公开(公告)号：US20160241705A1

公开(公告)日：2016-08-18

申请号：US14622742

申请日：2015-02-13

Applicant: QUALCOMM Incorporated

Inventor： Olivier Jean BENOIT ,  Rishab NITHYANAND ,  Rosario CAMMAROTA ,  Anand PALANIGOUNDER

IPC: H04M1/725 ,  H04W12/06

CPC classification number: H04M1/72577 ,  H04L63/1425 ,  H04W12/06 ,  H04W12/12

Abstract: Techniques for authenticating a user of a mobile device at a computing platform are provided. A method according to these techniques includes generating a first profile and second profile of user behavior for the user of the mobile device, the first profile comprising a first type of profile having at least a first duration and the second profile comprising a second type of profile having a second duration that is shorter than the first duration, monitoring user behavior to generate usage behavior data, comparing the usage behavior data to the first profile and the second profile, performing a first type of authentication action responsive to the usage behavior data deviating from the first profile, and performing a second type of authentication action responsive to the usage behavior data deviating from the second profile.

Abstract translation: 提供了用于在计算平台上认证移动设备的用户的技术。 根据这些技术的方法包括为移动设备的用户生成用户行为的第一简档和第二简档，第一简档包括具有至少第一持续时间的第一类型的简档，并且第二简档包括第二类型的简档 具有比第一持续时间短的第二持续时间，监视用户行为以生成使用行为数据，将使用行为数据与第一配置文件和第二配置文件进行比较，响应于偏离的使用行为数据执行第一类型的认证动作 所述第一简档，以及响应于偏离所述第二简档的所述使用行为数据执行第二类型的认证动作。

公开(公告)号：US20170134390A1

公开(公告)日：2017-05-11

申请号：US15406340

申请日：2017-01-13

Applicant: QUALCOMM Incorporated

Inventor： Michael J.T. CHAN ,  Lu XIAO ,  Rosario CAMMAROTA ,  Olivier Jean BENOIT ,  Saurabh SABNIS ,  Yin Ling LIONG ,  Manish MOHAN

IPC: H04L29/06 ,  G06F21/62 ,  G06F21/64

CPC classification number: G06F21/604 ,  G06F21/6218 ,  G06F21/6245 ,  G06F21/64 ,  G06F2221/2101 ,  H04L63/0823 ,  H04L63/105

Abstract: Techniques for mitigating the transitive data problem using a secure asset manager are provided. These techniques include generating a secure asset manager compliant application by tagging source code for the application with a data tag to indicate that a data element associated with the source code is a sensitive data element, accessing a policy file comprising transitive rules associated with the sensitive data element, and generating one or more object files for the application from the source code. These techniques also include storing a sensitive data element in a secure memory region managed by a secure asset manager, and managing the sensitive data element according to a policy associated with the sensitive data element by an application from which the sensitive data element originates, the policy defining transitive rules associated with the sensitive data element.

公开(公告)号：US20160364583A1

公开(公告)日：2016-12-15

申请号：US14738240

申请日：2015-06-12

Applicant: QUALCOMM Incorporated

Inventor： Olivier Jean BENOIT ,  Rosario CAMMAROTA

IPC: G06F21/79 ,  H04L9/08 ,  H04L9/32

CPC classification number: G06F21/79 ,  G06F12/1408 ,  G06F21/73 ,  G06F21/85 ,  H04L9/0866 ,  H04L9/0897 ,  H04L9/3278

Abstract: Techniques for encrypting the data in the memory of a computing device are provided. An example method for protecting data in a memory according to the disclosure includes encrypting data associated with a store request using a memory encryption device of the processor to produce encrypted data. Encrypting the data includes: obtaining a challenge value, providing the challenge value to a physically unclonable function module to obtain a response value, and encrypting the data associated with the store request using the response value as an encryption key to generate the encrypted data. The method also includes storing the encrypted data and the challenge value associated with the encrypted data in the memory.

Abstract translation: 提供了用于加密计算设备的存储器中的数据的技术。 根据本公开的用于保护存储器中的数据的示例性方法包括使用处理器的存储器加密设备来加密与存储请求相关联的数据，以产生加密数据。 加密数据包括：获得挑战值，向物理上不可克隆的功能模块提供挑战值以获得响应值，并使用响应值作为加密密钥加密与存储请求相关联的数据，以生成加密数据。 该方法还包括将加密数据和与加密数据相关联的挑战值存储在存储器中。

公开(公告)号：US20170083254A1

公开(公告)日：2017-03-23

申请号：US14859275

申请日：2015-09-19

Applicant: QUALCOMM Incorporated

Inventor： Olivier Jean BENOIT ,  Seung Hyuk KANG

IPC: G06F3/06

Abstract: Methods and apparatus for updating a non-volatile random access memory (NV-RAM) are provided. An exemplary method includes storing original data, such as secure transaction data, in a non-volatile memory (NVM) region of the NV-RAM and copying the original data to a random access memory (RAM) region of the NV-RAM. The method also includes computing updated data from the original data, storing the updated data in the RAM region, validating an updated flag in the RAM region, copying the updated data to the NVM region, and invalidating the updated flag in the RAM region. The method can also include determining, after an interruption, a status of the updated flag and, if the status of the updated flag is valid, then copying the updated data to the NVM region and invalidating the updated flag. The updated flag can indicate completion of a specific update stage in a plurality of update stages.

