公开(公告)号：US20110035592A1

公开(公告)日：2011-02-10

申请号：US12650728

申请日：2009-12-31

申请人： Inhyok Cha ,  Yogendra Shah ,  Andreas Schmidt

发明人： Inhyok Cha ,  Yogendra Shah ,  Andreas Schmidt

IPC分类号： H04L9/00

CPC分类号： H04W12/06 ,  H04L63/205 ,  H04W84/045

摘要： An authentication method selection using a home enhanced Node B (H(e)NB) profile is disclosed. A method for selecting an H(e)NB authentication method includes authenticating at least one of the device or the hosting party module by a security gateway (SeGW). The SeGW receives a request from the H(e)NB to start the authentication process. Based on information received from the H(e)NB and an authentication information server, the SeGW determines how to authenticate the H(e)NB. The possible authentication methods include device authentication only, device authentication and hosting party module authentication, requesting the H(e)NB to perform authentication using Extensible Authentication Protocol-Authentication and Key Agreement, or authentication of both the H(e)NB and one or more WTRUs connected to or attempting to connect to the H(e)NB.

摘要翻译： 公开了使用归属增强型节点B（H（e）NB）简档的认证方法选择。 用于选择H（e）NB认证方法的方法包括通过安全网关（SeGW）认证所述设备或所述主办方模块中的至少一个。 SeGW从H（e）NB接收请求以开始认证过程。 根据从H（e）NB和认证信息服务器接收的信息，SeGW确定如何认证H（e）NB。 可能的认证方法包括仅设备认证，设备认证和主机模块认证，请求H（e）NB使用可扩展认证协议 - 认证和密钥协商进行认证，或认证H（e）NB和一个或 更多的WTRU连接到或尝试连接到H（e）NB。

公开(公告)号：US20080089518A1

公开(公告)日：2008-04-17

申请号：US11871683

申请日：2007-10-12

申请人： Alexander Reznik ,  Alain Briancon ,  Yevgeniy Dodis ,  Yogendra Shah ,  Chunxuan Ye ,  Robert DiFazio ,  Inhyok Cha

发明人： Alexander Reznik ,  Alain Briancon ,  Yevgeniy Dodis ,  Yogendra Shah ,  Chunxuan Ye ,  Robert DiFazio ,  Inhyok Cha

IPC分类号： H04L9/20

CPC分类号： H04W12/04 ,  H04L9/065 ,  H04L9/0869 ,  H04L9/0875 ,  H04L63/0457 ,  H04L2209/08 ,  H04L2209/80 ,  H04W12/02

摘要： A secret stream of bits begins by receiving a public random stream contained in a wireless communication signal at a transmit/receive unit. The public random stream is sampled and specific bits are extracted according to a shared common secret. These extracted bits are used to create a longer secret stream. The shared common secret may be generated using JRNSO techniques, or provided to the transmit/receive units prior to the communication session. Alternatively, one of the transmit/receive unit is assumed to be more powerful than any potential eavesdropper. In this situation, the powerful transmit/receive unit may broadcast and store a public random stream. The weaker transmit/receive unit selects select random bits of the broadcast for creating a key. The weaker transmit/receive unit sends the powerful transmit/receive unit the selected bit numbers, and powerful transmit/receive unit uses the random numbers to produce the key created by the weaker transmit/receive unit.

摘要翻译： 秘密的比特流开始于在发送/接收单元处接收包含在无线通信信号中的公共随机流。 公共随机流被采样，并且根据共享的公共秘密提取特定位。 这些提取的比特用于创建更长的秘密流。 可以使用JRNSO技术生成共享公用秘密，或者在通信会话之前提供给发送/接收单元。 或者，假设发射/接收单元之一比任何潜在的窃听者更强大。 在这种情况下，强大的发送/接收单元可以广播和存储公共随机流。 较弱的发送/接收单元选择用于创建密钥的广播的选择随机比特。 较弱的发射/接收单元发送强大的发射/接收单元所选择的位号，强大的发射/接收单元使用随机数产生由较弱发射/接收单元产生的密钥。

公开(公告)号：US20080059804A1

公开(公告)日：2008-03-06

申请号：US11843517

申请日：2007-08-22

申请人： Yogendra Shah ,  Inhyok Cha ,  Alexander Reznik

发明人： Yogendra Shah ,  Inhyok Cha ,  Alexander Reznik

IPC分类号： H04L9/32 ,  G06F17/00 ,  G06F21/00

CPC分类号： H04L63/0442 ,  G06F21/41 ,  H04L63/0815 ,  H04L63/083 ,  H04L63/0884

摘要： A method and apparatus for password management and single sign-on (SSO) access based on trusted computing (TC) technology. The methods implement the Trusted Computing Group (TCG)'s trusted platform module (TPM), which interacts with both proxy SSO unit and web-accessing applications to provide a secure, trusted mechanism to generate, store, and retrieve passwords and SSO credentials. The various embodiments of the present invention allow a user to hop securely and transparently from one site to another that belong to a pre-identified group of sites, after signing on just once to a secured proxy residing at the user's device.

