利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

123 条记录 (耗时 0.039 秒)

    Validation and/or authentication of a device for communication with network
    25.
    发明授权
    Validation and/or authentication of a device for communication with network 有权
    用于与网络通信的设备的验证和/或认证

    公开(公告)号:US08701205B2

    公开(公告)日:2014-04-15

    申请号:US12760690

    申请日:2010-04-15

    申请人: Yogendra C. Shah Inhyok Cha Andreas Schmidt Andreas Leicher Joseph Gredone Samian Kaur

    发明人: Yogendra C. Shah Inhyok Cha Andreas Schmidt Andreas Leicher Joseph Gredone Samian Kaur

    IPC分类号: G06F21/02 G06F7/04 H04L9/00

    CPC分类号: H04W12/10 H04L63/123

    摘要: A device may include a trusted component. The trusted component may be verified by a trusted third party and may have a certificate of verification stored therein based on the verification by the trusted third party. The trusted component may include a root of trust that may provide secure code and data storage and secure application execution. The root of trust may also be configured to verify an integrity of the trusted component via a secure boot and to prevent access to the certain information in the device if the integrity of the trusted component may not be verified.

    摘要翻译: 设备可以包括可信组件。 受信任的组件可以由受信任的第三方验证,并且可以基于可信赖的第三方的验证来存储其中的验证证书。 受信任的组件可以包括可以提供安全代码和数据存储以及安全应用执行的信任根。 还可以配置信任根以通过安全引导来验证可信组件的完整性,并且如果可信组件的完整性可能未被验证,则阻止访问设备中的某些信息。

    Method And Apparatus For Trusted Federated Identity
    27.
    发明申请
    Method And Apparatus For Trusted Federated Identity 有权
    用于可信联合身份的方法和装置

    公开(公告)号:US20120072979A1

    公开(公告)日:2012-03-22

    申请号:US13023985

    申请日:2011-02-09

    申请人: Inhyok Cha Andreas Schmidt Andreas Leicher Yogendra C. Shah Louis J. Guccione Dolores F. Howry

    发明人: Inhyok Cha Andreas Schmidt Andreas Leicher Yogendra C. Shah Louis J. Guccione Dolores F. Howry

    IPC分类号: H04L9/32 G06F21/00

    CPC分类号: H04L63/0815 G06F21/34 G06F21/35 G06F2221/2115 H04L63/0853 H04W12/06

    摘要: A trusted computing environment, such as a smartcard, UICC, Java card, global platform, or the like may be used as a local host trust center and a proxy for a single-sign on (SSO) provider. This may be referred to as a local SSO provider (OP). This may be done, for example, to keep authentication traffic local and to prevent over the air communications, which may burden an operator network. To establish the OP proxy in the trusted environment, the trusted environment may bind to the SSO provider in a number of ways. For example, the SSO provider may interoperate with UICC-based UE authentication or GBA. In this way, user equipment may leverage the trusted environment in order to provide increased security and reduce over the air communications and authentication burden on the OP or operator network.

    摘要翻译: 可以使用诸如智能卡,UICC,Java卡,全球平台等的可信计算环境作为本地主机信任中心和用于单点登录(SSO)提供商的代理。 这可以被称为本地SSO提供商(OP)。 这可以被实现,例如,保持认证流量本地并且防止空中通信,这可能会对运营商网络造成负担。 要在受信任的环境中建立OP代理,可信环境可以通过多种方式绑定到SSO提供者。 例如,SSO提供商可以与基于UICC的UE认证或GBA进行互操作。 以这种方式,用户设备可以利用可信环境来提供增加的安全性并减少OP或运营商网络上的空中通信和认证负担。

    Authentication and secure channel setup for communication handoff scenarios
    28.
    发明授权
    Authentication and secure channel setup for communication handoff scenarios 有权
    通信切换场景的认证和安全通道设置

    公开(公告)号:US09009801B2

    公开(公告)日:2015-04-14

    申请号:US13341670

    申请日:2011-12-30

    申请人: Yogendra C. Shah Inhyok Cha Andreas Schmidt Louis J. Guccione Lawrence Case Andreas Leicher Yousif Targali

    发明人: Yogendra C. Shah Inhyok Cha Andreas Schmidt Louis J. Guccione Lawrence Case Andreas Leicher Yousif Targali

    IPC分类号: G06F21/00 H04L29/06 H04W36/00 H04W12/06

    CPC分类号: H04L63/08 H04L63/0209 H04L63/0815 H04L63/0892 H04L63/10 H04L63/18 H04W12/04 H04W12/06 H04W12/08 H04W36/0038

    摘要: Persistent communication layer credentials generated on a persistent communication layer at one network may be leveraged to perform authentication on another. For example, the persistent communication layer credentials may include application-layer credentials derived on an application layer. The application-layer credentials may be used to establish authentication credentials for authenticating a mobile device for access to services at a network server. The authentication credentials may be derived from the application-layer credentials of another network to enable a seamless handoff from one network to another. The authentication credentials may be derived from the application-layer credentials using reverse bootstrapping or other key derivation functions. The mobile device and/or network entity to which the mobile device is being authenticated may enable communication of authentication information between the communication layers to enable authentication of a device using multiple communication layers.

