公开(公告)号：US20160142215A1

公开(公告)日：2016-05-19

申请号：US14945405

申请日：2015-11-18

Applicant: MOTOROLA SOLUTIONS, INC

Inventor： CHRIS A. KRUEGEL ,  ANDRZEJ GRZESIK ,  ERWIN HIMAWAN ,  ANTHONY R. METKE ,  SHANTHI E. THOMAS ,  STEVEN K. TURNER

IPC: H04L9/32

CPC classification number: H04L9/3263 ,  H04L9/006 ,  H04L9/3268

Abstract: A certificate management processor (CMP) in a public key infrastructure (PKI) receives a request for a certificate management operation. The CMP determines that the request is associated with at least one of an end entity and a service. The CMP identifies a certificate management identifier associated with at least one of the end entity and the service. The CMP retrieves at least one status associated with the certificate management identifier and/or at least one status associated with the certificate management operation. The CMP performs the certificate management operation on a certificate when the retrieved at least one status is determined to not be suspended.

Abstract translation: 公共密钥基础设施（PKI）中的证书管理处理器（CMP）接收证书管理操作的请求。 CMP确定该请求与终端实体和服务中的至少一个相关联。 CMP标识与终端实体和服务中的至少一个相关联的证书管理标识符。 CMP检索与证书管理标识符相关联的至少一个状态和/或与证书管理操作相关联的至少一个状态。 当检索到的至少一个状态被确定为不被暂停时，CMP对证书执行证书管理操作。

公开(公告)号：US20210067349A1

公开(公告)日：2021-03-04

申请号：US16556594

申请日：2019-08-30

Applicant: MOTOROLA SOLUTIONS, INC.

Inventor： CHRIS A. KRUEGEL ,  STEVEN K. TURNER ,  MARK SHAHAF

IPC: H04L9/32 ,  H04L9/30

Abstract: A method, mobile device, and PKI are provided for enrolling a mobile device into a PKI domain for certificate management is provided. A first asymmetric key pair and a unique identifier is established in a device. The first asymmetric key pair includes a public key and a private key. The public key and the unique identifier are transferred to the PKI domain. The public key and the unique identifier are imported into the PKI domain. The device generates a second asymmetric kay pair and sends a certificate signing request (CSR) that is protected with the digital signature of the first asymmetric key pair. The CSR is transferred to the PKI domain. The PKI domain authenticates the CSR using the first public key and the unique identifier. Upon validation, the PKI domain issues a certificate to the device.

公开(公告)号：US20140198916A1

公开(公告)日：2014-07-17

申请号：US14182762

申请日：2014-02-18

Applicant: MOTOROLA SOLUTIONS, INC

Inventor： CHRIS A. KRUEGEL ,  THOMAS J. SENESE ,  HANS C. SOWA

IPC: H04W12/04

CPC classification number: H04W12/04 ,  H04L63/065 ,  H04L63/068

Abstract: Disclosed is a radio system, method, and device for a mobile station to indicate to an authentication controller, in an authentication response message, which of a plurality of group key link layer encryption keys (GKEK)s it currently has in its possession, and to work with the authentication controller to more intelligently manage multiple GKEKs. The authentication controller can use the information obtained from the authentication response message to determine which of a plurality of GKEKs to advertise in a key announcement broadcast. Furthermore, individual requests for a future LLE key (LEK) to be used for link layer encryption (LLE) encrypting and decrypting inbound and outbound group communications between base station(s) and mobile station(s) are responded to with a broadcast GKEK-encrypted transmission including the future LEK. Only the requesting mobile station transmits an acknowledgment packet in response to the broadcast.

Abstract translation: 公开了一种无线电系统，方法和装置，用于移动台向认证控制器指示认证响应消息中当前拥有的多个组密钥链路层加密密钥（GKEK）中的哪一个，以及 使用认证控制器更智能地管理多个GKEK。 认证控制器可以使用从认证响应消息获得的信息来确定在密钥通告广播中广告的多个GKEK中的哪一个。 此外，用于对基站和移动台之间的入站和出站组通信进行加密和解密的链路层加密（LLE）的未来LLE密钥（LEK）的单独请求通过广播GKEK- 加密传输，包括未来的LEK。 只有请求移动台响应于广播才发送确认分组。

公开(公告)号：US20130243195A1

公开(公告)日：2013-09-19

申请号：US13678747

申请日：2012-11-16

Applicant: MOTOROLA SOLUTIONS, INC.