摘要翻译： 一种基于可信计算（TC）技术的密码管理和单点登录（SSO）访问的方法和装置。 该方法实施了可信计算组（TCG）的可信平台模块（TPM），该平台模块与代理SSO单元和Web访问应用程序进行交互，以提供安全可靠的机制来生成，存储和检索密码和SSO凭据。 本发明的各种实施例允许用户在仅驻留在用户设备上的安全代理器一次登录之后，从属于预先识别的站点组的一个站点到另一站点安全地和透明地跳转。

公开(公告)号：US20070266256A1

公开(公告)日：2007-11-15

申请号：US11745697

申请日：2007-05-08

申请人： Yogendra Shah ,  Inhyok Cha

发明人： Yogendra Shah ,  Inhyok Cha

IPC分类号： H04L9/00

CPC分类号： H04L9/3297 ,  G06F21/725 ,  H04L9/3234 ,  H04L63/0853 ,  H04L63/10 ,  H04L63/12 ,  H04L63/126 ,  H04L2463/101 ,  H04L2463/102 ,  H04W12/10 ,  H04W12/12

摘要： The present invention is related to a wireless transmit/receive unit (WTRU) for providing advanced security functions. The WTRU includes trusted platform module (TPM) for performing trusted computing operations; and a secure time component (STC) for providing a secure measurement of a current time. The STC and the TPM are integrated to provide accurate trusted time information to internal and external to the WTRU. The STC may be located on an expanded a subscriber identity module (SIM), on the WTRU platform, or two STCs may be used, one in each location. Similarly, the TPM may be located on an expanded SIM, on the WTRU platform, or two TPMs may be used, one in each location. Preferably, the STC will include a real time clock (RTC); a tamper detection and power failure unit; and a time report and sync controller.

摘要翻译： 本发明涉及用于提供高级安全功能的无线发射/接收单元（WTRU）。 WTRU包括用于执行可信计算操作的可信平台模块（TPM） 以及用于提供当前时间的安全测量的安全时间分量（STC）。 集成了STC和TPM，以向WTRU的内部和外部提供准确的可信时间信息。 STC可以位于WTRU平台上的扩展的订户身份模块（SIM）上，或者可以在每个位置中使用两个STC。 类似地，TPM可以位于WTRU平台上的扩展SIM上，或者可以在每个位置中使用两个TPM。 优选地，STC将包括实时时钟（RTC）; 篡改检测和电源故障单元; 和时间报告和同步控制器。

公开(公告)号：US20070036353A1

公开(公告)日：2007-02-15

申请号：US11444558

申请日：2006-05-31

申请人： Alexander Reznik ,  Debashish Purkayastha ,  Steven Goldberg ,  Robert Olesen ,  Marian Rudolf ,  Inhyok Cha ,  Alan Carlton ,  Yogendra Shah ,  Shamim Rahman ,  Rajat Mukherjee ,  Robert DiFazio ,  Gregory Sternberg ,  Leonid Kazakevich ,  Kazimierz Siwiak ,  Guodong Zhang ,  Tanbir Haque ,  Louis Guccione ,  Prabhakar Chitrapu ,  Akinlolu Kumoluyi ,  Alain Briancon

发明人： Alexander Reznik ,  Debashish Purkayastha ,  Steven Goldberg ,  Robert Olesen ,  Marian Rudolf ,  Inhyok Cha ,  Alan Carlton ,  Yogendra Shah ,  Shamim Rahman ,  Rajat Mukherjee ,  Robert DiFazio ,  Gregory Sternberg ,  Leonid Kazakevich ,  Kazimierz Siwiak ,  Guodong Zhang ,  Tanbir Haque ,  Louis Guccione ,  Prabhakar Chitrapu ,  Akinlolu Kumoluyi ,  Alain Briancon

