公开(公告)号：US10104492B2

公开(公告)日：2018-10-16

申请号：US13037916

申请日：2011-03-01

Applicant: Rocco DiGirolamo ,  Inhyok Cha ,  Paul L. Russell, Jr. ,  Nicholas J. Podias ,  Jean-Louis Gauvreau ,  Dale N. Seed ,  Ana Lucia Pinheiro ,  Michael F. Starsinic ,  Chonggang Wang

Inventor： Rocco DiGirolamo ,  Inhyok Cha ,  Paul L. Russell, Jr. ,  Nicholas J. Podias ,  Jean-Louis Gauvreau ,  Dale N. Seed ,  Ana Lucia Pinheiro ,  Michael F. Starsinic ,  Chonggang Wang

IPC: G06F15/173 ,  H04W4/00 ,  H04L29/08 ,  H04W4/70

Abstract: A machine-to-machine (M2M) gateway (GW) includes reachability, addressing, and repository (RAR) capability. The GW maintains a local mapping table and local device application repository, performs data aggregation, address/name translation, provides event reporting and establishes GW reachability and wake-up time. The GW supports requests from M2M applications or other capabilities within the GW, and from a network and application (N&A) domain RAR. The GW may include an M2M device and M2M gateway management (MDGM) capability that receives management requests for an M2M device and functions as a network proxy. The MDGM accepts and processes requests from the N&A domain on behalf of the M2M device and performs management functions of the M2M device on behalf of the N&A domain. The MDGM may request the N&A domain for permission to interact with the M2M device, initiate an interaction for device management tasks with the M2M device, and report to the N&A domain.

公开(公告)号：US08914674B2

公开(公告)日：2014-12-16

申请号：US13289154

申请日：2011-11-04

Applicant: Yogendra C. Shah ,  Lawrence Case ,  Dolores F. Howry ,  Inhyok Cha ,  Andreas Leicher ,  Andreas Schmidt

Inventor： Yogendra C. Shah ,  Lawrence Case ,  Dolores F. Howry ,  Inhyok Cha ,  Andreas Leicher ,  Andreas Schmidt

IPC: G06F11/00 ,  H04W12/10 ,  G06F21/10 ,  G06F21/57

CPC classification number: G06F11/0709 ,  G06F11/0751 ,  G06F11/079 ,  G06F11/0793 ,  G06F11/08 ,  G06F21/10 ,  G06F21/575 ,  G06F2221/2103 ,  G06F2221/2111 ,  H04L63/123 ,  H04M1/24 ,  H04W8/22 ,  H04W12/10 ,  H04W24/02

Abstract: A wireless communications device may be configured to perform integrity checking and interrogation with a network entity to isolate a portion of a failed component on the wireless network device for remediation. Once an integrity failure is determined on a component of the device, the device may identify a functionality associated with the component and indicate the failed functionality to the network entity. Both the wireless network device and the network entity may identify the failed functionality and/or failed component using a component-to-functionality map. After receiving an indication of an integrity failure at the device, the network entity may determine that one or more additional iterations of integrity checking may be performed at the device to narrow the scope of the integrity failure on the failed component. Once the integrity failure is isolated, the network entity may remediate a portion of the failed component on the wireless communications device.

Abstract translation: 无线通信设备可以被配置为执行与网络实体的完整性检查和询问，以隔离无线网络设备上的故障组件的一部分以进行修复。 一旦在设备的组件上确定完整性故障，则设备可以识别与组件相关联的功能并且向网络实体指示失败的功能。 无线网络设备和网络实体都可以使用组件到功能映射来识别故障功能和/或故障组件。 在接收到设备上的完整性故障的指示之后，网络实体可以确定可以在设备处执行完整性检查的一个或多个附加迭代以缩小故障组件上的完整性故障的范围。 一旦完整性故障被隔离，则网络实体可以修复无线通信设备上的故障组件的一部分。

公开(公告)号：US08707409B2

公开(公告)日：2014-04-22

申请号：US11843517

申请日：2007-08-22

Applicant: Yogendra C. Shah ,  Inhyok Cha ,  Alexander Reznik

Inventor： Yogendra C. Shah ,  Inhyok Cha ,  Alexander Reznik

IPC: G06F7/04

CPC classification number: H04L63/0442 ,  G06F21/41 ,  H04L63/0815 ,  H04L63/083 ,  H04L63/0884

Abstract: A method and apparatus for password management and single sign-on (SSO) access based on trusted computing (TC) technology. The methods implement the Trusted Computing Group (TCG)'s trusted platform module (TPM), which interacts with both proxy SSO unit and web-accessing applications to provide a secure, trusted mechanism to generate, store, and retrieve passwords and SSO credentials. The various embodiments of the present invention allow a user to hop securely and transparently from one site to another that belong to a pre-identified group of sites, after signing on just once to a secured proxy residing at the user's device.

