公开(公告)号：US10079836B2

公开(公告)日：2018-09-18

申请号：US15018796

申请日：2016-02-08

Applicant: Broadcom Corporation

Inventor： Philippe Klein ,  Jacob Mendel ,  Shlomo Markel

IPC: G06F7/04 ,  H04L29/06 ,  H04W12/06 ,  H04L29/08

CPC classification number: H04L63/105 ,  H04L63/08 ,  H04L63/107 ,  H04L67/34 ,  H04L2463/082 ,  H04W12/00503 ,  H04W12/00505 ,  H04W12/06

Abstract: A secured communication network can include a server including an authentication backend, the authentication backend configured to communicate with an authentication front end of a communication device. A server applet can be associated with the authentication backend. The server applet can authenticate an access right associated with the communication device and establish a security level for the communication with the communication device based on information received from the authentication front end.

公开(公告)号：US09069946B2

公开(公告)日：2015-06-30

申请号：US13865044

申请日：2013-04-17

Applicant: Broadcom Corporation

Inventor： Shlomo Markel ,  Jacob Mendel

IPC: G06F7/04 ,  G06F12/00 ,  G06F12/14 ,  G06F13/00 ,  G06F17/30 ,  G11C7/00 ,  G06F21/44

CPC classification number: G06F21/44

Abstract: Methods and systems for authentication of a device are disclosed. An exemplary method includes transmitting an energy towards the device including a material, monitoring a response of the device to the transmitted energy, generating a signature of the device based on the response of the device to the transmitted energy, comparing the device signature to an enrolled signature for the device, and indicating that authentication of the device is successful when the generated signature matches the enrolled signature. An exemplary system includes a transmitter configured to transmit an energy towards the device, a receiver configured to monitor a response of the device, and a processor configured to generate a signature of the device based on the response of the device, compare the device signature to an enrolled signature for the device, and indicate that authentication of the device is successful when the generated signature matches the enrolled signature.

Abstract translation: 公开了用于设备认证的方法和系统。 一种示例性方法包括向装置发射能量，包括材料，监测装置对所发送的能量的响应，基于装置对所发射的能量的响应，生成装置的签名，将装置签名与登记的 签名，并且当生成的签名与注册的签名匹配时，指示设备的认证成功。 示例性系统包括：发射机，被配置为向设备发送能量;接收机，被配置为监视设备的响应;以及处理器，被配置为基于设备的响应来生成设备的签名，将设备签名与 该设备的登记签名，并且当生成的签名与登记的签名匹配时，指示设备的认证成功。

公开(公告)号：US20140077928A1

公开(公告)日：2014-03-20

申请号：US13727385

申请日：2012-12-26

Applicant: BROADCOM CORPORATION

Inventor： Shlomo Markel ,  Jacob Mendel

IPC: G05B1/00

CPC classification number: G05B1/00 ,  B65D2101/00 ,  G06F21/64 ,  G06F21/86 ,  G06F21/87 ,  G09F3/0292 ,  G09F3/03 ,  G09F3/0329 ,  G09F3/0335 ,  G09F3/0376

Abstract: A system for detecting tampering in a product having a tamper-detector seal, including a secure element configured to store a digital signature and a data associated with the digital signature, transmit the digital signature and the data associated with the digital signature in response to a request, detect tampering of the tamper-detector seal, and modify the data associated with the digital signature if tampering is detected. The system further includes a seal validation device configured to receive a public key associated with the product, request the digital signature and the data associated with the digital signature from the secure element, and validate the digital signature utilizing the data associated with the digital signature and the public key associated with the product.

Abstract translation: 一种用于检测具有篡改检测器密封件的产品中的篡改的系统，包括被配置为存储数字签名和与数字签名相关联的数据的安全元件，响应于该数字签名和与数字签名相关联的数据， 请求，检测篡改检测器密封的篡改，并且如果检测到篡改，则修改与数字签名相关联的数据。 所述系统还包括密封验证装置，其被配置为接收与所述产品相关联的公开密钥，从所述安全元件请求所述数字签名和与所述数字签名相关联的数据，以及使用与所述数字签名相关联的数据来验证所述数字签名;以及 与产品相关的公钥。

公开(公告)号：US09258287B2

公开(公告)日：2016-02-09

申请号：US13723036

申请日：2012-12-20

Applicant: Broadcom Corporation

Inventor： Shlomo Markel ,  Jacob Mendel

IPC: G06F7/04 ,  H04L29/06 ,  H04W12/12

CPC classification number: H04L63/08 ,  H04L29/06 ,  H04L63/1425 ,  H04W12/12

Abstract: A secure active network includes a plurality of secure elements which communicate with one another to share and log information such as identification, location, and user activity associated with each secure element. Secure elements exchange data with one another, and log data received. The periodicity of communication between secure elements, encryption of the information, and the operating frequency in which the information is transmitted and received may be changed if communication is lost between any of the secure elements or if a determination is made that a secure element has traveled outside a predetermined zone. The integrity of the secure network may be verified at any time by comparing the logged information to a reference network.

