细节和/或发送实体的状态，并且如果移动软件代理和发送实体的状态是可信赖的，则接收移动软件代理。 移动软件代理可以包括其自己的虚拟可信平台模块（TPM），其与代理的身份相关联。 代理商的虚拟TPM是代理商的一部分，并在移动代码被传输时与移动代码一起传输。

公开(公告)号：US20100011214A1

公开(公告)日：2010-01-14

申请号：US12389088

申请日：2009-02-19

Applicant: Inhyok Cha ,  Yogendra C. Shah ,  Andreas U. Schmidt ,  Christian Hett

Inventor： Inhyok Cha ,  Yogendra C. Shah ,  Andreas U. Schmidt ,  Christian Hett

IPC: H04L9/00

CPC classification number: G06F21/81 ,  G06F21/725 ,  H04L63/123 ,  H04L2463/101 ,  H04L2463/121 ,  H04W12/10

Abstract: A method and apparatus to establish a trustworthy local time based on trusted computing methods are described. The concepts are scaling because they may be graded by the frequency and accuracy with which a reliable external time source is available for correction and/or reset, and how trustworthy this external source is in a commercial scenario. The techniques also take into account that the number of different paths and number of hops between the device and the trusted external time source may vary. A local clock related value which is protected by a TPM securely bound to an external clock. A system of Accuracy Statements (AS) is added to introduce time references to the audit data provided by other maybe cheaper sources than the time source providing the initial time.

Abstract translation: 描述了基于可信计算方法建立可靠的本地时间的方法和装置。 概念是缩放，因为它们可以通过可靠的外部时间源可用于校正和/或重置的频率和准确度进行分级，并且在商业场景中该外部源是如何可信赖的。 这些技术还考虑到设备与受信任的外部时间源之间的不同路径和跳数的数量可能会有所不同。 由TPM保护的本地时钟相关值安全地绑定到外部时钟。 添加准确性声明（AS）的系统来引入时间参考，以提供其他可能比提供初始时间的时间源更便宜的源提供的审计数据。

公开(公告)号：US20090313472A1

公开(公告)日：2009-12-17

申请号：US12419798

申请日：2009-04-07

Applicant: Louis J. Guccione ,  Yevgeniy Dodis ,  Yogendra C. Shah ,  Inhyok Cha

Inventor： Louis J. Guccione ,  Yevgeniy Dodis ,  Yogendra C. Shah ,  Inhyok Cha

IPC: H04L9/00 ,  H04L29/06

CPC classification number: H04L63/0428 ,  H04L63/061 ,  H04W12/02 ,  H04W12/04 ,  H04W88/02

Abstract: A method and apparatus for securing the interface between a Universal Integrated Circuit Card (UICC) and a Terminal in wireless communications is disclosed. The security of Authentication and Key Agreement (AKA) and application level generic bootstrapping architecture (GBA) with UICC-based enhancements (GBA_U) procedures is improved. A secure shared session key is used to encrypt communications between the UICC and the Terminal. The secure shared session key generated using authenticating or non-authenticating procedures.

Abstract translation: 公开了一种在无线通信中用于固定通用集成电路卡（UICC）和终端之间的接口的方法和装置。 基于UICC的增强（GBA_U）程序的身份验证和密钥协商（AKA）和应用级通用引导体系结构（GBA）的安全性得到了改进。 安全的共享会话密钥用于加密UICC和终端之间的通信。 使用验证或非验证过程产生的安全共享会话密钥。

公开(公告)号：US20090307487A1

公开(公告)日：2009-12-10

申请号：US12297966

申请日：2007-04-23

Applicant: Sasidhar Movva ,  Richard D. Herschaft ,  Renuka Racha ,  Inhyok Cha

Inventor： Sasidhar Movva ,  Richard D. Herschaft ,  Renuka Racha ,  Inhyok Cha

IPC: H04L9/00

CPC classification number: G06F21/57

Abstract: The present application discloses a method and apparatus for using trusted platform modules (TPM) for integrity measurements of multiple subsystems. The state of the platform configuration registers (PCR) after boot up are stored as the base state of the system. Base state in this context is defined as the state of the system when the startup of the system is complete and can only be changed when new software is loaded at the kernel level. This state itself can be reported to challengers who are interested in verifying the integrity of the operating system. Also disclosed is a method where the application that is to be verified, requests that its state be extended from the base state of the system. When such a request is received, the state of the system is extended directly from the base state PCR contents and not from the system state.

Abstract translation: 本申请公开了一种使用可信平台模块（TPM）进行多个子系统的完整性测量的方法和装置。 启动后的平台配置寄存器（PCR）的状态作为系统的基本状态存储。 在此上下文中的基本状态被定义为系统启动完成时系统的状态，只有在内核级别加载新软件时才能更改该状态。 该状态本身可以向有兴趣验证操作系统完整性的挑战者报告。 还公开了一种方法，其中待验证的应用程序请求其状态从系统的基本状态扩展。 当接收到这样的请求时，系统的状态直接从基本状态PCR内容扩展，而不是从系统状态扩展。

公开(公告)号：US07366464B2

公开(公告)日：2008-04-29

申请号：US11144113

申请日：2005-06-03

Applicant: Ana Lucia Iacono ,  Arty Chandra ,  Daniel P. Steinbach ,  Inhyok Cha ,  James C. Otto ,  Kevin P. Johnson ,  Stanley Gutowski ,  Kai Liu ,  Angelo Cuffaro ,  Janet Stern-Berkowitz

Inventor： Ana Lucia Iacono ,  Arty Chandra ,  Daniel P. Steinbach ,  Inhyok Cha ,  James C. Otto ,  Kevin P. Johnson ,  Stanley Gutowski ,  Kai Liu ,  Angelo Cuffaro ,  Janet Stern-Berkowitz

IPC: H04B7/14

CPC classification number: H04W16/24 ,  H04B7/0695 ,  H04B7/088

Abstract: An access point operates in an 802.11 wireless communication network communicating with a client station, and includes a smart antenna for generating directional antenna beams and an omni-directional antenna beam. An antenna steering algorithm scans the directional antenna beams and the omni-directional antenna beam for receiving signals from the client station. The signals received via each scanned antenna beam are measured, and one of the antenna beams is selected based upon the measuring for communicating with the client station. The selected antenna beam is preferably a directional antenna beam. Once the directional antenna beam has been selected, there are several usage rules for exchanging data with the client station. The usage rules are directed to an active state of the access point, which includes a data transmission mode and a data reception mode.

Abstract translation: 接入点在与客户站通信的802.11无线通信网络中操作，并且包括用于生成定向天线波束的智能天线和全向天线波束。 天线导向算法扫描定向天线波束和全向天线波束，用于从客户端接收信号。 测量经由每个扫描天线波束接收到的信号，并且基于与客户站进行通信的测量来选择天线波束之一。 所选择的天线波束优选地是定向天线波束。 一旦选择了定向天线波束，就有几种与客户端交换数据的使用规则。 使用规则被引导到接入点的活动状态，其包括数据传输模式和数据接收模式。