公开(公告)号：US20140323154A1

公开(公告)日：2014-10-30

申请号：US14324916

申请日：2014-07-07

Applicant: Broadcom Corporation

Inventor： Charles ABRAHAM ,  Mark BUER ,  David GARRETT ,  Jeyhan KARAOGUZ ,  David LUNDGREN ,  David MURRY

IPC: H04W64/00

CPC classification number: H04W64/003 ,  G01S5/0236 ,  G01S19/05 ,  H04W4/029 ,  H04W12/06 ,  H04W64/00

Abstract: A servicing communication device may receive a subset of a location reference database that is maintained by a plurality of location servers, and may provide location related data to a mobile device that is communicatively coupled to the servicing communication device based on the received subset. The servicing communication device may determine capabilities and/or requirements of the mobile device, and may generate the location related data based on that determination. The servicing communication device may determine attributes and/or parameters that may affect determination of the subset of the location reference database. The subset of location reference database may be requested based on the determined attributes and/or parameters. The attributes and/or parameters may comprise a location of the servicing communication device. The servicing communication device may determine its location, directly based on GNSS transmissions and/or indirectly based on assisted GNSS (A-GNSS) data received from the plurality of location servers.

Abstract translation: 服务通信设备可以接收由多个位置服务器维护的位置参考数据库的子集，并且可以基于所接收的子集向通信地耦合到服务通信设备的移动设备提供位置相关数据。 服务通信设备可以确定移动设备的能力和/或要求，并且可以基于该确定来生成位置相关数据。 服务通信设备可以确定可能影响位置参考数据库的子集的确定的属性和/或参数。 可以基于所确定的属性和/或参数来请求位置参考数据库的子集。 属性和/或参数可以包括服务通信设备的位置。 服务通信设备可以直接基于GNSS传输和/或间接地基于从多个位置服务器接收到的辅助GNSS（A-GNSS）数据来确定其位置。

公开(公告)号：US20140053257A1

公开(公告)日：2014-02-20

申请号：US14065277

申请日：2013-10-28

Applicant: Broadcom Corporation

Inventor： Mark BUER

IPC: H04W12/06

CPC classification number: G06Q20/3674 ,  G06F21/34 ,  G06F21/41 ,  G06F21/445 ,  G06F2221/2129 ,  G06Q20/24 ,  G06Q2220/00 ,  H04L63/08 ,  H04L63/0853 ,  H04W12/06

Abstract: A universal authentication token is configured to securely acquire security credentials from other authentication tokens and/or devices. In this manner, a single universal authentication token can store the authentication credentials required to access a variety of resources, services and applications for a user. The universal authentication token includes a user interface, memory for storing a plurality of authentication records for a user, and a secure processor. The secure processor provides the required cryptographic operations to encrypt, decrypt, and/or authenticate data that is sent or received by universal token. For example, secure processor may be used to generate authentication data from seed information stored in memory.

Abstract translation: 通用认证令牌被配置为从其他认证令牌和/或设备安全地获取安全凭证。 以这种方式，单个通用认证令牌可以存储访问用户的各种资源，服务和应用所需的认证凭证。 通用认证令牌包括用户界面，用于存储用户的多个认证记录的存储器和安全处理器。 安全处理器提供所需的加密操作来加密，解密和/或认证由通用令牌发送或接收的数据。 例如，可以使用安全处理器来从存储在存储器中的种子信息生成认证数据。

公开(公告)号：US20160248595A1

公开(公告)日：2016-08-25

申请号：US15066490

申请日：2016-03-10

Applicant: Broadcom Corporation

Inventor： Mark BUER ,  Ed FRANK ,  Nambi SESHADRI

IPC: H04L9/32 ,  H04L29/06 ,  H04W12/06 ,  H04L9/30

CPC classification number: H04L9/3263 ,  H04L9/30 ,  H04L9/321 ,  H04L63/06 ,  H04L63/068 ,  H04L63/0823 ,  H04L63/0861 ,  H04L63/0884 ,  H04W12/06

Abstract: Techniques are provided for users to authenticate themselves to components in a system. The users may securely and efficiently enter credentials into the components. These credentials may be provided to a server in the system with strong authentication that the credentials originate from secure components. The server may then automatically build a network by securely distributing keys to each secure component to which a user presented credentials.

