-
公开(公告)号:US20100011214A1
公开(公告)日:2010-01-14
申请号:US12389088
申请日:2009-02-19
IPC分类号: H04L9/00
CPC分类号: G06F21/81 , G06F21/725 , H04L63/123 , H04L2463/101 , H04L2463/121 , H04W12/10
摘要: A method and apparatus to establish a trustworthy local time based on trusted computing methods are described. The concepts are scaling because they may be graded by the frequency and accuracy with which a reliable external time source is available for correction and/or reset, and how trustworthy this external source is in a commercial scenario. The techniques also take into account that the number of different paths and number of hops between the device and the trusted external time source may vary. A local clock related value which is protected by a TPM securely bound to an external clock. A system of Accuracy Statements (AS) is added to introduce time references to the audit data provided by other maybe cheaper sources than the time source providing the initial time.
摘要翻译: 描述了基于可信计算方法建立可靠的本地时间的方法和装置。 概念是缩放,因为它们可以通过可靠的外部时间源可用于校正和/或重置的频率和准确度进行分级,并且在商业场景中该外部源是如何可信赖的。 这些技术还考虑到设备与受信任的外部时间源之间的不同路径和跳数的数量可能会有所不同。 由TPM保护的本地时钟相关值安全地绑定到外部时钟。 添加准确性声明(AS)的系统来引入时间参考,以提供其他可能比提供初始时间的时间源更便宜的源提供的审计数据。
-
公开(公告)号:US08499161B2
公开(公告)日:2013-07-30
申请号:US12389088
申请日:2009-02-19
IPC分类号: H04L29/06
CPC分类号: G06F21/81 , G06F21/725 , H04L63/123 , H04L2463/101 , H04L2463/121 , H04W12/10
摘要: A method and apparatus to establish a trustworthy local time based on trusted computing methods are described. The concepts are scaling because they may be graded by the frequency and accuracy with which a reliable external time source is available for correction and/or reset, and how trustworthy this external source is in a commercial scenario. The techniques also take into account that the number of different paths and number of hops between the device and the trusted external time source may vary. A local clock related value which is protected by a TPM securely bound to an external clock. A system of Accuracy Statements (AS) is added to introduce time references to the audit data provided by other maybe cheaper sources than the time source providing the initial time.
摘要翻译: 描述了基于可信计算方法建立可靠的本地时间的方法和装置。 概念是缩放,因为它们可以通过可靠的外部时间源可用于校正和/或重置的频率和准确度进行分级,并且在商业场景中该外部源是如何可信赖的。 这些技术还考虑到设备与受信任的外部时间源之间的不同路径和跳数的数量可能会有所不同。 由TPM保护的本地时钟相关值安全地绑定到外部时钟。 添加准确性声明(AS)的系统来引入时间参考,以提供其他可能比提供初始时间的时间源更便宜的源提供的审计数据。
-
公开(公告)号:US20120246481A1
公开(公告)日:2012-09-27
申请号:US13487748
申请日:2012-06-04
申请人: Louis J. Guccione , Andreas U. Schmidt , Nicolai Kuntze , Michael Kasper , Yogendra C. Shah , Inhyok Cha
发明人: Louis J. Guccione , Andreas U. Schmidt , Nicolai Kuntze , Michael Kasper , Yogendra C. Shah , Inhyok Cha
IPC分类号: H04L9/32
CPC分类号: H04L9/321 , H04L63/0853 , H04W8/265 , H04W12/06
摘要: A mobile trusted platform (MTP) configured to provide virtual subscriber identify module (vSIM) services is disclosed. In one embodiment, the MTP includes: a device manufacturer-trusted subsystem (TSS-DM) configured to store and provide credentials related to a manufacturer of the MTP; a mobile network operator—trusted subsystem (MNO-TSS) configured to store and provide credentials related to a mobile network operator (MNO); and a device user/owner—trusted subsystem (TSS-DO/TSS-U) configured to store and provide credentials related to user of the MTP. The TSS-MNO includes a vSIM core services unit, configured to store, provide and process credential information relating to the MNO. The TSS-DO/TSS-U includes a vSIM management unit, configured to store, provide and process credential information relating to the user/owner of the MTP. The TSS-DO/TSS-U and the TSS-MNO communicate through a trusted vSIM service.