Abstract translation: 安全主动网络包括多个彼此通信的安全元件，以共享和记录诸如与每个安全元件相关联的标识，位置和用户活动的信息。 安全元素相互交换数据，并记录收到的数据。 如果任何安全元件之间的通信丢失或者如果确定安全元件已经行进，则可以改变安全元件之间的通信的周期性，信息的加密以及发送和接收信息的操作频率 在预定区域外。 可以随时通过将记录的信息与参考网络进行比较来验证安全网络的完整性。

公开(公告)号：US20140082713A1

公开(公告)日：2014-03-20

申请号：US13730267

申请日：2012-12-28

Applicant: BROADCOM CORPORATION

Inventor： Shlomo Markel ,  Jacob Mendel

IPC: H04L29/06

CPC classification number: H04L63/12 ,  H04L63/08 ,  H04L63/105

Abstract: Systems and methods are provided for enhancing security by providing additional authentication factors. Prior to authentication, a user may enroll a device from which access to a service or application is authorized. During authentication, the authentication system may retrieve the location of the enrolled device and generate one or more questions that only a user in that location can answer. The user may additionally or alternatively enroll a movement signature with an authentication server as an authentication factor. The user may set a pattern for device movement. During authentication, the user moves the device in the pattern. The device then transmits the movement signature for authentication.

Abstract translation: 提供了系统和方法，通过提供额外的认证因素来增强安全性。 在认证之前，用户可以注册从其授权访问服务或应用的设备。 在认证期间，认证系统可以检索注册的设备的位置并产生一个或多个问题，只有该位置的用户可以应答。 用户可以附加地或替代地将认证服务器的移动签名注册为认证因素。 用户可以设置设备移动的模式。 在认证期间，用户以图案移动设备。 然后，设备发送用于认证的移动签名。

公开(公告)号：US20160156637A1

公开(公告)日：2016-06-02

申请号：US15018796

申请日：2016-02-08

Applicant: Broadcom Corporation

Inventor： Philippe Klein ,  Jacob Mendel ,  Shlomo Markel

IPC: H04L29/06

CPC classification number: H04L63/105 ,  H04L63/08 ,  H04L63/107 ,  H04L67/34 ,  H04L2463/082 ,  H04W12/06

Abstract: A secured communication network can include a server including an authentication backend, the authentication backend configured to communicate with an authentication front end of a communication device. A server applet can be associated with the authentication backend. The server applet can authenticate an access right associated with the communication device and establish a security level for the communication with the communication device based on information received from the authentication front end.

Abstract translation: 安全通信网络可以包括包括认证后端的服务器，认证后端被配置为与通信设备的认证前端进行通信。 服务器小程序可以与身份验证后端相关联。 服务器小应用程序可以认证与通信设备相关联的访问权限，并且基于从认证前端接收的信息来建立与通信设备的通信的安全级别。

公开(公告)号：US09282086B2

公开(公告)日：2016-03-08

申请号：US13904426

申请日：2013-05-29

Applicant: Broadcom Corporation

Inventor： Philippe Klein ,  Jacob Mendel ,  Shlomo Markel

IPC: G06F7/04 ,  H04L29/06 ,  H04W12/06 ,  H04L29/08

CPC classification number: H04L63/105 ,  H04L63/08 ,  H04L63/107 ,  H04L67/34 ,  H04L2463/082 ,  H04W12/06

Abstract: A secured communication network can include a server including an authentication backend, the authentication backend configured to communicate with an authentication front end of a communication device. A server applet can be associated with the authentication backend. The server applet can authenticate an access right associated with the communication device and establish a security level for the communication with the communication device based on information received from the authentication front end.

Abstract translation: 安全通信网络可以包括包括认证后端的服务器，认证后端被配置为与通信设备的认证前端进行通信。 服务器小程序可以与身份验证后端相关联。 服务器小应用程序可以认证与通信设备相关联的访问权限，并且基于从认证前端接收的信息来建立与通信设备的通信的安全级别。

公开(公告)号：US20140325594A1

公开(公告)日：2014-10-30

申请号：US13904426

申请日：2013-05-29

Applicant: Broadcom Corporation

Inventor： Philippe Klein ,  Jacob Mendel ,  Shlomo Markel

IPC: H04L29/06 ,  H04W12/06

CPC classification number: H04L63/105 ,  H04L63/08 ,  H04L63/107 ,  H04L67/34 ,  H04L2463/082 ,  H04W12/06

Abstract: A secured communication network can include a server including an authentication backend, the authentication backend configured to communicate with an authentication front end of a communication device. A server applet can be associated with the authentication backend. The server applet can authenticate an access right associated with the communication device and establish a security level for the communication with the communication device based on information received from the authentication front end.

Abstract translation: 安全通信网络可以包括包括认证后端的服务器，认证后端被配置为与通信设备的认证前端进行通信。 服务器小程序可以与身份验证后端相关联。 服务器小应用程序可以认证与通信设备相关联的访问权限，并且基于从认证前端接收到的信息建立与通信设备的通信的安全级别。