公开(公告)号：US20180070230A1

公开(公告)日：2018-03-08

申请号：US15806843

申请日：2017-11-08

Applicant: MOTOROLA SOLUTIONS, INC

Inventor： STEVEN D. UPP ,  ISAM R. MAKHLOUF ,  FRANCESCA SCHULER ,  GINO A. SCRIBANO

IPC: H04W12/04 ,  H04L9/08 ,  H04W12/06 ,  G06F17/30 ,  H04L29/06

CPC classification number: H04W12/04 ,  G06F16/951 ,  H04L9/08 ,  H04L9/0819 ,  H04L9/0838 ,  H04L63/08 ,  H04W12/06

Abstract: A method and apparatus is provided for connecting a communication device to a deployable system. The deployable system obtains at least one deployable key derived on a fixed system for the deployable system based on an existing key stored on a database of the fixed system, wherein the existing key is used to authenticate a communication device. The deployable system stores the derived key. Subsequent to the storing, the deployable system is activated to provide communication resources to communication devices disconnected from the fixed system. The activated deployable system is not connected to the fixed system. The activated deployable system receives an authentication request from the communication device requesting connection to the deployable system; generates authentication vectors using the at least one derived deployable key; and authenticates an authentication response received from the communication device using the authentication vectors.

公开(公告)号：US20160127340A1

公开(公告)日：2016-05-05

申请号：US14528459

申请日：2014-10-30

Applicant: MOTOROLA SOLUTIONS, INC

Inventor： STEVEN D. UPP ,  ISAM R. MAKHLOUF ,  FRANCESCA SCHULER ,  GINO A. SCRIBANO

IPC: H04L29/06 ,  G06F17/30

CPC classification number: H04W12/04 ,  G06F17/30864 ,  H04L9/08 ,  H04L9/0819 ,  H04L9/0838 ,  H04L63/08 ,  H04W12/06

Abstract: A method and apparatus is provided for connecting a communication device to a deployable system. The deployable system obtains at least one deployable key derived on a fixed system for the deployable system based on an existing key stored on a database of the fixed system, wherein the existing key is used to authenticate a communication device. The deployable system stores the derived key. Subsequent to the storing, the deployable system is activated to provide communication resources to communication devices disconnected from the fixed system. The activated deployable system is not connected to the fixed system. The activated deployable system receives an authentication request from the communication device requesting connection to the deployable system; generates authentication vectors using the at least one derived deployable key; and authenticates an authentication response received from the communication device using the authentication vectors.

Abstract translation: 提供了一种用于将通信设备连接到可部署系统的方法和装置。 可部署系统基于存储在固定系统的数据库上的现有密钥获得在可部署系统的固定系统上导出的至少一个可部署密钥，其中现有密钥用于认证通信设备。 可部署系统存储派生密钥。 在存储之后，可部署系统被激活以向与固定系统断开的通信设备提供通信资源。 激活的可部署系统未连接到固定系统。 激活的可部署系统从通信设备接收请求到可部署系统的连接的认证请求; 使用所述至少一个派生可展开密钥生成认证向量; 并且使用认证向量来认证从通信设备接收的认证响应。

公开(公告)号：US20160285843A1

公开(公告)日：2016-09-29

申请号：US14671244

申请日：2015-03-27

Applicant: MOTOROLA SOLUTIONS, INC

Inventor： GEORGE POPOVICH ,  ADAM C. LEWIS ,  ANTHONY R. METKE ,  STEVEN D. UPP

IPC: H04L29/06

CPC classification number: H04L63/102 ,  H04L63/0815

Abstract: A system and method for enabling a primary and a secondary communication device to share a user identity assertion is presented. The user identity assertion enables the devices to access an application system. The primary and secondary devices are paired to place them in collaboration with each other. The primary device requests an identity provider system to issue a user identity assertion scoped to the primary and secondary communication device. The identity provider system authenticates the primary device and generates the user identity assertion scoped to the primary device and the secondary device identified in the request. The primary communication device receives the user identity assertion and communicates the user identity assertion to the secondary device. The primary device may request the user identity assertion by communicating a user identity assertion scoped to the primary device and a single sign on session cookie or a request for an extension assertion.

Abstract translation: 提出了一种能够使主要和次要通信设备共享用户身份断言的系统和方法。 用户身份断言使设备能够访问应用系统。 主设备和辅助设备配对，使它们彼此协作。 主设备请求身份提供者系统发布对主要和次要通信设备的用户身份断言。 身份提供者系统对主设备进行身份验证，并生成范围为主设备的用户身份断言和请求中标识的辅助设备。 主要通信设备接收用户身份断言，并将用户身份声明传达给辅助设备。 主设备可以通过传送作用于主设备的用户身份断言和会话cookie上的单一登录或扩展断言的请求来请求用户身份断言。