IPC分类号： H04L9/30

CPC分类号： H04B7/0434 ,  H04B7/0695 ,  H04L9/0631 ,  H04L9/0656 ,  H04L9/0875 ,  H04L9/3271 ,  H04L63/0428 ,  H04L63/061 ,  H04L63/08 ,  H04L63/1441 ,  H04L63/1466 ,  H04L63/18 ,  H04L2209/34 ,  H04L2209/80 ,  H04W12/00503 ,  H04W12/00508 ,  H04W12/02 ,  H04W12/04 ,  H04W12/06 ,  H04W92/10

摘要： The present invention relates to secret key generation and authentication methods that are based on joint randomness not shared by others (JRNSO), in which unique channel response between two communication terminals generates a secret key. Multiple network access points use a unique physical location of a receiving station to increase user data security. High data rate communication data is encrypted by generating a random key and a pseudo-random bit stream. A configurable interleaving is achieved by introduction of JRNSO bits to an encoder used for error-correction codes. Databases of user data are also protected by JRNSO-based key mechanisms. Additional random qualities are induced on the joint channel using MIMO eigen-beamforming, antenna array deflection, polarization selection, pattern deformation, and path selection by beamforming or time correlation. Gesturing induces randomness according to uniquely random patterns of a human user's arm movements inflected to the user device.

摘要翻译： 本发明涉及基于其他人不共享的联合随机性（JRNSO）的秘密密钥生成和认证方法，其中两个通信终端之间的唯一信道响应产生密钥。 多个网络接入点使用接收站的唯一物理位置来增加用户数据的安全性。 通过生成随机密钥和伪随机比特流来加密高数据速率通信数据。 通过将JRNSO位引入用于纠错码的编码器来实现可配置的交错。 用户数据的数据库也受到基于JRNSO的关键机制的保护。 使用MIMO本征波束形成，天线阵列偏转，偏振选择，图案变形以及通过波束形成或时间相关的路径选择在联合信道上引起附加随机质量。 手势根据用户装置的人体手臂运动的唯一随机模式引起随机性。

公开(公告)号：US20120079559A1

公开(公告)日：2012-03-29

申请号：US13078716

申请日：2011-04-01

申请人： Alexander Reznik ,  Oscar Lopez-Torres ,  Inhyok Cha ,  Lawrence Case ,  Yogendra Shah

发明人： Alexander Reznik ,  Oscar Lopez-Torres ,  Inhyok Cha ,  Lawrence Case ,  Yogendra Shah

IPC分类号： G06F17/00

CPC分类号： H04L63/20 ,  H04L12/5692 ,  H04L41/5019 ,  H04L63/105 ,  H04W12/08

摘要： Systems, methods, and apparatus are disclosed for coordinating enforcement of policies on a network and/or a wireless transmit/receive unit. The policies may include stakeholder-specific policies of one or more stakeholders that provide services on a user equipment. Enforcement of the stakeholder-specific policies may be securely coordinated using a policy coordination function. Systems, methods, and apparatus are also disclosed that include a network policy coordination function (NPCF) that coordinates service control policies and access control policies. The NPCF may coordinate enforcement of the service control policies for one or more service control entities and the access control policies for one or more access control entities.

摘要翻译： 公开了用于协调网络和/或无线发射/接收单元上的策略的实施的系统，方法和装置。 这些策略可以包括在用户设备上提供服务的一个或多个利益相关者的利益相关者特定的策略。 可以使用政策协调功能来安全地协调利益相关者特定政策的执行。 还公开了包括协调服务控制策略和访问控制策略的网络策略协调功能（NPCF）的系统，方法和装置。 NPCF可以协调一个或多个服务控制实体的服务控制策略的执行和一个或多个访问控制实体的访问控制策略。

公开(公告)号：US20080046758A1

公开(公告)日：2008-02-21

申请号：US11744304

申请日：2007-05-04

申请人： Inhyok Cha ,  Amit Singhal ,  Yogendra Shah

发明人： Inhyok Cha ,  Amit Singhal ,  Yogendra Shah

IPC分类号： G06F12/14 ,  H04L9/00

CPC分类号： G06F21/10 ,  G06F21/57 ,  H04L9/3247 ,  H04L63/12 ,  H04L63/20

摘要： The present invention discloses several methods to strengthen the integrity of entities, messages, and processing related to content distribution as defined by the Open Mobile Alliance (OMA) Digital Rights Management (DRM). The methods use techniques related to the Trusted Computing Group (TCG) specifications. A first embodiment uses TCG techniques to verify platform and DRM software integrity or trustworthiness, both with and without modifications to the DRM rights object acquisition protocol (ROAP) and DRM content format specifications. A second embodiment uses TCG techniques to strengthen the integrity of ROAP messages, constituent information, and processing without changing the existing ROAP protocol. A third embodiment uses TCG techniques to strengthen the integrity of the ROAP messages, information, and processing with some changes to the existing ROAP protocol.