Abstract translation: 一种基于可信计算（TC）技术的密码管理和单点登录（SSO）访问的方法和装置。 该方法实施了可信计算组（TCG）的可信平台模块（TPM），该平台模块与代理SSO单元和Web访问应用程序进行交互，以提供安全可靠的机制来生成，存储和检索密码和SSO凭据。 本发明的各种实施例允许用户在仅驻留在用户设备上的安全代理器一次登录之后，从属于预先识别的站点组的一个站点到另一站点安全地和透明地跳转。

公开(公告)号：US08675617B2

公开(公告)日：2014-03-18

申请号：US11753115

申请日：2007-05-24

Applicant: Inhyok Cha ,  Keith Baldwin ,  Yingxue Li

Inventor： Inhyok Cha ,  Keith Baldwin ,  Yingxue Li

IPC: H04W4/00

CPC classification number: H01Q3/2611 ,  H04L1/1887 ,  H04W84/12 ,  H04W88/02

Abstract: A client station in a wireless local area network (WLAN) communication system includes a beam commutation algorithm and a smart antenna responsive to the beam commutation algorithm for selecting one of a plurality of directional antenna beams. The smart antenna is configured as a virtual omni-directional antenna by using a commutation of switched directional antenna beams. A switched directional antenna system that performs a commutation sequencing can be blind to environmental conditions and changes.

Abstract translation: 无线局域网（WLAN）通信系统中的客户站包括波束换向算法和响应于波束换向算法的智能天线，用于选择多个定向天线波束中的一个。 通过使用切换的定向天线波束的换向将智能天线配置为虚拟全向天线。 执行换向排序的开关定向天线系统可能对环境条件和变化无视。

公开(公告)号：US08630620B2

公开(公告)日：2014-01-14

申请号：US12019755

申请日：2008-01-25

Applicant: Inhyok Cha ,  Yogendra C. Shah ,  Chunxuan Ye

Inventor： Inhyok Cha ,  Yogendra C. Shah ,  Chunxuan Ye

IPC: H04M3/16 ,  H04M1/00 ,  H04B1/38 ,  H04W24/00 ,  H04K1/00 ,  H04L9/32

CPC classification number: H04W12/08 ,  H04L63/04 ,  H04L63/102 ,  H04L63/107 ,  H04W8/08 ,  H04W12/02 ,  H04W12/10

Abstract: A method and apparatus for securing location information and access control using the location information are disclosed. A wireless transmit/receive unit (WTRU) includes a location sensing entity and a subscriber identity module (SIM). The location sensing entity generates location information of the WTRU and the location information is embedded in a message in an SIM. A trusted processing module in the WTRU verifies integrity of the location information. The trusted processing module may be on the SIM. The location information may be physical location information or contextual location-related information. The trusted processing module is configured to cryptographically secure and bind the location information to the WTRU, and verify trust metrics of an external entity prior to granting an access to the location information or accepting information from the external entity. The trusted processing module may be a trusted computing group (TCG) trusted platform module (TPM) or mobile trusted module (MTM). The location information may be used for an authentication purpose or access control. The location information may be combined with time information.

Abstract translation: 公开了一种使用位置信息来保护位置信息和访问控制的方法和装置。 无线发射/接收单元（WTRU）包括位置感测实体和用户识别模块（SIM）。 位置感测实体生成WTRU的位置信息，并且将位置信息嵌入在SIM中的消息中。 WTRU中的可信处理模块验证位置信息的完整性。 可信处理模块可以在SIM上。 位置信息可以是物理位置信息或上下文位置相关信息。 可信处理模块被配置为将位置信息密码地安全地绑定到WTRU，并且在授予对位置信息的访问或接受来自外部实体的信息之前验证外部实体的信任度量。 可信处理模块可以是可信计算组（TCG）可信平台模块（TPM）或移动可信模块（MTM）。 位置信息可以用于认证目的或访问控制。 位置信息可以与时间信息组合。