    摘要翻译: 可以利用在一个网络上的持久通信层上生成的持久通信层凭证来执行对另一个网络的认证。 例如,持久通信层凭证可以包括在应用层上导出的应用层凭证。 应用层凭证可以用于建立认证凭证,用于认证移动设备以访问网络服务器处的服务。 认证证书可以从另一网络的应用层凭证导出,以实现从一个网络到另一个网络的无缝切换。 认证证书可以使用反向引导或其他密钥导出功能从应用层凭证中导出。 移动设备和/或网络实体对移动设备进行身份验证可以实现通信层之间的认证信息的通信,从而能够使用多个通信层对设备进行认证。

    MIGRATION OF CREDENTIALS AND/OR DOMAINS BETWEEN TRUSTED HARDWARE SUBSCRIPTION MODULES
    29.
    发明申请
    MIGRATION OF CREDENTIALS AND/OR DOMAINS BETWEEN TRUSTED HARDWARE SUBSCRIPTION MODULES 有权
    信用硬件认购模块之间的凭证和/或域名的移动

    公开(公告)号:US20130212637A1

    公开(公告)日:2013-08-15

    申请号:US13581752

    申请日:2011-03-02

    申请人: Louis Guccione Inhyok Cha Andreas Schmidt Andreas Leicher

    发明人: Louis Guccione Inhyok Cha Andreas Schmidt Andreas Leicher

    IPC分类号: H04L29/06

    CPC分类号: H04L63/20 H04L63/102 H04W8/205 H04W12/08

    摘要: Systems, methods, and instrumentalities are disclosed that allow a user to initiate migration of a credential from one domain to another domain. A request to initiate a migration of credentials from a first domain to a second domain may be initiated by a user (1a.). A remote owner may receive a message indicating that the migration has been requested. The message received by the remote owner may be an indication that the source and destination devices have performed internal checks and determined that a migration could proceed. The remote owner may evaluate source information received from the source device and destination information received from the destination device (6), (6a.), (6b.). Based on the evaluation of the source information and the destination information, the remote owner may determine that the migration is acceptable. The remote owner may send an indication to proceed with the migration (7), (7a.)

    摘要翻译: 公开了允许用户启动将证书从一个域迁移到另一个域的系统,方法和工具。 可以由用户(1a。)发起将凭证从第一域迁移到第二域的请求。 远程所有者可能会收到指示已请求迁移的消息。 远程所有者收到的消息可能表示源设备和目标设备已执行内部检查,并确定迁移可以进行。 远程所有者可以评估从源设备接收的源信息和从目的地设备(6),(6a。),(6b。)接收的目的地信息。 基于源信息和目的地信息的评估,远程所有者可以确定迁移是可接受的。 远程所有者可以发送进行迁移的指示(7),(7a。)

    SSO FRAMEWORK FOR MULTIPLE SSO TECHNOLOGIES
    30.
    发明申请
    SSO FRAMEWORK FOR MULTIPLE SSO TECHNOLOGIES 审中-公开
    SSO技术的SSO框架

    公开(公告)号:US20130125226A1

    公开(公告)日:2013-05-16

    申请号:US13458422

    申请日:2012-04-27

    申请人: Yogendra C. Shah Andreas Schmidt Inhyok Cha Louis J. Guccione Andreas Leicher

    发明人: Yogendra C. Shah Andreas Schmidt Inhyok Cha Louis J. Guccione Andreas Leicher

    IPC分类号: H04W12/06

    摘要: Users desire useable security or a seamless means for accessing internet services whereby user interaction in the provisioning of credentials may be kept to a minimum or even eliminated entirely. The Single Sign-On (SSO) identity management (IdM) concept may be a means by which a user may be provided with such ease of use, while enabling user-assisted and network-assisted authentication for access to desired services. To enable seamless authentication services to users, a unified framework and a protocol layer interface for managing multiple authentication methods may be used.

    摘要翻译: 用户希望可用的安全性或用于访问互联网服务的无缝手段,从而可以将凭证提供中的用户交互保持最小或甚至完全消除。 单点登录(SSO)身份管理(IdM)概念可以是为用户提供这种易用性的手段,同时允许用户辅助和网络辅助认证来访问期望的服务。 为了实现对用户的无缝认证服务,可以使用用于管理多种认证方法的统一框架和协议层接口。