公开(公告)号：US20170300678A1

公开(公告)日：2017-10-19

申请号：US15097767

申请日：2016-04-13

Applicant: MOTOROLA SOLUTIONS, INC

Inventor： ANTHONY R. METKE ,  MICHAEL F. KORUS ,  GEORGE POPOVICH

IPC: G06F21/32 ,  H04W12/06 ,  H04L9/32

CPC classification number: G06F21/32 ,  H04L9/3231 ,  H04L63/062 ,  H04L63/0861 ,  H04W12/04 ,  H04W12/06 ,  H04W12/0608

Abstract: Methods and apparatus for using a biometric template to control access to a user credential for a shared wireless communication device. One method includes receiving, from a mobile device, an authentication request. The authentication request includes a device credential associated with the mobile device. The method further includes receiving, from the mobile device, a request for a biometric template of a user. The method further includes determining, by reference to at least one of a group consisting of the device credential and an authorization database, that the mobile device is authorized to receive the biometric template of the user based on at least one attribute controlling a use of the biometric template. The method further includes, in response to determining that the mobile device is authorized to receive the biometric template of the user, conveying the biometric template of the user to the mobile device.

公开(公告)号：US20160285843A1

公开(公告)日：2016-09-29

申请号：US14671244

申请日：2015-03-27

Applicant: MOTOROLA SOLUTIONS, INC

Inventor： GEORGE POPOVICH ,  ADAM C. LEWIS ,  ANTHONY R. METKE ,  STEVEN D. UPP

IPC: H04L29/06

CPC classification number: H04L63/102 ,  H04L63/0815

Abstract: A system and method for enabling a primary and a secondary communication device to share a user identity assertion is presented. The user identity assertion enables the devices to access an application system. The primary and secondary devices are paired to place them in collaboration with each other. The primary device requests an identity provider system to issue a user identity assertion scoped to the primary and secondary communication device. The identity provider system authenticates the primary device and generates the user identity assertion scoped to the primary device and the secondary device identified in the request. The primary communication device receives the user identity assertion and communicates the user identity assertion to the secondary device. The primary device may request the user identity assertion by communicating a user identity assertion scoped to the primary device and a single sign on session cookie or a request for an extension assertion.

Abstract translation: 提出了一种能够使主要和次要通信设备共享用户身份断言的系统和方法。 用户身份断言使设备能够访问应用系统。 主设备和辅助设备配对，使它们彼此协作。 主设备请求身份提供者系统发布对主要和次要通信设备的用户身份断言。 身份提供者系统对主设备进行身份验证，并生成范围为主设备的用户身份断言和请求中标识的辅助设备。 主要通信设备接收用户身份断言，并将用户身份声明传达给辅助设备。 主设备可以通过传送作用于主设备的用户身份断言和会话cookie上的单一登录或扩展断言的请求来请求用户身份断言。

公开(公告)号：US20160142404A1

公开(公告)日：2016-05-19

申请号：US14541599

申请日：2014-11-14

Applicant: Motorola Solutions, Inc.

Inventor： GEORGE POPOVICH ,  MICHAEL F. KORUS ,  ANTHONY R. METKE

IPC: H04L29/06

CPC classification number: H04L63/0861 ,  H04L63/0815 ,  H04L63/108 ,  H04L63/123 ,  H04W12/06 ,  H04W12/08 ,  H04W12/12

Abstract: A method and apparatus for providing a lifetime extension to an identity assertion is provided herein. During operation a user will authenticate to an identity management server (also known as an authorization server or an authentication server) to obtain an identity assertion. An identity assertion will be provided upon successful authentication. The lifetime of the identity assertion will be based on whether or not biometric information of the user will be used by the device to which the assertion is being issued to identify the user prior to allowing the use of the identity assertion.

Abstract translation: 本文提供了一种用于向身份断言提供终身延长的方法和装置。 在操作期间，用户将对身份管理服务器（也称为授权服务器或认证服务器）进行身份验证以获得身份断言。 验证成功后将提供身份认证。 身份声明的生命周期将基于用户的生物特征信息是否将由要发出断言的设备使用，以便在允许使用身份断言之前识别用户。

公开(公告)号：US20160036854A1

公开(公告)日：2016-02-04

申请号：US14447257

申请日：2014-07-30

Applicant: MOTOROLA SOLUTIONS, INC

Inventor： ERWIN HIMAWAN ,  ANTHONY R METKE ,  GEORGE POPOVICH ,  SHANTHI E THOMAS

IPC: H04L29/06 ,  H04W12/04 ,  H04W12/08

CPC classification number: H04L63/20 ,  H04L9/3234 ,  H04L12/4633 ,  H04L63/04 ,  H04L63/0428 ,  H04L63/08 ,  H04L63/10 ,  H04L63/104 ,  H04L63/205

Abstract: A first communication device having a secure access to a security module establishes a collaborative network by forming a collaborative security association with a second communication device associated with a user of the first communication device. The first communication device (a) sends an advertisement of services associated with the security module to the second communication device and receives an advertisement response from the second communication device or (b) receives a solicitation request for services associated with the security module from the second communication device. Responsive to receiving one of the advertisement response and the solicitation request, the first communication device determines whether the second communication device is authorized to access the security module. The first communication device processes and forwards security service messages between the second communication device and the security module, in response to determining that the second communication device is authorized to access the security module.

Abstract translation: 具有对安全模块的安全访问的第一通信设备通过与与第一通信设备的用户相关联的第二通信设备形成协作安全关联来建立协作网络。 第一通信设备（a）向第二通信设备发送与安全模块相关联的服务的广告，并从第二通信设备接收广告响应，或（b）从第二通信设备接收与安全模块相关联的服务的请求请求 通讯装置 响应于接收广告响应和请求请求之一，第一通信设备确定第二通信设备是否被授权访问安全模块。 响应于确定第二通信设备被授权访问安全模块，第一通信设备在第二通信设备和安全模块之间处理和转发安全服务消息。