Abstract translation: 为用户提供了技术来对系统中的组件进行身份验证。 用户可以安全有效地将凭据输入到组件中。 这些凭证可以被提供给具有认证的系统中的服务器，证书来自安全组件。 然后，服务器可以通过将密钥安全地分发给用户呈现证书的每个安全组件来自动构建网络。

公开(公告)号：US20160132586A1

公开(公告)日：2016-05-12

申请号：US14996390

申请日：2016-01-15

Applicant: Broadcom Corporation

Inventor： Alexander MacInnis ,  Arya BEHZAD ,  Mark BUER ,  Jeyhan KARAOGUZ ,  Thomas QUIGLEY ,  John WALLEY

IPC: G06F17/30

CPC classification number: G06F16/285 ,  A61B3/112 ,  A61B3/113 ,  A61B5/002 ,  A61B5/0022 ,  A61B5/0024 ,  A61B5/02055 ,  A61B5/024 ,  A61B5/0402 ,  A61B5/0476 ,  A61B5/0488 ,  A61B5/0531 ,  A61B5/0816 ,  A61B5/1112 ,  A61B5/117 ,  A61B5/16 ,  A61B5/165 ,  A61B5/4803 ,  A61B5/681 ,  A61B5/6814 ,  G01D9/005 ,  G01D21/00 ,  G06F16/2379 ,  G06F16/84 ,  G06K9/00892 ,  G06K9/00979 ,  H04L63/0861 ,  H04M1/7253 ,  H04M1/72569 ,  H04M2250/10 ,  H04M2250/12 ,  H04W12/06 ,  H04W88/02

Abstract: A system and method is provided for processing and storing captured data in a wireless communication device based on detected biometric event data. The captured data may be acquired through a data acquisition system with devices or sensors in an integrated or distributed configuration. The captured data may include multimedia data of an event with time, date and/or location stamping, and captured physiological and behavioral biometric event data in response to the event. The captured data may be dynamically stored in a data binding format or as raw data in a local host device or communicated externally to be stored in a remote host or storage. At least one user preference may be specified for linking a biometric event data to the mapped, analyzed, categorized and stored captured data in a database. Captured data may be retrieved by matching biometric event data to at least one user preference from the database.

公开(公告)号：US20160080928A1

公开(公告)日：2016-03-17

申请号：US14949396

申请日：2015-11-23

Applicant: BROADCOM CORPORATION

Inventor： Jeyhan KARAOGUZ ,  Arya BEHZAD ,  Mark BUER ,  Alexander G. MACINNIS ,  Thomas QUIGLEY ,  John WALLEY

IPC: H04W8/18 ,  H04W8/24 ,  H04W8/20

CPC classification number: H04W8/18 ,  H04W8/20 ,  H04W8/205 ,  H04W8/24 ,  H04W8/245

Abstract: A first personal electronic (PE) device may enable generation, updating, and/or storage of user configuration information. The user configuration information may comprise information pertaining to device configuration and/or operational preferences specific to the device user and/or various use settings, connectivity, and/or use of available resources. The generation, updating, and/or storage of the user configuration information may be performed manually and/or automatically, and may be performed directly within the first PE device and/or via networked devices, which may communicatively coupled to the first PE device. A second PE device may be enabled to be communicatively coupled to the first PE device and/or the networked devices. The second PE device may then be enabled to download existing user configuration information from the first PE device and/or the networked device, and the downloaded user configuration may be utilized to configure the second PE device.

Abstract translation: 第一个人电子（PE）设备可以实现用户配置信息的生成，更新和/或存储。 用户配置信息可以包括与设备用户特有的设备配置和/或操作首选项有关的信息和/或可用资源的各种使用设置，连接性和/或使用。 可以手动和/或自动地执行用户配置信息的生成，更新和/或存储，并且可以直接在第一PE设备内和/或经由可以通信地耦合到第一PE设备的网络设备执行。 可以使第二PE设备能够通信地耦合到第一PE设备和/或网络设备。 然后可以使第二PE设备从第一PE设备和/或联网设备下载现有的用户配置信息，并且下载的用​​户配置可以用于配置第二PE设备。

公开(公告)号：US20150358377A1

公开(公告)日：2015-12-10

申请号：US14818789

申请日：2015-08-05

Applicant: BROADCOM CORPORATION

Inventor： Mark BUER ,  Arya Behzad ,  Jeyhan Karaoguz ,  Alexander Maclnnis ,  Thomas Quigley ,  John Walley

