公开(公告)号：WO2007098584A1

公开(公告)日：2007-09-07

申请号：PCT/CA2007/000310

申请日：2007-02-28

Applicant: CERTICOM CORP. ,  WALTERS, Anthony J. ,  NEILL, Brian ,  ROSATI, Tony ,  VADEKAR, Ashok ,  O'LOUGHLIN, Daniel

Inventor： WALTERS, Anthony J. ,  NEILL, Brian ,  ROSATI, Tony ,  VADEKAR, Ashok ,  O'LOUGHLIN, Daniel

IPC: G06F21/00 ,  H04L9/28 ,  H04L9/32

CPC classification number: H04L63/062 ,  G06F21/602 ,  G06F21/72 ,  G06Q10/101 ,  H04L9/085

Abstract: A system and method for controlling a production process for producing a product is provided in which overproduction may be inhibited by introducing a separation of duties within a production process Typically a producer will contract out the various stages of a production process to multiple contractors. In general, separation of duties involves purposefully separating production stages, for silicon chips or other products, so that the end product has been handled or "touched", by each subcontractor, in order for the end product to be fully functional This is achieved by way of a module having a mathematical transform for intercepting and transforming data flow in the product The mathematical transform requiring a key to be operable, the product requiring successful operation of the mathematical transform to be operable and the key is divided into a plurality of portions of sensitive data which are added during production of the product in a plurality of stages

Abstract translation: 提供了一种用于控制生产产品的生产过程的系统和方法，其中可以通过在生产过程中引入职责分离来抑制过度生产。通常，生产者将生产过程的各个阶段的合同委托给多个承包商。 一般来说，职责分工涉及有目的地分离硅片或其他产品的生产阶段，以便最终产品被每个分包商处理或“触及”，以使最终产品完全起作用。这通过 具有用于拦截和变换产品中的数据流的数学变换的模块的方式。需要键可操作的数学变换，需要成功操作数学变换以使其可操作的产品和键被分成多个部分 在多个阶段中在产品生产期间添加的敏感数据

公开(公告)号：WO2014005211A1

公开(公告)日：2014-01-09

申请号：PCT/CA2012/050465

申请日：2012-07-09

Applicant: RESEARCH IN MOTION LIMITED ,  CERTICOM CORP. ,  CORMIER, Jean-Philippe Paul ,  HOLE, David Philip ,  RUSSELL, Nicholas James ,  O'LOUGHLIN, Daniel Francis

Inventor： CORMIER, Jean-Philippe Paul ,  HOLE, David Philip ,  RUSSELL, Nicholas James ,  O'LOUGHLIN, Daniel Francis

IPC: H04W8/20

CPC classification number: H04W8/205 ,  H04L9/3268 ,  H04L63/0823 ,  H04L2209/80 ,  H04W8/183 ,  H04W12/06 ,  H04W88/02

Abstract: Techniques for use in transferring an assignment of a secure chip of a wireless device from a current subscription manager (SM) of a current mobile network operator (MNO) to a new SM of a new MNO are described. In one illustrative example, the current SM receives a request for transferring the assignment and produces transfer permission data in response. The transfer permission data includes an identifier of the secure chip, an identifier of the current SM, and a digital signature of the current SM. The current SM then sends to the secure chip a transfer permission message which includes the transfer permission data. The transfer permission data indicates a permission for the secure chip to transfer the assignment from the current SM to the new SM. Additional techniques are performed by the secure chip, and the new SM, as described.

Abstract translation: 描述了用于将无线设备的安全芯片的分配从当前移动网络运营商（MNO）的当前订阅管理器（SM）传送到新的MNO的新SM的技术。 在一个说明性示例中，当前SM接收到传送分配的请求，并作为响应产生传送许可数据。 传输许可数据包括安全芯片的标识符，当前SM的标识符和当前SM的数字签名。 当前的SM然后向安全芯片发送包括传输许可数据的传输许可消息。 传输许可数据指示安全芯片允许从当前SM传送分配到新的SM。 附加技术由安全芯片和新SM执行，如所述。

