公开(公告)号：US20170272942A1

公开(公告)日：2017-09-21

申请号：US15615670

申请日：2017-06-06

Applicant: QUALCOMM Incorporated

Inventor： Olivier Jean Benoit ,  Peerapol Tinnakornsrisuphap

IPC: H04W12/04 ,  H04L9/00 ,  H04W12/06 ,  H04L29/06 ,  H04L9/08 ,  H04L9/32 ,  H04W4/00 ,  H04W12/02

CPC classification number: H04W12/04 ,  H04L9/006 ,  H04L9/0841 ,  H04L9/3265 ,  H04L63/062 ,  H04W4/80 ,  H04W12/02 ,  H04W12/06

Abstract: An apparatus and method for configuring a wireless station for use within a wireless local area network are disclosed. In at least one exemplary embodiment, a pairwise master key is generated by the wireless station and an access point within the wireless local area network. The pairwise master key may be based, at least in part, on a transient identity key pair of the wireless station. The transient identity key pair may be generated by the wireless station in response to receiving a message from the access point. In some embodiments, a public transient identity key of the transient identity key pair may be provided to additional access points to enable the wireless station to authenticate with the additional access points.

公开(公告)号：US20170083355A1

公开(公告)日：2017-03-23

申请号：US14861637

申请日：2015-09-22

Applicant: QUALCOMM Incorporated

Inventor： Olivier Jean Benoit ,  Rosario Cammarota

IPC: G06F9/455 ,  G06F9/54 ,  G06F9/30

CPC classification number: G06F9/45558 ,  G06F9/30098 ,  G06F9/30123 ,  G06F9/384 ,  G06F9/547 ,  G06F2009/4557

Abstract: Aspects of the disclosure are related to a method, apparatus, and system for dynamic register virtualization, comprising: detecting a subroutine call; generating a register virtualization mapping for the subroutine call; applying the register virtualization mapping to instructions within the subroutine call; detecting a return of the subroutine call; and stopping the register virtualization mapping for the subroutine call at the return of the subroutine call.

公开(公告)号：US20160360407A1

公开(公告)日：2016-12-08

申请号：US15097229

申请日：2016-04-12

Applicant: QUALCOMM Incorporated

Inventor： Olivier Jean Benoit ,  Peerapol Tinnakornsrisuphap

IPC: H04W12/06 ,  H04L29/06 ,  H04W12/04

CPC classification number: H04W12/06 ,  H04L63/08 ,  H04W12/003 ,  H04W12/04 ,  H04W84/12

Abstract: A system and method for distributed storage and/or management of network credentials in a wireless network. A first device of the wireless network receives a set of network credentials from a first configurator. The network credentials may be used to authorize one or more devices to access the wireless network. The first device further receives a user authentication credential from a second device, and authenticates the second device as a second configurator for the wireless network based at least in part on the user authentication credential. Upon authenticating the second device as the second configurator, the first device may then transmit the set of network credentials to the second configurator.

Abstract translation: 一种用于在无线网络中分布式存储和/或管理网络凭证的系统和方法。 无线网络的第一设备从第一配置器接收一组网络凭证。 网络凭证可用于授权一个或多个设备访问无线网络。 第一设备还从第二设备接收用户认证证书，并且至少部分地基于用户认证证书将第二设备认证为无线网络的第二配置器。 在将第二设备认证为第二配置器时，第一设备可以将该组网络凭证发送到第二配置器。

公开(公告)号：US09288672B2

公开(公告)日：2016-03-15

申请号：US14207005

申请日：2014-03-12

Applicant: QUALCOMM Incorporated

Inventor： Olivier Jean Benoit ,  Cameron Allen George McDonald

IPC: H04L29/06 ,  H04W12/06 ,  H04L9/32 ,  H04W12/04

CPC classification number: H04W12/06 ,  H04L9/321 ,  H04L9/3265 ,  H04L63/0823 ,  H04L2209/805 ,  H04W12/04

Abstract: A remote station is configured with a certificate from a local root certificate authority for securing a wireless network. To configure the certificate, the remote station forwards a station public key to the local root certificate authority. The station public key is forwarded out-of-band of the wireless network. The remote station receives a certificate and a root public key from the local root certificate authority. The certificate is generated by the local root certificate authority based on the forwarded station public key, and the certificate and the root public key are received out-of-band of the wireless network. The remote station securely communicates, using the wireless network, with another station based on the certificate and the root public key.