Inventor： CHRIS A. KRUEGEL ,  THOMAS J. SENESE ,  HANS C. SOWA

IPC: H04W12/04

CPC classification number: H04W12/04 ,  H04L63/065 ,  H04L63/068

Abstract: Disclosed is a radio system, method, and device for a mobile station to indicate to an authentication controller, in an authentication response message, which of a plurality of group key link layer encryption keys (GKEK)s it currently has in its possession, and to work with the authentication controller to more intelligently manage multiple GKEKs. The authentication controller can use the information obtained from the authentication response message to determine which of a plurality of GKEKs to advertise in a key announcement broadcast. Furthermore, individual requests for a future LLE key (LEK) to be used for link layer encryption (LLE) encrypting and decrypting inbound and outbound group communications between base station(s) and mobile station(s) are responded to with a broadcast GKEK-encrypted transmission including the future LEK. Only the requesting mobile station transmits an acknowledgment packet in response to the broadcast.

Abstract translation: 公开了一种无线电系统，方法和装置，用于移动台向认证控制器指示认证响应消息中当前拥有的多个组密钥链路层加密密钥（GKEK）中的哪一个，以及 使用认证控制器更智能地管理多个GKEK。 认证控制器可以使用从认证响应消息获得的信息来确定在密钥通告广播中广告的多个GKEK中的哪一个。 此外，用于对基站和移动台之间的入站和出站组通信进行加密和解密的链路层加密（LLE）的未来LLE密钥（LEK）的单独请求通过广播GKEK- 加密传输，包括未来的LEK。 只有请求移动台响应于广播才发送确认分组。

公开(公告)号：US20160142216A1

公开(公告)日：2016-05-19

申请号：US14945411

申请日：2015-11-18

Applicant: MOTOROLA SOLUTIONS, INC

Inventor： STEVEN K. TURNER ,  MARK A. BOERGER ,  ANDRZEJ GRZESIK ,  ERWIN HIMAWAN ,  CHRIS A. KRUEGEL ,  ANTHONY R. METKE ,  SHANTHI E. THOMAS

IPC: H04L9/32

CPC classification number: H04L9/3268 ,  H04L9/006 ,  H04L9/321

Abstract: A Public Key Infrastructure (PM) device receives a certificate signing request (CSR) from an end entity. The PKI device obtains at least one of: a controlling attribute of at least one PKI device associated with processing of the certificate signing request and a controlling attribute associated with the CSR. The PKI device obtains an end entity policy object (EEPO) to be associated with the end entity based on at least one obtained controlling attribute. Based on the obtained EEPO, the PKI device determines at least one attribute and at least one value associated with the attribute this is to be included in a certificate and issues, to the end entity, the certificate including the at least one attribute.

Abstract translation: 公共密钥基础设施（PM）设备从终端实体接收证书签发请求（CSR）。 所述PKI设备获得以下至少一个：与所述证书签名请求的处理相关联的至少一个PKI设备的控制属性和与所述CSR相关联的控制属性。 PKI设备基于至少一个获得的控制属性获得与终端实体相关联的终端实体策略对象（EEPO）。 基于所获得的EEPO，PKI设备确定至少一个属性，并且与该属性相关联的至少一个值被包括在证书中，并向终端实体发出包括至少一个属性的证书。

公开(公告)号：US20230297541A1

公开(公告)日：2023-09-21

申请号：US17655497

申请日：2022-03-18

Applicant: MOTOROLA SOLUTIONS, INC.

Inventor： STUART J. BOUTELL ,  CHRIS A. KRUEGEL ,  STEFAN KOPROWSKI ,  GRZEGORZ GUSTOF

IPC: G06F16/11

CPC classification number: G06F16/125

Abstract: A process of extending retention periods of records. In operation, an electronic computing device identifies a retention period associated with the record. The device obtains information related to a future event. The information includes a time period during which the future event is predicted or scheduled to occur and a location at which the future event is predicted or scheduled to occur. When the device determines that the record is contextually related to the future event based at least in part on the time period or the location of the future event, the retention period associated with the record is extended. The device may also automatically extend retention periods of records based on a number of other retention-related factors associated with the record including recording content, record trustworthiness, recording time, recording location, recording data type, recording source, recording officers’ profile and their association, crime statistics, incident severity, and the like.