公开(公告)号：US08504110B2

公开(公告)日：2013-08-06

申请号：US11066915

申请日：2005-02-25

Applicant: Arty Chandra ,  Inhyok Cha ,  Paul Marinier ,  Vincent Roy

Inventor： Arty Chandra ,  Inhyok Cha ,  Paul Marinier ,  Vincent Roy

IPC: H04M1/00

CPC classification number: H04W24/02 ,  H04B7/0628 ,  H04B7/0689 ,  H04W28/18 ,  H04W84/12

Abstract: A system for exchanging smart antenna capability information between a transmitting station (STA) and a receiving STA in a wireless communication system includes an antenna capability information element (IE) that includes information regarding the capability of the transmitting STA. The antenna capability IE is sent from the transmitting STA to the receiving STA prior to data transmission between the transmitting STA and the receiving STA. When used in a wireless local area network, the antenna capability IE can be sent as part of a management frame, control frame, or data frame.

Abstract translation: 一种用于在无线通信系统中的发送站（STA）和接收STA之间交换智能天线能力信息的系统包括：天线能力信息元素（IE），其包括关于发送STA的能力的信息。 在发送STA和接收STA之间的数据传输之前，天线能力IE从发送STA发送到接收STA。 当在无线局域网中使用时，天线能力IE可以作为管理帧，控制帧或数据帧的一部分发送。

公开(公告)号：US08483200B2

公开(公告)日：2013-07-09

申请号：US11400400

申请日：2006-04-06

Applicant: Inhyok Cha ,  Eldad Zeira ,  Keith Richard Baldwin

Inventor： Inhyok Cha ,  Eldad Zeira ,  Keith Richard Baldwin

IPC: H04H20/67

CPC classification number: H04B7/0413 ,  H04B7/0695 ,  H04B7/088

Abstract: A method and apparatus for selecting an antenna mapping in multiple-in/multiple-out (MIMO) enabled wireless communication networks. A candidate set of currently available antenna mappings is determined based upon measured long term channel conditions. An antenna mapping is selected from the candidate set, and the mapping is calibrated with a selected antenna mapping of a receiving wireless transmit/receive unit (WTRU). When the selected mappings are calibrated, packet data transmission begins. In an alternative embodiment, a calibration training frame (CTF) is used to calibrate multiple antenna mappings simultaneously or sequentially. Also disclosed are physical layer and medium access control layer frame formats for implementing antenna mapping selection according to the invention.

公开(公告)号：US20130007858A1

公开(公告)日：2013-01-03

申请号：US13341670

申请日：2011-12-30

Applicant: Yogendra C. SHAH ,  Inhyok CHA ,  Andreas SCHMIDT ,  Louis J. GUCCIONE ,  Lawrence CASE ,  Andreas LEICHER ,  Yousif TARGALI

Inventor： Yogendra C. SHAH ,  Inhyok CHA ,  Andreas SCHMIDT ,  Louis J. GUCCIONE ,  Lawrence CASE ,  Andreas LEICHER ,  Yousif TARGALI

IPC: H04W12/06

CPC classification number: H04L63/08 ,  H04L63/0209 ,  H04L63/0815 ,  H04L63/0892 ,  H04L63/10 ,  H04L63/18 ,  H04W12/04 ,  H04W12/06 ,  H04W12/08 ,  H04W36/0038

Abstract: Persistent communication layer credentials generated on a persistent communication layer at one network may be leveraged to perform authentication on another. For example, the persistent communication layer credentials may include application-layer credentials derived on an application layer. The application-layer credentials may be used to establish authentication credentials for authenticating a mobile device for access to services at a network server. The authentication credentials may be derived from the application-layer credentials of another network to enable a seamless handoff from one network to another. The authentication credentials may be derived from the application-layer credentials using reverse bootstrapping or other key derivation functions. The mobile device and/or network entity to which the mobile device is being authenticated may enable communication of authentication information between the communication layers to enable authentication of a device using multiple communication layers.