摘要翻译: 公开了一种被配置为提供虚拟用户识别模块(vSIM)服务的移动信任平台(MTP)。 在一个实施例中,MTP包括:被配置为存储和提供与MTP的制造商有关的凭证的设备制造商信任子系统(TSS-DM); 被配置为存储和提供与移动网络运营商(MNO)相关的凭证的移动网络运营商信任子系统(MNO-TSS); 以及被配置为存储和提供与MTP的用户相关的凭证的设备用户/所有者信任的子系统(TSS-DO / TSS-U)。 TSS-MNO包括一个vSIM核心服务单元,用于存储,提供和处理与MNO有关的凭证信息。 TSS-DO / TSS-U包括一个vSIM管理单元,用于存储,提供和处理与MTP的用户/所有者有关的凭证信息。 TSS-DO / TSS-U和TSS-MNO通过可信的vSIM服务进行通信。
-
4.发明申请公开(公告)号:US20110041003A1
公开(公告)日:2011-02-17
申请号:US12718572
申请日:2010-03-05
申请人: Sudhir B. Pattar , Inhyok Cha , Andreas U. Schmidt , Andreas Leicher , Yogendra C. Shah , Dolores F. Howry , David G. Greiner , Lawrence L. Case , Michael V. Meyerstein , Louis J. Guccione
发明人: Sudhir B. Pattar , Inhyok Cha , Andreas U. Schmidt , Andreas Leicher , Yogendra C. Shah , Dolores F. Howry , David G. Greiner , Lawrence L. Case , Michael V. Meyerstein , Louis J. Guccione
CPC分类号: H04L41/0869 , H04L41/0654 , H04L41/0681 , H04L63/123 , H04L63/166 , H04W12/10 , H04W84/045
摘要: An apparatus and method for providing home evolved node-B (H(e)NB) integrity verification and validation using autonomous validation and semi-autonomous validation is disclosed herein.
摘要翻译: 本文公开了一种使用自主验证和半自主验证来提供家庭演进节点B(H(e)NB)完整性验证和验证的装置和方法。
-
公开(公告)号:US20100125732A1
公开(公告)日:2010-05-20
申请号:US12563392
申请日:2009-09-21
申请人: Inhyok Cha , Yogendra C. Shah , Andreas U. Schmidt
发明人: Inhyok Cha , Yogendra C. Shah , Andreas U. Schmidt
CPC分类号: H04W12/06 , H04L63/107 , H04L63/162 , H04L63/205 , H04W88/08
摘要: A Home Node B or Home evolved Node B (HN(e)B) apparatus and methods are disclosed. The HN(e)B includes a Trusted Environment (TrE) and interfaces including unprotected interfaces, cryptographically protected interfaces, and hardware protected interfaces. The H(e)NB includes security/authentication protocols for communication between the H(e)NB and external network elements, including a Security Gateway (SGW).
摘要翻译: 家庭节点B或家庭演进节点B(HN(e)B)设备和方法被公开。 HN(e)B包括可信环境(TrE)和包括未受保护的接口,密码保护接口和硬件保护接口的接口。 H(e)NB包括用于H(e)NB与外部网络元件之间的通信的安全/认证协议,包括安全网关(SGW)。
-
公开(公告)号:US09807608B2
公开(公告)日:2017-10-31
申请号:US12763827
申请日:2010-04-20
摘要: Methods and instrumentalities are disclosed that enable one or more domains on one or more devices to be owned or controlled by one or more different local or remote owners, while providing a level of system-wide management of those domains. Each domain may have a different owner, and each owner may specify policies for operation of its domain and for operation of its domain in relation to the platform on which the domain resides, and other domains. A system-wide domain manager may be resident on one of the domains. The system-wide domain manager may enforce the policies of the domain on which it is resident, and it may coordinate the enforcement of the other domains by their respective policies in relation to the domain in which the system-wide domain manager resides. Additionally, the system-wide domain manager may coordinate interaction among the other domains in accordance with their respective policies.
-
公开(公告)号:US08812836B2
公开(公告)日:2014-08-19
申请号:US12718853
申请日:2010-03-05
CPC分类号: H04W12/06 , H04L63/0428 , H04L63/0869 , H04W4/70 , H04W8/265 , H04W12/04 , H04W88/18
摘要: A method and apparatus are disclosed for performing secure remote subscription management. Secure remote subscription management may include providing the Wireless Transmit/Receive Unit (WTRU) with a connectivity identifier, such as a Provisional Connectivity Identifier (PCID), which may be used to establish an initial network connection to an Initial Connectivity Operator (ICO) for initial secure remote registration, provisioning, and activation. A connection to the ICO may be used to remotely provision the WTRU with credentials associated with the Selected Home Operator (SHO). A credential, such as a cryptographic keyset, which may be included in the Trusted Physical Unit (TPU), may be allocated to the SHO and may be activated. The WTRU may establish a network connection to the SHO and may receive services using the remotely managed credentials. Secure remote subscription management may be repeated to associate the WTRU with another SHO.