IPC: H04L29/06 ,  G09G5/00

CPC classification number: H04L65/601 ,  G09G5/005 ,  H04L65/60 ,  H04L2463/101 ,  H04W12/08 ,  H04W84/12 ,  H04W84/18

Abstract: A handheld wireless communication device (HWCD) establishes an ad hoc network comprising interconnected networks for a user. The HWCD gains access to content on a first device and controls communication of the content from the first device via the HWCD to a second device. The HWCD enables the second device to consume the content. The content may be streamed from the first device via the HWCD to the second device. The first device is a service provider network device or other network device. The access may be authenticated and/or secure. Secure access to the content is extended from the first device to the second device. The ad hoc network is configured and/or reconfigured until communication is complete. The HWCD comprises multiple wireless interfaces. The ad hoc network comprises a PAN, WLAN, WAN and/or cellular network. The HWCD may hand-off among base stations during communication of the content.

Abstract translation: 手持无线通信设备（HWCD）建立包括用户的互连网络的自组织网络。 HWCD获得对第一设备上的内容的访问，并且控制内容从第一设备经由HWCD到第二设备的通信。 HWCD使第二个设备能够使用内容。 内容可以从第一设备经由HWCD流传输到第二设备。 第一设备是服务提供商网络设备或其他网络设备。 访问可以被认证和/或安全。 对内容的安全访问从第一个设备扩展到第二个设备。 ad hoc网络被配置和/或重新配置直到通信完成。 HWCD包括多个无线接口。 该自组织网络包括PAN，WLAN，WAN和/或蜂窝网络。 在通信内容时，HWCD可能会在基站之间切换。

公开(公告)号：US20150126158A1

公开(公告)日：2015-05-07

申请号：US14589753

申请日：2015-01-05

Applicant: Broadcom Corporation

Inventor： Mark BUER ,  Charles ABRAHAM ,  David GARRETT ,  Jeyhan KARAOGUZ ,  David LUNDGREN ,  David MURRAY

IPC: H04W64/00 ,  H04W12/06 ,  H04W52/28 ,  H04W48/04

CPC classification number: H04W64/00 ,  G01S5/12 ,  G01S11/06 ,  G01S11/08 ,  H04W4/02 ,  H04W12/06 ,  H04W48/04 ,  H04W52/283

Abstract: A transmitting communication device may iteratively adjust its transmit power, and may estimate, based on iterative transmit power adjustment, relative location of a receiving communication device. The transmit power may be initialized to a maximum value, and the transmit power may be iteratively reduced until connectivity with the receiving communication device is lost. The loss of connectivity may be determined based on reception of responses to ping messages transmitted by the transmitting communication device. The transmitting communication device may authenticate the receiving communication device and/or a user of the receiving communication device. The authentication may comprises utilizing transmit power adjustment and/or relative location estimation therefrom to ensure that a separation between the devices does not exceed a maximum value. The transmitting communication device may generate location info associated with the receiving communication device based on the relative location estimation, and may communicate the location info to a location server.

Abstract translation: 发射通信设备可以迭代地调整其发射功率，并且可以基于迭代发射功率调整来估计接收通信设备的相对位置。 发射功率可以被初始化为最大值，并且可以迭代地减少发射功率，直到与接收通信设备的连接丢失。 可以基于对由发送通信设备发送的ping消息的响应的接收来确定连接性的损失。 发送通信设备可以认证接收通信设备和/或接收通信设备的用户。 认证可以包括利用传输功率调整和/或相对位置估计来确保设备之间的间隔不超过最大值。 发送通信设备可以基于相对位置估计生成与接收通信设备相关联的位置信息，并且可以将位置信息传送到位置服务器。

公开(公告)号：US20150058620A1

公开(公告)日：2015-02-26

申请号：US14447131

申请日：2014-07-30

Applicant: Broadcom Corporation

Inventor： Mark BUER ,  Ed FRANK ,  Nambi SESHADRI

IPC: H04L29/06 ,  H04W4/00 ,  H04W4/02 ,  G06Q20/32

CPC classification number: H04L63/0823 ,  G06F21/35 ,  G06Q20/327 ,  G07C9/00007 ,  H04L9/32 ,  H04L63/0492 ,  H04L63/0807 ,  H04L63/0853 ,  H04L63/0861 ,  H04L2209/805 ,  H04W4/021 ,  H04W4/80

Abstract: An authorized user may be provided access to a service only when a wireless token assigned to the user is in the proximity of a computing device. A user's credential may be stored on an RFID token and an RFID reader may be implemented within a security boundary on the computing device. Thus, the credential may be passed to the security boundary without passing through the computing device via software messages or applications. The security boundary may be provided, in part, by incorporating the RFID reader onto the same chip as a cryptographic processing component. Once the information is received by the RFID reader it may be encrypted within the chip. As a result, the information may never be presented in the clear outside of the chip. The cryptographic processing component may cryptographically encrypt/sign the credential received from the token.