公开(公告)号：US20150067792A1

公开(公告)日：2015-03-05

申请号：US14011257

申请日：2013-08-27

Applicant: QUALCOMM Incorporated

Inventor： Olivier Jean BENOIT ,  Fabrice Jean HOERNER

IPC: H04W12/04

CPC classification number: H04W12/04 ,  G07C9/00857 ,  G07C9/00904 ,  G07C2209/08 ,  H04L63/108 ,  H04W12/06 ,  H04W84/12

Abstract: Disclosed is a method, apparatus, and system to control the unlocking of an entry for a guest having a wireless device by an owner access point. A virtual key for a wireless device and an access control rule associated with the virtual key may be stored at the owner access point. The owner access point may determine whether a virtual key received from a wireless device matches the stored virtual key and whether the access control rule for the stored virtual key is satisfied. If the virtual key matches, and the access control rule for the stored virtual key is satisfied, the owner access point may transmit an open command to the entry.

Abstract translation: 公开了一种用于通过所有者接入点来控制具有无线设备的客人的条目的解锁的方法，装置和系统。 可以在所有者接入点处存储用于无线设备的虚拟密钥和与虚拟密钥相关联的访问控制规则。 所有者接入点可以确定从无线设备接收的虚拟密钥是否与存储的虚拟密钥相匹配，以及是否满足所存储的虚拟密钥的访问控制规则。 如果虚拟密钥匹配，并且满足存储的虚拟密钥的访问控制规则，则所有者接入点可以向该条目发送打开的命令。

公开(公告)号：US20140053281A1

公开(公告)日：2014-02-20

申请号：US13659689

申请日：2012-10-24

Applicant: QUALCOMM INCORPORATED

Inventor： Olivier Jean BENOIT ,  Peerapol TINNAKORNSRISUPHAP ,  Etan Gur COHEN ,  Anand PALANIGOUNDER

IPC: G06F21/00

CPC classification number: H04W60/00 ,  G06K19/06037 ,  H04L12/2809 ,  H04L29/06551 ,  H04L29/06782 ,  H04L41/0806 ,  H04L41/0809 ,  H04L41/28 ,  H04L63/08 ,  H04L63/083 ,  H04L63/10 ,  H04W12/06 ,  H04W84/18

Abstract: An electronic device obtains a device password associated with the new enrollee device to be configured for a communication network. The device password is provided to a network registrar to cause the network registrar to configure the new enrollee device for the communication network. The network registrar performs an enrollment process based upon the device password and provides feedback to the electronic device to indicate whether or not the new enrollee device was successfully added to the communication network. Alternatively, when an electronic device detects the presence of a new enrollee device to be configured for the communication network, the electronic device generates a device password for the new enrollee device and provides the device password to the new enrollee device and to the network registrar, thereby causing the network registrar to initiate an enrollment process for the new enrollee device based upon the device password.

Abstract translation: 电子设备获得与要配置用于通信网络的新登记器设备相关联的设备密码。 将设备密码提供给网络注册器，以使网络注册商配置通信网络的新注册设备。 网络注册器基于设备密码执行注册过程，并向电子设备提供反馈，以指示新的登记器设备是否已成功添加到通信网络。 或者，当电子设备检测到要为通信网络配置的新的登记器设备的存在时，电子设备生成新的登记者设备的设备密码，并将设备密码提供给新的登记者设备和网络注册器， 从而使得网络注册商基于设备密码启动新的登记者设备的注册过程。

公开(公告)号：US20170329538A1

公开(公告)日：2017-11-16

申请号：US15180932

申请日：2016-06-13

Applicant: QUALCOMM Incorporated

Inventor： Olivier Jean BENOIT ,  Vincent Pierre Le Roy

IPC: G06F3/06 ,  H04L9/32 ,  G06F12/14

CPC classification number: G06F3/0619 ,  G06F3/0653 ,  G06F3/0655 ,  G06F3/0679 ,  G06F12/1408 ,  G06F21/51 ,  G06F21/64 ,  G06F21/79 ,  G06F2212/1052 ,  H04L9/3242

Abstract: Techniques for providing data protection in an integrated circuit are provided. A method according to these techniques includes maintaining an anti-replay counter value in a volatile memory of the integrated circuit, the anti-replay counter value being associated with data stored in an off-chip, non-volatile memory in which the integrated circuit is configured to store the data, monitoring an external power source, and writing the anti-replay counter value to a programmable read-only memory of the integrated circuit responsive to a loss of power to the integrated circuit from the external power source.

