公开(公告)号：US20180242129A1

公开(公告)日：2018-08-23

申请号：US15955186

申请日：2018-04-17

申请人： InterDigital Patent Holdings, Inc.

发明人： Yogendra C. SHAH ,  Inhyok CHA ,  Michael V. MEYERSTEIN ,  Andreas SCHMIDT

IPC分类号： H04W4/70 ,  H04L29/06 ,  H04L9/32 ,  H04L9/08 ,  H04W4/50 ,  H04W12/06 ,  H04W12/10 ,  H04W12/08 ,  H04W84/22

CPC分类号： H04W4/70 ,  G06F21/57 ,  G06F21/575 ,  G06F2221/2101 ,  G06F2221/2105 ,  G06F2221/2151 ,  G06F2221/2153 ,  H04L9/08 ,  H04L9/3234 ,  H04L63/062 ,  H04L63/0823 ,  H04L63/12 ,  H04L63/20 ,  H04L67/10 ,  H04L67/125 ,  H04W4/00 ,  H04W4/50 ,  H04W8/06 ,  H04W12/0023 ,  H04W12/00518 ,  H04W12/06 ,  H04W12/08 ,  H04W12/10 ,  H04W24/00 ,  H04W84/22

摘要： A method and apparatus for performing secure Machine-to-Machine (M2M) provisioning and communication is disclosed. In particular a temporary private identifier, or provisional connectivity identification (PCID), for uniquely identifying machine-to-machine equipment (M2ME) is also disclosed. Additionally, methods and apparatus for use in validating, authenticating and provisioning a M2ME is also disclosed. The validation procedures disclosed include an autonomous, semi-autonomous, and remote validation are disclosed. The provisioning procedures include methods for re-provisioning the M2ME. Procedures for updating software, and detecting tampering with the M2ME are also disclosed.

公开(公告)号：US20160087957A1

公开(公告)日：2016-03-24

申请号：US14786688

申请日：2014-04-25

申请人： INTERDIGITAL PATENT HOLDINGS, INC.

发明人： Yogendra C. SHAH ,  Andreas SCHMIDT ,  Vinod K. CHOYI ,  Lakshmi SUBRAMANIAN ,  Andreas LEICHER

IPC分类号： H04L29/06 ,  H04W12/06

CPC分类号： H04L63/08 ,  H04L63/083 ,  H04L63/0861 ,  H04L63/20 ,  H04L63/205 ,  H04L2463/082 ,  H04L2463/121 ,  H04W12/00505 ,  H04W12/06

摘要： As users gain access to different services, the grade of the services may vary, for example, from low value services to high value services. A low value may indicate that a low strength of authentication is required, while a high value may indicate that a high strength of authentication is required to access the service. There is disclosed a method for authenticating a device comprising the determination (204) of an authentication requirement to access a first service that is provided by a service provider, SP, the discovery (208) of one or more authentication factors, associated with the device or the user, that are available for the authentication, the determination (210) whether at least one of the discovered authentication factors are sufficient to achieve the authentication requirement and, if so, the performance (212-228) of corresponding authentication procedures.

摘要翻译： 当用户获得不同的服务时，服务等级可能会有所不同，例如从低价值服务到高价值服务。 低值可能表示需要低强度的身份验证，而较高的值可能表明需要高强度的身份验证来访问服务。 公开了一种用于认证设备的方法，该方法包括：确定（204）认证要求以访问由服务提供商SP提供的第一服务，与所述设备相关联的一个或多个认证因素的发现（208） 或用户可用于认证，确定（210）所发现的认证因素中的至少一个是否足以实现认证要求，如果是，则确定相应认证过程的性能（212-228）。

公开(公告)号：US20150319156A1

公开(公告)日：2015-11-05

申请号：US14651455

申请日：2013-12-12

申请人： INTERDIGITAL PATENT HOLDINGS INC.

发明人： Louis J. GUCCIONE ,  Vinod K. CHOYI ,  Yogendra C. SHAH ,  Andreas SCHMIDT ,  Alec BRUSILOVSKY ,  Yousif TARGALI

IPC分类号： H04L29/06

CPC分类号： H04L63/083 ,  H04L63/08 ,  H04L63/0853 ,  H04L63/0861 ,  H04L63/105 ,  H04L63/205 ,  H04W12/06

摘要： Systems, methods and apparatus embodiments are described herein for authenticating a user and/or a user equipment (UE). For example, a user and/or UE may request access to a service controlled by a service provider (SP). The user may be authenticated by an identity provider (IdP), producing a result. A user assertion may be provided to the SP, and the user assertion may comprise the user authentication result. The UE may be authenticated with another IdP, producing an associated result. A device assertion may be provided to the SP and may comprise the device authentication result. A master IdP may bind the assertions together and a consolidated assertion may be provided to the SP so that the user/UE can receive access to a service that is provided by the SP.

摘要翻译： 本文描述了用于认证用户和/或用户设备（UE）的系统，方法和设备实施例。 例如，用户和/或UE可以请求对由服务提供商（SP）控制的服务的访问。 用户可以由身份提供商（IdP）认证，产生结果。 可以向SP提供用户断言，并且用户断言可以包括用户认证结果。 UE可以用另一个IdP认证，产生相关联的结果。 可以向SP提供设备断言，并且可以包括设备认证结果。 主IdP可以将断言绑定在一起，并且可以向SP提供合并的断言，使得用户/ UE可以接收对由SP提供的服务的访问。

公开(公告)号：US20170364685A1

公开(公告)日：2017-12-21

申请号：US15528257

申请日：2015-11-20

申请人： INTERDIGITAL PATENT HOLDINGS. INC.

发明人： Yogendra C. SHAH ,  Andreas SCHMIDT ,  John W. MARLAND

IPC分类号： G06F21/57 ,  G06F21/53 ,  G06F9/455

CPC分类号： G06F21/575 ,  G06F9/45554 ,  G06F9/45558 ,  G06F21/53 ,  G06F2009/45562 ,  G06F2009/45587

摘要： Described herein are methods, device, and systems that provide security to various computing systems, such as, smartphones, tablets, personal computers, computing servers, or the like. Security is provided to computing systems at various stages of their operational cycles. For example, a secure boot of a base computing platform (BCP) may be performed, and security processor (SecP) may be instantiated on the BCP. Using the SecP, an integrity of the OS of the BCP may be verified, and an integrity of a hypervisor may be verified. A virtual machine (VM) may be created on the BCP. The VM is provided with virtual access to the SecP on the BCP. Using the virtual access to the TAM, an integrity of the guest OS of the VM is verified and an integrity of applications running on the guest OS are verified.