Abstract translation: 只有当分配给用户的无线令牌处于计算设备附近时，才可以向授权用户提供对服务的访问。 用户的证书可以存储在RFID令牌上，并且可以在计算设备上的安全边界内实现RFID读取器。 因此，凭证可以被传递到安全边界，而不经由软件消息或应用程序通过计算设备。 可以部分地通过将RFID读取器结合到与密码处理部件相同的芯片上来提供安全边界。 一旦RFID读取器接收到信息，它可以在芯片内进行加密。 因此，信息可能永远不会出现在芯片外面。 加密处理组件可以对从令牌接收到的凭证进行密码加密/签名。

公开(公告)号：US20140298412A1

公开(公告)日：2014-10-02

申请号：US14231581

申请日：2014-03-31

Applicant: Broadcom Corporation

Inventor： Mark BUER

IPC: H04L9/32

CPC classification number: H04L9/32 ,  H04L9/3226 ,  H04L9/3234 ,  H04L9/3263 ,  H04L9/3271 ,  H04L63/08 ,  H04L63/126

Abstract: Systems and methods for securing a credential generated by or stored in an authentication token during an attempt to access a service, application, or resource are provided. A secure processor receives a credential from an authentication token and securely stores the credential. The secure processor then verifies the identity of the individual attempting to use the authentication token and cryptographically verifies the identity of the server being accessed. The credential is only released for transmission to the server if both the identity of the individual and the identity of the server are successfully verified. Alternatively, a secure connection is established between the secure processor and the server being accessed and a secure connection is established between the secure processor and a computing device. The establishment of the secure connections verifies the identity of the server. After the secure connections are established, the identity of the user is verified.

Abstract translation: 提供了在尝试访问服务，应用或资源期间确保由认证令牌生成或存储在认证令牌中的证书的系统和方法。 安全处理器从认证令牌接收凭证并安全地存储证书。 然后，安全处理器验证尝试使用认证令牌的个体的身份，并且密码地验证被访问的服务器的身份。 如果个人的身份和服务器的身份均已成功验证，则凭据仅发布给服务器才能传输。 或者，在安全处理器和被访问的服务器之间建立安全连接，并且在安全处理器和计算设备之间建立安全连接。 安全连接的建立验证服务器的身份。 建立安全连接后，验证用户的身份。

公开(公告)号：US20140115324A1

公开(公告)日：2014-04-24

申请号：US14137204

申请日：2013-12-20

Applicant: Broadcom Corporation

Inventor： Mark BUER

IPC: H04L29/06 ,  H04L9/08

CPC classification number: H04L63/0861 ,  H04L9/085 ,  H04L9/0861 ,  H04L9/3231 ,  H04L63/0823 ,  H04L2209/805

Abstract: Systems and methods for secure remote biometric authentication are provided. A network-based biometric authentication platform stores biometric templates for individuals which have been securely enrolled with the authentication platform. A plurality of sensor platforms separately establishes secure communications with the biometric authentication platform. The sensor platform can perform a biometric scan of an individual and generate a biometric authentication template. The sensor platform then requests biometric authentication of the individual by the biometric authentication platform via the established secure communications. The biometric authentication platform compares the generated biometric template to one or more of the enrolled biometric templates stored in memory at the biometric authentication platform. The result of the authentication is then communicated to the requesting sensor platform via the established secure communications.

Abstract translation: 提供了用于安全远程生物认证的系统和方法。 基于网络的生物识别认证平台为已经安全地注册认证平台的个人存储生物识别模板。 多个传感器平台分别建立与生物特征认证平台的安全通信。 传感器平台可以执行个体的生物特征扫描，并生成生物识别模板。 然后，传感器平台通过所建立的安全通信由生物认证平台请求个人的生物特征认证。 生物特征认证平台将生成的生物特征模板与存储在生物认证平台的存储器中的一个或多个登记的生物特征模板进行比较。 然后通过建立的安全通信将认证的结果传送到请求传感器平台。