摘要翻译： 本发明公开了加强与由开放移动联盟（OMA）数字版权管理（DRM）定义的内容分发有关的实体，消息和处理的完整性的几种方法。 该方法使用与可信计算组（TCG）规范相关的技术。 第一实施例使用TCG技术来验证平台和DRM软件完整性或可信赖性，无论是否修改DRM权限对象获取协议（ROAP）和DRM内容格式规范。 第二实施例使用TCG技术来加强ROAP消息，组成信息和处理的完整性，而不改变现有的ROAP协议。 第三个实施例使用TCG技术来加强ROAP消息，信息和处理的完整性，并对现有的ROAP协议进行一些改变。

公开(公告)号：US10044713B2

公开(公告)日：2018-08-07

申请号：US13589991

申请日：2012-08-20

申请人： Andreas Leicher ,  Andreas Schmidt ,  Yogendra Shah

发明人： Andreas Leicher ,  Andreas Schmidt ,  Yogendra Shah

IPC分类号： H04L29/06

摘要： Identity management, user authentication, and/or user access to services on a network may be provided in a secure and/or trustworthy manner, as described herein. For example, trustworthy claims may be used to indicate security and/or trustworthiness of a user or user device on a network. Security and/or trustworthiness of a user or a user device on a network may also be established using OpenID and/or local OpenID, a secure channel between a service and the user device, and/or by including a network layer authentication challenge in an application layer authentication challenge on the user device for example.

公开(公告)号：US20100318796A1

公开(公告)日：2010-12-16

申请号：US12649151

申请日：2009-12-29

申请人： Alexander Reznik ,  Alan Gerald Carlton ,  Alain Charles Louis Briancon ,  Yogendra Shah ,  Prabhakar R. Chitrapu

发明人： Alexander Reznik ,  Alan Gerald Carlton ,  Alain Charles Louis Briancon ,  Yogendra Shah ,  Prabhakar R. Chitrapu

IPC分类号： H04L9/32 ,  H04K1/00

CPC分类号： H04W12/08 ,  H04L27/3477 ,  H04L63/107 ,  H04W4/02 ,  H04W12/02 ,  H04W12/12 ,  H04W16/30

摘要： A method for transmitting an encrypted signal to a wireless transmit/receive unit (WTRU) such that decryption of the encrypted signal depends on a trust zone associated with the WTRU is disclosed. The encryption may be performed using hierarchical modulation, scrambling, authentication, location validation, or a combination thereof. The size of a trust zone may also be adjusted.

摘要翻译： 一种用于将加密信号发送到无线发射/接收单元（WTRU）的方法，使得加密信号的解密取决于与WTRU相关联的信任区域。 可以使用分层调制，加扰，认证，位置验证或其组合来执行加密。 也可以调整信任区域的大小。

公开(公告)号：US07606295B2

公开(公告)日：2009-10-20

申请号：US11173046

申请日：2005-07-01

申请人： Babak Daneshrad ,  Christian Oberli ,  Jatin Bhatia ,  Yogendra Shah

发明人： Babak Daneshrad ,  Christian Oberli ,  Jatin Bhatia ,  Yogendra Shah

IPC分类号： H04B1/707

CPC分类号： H04B1/7103 ,  H04B1/709 ,  H04B1/7115 ,  H04B1/7117 ,  H04B1/712 ,  H04B2201/70702 ,  H04B2201/709727

摘要： The present invention is related to a generalized rake receiver for a wireless communication system. The rake receiver comprises a plurality of finger correlators and a plurality of escort correlators. Each finger correlator demodulates each multipath components of the transmitted signal. The escort correlator is used for multipath tracking for optimal finger placement and weight estimation for demodulation. The escort correlator is located in vicinity of multipath center and is programmable within a chip and at a resolution finer than a chip. Weight vector is estimated using the estimate of the total base station energy based upon the pilot information from the base stations in soft-handoff.

摘要翻译： 本发明涉及一种用于无线通信系统的通用耙式接收机。 耙式接收机包括多个手指相关器和多个护送相关器。 每个手指相关器解调发射信号的每个多路径。 护送相关器用于多路径跟踪，用于最佳手指放置和用于解调的权重估计。 护航相关器位于多路径中心附近，可在芯片内编程，分辨率优于芯片。 基于来自基站的导频信息在软切换中使用基站总能量的估计来估计权重向量。