Abstract translation: 可以利用在一个网络上的持久通信层上生成的持久通信层凭证来执行对另一个网络的认证。 例如，持久通信层凭证可以包括在应用层上导出的应用层凭证。 应用层凭证可以用于建立认证凭证，用于认证移动设备以访问网络服务器处的服务。 认证证书可以从另一网络的应用层凭证导出，以实现从一个网络到另一个网络的无缝切换。 认证证书可以使用反向引导或其他密钥导出功能从应用层凭证中导出。 移动设备和/或网络实体对移动设备进行身份验证可以实现通信层之间的认证信息的通信，从而能够使用多个通信层对设备进行认证。

公开(公告)号：US20120246481A1

公开(公告)日：2012-09-27

申请号：US13487748

申请日：2012-06-04

Applicant: Louis J. Guccione ,  Andreas U. Schmidt ,  Nicolai Kuntze ,  Michael Kasper ,  Yogendra C. Shah ,  Inhyok Cha

Inventor： Louis J. Guccione ,  Andreas U. Schmidt ,  Nicolai Kuntze ,  Michael Kasper ,  Yogendra C. Shah ,  Inhyok Cha

IPC: H04L9/32

CPC classification number: H04L9/321 ,  H04L63/0853 ,  H04W8/265 ,  H04W12/06

Abstract: A mobile trusted platform (MTP) configured to provide virtual subscriber identify module (vSIM) services is disclosed. In one embodiment, the MTP includes: a device manufacturer-trusted subsystem (TSS-DM) configured to store and provide credentials related to a manufacturer of the MTP; a mobile network operator—trusted subsystem (MNO-TSS) configured to store and provide credentials related to a mobile network operator (MNO); and a device user/owner—trusted subsystem (TSS-DO/TSS-U) configured to store and provide credentials related to user of the MTP. The TSS-MNO includes a vSIM core services unit, configured to store, provide and process credential information relating to the MNO. The TSS-DO/TSS-U includes a vSIM management unit, configured to store, provide and process credential information relating to the user/owner of the MTP. The TSS-DO/TSS-U and the TSS-MNO communicate through a trusted vSIM service.

Abstract translation: 公开了一种被配置为提供虚拟用户识别模块（vSIM）服务的移动信任平台（MTP）。 在一个实施例中，MTP包括：被配置为存储和提供与MTP的制造商有关的凭证的设备制造商信任子系统（TSS-DM）; 被配置为存储和提供与移动网络运营商（MNO）相关的凭证的移动网络运营商信任子系统（MNO-TSS）; 以及被配置为存储和提供与MTP的用户相关的凭证的设备用户/所有者信任的子系统（TSS-DO / TSS-U）。 TSS-MNO包括一个vSIM核心服务单元，用于存储，提供和处理与MNO有关的凭证信息。 TSS-DO / TSS-U包括一个vSIM管理单元，用于存储，提供和处理与MTP的用户/所有者有关的凭证信息。 TSS-DO / TSS-U和TSS-MNO通过可信的vSIM服务进行通信。

公开(公告)号：US20120023568A1

公开(公告)日：2012-01-26

申请号：US13011558

申请日：2011-01-21

Applicant: Inhyok Cha ,  Andreas Schmidt ,  Andreas Leicher ,  Yogendra C. Shah

Inventor： Inhyok Cha ,  Andreas Schmidt ,  Andreas Leicher ,  Yogendra C. Shah

IPC: H04W12/06

CPC classification number: H04W12/06 ,  G06F21/335 ,  G06F21/57 ,  G06F2221/2115 ,  H04L63/0807 ,  H04L2463/121

Abstract: Systems, methods, and instrumentalities are disclosed that may provide for integration of trusted OpenID (TOpenID) with OpenID. The authentication may be accomplished, in part, via communications between a trusted ticket server on a UE and a network application function. The UE may retrieve platform validation data (e.g., from a trusted platform module on the UE). The UE may receive a platform verification in response to the platform validation data. The platform verification may indicate that the network application function has verified the platform validation data and the user. The platform verification may indicate that the platform validation data matches a previously generated reference value.

Abstract translation: 公开了可以提供可信OpenID（TOpenID）与OpenID的集成的系统，方法和工具。 认证可以部分地通过UE上的信任票据服务器和网络应用功能之间的通信来实现。 UE可以检索平台验证数据（例如，从UE上的可信平台模块）。 UE可以响应于平台验证数据而接收平台验证。 平台验证可以指示网络应用功能已经验证了平台验证数据和用户。 平台验证可以指示平台验证数据与先前生成的参考值相匹配。