公开(公告)号：US20160364573A1

公开(公告)日：2016-12-15

申请号：US14736888

申请日：2015-06-11

Applicant: QUALCOMM Incorporated

Inventor： Michael J.T. CHAN ,  Lu XIAO ,  Rosario CAMMAROTA ,  Olivier Jean BENOIT ,  Saurabh SABNIS ,  Yin Ling LIONG ,  Manish MOHAN

IPC: G06F21/60 ,  G06F21/62

CPC classification number: G06F21/604 ,  G06F21/6218 ,  G06F21/6245 ,  G06F21/64 ,  G06F2221/2101 ,  H04L63/0823 ,  H04L63/105

Abstract: Techniques for mitigating the transitive data problem using a secure asset manager are provided. These techniques include generating a secure asset manager compliant application by tagging source code for the application with a data tag to indicate that a data element associated with the source code is a sensitive data element, accessing a policy file comprising transitive rules associated with the sensitive data element, and generating one or more object files for the application from the source code. These techniques also include storing a sensitive data element in a secure memory region managed by a secure asset manager, and managing the sensitive data element according to a policy associated with the sensitive data element by an application from which the sensitive data element originates, the policy defining transitive rules associated with the sensitive data element.

Abstract translation: 提供了使用安全资产管理器来减轻传递性数据问题的技术。 这些技术包括通过使用数据标签标记应用程序的源代码来指示与源代码相关联的数据元素是敏感数据元素，访问包括与敏感数据相关联的传递规则的策略文件的策略文件，来生成安全资产管理器兼容应用程序 元素，并从源代码生成应用程序的一个或多个目标文件。 这些技术还包括将敏感数据元素存储在由安全资产管理器管理的安全存储器区域中，以及根据与敏感数据元素相关联的策略，通过敏感数据元素来自的应用来管理敏感数据元素，策略 定义与敏感数据元素相关联的传递规则。

公开(公告)号：US20160057703A1

公开(公告)日：2016-02-25

申请号：US14673628

申请日：2015-03-30

Applicant: QUALCOMM INCORPORATED

Inventor： Olivier Jean BENOIT ,  Stephen Jay SHELLHAMMER ,  Rahul MALIK

IPC: H04W52/02 ,  H04W12/04 ,  H04W12/06

CPC classification number: H04W8/005 ,  H04L63/123 ,  H04W12/04 ,  H04W12/06 ,  H04W12/10 ,  H04W52/0209 ,  H04W52/0216 ,  H04W52/0219 ,  H04W52/0225 ,  H04W52/0229 ,  H04W56/00 ,  H04W56/001 ,  H04W68/005 ,  H04W68/02 ,  H04W76/14 ,  H04W76/27 ,  H04W84/12 ,  H04W88/06 ,  Y02D70/00 ,  Y02D70/142 ,  Y02D70/164

Abstract: Certain aspects of the present disclosure generally relate to wireless communications and, more particularly, to ultra low power paging frames for wake up and discovery. One example apparatus for wireless communications generally includes at least one interface configured to obtain a frame via a first radio and a second radio, wherein the interface receives a frame from another apparatus via the second radio while the first radio is in a first power state; and a processing system configured to take one or more actions based on a command field included in the frame. A second example apparatus for wireless communications generally includes at least one interface configured to obtain a frame via a first radio and a second radio, wherein the interface receives a frame from another apparatus via the second radio while the first radio is in a first power state; and a processing system configured to take one or more actions based on whether or not an authentication code included in the frame matches a local authentication code.

Abstract translation: 本公开的某些方面通常涉及无线通信，更具体地涉及用于唤醒和发现的超低功率寻呼帧。 用于无线通信的一个示例性装置通常包括被配置为经由第一无线电和第二无线电获得帧的至少一个接口，其中所述接口在所述第一无线电处于第一功率状态时经由所述第二无线电从另一装置接收帧; 以及处理系统，被配置为基于包括在所述帧中的命令字段来采取一个或多个动作。 用于无线通信的第二示例性装置通常包括被配置为经由第一无线电和第二无线电获得帧的至少一个接口，其中，当所述第一无线电处于第一功率状态时，所述接口经由所述第二无线电从另一装置接收帧 ; 以及处理系统，被配置为基于所述帧中包括的认证码是否匹配本地认证码来采取一个或多个动作。

公开(公告)号：US20170329994A1

公开(公告)日：2017-11-16

申请号：US15180948

申请日：2016-06-13

Applicant: QUALCOMM Incorporated

Inventor： Vincent Pierre Le Roy ,  Olivier Jean BENOIT

IPC: G06F21/64 ,  H04L9/32

CPC classification number: G06F21/64 ,  G06F12/14 ,  G06F21/575 ,  G06F21/71 ,  G06F21/72 ,  H04L9/3242 ,  H04L9/3247

Abstract: Techniques for maintaining an anti-replay counter (ARC) for providing data protection in an integrated circuit are provided. A method according to these techniques includes determining a static baseline value based on an ARC value stored in a programmable read-only memory of the integrated circuit, determining the ARC value based on the static baseline value and a transient component, and storing the ARC value in a volatile memory of the integrated circuit.