公开(公告)号：WO2010057312A1

公开(公告)日：2010-05-27

申请号：PCT/CA2009/001686

申请日：2009-11-24

Applicant: CERTICOM CORP. ,  O'LOUGHLIN, Daniel ,  SMITH, Keelan ,  FULLER, Jay, Scott ,  KU, Joseph ,  LATTIN, William ,  STRUIK, Marinus ,  POELUEV, Yuri ,  CAMPAGNA, Matthew, J. ,  STIEMERLING, Thomas

Inventor： O'LOUGHLIN, Daniel ,  SMITH, Keelan ,  FULLER, Jay, Scott ,  KU, Joseph ,  LATTIN, William ,  STRUIK, Marinus ,  POELUEV, Yuri ,  CAMPAGNA, Matthew, J. ,  STIEMERLING, Thomas

IPC: G06F21/00 ,  G06F9/445 ,  H04L9/30

CPC classification number: G06F12/1408 ,  G06F21/123 ,  G06F21/57 ,  G06F21/606 ,  G06F21/72 ,  G06F21/73 ,  G06F21/76 ,  G06F21/80 ,  G06F2212/1052 ,  G06F2221/2101 ,  H04L9/0877 ,  H04L9/3066 ,  H04L9/3252 ,  H04L9/3263 ,  H04L9/3273 ,  H04L2209/24

Abstract: An asset management system is provided, which includes a hardware module operating as an asset control core. The asset control core generally includes a small hardware core embedded in a target system on chip that establishes a hardware-based point of trust on the silicon die. The asset control core can be used as a root of trust on a consumer device by having features that make it difficult to tamper with. The asset control core is able to generate a unique identifier for one device and participate in the tracking and provisioning of the device through a secure communication channel with an appliance. The appliance generally includes a secure module that caches and distributes provisioning data to one of many agents that connect to the asset control core, e.g. on a manufacturing line or in an after-market programming session.

Abstract translation: 提供资产管理系统，其中包括作为资产控制核心运行的硬件模块。 资产控制核心通常包括嵌入在目标片上系统中的小型硬件核心，其在硅芯片上建立基于硬件的信任点。 资产控制核心可以作为消费者设备的信任根源，具有使其难以篡改的特征。 资产控制核心能够为一个设备生成唯一的标识符，并通过与设备的安全通信通道参与设备的跟踪和配置。 该设备通常包括一个安全模块，它将配置数据高速缓存并分配给连接到资产控制核心的许多代理之一，例如， 在生产线上或在售后市场的程序设计会议。

公开(公告)号：WO2009073969A1

公开(公告)日：2009-06-18

申请号：PCT/CA2008/002143

申请日：2008-12-11

Applicant: CERTICOM CORP. ,  DASKALOPOULOS, Michael ,  VADEKAR, Ashok ,  WONG, David ,  LATTIN, William ,  O'LOUGHLIN, Daniel ,  SEQUINO, David R.

Inventor： DASKALOPOULOS, Michael ,  VADEKAR, Ashok ,  WONG, David ,  LATTIN, William ,  O'LOUGHLIN, Daniel ,  SEQUINO, David R.

IPC: H04L9/00 ,  H04L9/30 ,  H04L9/32

CPC classification number: H04L63/0428 ,  G06F21/10 ,  G06F21/57 ,  G06F2221/0742 ,  G06F2221/2135 ,  H04L63/061 ,  H04L67/125

Abstract: Trust between entities participating in an upgrade or enablement/disablement process is established and, to facilitate this remotely and securely, a highly tamper resistant point of trust in the system that is being produced is used. This point of trust enables a more efficient distribution system to be used. Through either a provisioning process or at later stages, i.e. subsequent to installation, manufacture, assembly, sale, etc.; the point of trust embodied as a feature controller on the device or system being modified is given a feature set (or updated feature set) that, when validated, is used to enable or disable entire features or to activate portions of the feature.

Abstract translation: 建立参与升级或启用/禁用进程的实体之间的信任，并且为了便于远程和安全地使用正在生产的系统中的高度防篡改的信任点。 这一信任点使得能够使用更有效率的分配系统。 通过供应过程或在稍后的阶段，即在安装，制造，组装，销售等之后; 在被修改的设备或系统上体现为特征控制器的信任点被给予特征集（或更新的特征集），其在被验证时被用于启用或禁用整个特征或激活特征的部分。