Abstract translation: 远程站配置有来自本地根证书颁发机构的证书以保护无线网络。 要配置证书，远程站将站公钥转发到本地根证书颁发机构。 无线网络的带外转发站公钥。 远程站从本地根证书颁发机构接收证书和根公钥。 证书由本地根证书颁发机构基于转发的站公钥生成，证书和根公钥被接收到无线网络的带外。 远程站基于证书和根公钥，使用无线网络安全地与另一站通信。

公开(公告)号：US20160028725A1

公开(公告)日：2016-01-28

申请号：US14341703

申请日：2014-07-25

Applicant: QUALCOMM Incorporated

Inventor： Olivier Jean Benoit ,  Laurence Geoffrey Lundblade ,  Asaf Ashkenazi

IPC: H04L29/06 ,  G06F17/30

CPC classification number: H04L63/0869 ,  G06F17/30371 ,  G06F21/64 ,  G06F21/645 ,  G06F21/79 ,  H04L63/1466

Abstract: An integrated circuit may comprise a secure volatile memory configured to store first data-validity information associated with first data stored in an external nonvolatile memory; and a secure processor configured to: retrieve the first data-validity information from a secure remote server over a secure communication channel, wherein the secure processor uses mutual authentication with the secure remote server to secure the secure communication channel; store the first data-validity information in the secure volatile memory; retrieve the first data from the external nonvolatile memory; obtain second data-validity information associated with the first data; compare the first data-validity information stored in the secure volatile memory with the second data-validity information to generate a comparison value; and determine, based on the comparison value, whether the first data is valid.

Abstract translation: 集成电路可以包括被配置为存储与存储在外部非易失性存储器中的第一数据相关联的第一数据有效性信息的安全易失性存储器; 以及安全处理器，其被配置为：通过安全通信信道从安全远程服务器检索第一数据有效性信息，其中所述安全处理器使用与所述安全远程服务器的相互认证来保护所述安全通信信道; 将第一数据有效性信息存储在安全易失性存储器中; 从外部非易失性存储器检索第一数据; 获得与所述第一数据相关联的第二数据有效性信息; 将存储在安全易失性存储器中的第一数据有效性信息与第二数据有效性信息进行比较以生成比较值; 并且基于所述比较值来确定所述第一数据是否有效。

公开(公告)号：US20150229475A1

公开(公告)日：2015-08-13

申请号：US14616551

申请日：2015-02-06

Applicant: QUALCOMM Incorporated

Inventor： Olivier Jean Benoit ,  Jouni Kalevi Malinen ,  Peerapol Tinnakornsrisuphap

IPC: H04L9/30 ,  H04L9/14

CPC classification number: H04L9/30 ,  G06F21/34 ,  G06F21/36 ,  G06F21/41 ,  G06F21/42 ,  H04L9/0825 ,  H04L9/14 ,  H04L63/0823 ,  H04L63/0853 ,  H04L63/0869 ,  H04L63/10 ,  H04L63/18 ,  H04L63/20 ,  H04L2209/24 ,  H04W12/06

Abstract: Device provisioning (e.g., enrollment, configuration, and/or authentication) of a client device with a network device may be assisted using a configurator device. The configurator device may obtain a client public key associated with the client device and send the client public device to the network device. The network device may use the client public key in an authentication process between the network device and the client device. Following the authentication process, the client device may be configured for use with the network device to gain access to other network resources. In this manner, permission to gain access to the network device can be transparent to the user, often without the user having to enter codes or passwords.

Abstract translation: 可以使用配置器设备辅助具有网络设备的客户端设备的设备配置（例如，注册，配置和/或认证）。 配置器设备可以获得与客户端设备相关联的客户端公钥，并将客户端公共设备发送到网络设备。 网络设备可以在网络设备和客户端设备之间的认证过程中使用客户端公钥。 在认证过程之后，可以将客户端设备配置为与网络设备一起使用以获得对其他网络资源的访问。 以这种方式，允许访问网络设备对于用户来说可以是透明的，通常没有用户必须输入代码或密码。

公开(公告)号：US09100382B2

公开(公告)日：2015-08-04

申请号：US13843395

申请日：2013-03-15

Applicant: QUALCOMM Incorporated

Inventor： Olivier Jean Benoit ,  Anand Palanigounder ,  Sai Yiu Duncan Ho ,  Aram Perez ,  Bibhu Prasad Mohanty ,  Etan Gur Cohen

IPC: G06F13/00 ,  H04L29/06 ,  G06F11/30 ,  H04W12/04 ,  G06F13/10 ,  H04W12/06 ,  H04W4/00

CPC classification number: H04L63/062 ,  G06F11/3051 ,  G06F13/10 ,  H04L63/08 ,  H04W4/80 ,  H04W12/04 ,  H04W12/06

Abstract: A configuration device is disclosed for configuring a network device in a communication network. The configuration device initiates pairing operations with the network device via a short-range communication connection. The configuration device determines whether the network device is in a registered state or an unregistered state. If the configuration device determines that the network device is in the unregistered state, the configuration device establishes a secure short-range communication channel between the configuration device and the network device. The configuration device transmits a network key to the network device via the secure short-range communication channel for configuring the network device to communicatively connect to the communication network. If the configuration device determines that the network device is in the registered state, the configuration device determines whether to unregister the network device.

