公开(公告)号：US20170353451A1

公开(公告)日：2017-12-07

申请号：US15170683

申请日：2016-06-01

Applicant: MOTOROLA SOLUTIONS, INC.

Inventor： Anthony R. Metke ,  Adam C. Lewis ,  Shanthi E. Thomas

IPC: H04L29/06

CPC classification number: H04W4/90 ,  H04L63/0876 ,  H04L63/102 ,  H04W12/06

Abstract: A method and apparatus for issuing an incident-issued credential for an incident area network. One embodiment provides an identity server including an electronic processor configured to receive an agency-issued credential and retrieve a first set of attributes from the agency-issued credential. The electronic processor is also configured to map the first set of attributes to a scope of a service available through an incident area network. The electronic processor is further configured to generate the incident-issued credential for the incident area network including the scope and issue the incident-issued credential to a user device.

公开(公告)号：US20170124307A1

公开(公告)日：2017-05-04

申请号：US14932418

申请日：2015-11-04

Applicant: MOTOROLA SOLUTIONS, INC.

Inventor： Katrin Reitsma ,  Adam C. Lewis ,  Shanthi E. Thomas

IPC: G06F21/31 ,  G06F3/0481 ,  G06F3/0484 ,  G06F21/41

CPC classification number: G06F21/31 ,  G06F3/0481 ,  G06F3/0484 ,  G06F21/30 ,  G06F21/316 ,  G06F21/41 ,  H04L63/105 ,  H04W12/06 ,  H04W12/08 ,  H04W88/02

Abstract: A method of enabling a lock screen of an electronic device operating an electronic device that includes an electronic processor and a display screen. The method includes receiving, by the electronic processor, a request to unlock the electronic device. The method further includes determining, by the electronic processor, an authentication state for the electronic device. The method further includes, determining, by the electronic processor, a lock screen authentication mode based on the authentication state, and displaying, on the display screen, a lock screen including the lock screen authentication mode. The electronic device includes a display screen and an electronic processor. The electronic processor is configured to receive a request to unlock the electronic device. The electronic processor is further configured to determine an authentication state for the electronic device, determine a lock screen authentication mode based on the authentication state and display on the display screen, a lock screen including the lock screen authentication mode.

公开(公告)号：US10528713B2

公开(公告)日：2020-01-07

申请号：US15665539

申请日：2017-08-01

Applicant: MOTOROLA SOLUTIONS, INC

Inventor： Michael F. Korus ,  Adam C. Lewis

IPC: G06F21/32 ,  H04W4/021 ,  G06F21/62 ,  H04L29/06

Abstract: A method and mobile device for identifying a current user of the mobile device as a trusted user is provided. The mobile device determines that a current user of the mobile device is not the owner of the mobile device. The mobile device obtains a biometric sample of the current user and transmits an identification request message to a distributed identification system. The distributed identification system includes a group of mobile devices, each one that includes biometric data the owner of the device. The identification request message includes the biometric sample of the current user. If the biometric sample matches the sample of one of the mobile devices in the distributed identification system, that device sends an identity response to the originating mobile device. Upon receiving the identity response, the original mobile unit determines if the identity in the identity response matches a known identity of the mobile device, such as a member in the contact list. If so, the original mobile device remains unlocked. If there is no match, the mobile device assumes that the current user is unauthorized and locks the phone or performs other defensive measures.

公开(公告)号：US20140189840A1

公开(公告)日：2014-07-03

申请号：US13728422

申请日：2012-12-27

Applicant: MOTOROLA SOLUTIONS, INC.

