公开(公告)号：US20190042715A1

公开(公告)日：2019-02-07

申请号：US15665539

申请日：2017-08-01

Applicant: MOTOROLA SOLUTIONS, INC

Inventor： MICHAEL F. KORUS ,  ADAM C. LEWIS

IPC: G06F21/32 ,  H04W4/02

Abstract: A method and mobile device for identifying a current user of the mobile device as a trusted user is provided. The mobile device determines that a current user of the mobile device is not the owner of the mobile device. The mobile device obtains a biometric sample of the current user and transmits an identification request message to a distributed identification system. The distributed identification system includes a group of mobile devices, each one that includes biometric data the owner of the device. The identification request message includes the biometric sample of the current user. If the biometric sample matches the sample of one of the mobile devices in the distributed identification system, that device sends an identity response to the originating mobile device. Upon receiving the identity response, the original mobile unit determines if the identity in the identity response matches a known identity of the mobile device, such as a member in the contact list. If so, the original mobile device remains unlocked. If there is no match, the mobile device assumes that the current user is unauthorized and locks the phone or performs other defensive measures.

公开(公告)号：US20180063128A1

公开(公告)日：2018-03-01

申请号：US15252818

申请日：2016-08-31

Applicant: MOTOROLA SOLUTIONS, INC

Inventor： MICHAEL F. KORUS ,  IRINA KLEYMAN ,  ADAM C. LEWIS

IPC: H04L29/06

CPC classification number: G06F21/40 ,  G06F21/45 ,  G06F2221/2137 ,  G06F2221/2143 ,  H04L63/083 ,  H04L2463/082

Abstract: A method is provided for automatically deleting user passwords. Upon receiving a password-less user authentication a password grace period timer is started. Upon expiration of the password grace period timer the password is deleted if a user confidence score associated with the user is greater than a confidence threshold.

公开(公告)号：US20160285843A1

公开(公告)日：2016-09-29

申请号：US14671244

申请日：2015-03-27

Applicant: MOTOROLA SOLUTIONS, INC

Inventor： GEORGE POPOVICH ,  ADAM C. LEWIS ,  ANTHONY R. METKE ,  STEVEN D. UPP

IPC: H04L29/06

CPC classification number: H04L63/102 ,  H04L63/0815

Abstract: A system and method for enabling a primary and a secondary communication device to share a user identity assertion is presented. The user identity assertion enables the devices to access an application system. The primary and secondary devices are paired to place them in collaboration with each other. The primary device requests an identity provider system to issue a user identity assertion scoped to the primary and secondary communication device. The identity provider system authenticates the primary device and generates the user identity assertion scoped to the primary device and the secondary device identified in the request. The primary communication device receives the user identity assertion and communicates the user identity assertion to the secondary device. The primary device may request the user identity assertion by communicating a user identity assertion scoped to the primary device and a single sign on session cookie or a request for an extension assertion.

Abstract translation: 提出了一种能够使主要和次要通信设备共享用户身份断言的系统和方法。 用户身份断言使设备能够访问应用系统。 主设备和辅助设备配对，使它们彼此协作。 主设备请求身份提供者系统发布对主要和次要通信设备的用户身份断言。 身份提供者系统对主设备进行身份验证，并生成范围为主设备的用户身份断言和请求中标识的辅助设备。 主要通信设备接收用户身份断言，并将用户身份声明传达给辅助设备。 主设备可以通过传送作用于主设备的用户身份断言和会话cookie上的单一登录或扩展断言的请求来请求用户身份断言。

公开(公告)号：US20180048638A1

公开(公告)日：2018-02-15

申请号：US15234180

申请日：2016-08-11

Applicant: MOTOROLA SOLUTIONS, INC

Inventor： ADAM C. LEWIS ,  ANTHONY R. METKE ,  SHANTHI E. THOMAS

IPC: H04L29/06

CPC classification number: H04L63/0823 ,  G06F9/45533 ,  G06F9/45558 ,  G06F21/53 ,  G06F2009/45587 ,  H04L9/3228 ,  H04L9/3268 ,  H04L63/06 ,  H04L63/0807

Abstract: A method and is provided for obtaining a vetted certificate for a microservice in an elastic cloud environment. The microservice receives a one-time authentication credential. The microservice utilizes the one-time authentication credential to obtain a client secret. The microservice obtains an access token and CSR (Certificate Signing Request) attributes using the client secret and constructs a CSR utilizing the CSR attributes. The microservice requests a vetted certificate from a Certificate Authority (CA) and includes the access token and the CSR in the request. If the access token and the CSR pass vetting at the CA, the CA sends a vetted certificate to the microservice.

公开(公告)号：US20160183083A1

公开(公告)日：2016-06-23

申请号：US14577775

申请日：2014-12-19

Applicant: Motorola Solutions, Inc.

Inventor： ADAM C. LEWIS ,  PAULA TJANDRA ,  KAREN M. UPP

IPC: H04W8/28 ,  H04W60/04 ,  H04L29/06

CPC classification number: H04W8/28 ,  H04L61/2084 ,  H04L61/3095 ,  H04L61/605 ,  H04L63/0807 ,  H04L65/1016 ,  H04L65/1073 ,  H04W60/04

Abstract: A method of Internet Protocol (IP) Multimedia Subsystem (IMS) registration and a user equipment (UE) enable dynamic assignment of a Mobile Subscriber Integrated Services Digital Network-Number (MSISDN) to the UE. An input identifying a user of the UE is received at the UE. One or more credentials based on the input are transmitted from the UE to an identity management system. User data comprising a MSISDN attribute corresponding to the user are received at the UE from the identity management system. An IP Multimedia Private Identity (IMPI) associated with the UE and an IP Multimedia Public Identity (IMPU) based on the MSISDN attribute are then transmitted from the UE to a registrar.

Abstract translation: 因特网协议（IP）多媒体子系统（IMS）注册和用户设备（UE）的方法使得能够将动态分配移动用户集成服务数字网络号码（MSISDN）给UE。 在UE处接收识别UE的用户的输入。 基于输入的一个或多个凭证从UE发送到身份管理系统。 包含与用户相对应的MSISDN属性的用户数据在UE从身份管理系统接收。 然后，将与UE相关联的IP多媒体私有身份（IMPI）和基于MSISDN属性的IP多媒体公共标识（IMPU）从UE发送到注册服务商。

公开(公告)号：US20160182489A1

公开(公告)日：2016-06-23

申请号：US14577841

申请日：2014-12-19

Applicant: MOTOROLA SOLUTIONS, INC

Inventor： ADAM C. LEWIS ,  RICHARD S. PIEPHO ,  SHANTHI E. THOMAS

IPC: H04L29/06

CPC classification number: H04L63/0815 ,  H04L63/083

Abstract: A single sign-on server associated with a single sign-on client authenticates a user of a device. Subsequent to the authenticating, the single sign-on client receives a request for an authentication token from a single sign-on enabled application operating on the device. The single sign-on client determines whether an application lock flag for the single sign-on enabled application is set. Responsive to the determining, the single sign-on client provides the authentication token to the single sign-on enabled application when the application lock flag is not set and withholds the authentication token from the single sign-on enabled application when the application lock flag is set.

Abstract translation: 与单一登录客户端关联的单一登录服务器将验证设备的用户。 在认证之后，单点登录客户端从在设备上操作的单一登录启用应用程序接收到认证令牌的请求。 单点登录客户端确定是否设置了启用单一登录的应用程序锁定标志。 响应于确定，当应用程序锁定标志未设置时，单一登录客户端向单一登录启用的应用程序提供身份验证令牌，当应用程序锁定标志为 组。