Abstract translation: 公开了一种用于在通信网络中配置网络设备的配置设备。 配置设备通过短距离通信连接启动与网络设备的配对操作。 配置设备确定网络设备是处于注册状态还是未注册状态。 如果配置设备确定网络设备处于未注册状态，则配置设备在配置设备和网络设备之间建立安全的短距离通信信道。 配置设备通过安全短距离通信信道将网络密钥发送到网络设备，用于配置网络设备以通信方式连接到通信网络。 如果配置设备确定网络设备处于注册状态，则配置设备确定是否取消注册网络设备。

公开(公告)号：US20140376721A1

公开(公告)日：2014-12-25

申请号：US14308382

申请日：2014-06-18

Applicant: QUALCOMM Incorporated

Inventor： Aram Perez ,  Olivier Jean Benoit

IPC: H04L9/30 ,  H04W4/00

CPC classification number: H04L9/30 ,  H04L9/0838 ,  H04L9/3226 ,  H04L2209/24 ,  H04L2209/80 ,  H04L2209/805 ,  H04W4/80 ,  H04W12/04 ,  H04W12/06

Abstract: A system comprises an access point and a client device. The access point receives, using near field communication (NFC) technology, a public key associated with the client device and sends, using NFC technology, a public key associated with the access point. The access point further encrypts configuration data associated with a network and sends the encrypted configuration data to the client device. The client device receives, using NFC technology, a command indicating that a public key associated with the client device is to be sent to the access point and sends, using NFC technology, the public key to the access point. The client device further receives, using NFC technology, a public key associated with the access point and configures the client device to wirelessly connect to a network associated with the access point.

Abstract translation: 系统包括接入点和客户端设备。 接入点使用近场通信（NFC）技术接收与客户端设备相关联的公共密钥，并使用NFC技术发送与接入点相关联的公开密钥。 接入点进一步加密与网络相关联的配置数据，并将加密的配置数据发送到客户端设备。 客户端设备使用NFC技术接收指示与客户端设备相关联的公钥将被发送到接入点的命令，并使用NFC技术将公钥发送到接入点。 客户端设备还使用NFC技术来接收与接入点相关联的公开密钥，并且配置客户端设备以无线方式连接到与该接入点相关联的网络。

公开(公告)号：US20180248694A1

公开(公告)日：2018-08-30

申请号：US15970395

申请日：2018-05-03

Applicant: QUALCOMM Incorporated

Inventor： Olivier Jean Benoit ,  Jouni Kalevi Malinen ,  Peerapol Tinnakornsrisuphap

IPC: H04L9/30 ,  H04W12/06 ,  H04L29/06 ,  G06F21/41 ,  H04L9/08 ,  H04L9/14 ,  G06F21/34 ,  G06F21/42 ,  G06F21/36

CPC classification number: H04L9/30 ,  G06F21/34 ,  G06F21/36 ,  G06F21/41 ,  G06F21/42 ,  H04L9/0825 ,  H04L9/14 ,  H04L63/0823 ,  H04L63/0853 ,  H04L63/0869 ,  H04L63/10 ,  H04L63/18 ,  H04L63/20 ,  H04L2209/24 ,  H04W12/06

Abstract: Device provisioning (e.g., enrollment, configuration, and/or authentication) of a client device with a network device may be improved. A client device may receive a first nonce and a network public key associated with the network device. The client device may generate a second nonce and provide the second nonce with an authentication request having at least a portion that is derived from a shared key. The shared key may be based on the first nonce, the second nonce, the network public key, and a client private key. A configurator device may assist in the transfer of nonces or keys. Following the authentication process, the client device may be configured for use with the network device to gain access to other network resources. In this manner, permission to gain access to the network device can be transparent to the user, often without the user having to enter codes or passwords.

公开(公告)号：US10009763B2

公开(公告)日：2018-06-26

申请号：US15615670

申请日：2017-06-06

Applicant: QUALCOMM Incorporated

Inventor： Olivier Jean Benoit ,  Peerapol Tinnakornsrisuphap

IPC: H04M3/16 ,  H04W12/04 ,  H04L29/06 ,  H04L9/00 ,  H04L9/08 ,  H04W12/06 ,  H04L9/32 ,  H04W12/02 ,  H04W4/00 ,  H04W4/80

CPC classification number: H04W12/04 ,  H04L9/006 ,  H04L9/0841 ,  H04L9/3265 ,  H04L63/062 ,  H04W4/80 ,  H04W12/003 ,  H04W12/00522 ,  H04W12/02 ,  H04W12/06

Abstract: An apparatus and method for configuring a wireless station for use within a wireless local area network are disclosed. In at least one exemplary embodiment, a pairwise master key is generated by the wireless station and an access point within the wireless local area network. The pairwise master key may be based, at least in part, on a transient identity key pair of the wireless station. The transient identity key pair may be generated by the wireless station in response to receiving a message from the access point. In some embodiments, a public transient identity key of the transient identity key pair may be provided to additional access points to enable the wireless station to authenticate with the additional access points.