Inventor： ANTHONY R. METKE ,  Katrin Reitsma ,  Adam C. Lewis ,  George Popovich ,  Steven D. Upp

IPC: H04W12/06

CPC classification number: H04L63/0884 ,  G06F21/41 ,  H04L63/08 ,  H04L63/0815 ,  H04W12/06

Abstract: A system for, and method of, single sign-on collaboration among a plurality of mobile devices, includes a server for issuing a first identity token to subsequently authenticate a user of a first of the mobile devices to a service provider, and for generating and sending a collaboration credential to the first device based on the first identity token or user authentication. The first device sends the collaboration credential generated by the server to a second device paired with the first device. The server also issues a second identity token to subsequently authenticate to the service provider the user of the second device based on the collaboration credential received from the first device, to support single sign-on collaboration for the user across the plurality of mobile devices.

Abstract translation: 用于多个移动设备之间的单点登录协作的系统和方法包括用于发出第一身份令牌以随后向服务提供商认证第一移动设备的用户的服务器，以及用于生成和 基于第一身份令牌或用户认证向第一设备发送协作凭证。 第一个设备将由服务器生成的协作凭证发送到与第一个设备配对的第二个设备。 服务器还发出第二身份令牌，以随后基于从第一设备接收到的协作凭证向服务提供商验证第二设备的用户，以支持跨多个移动设备的用户的单点登录协作。

公开(公告)号：US20140189789A1

公开(公告)日：2014-07-03

申请号：US13728711

申请日：2012-12-27

Applicant: MOTOROLA SOLUTIONS, INC.

Inventor： Adam C. Lewis ,  Alejandro G. Blanco ,  Steven D. Upp

IPC: H04L29/06

CPC classification number: H04L63/08 ,  H04L63/0492 ,  H04L67/10 ,  H04W4/80 ,  H04W12/003 ,  H04W12/08

Abstract: A network device is configured to authenticate a collaborative session between at least two communication devices. The network component receives an indication that at least two devices located within a predefined physical range are attempting to collaborate. The network component determines, based on the indication, that the two devices are authentic and that the two devices are attempting to collaborate. Responsive to determining that the two devices are authentic and attempting to collaborate, the network component determines that the two devices are authorized to collaborate and a level on which the two devices are authorized to collaborate. The network component sends an authorization response to at least one of the at least two devices, wherein if the two devices are authorized to collaborate the authorization response includes the level on which the two devices are authorized to collaborate.

Abstract translation: 网络设备被配置为对至少两个通信设备之间的协作会话进行认证。 网络组件接收指示位于预定义物理范围内的至少两个设备正在尝试协作。 网络组件基于该指示确定两个设备是真实的，并且两个设备正尝试协作。 响应于确定两个设备是真实的并且尝试协作，网络组件确定两个设备被授权协作，以及两个设备被授权协作的级别。 所述网络组件向所述至少两个设备中的至少一个发送授权响应，其中如果所述两个设备被授权协作，所述授权响应包括所述两个设备被授权协作的级别。

公开(公告)号：US11349665B2

公开(公告)日：2022-05-31

申请号：US15853650

申请日：2017-12-22

Applicant: MOTOROLA SOLUTIONS, INC

Inventor： Katrin Reitsma ,  Dharamendra Kumar ,  Thomas S. Messerges ,  Robert Horvath ,  Adam C. Lewis

IPC: H04L9/32 ,  H04L9/40 ,  H04W12/37 ,  H04W12/084 ,  H04W12/08 ,  H04W12/06 ,  H04W12/69 ,  H04W12/106 ,  H04L29/06

Abstract: A device attestation server and method for attesting to the integrity of a mobile device is provided. An attestation request is sent from a mobile device to a device attestation server. The device attestation server runs an attestation method that is supported by the mobile device. The device attestation server creates an attestation token that includes a validation result and a plurality of attributes. The device attestation server sends the attestation token to the mobile device, which performs a validation method using the attestation token.

公开(公告)号：US20180270237A1

公开(公告)日：2018-09-20

申请号：US15461299

申请日：2017-03-16

Applicant: MOTOROLA SOLUTIONS, INC.