摘要翻译: 公开了用于执行安全远程订阅管理的方法和装置。 安全远程订阅管理可以包括为无线发射/接收单元(WTRU)提供诸如临时连接标识符(PCID)的连接标识符,其可以用于建立到初始连接性运营商(ICO)的初始网络连接,用于 初始安全远程注册,配置和激活。 可以使用到ICO的连接来远程地提供与选择家庭运营商(SHO)相关联的凭证的WTRU。 可以包括在可信物理单元(TPU)中的诸如加密密钥集的证书可以被分配给SHO并且可以被激活。 WTRU可以建立到SHO的网络连接,并且可以使用远程管理的凭证来接收服务。 可以重复安全的远程订阅管理以将WTRU与另一个SHO相关联。
-
公开(公告)号:US20110010543A1
公开(公告)日:2011-01-13
申请号:US12718480
申请日:2010-03-05
申请人: Andreas U. Schmidt , Andreas Leicher , Inhyok Cha , Yogendra C. Shah , Sudhir B. Pattar , Dolores F. Howry , David G. Greiner , Lawrence Case , Michael V. Meyerstein , Louis J. Guccione
发明人: Andreas U. Schmidt , Andreas Leicher , Inhyok Cha , Yogendra C. Shah , Sudhir B. Pattar , Dolores F. Howry , David G. Greiner , Lawrence Case , Michael V. Meyerstein , Louis J. Guccione
IPC分类号: H04L9/32
CPC分类号: H04W12/10 , G06F21/44 , G06F21/57 , H04L63/123 , H04W12/0023 , H04W12/00502 , H04W12/00512 , H04W12/06 , H04W12/08
摘要: Methods, components and apparatus for implementing platform validation and management (PVM) are disclosed. PVM provides the functionality and operations of a platform validation entity with remote management of devices by device management components and systems such as a home node-B management system or component. Example PVM operations bring devices into a secure target state before allowing connectivity and access to a core network.
摘要翻译: 公开了实现平台验证和管理(PVM)的方法,组件和设备。 PVM通过设备管理组件和系统(如家庭节点B管理系统或组件)提供对设备进行远程管理的平台验证实体的功能和操作。 示例PVM操作在允许连接和访问核心网络之前将设备置于安全目标状态。
-
9.发明授权公开(公告)号:US09253643B2
公开(公告)日:2016-02-02
申请号:US12718572
申请日:2010-03-05
申请人: Sudhir B. Pattar , Inhyok Cha , Andreas U. Schmidt , Andreas Leicher , Yogendra C. Shah , Dolores F. Howry , David G. Greiner , Lawrence L. Case , Michael V. Meyerstein , Louis J. Guccione
发明人: Sudhir B. Pattar , Inhyok Cha , Andreas U. Schmidt , Andreas Leicher , Yogendra C. Shah , Dolores F. Howry , David G. Greiner , Lawrence L. Case , Michael V. Meyerstein , Louis J. Guccione
CPC分类号: H04L41/0869 , H04L41/0654 , H04L41/0681 , H04L63/123 , H04L63/166 , H04W12/10 , H04W84/045
摘要: An apparatus and method for providing home evolved node-B (H(e)NB) integrity verification and validation using autonomous validation and semi-autonomous validation is disclosed herein.
摘要翻译: 本文公开了一种使用自主验证和半自主验证来提供家庭演进节点B(H(e)NB)完整性验证和验证的装置和方法。
-
公开(公告)号:US08788832B2
公开(公告)日:2014-07-22
申请号:US13487748
申请日:2012-06-04
申请人: Louis J. Guccione , Andreas U. Schmidt , Nicolai Kuntze , Michael Kasper , Yogendra C. Shah , Inhyok Cha
发明人: Louis J. Guccione , Andreas U. Schmidt , Nicolai Kuntze , Michael Kasper , Yogendra C. Shah , Inhyok Cha
IPC分类号: H04L9/32
CPC分类号: H04L9/321 , H04L63/0853 , H04W8/265 , H04W12/06
摘要: A mobile trusted platform (MTP) configured to provide virtual subscriber identify module (vSIM) services is disclosed. In one embodiment, the MTP includes: a device manufacturer-trusted subsystem (TSS-DM) configured to store and provide credentials related to a manufacturer of the MTP; a mobile network operator-trusted subsystem (MNO-TSS) configured to store and provide credentials related to a mobile network operator (MNO); and a device user/owner-trusted subsystem (TSS-DO/TSS-U) configured to store and provide credentials related to user of the MTP. The TSS-MNO includes a vSIM core services unit, configured to store, provide and process credential information relating to the MNO. The TSS-DO/TSS-U includes a vSIM management unit, configured to store, provide and process credential information relating to the user/owner of the MTP. The TSS-DO/TSS-U and the TSS-MNO communicate through a trusted vSIM service.
摘要翻译: 公开了一种被配置为提供虚拟用户识别模块(vSIM)服务的移动信任平台(MTP)。 在一个实施例中,MTP包括:被配置为存储和提供与MTP的制造商有关的凭证的设备制造商信任子系统(TSS-DM); 被配置为存储和提供与移动网络运营商(MNO)相关的凭证的移动网络运营商信任子系统(MNO-TSS); 以及被配置为存储和提供与MTP的用户相关的凭证的设备用户/所有者信任的子系统(TSS-DO / TSS-U)。 TSS-MNO包括一个vSIM核心服务单元,用于存储,提供和处理与MNO有关的凭证信息。 TSS-DO / TSS-U包括一个vSIM管理单元,用于存储,提供和处理与MTP的用户/所有者有关的凭证信息。 TSS-DO / TSS-U和TSS-MNO通过可信的vSIM服务进行通信。
-
-
-
-
-
-
-
-
-
搜索结果
25 条记录 (耗时 0.026 秒)