Inventor： Adam C. Lewis ,  Shanthi E. Thomas

IPC: H04L29/06

Abstract: System and method of providing administrative access to an endpoint server. In one example, the method includes receiving, at an admin server, a request for performing an admin operation on the endpoint server and a first portion of an admin key from a microservice server. The method also includes receiving, at the admin server, a second portion of the admin key. The method further includes generating, at the admin server, a copy of the admin key based at least in part on the first portion and the second portion of the admin key. The method also includes performing, via the admin server, the admin operation on the endpoint server using the copy of the admin key. The method further includes deleting the copy of the admin key on the admin server after performing the admin operation on the endpoint server.

公开(公告)号：US08782766B1

公开(公告)日：2014-07-15

申请号：US13728422

申请日：2012-12-27

Applicant: Motorola Solutions, Inc.

Inventor： Anthony R. Metke ,  Katrin Reitsma ,  Adam C. Lewis ,  George Popovich ,  Steven D. Upp

IPC: G06F7/04 ,  H04L29/06 ,  H04W12/06 ,  G06F21/41 ,  G06F17/30

CPC classification number: H04L63/0884 ,  G06F21/41 ,  H04L63/08 ,  H04L63/0815 ,  H04W12/06

Abstract: A system for, and method of, single sign-on collaboration among a plurality of mobile devices, includes a server for issuing a first identity token to subsequently authenticate a user of a first of the mobile devices to a service provider, and for generating and sending a collaboration credential to the first device based on the first identity token or user authentication. The first device sends the collaboration credential generated by the server to a second device paired with the first device. The server also issues a second identity token to subsequently authenticate to the service provider the user of the second device based on the collaboration credential received from the first device, to support single sign-on collaboration for the user across the plurality of mobile devices.

Abstract translation: 用于多个移动设备之间的单点登录协作的系统和方法包括用于发出第一身份令牌以随后向服务提供商认证第一移动设备的用户的服务器，以及用于生成和 基于第一身份令牌或用户认证向第一设备发送协作凭证。 第一个设备将由服务器生成的协作凭证发送到与第一个设备配对的第二个设备。 服务器还发出第二身份令牌，以随后基于从第一设备接收到的协作凭证向服务提供商验证第二设备的用户，以支持跨多个移动设备的用户的单点登录协作。

公开(公告)号：US10979232B2

公开(公告)日：2021-04-13

申请号：US15994811

申请日：2018-05-31

Applicant: MOTOROLA SOLUTIONS, INC.

Inventor： Thomas S. Messerges ,  Brian W. Pruss ,  Kenneth C. Fuchs ,  Adam C. Lewis

IPC: H04L9/32 ,  G06F21/44 ,  H04L29/06

Abstract: Provisioning device certificates for electronic processors. One example method includes receiving a flashloader at the electronic processor. The method also includes validating the flashloader with the electronic processor. After validating the flashloader, the method includes receiving an encrypted provisioned key bundle at the electronic processor. The method also includes decrypting the encrypted provisioned key bundle with the electronic processor using a provisioning key to create a decrypted provisioned key bundle. The method further includes executing a provisioning process on the electronic processor using the decrypted provisioned key bundle.

公开(公告)号：US10404680B2

公开(公告)日：2019-09-03

申请号：US15234180

申请日：2016-08-11

Applicant: MOTOROLA SOLUTIONS, INC

Inventor： Adam C. Lewis ,  Anthony R. Metke ,  Shanthi E. Thomas

IPC: H04L29/00 ,  H04L29/06 ,  G06F9/455 ,  G06F9/50 ,  G06F21/53 ,  H04L9/32 ,  G06F9/46

Abstract: A method and is provided for obtaining a vetted certificate for a microservice in an elastic cloud environment. The microservice receives a one-time authentication credential. The microservice utilizes the one-time authentication credential to obtain a client secret. The microservice obtains an access token and CSR (Certificate Signing Request) attributes using the client secret and constructs a CSR utilizing the CSR attributes. The microservice requests a vetted certificate from a Certificate Authority (CA) and includes the access token and the CSR in the request. If the access token and the CSR pass vetting at the CA, the CA sends a vetted certificate to the microservice.