System and method for GNSS in-band authenticated position determination
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
G01S-019/21
G01S-019/10
G01S-019/18
G01S-019/20
출원번호
US-0383515
(2010-08-13)
등록번호
US-9217792
(2015-12-22)
국제출원번호
PCT/US2010/045410
(2010-08-13)
§371/§102 date
20120217
(20120217)
국제공개번호
WO2011/019978
(2011-02-17)
발명자
/ 주소
Wu, Ryan Haoyun
출원인 / 주소
Saab-Sensis Corporation
대리인 / 주소
Burr & Brown, PLLC
인용정보
피인용 횟수 :
2인용 특허 :
6
초록▼
The present invention provides a system and method for determining the authenticity of reported positions of GNSS receivers, such as aircraft equipped with GPS positioning devices, and provides an in-band verification capability for GNSS positions by tasking one or more GNSS satellites as designated
The present invention provides a system and method for determining the authenticity of reported positions of GNSS receivers, such as aircraft equipped with GPS positioning devices, and provides an in-band verification capability for GNSS positions by tasking one or more GNSS satellites as designated authentication support (DAS) satellites that transmit corrupted ephemeris data in a pseudo-random error corrupted C/A signal on the L1 band, and the GNSS receivers determine authentication ranges to the DAS satellites and transmit the DAS authentication ranges as part of their position report. The surveillance system can verify the authenticity by comparing the transmitted authentication ranges to true authentication ranges determined using actual ephemeris data and the known C/A code pseudo-random error for the DAS satellites.
대표청구항▼
1. A GNSS In-Band Authentication system comprising: a GNSS ground segment;a GNSS user segment comprising at least one GNSS receiver; anda GNSS space segment comprising a GNSS satellite constellation transmitting ephemeris data in a C/A message on the L1 band, wherein one or more GNSS satellites are
1. A GNSS In-Band Authentication system comprising: a GNSS ground segment;a GNSS user segment comprising at least one GNSS receiver; anda GNSS space segment comprising a GNSS satellite constellation transmitting ephemeris data in a C/A message on the L1 band, wherein one or more GNSS satellites are designated authentication support (DAS) satellites and transmit a special status signal, intentionally corrupted ephemeris data and an intentionally corrupted C/A signal including a pseudo-random error on the L1 band;wherein the at least one GNSS receiver is configured to calculate its own position using GNSS satellites in the GNSS satellite constellation other than the one or more DAS satellites, determine authentication ranges to the one or more DAS satellites within a field of view of a GNSS receiver, determine the GNSS time of the position, and transmit a position report comprising at least its calculated own position, position time, and the determined authentication range for the one or more DAS satellites within a field of view of the GNSS receiver to a surveillance system, andwherein the surveillance system is configured to receive the position report, compute verification ranges to the one or more DAS satellites using the reported position of the at least one GNSS receiver, uncorrupted ephemeris data for each of the one or more DAS satellites, and position time, compare the computed verification ranges to the determined authentication ranges in the received position report, and verify the reported position of the at least one GNSS receiver when the computed verification ranges and the determined authentication ranges in the received position report are within a predetermined tolerance range. 2. The GNSS In-Band Authentication system of claim 1, wherein the surveillance system is configured to access uncorrupted ephemeris data and uncorrupted C/A data for the one or more DAS satellites to compute verification ranges. 3. The GNSS In-Band Authentication system of claim 2, wherein the pseudo-random error injected into in the C/A code is generated using a GPS selective availability scheme. 4. The GNSS In-Band Authentication system of claim 1, wherein the at least one receiver is eon to use the ephemeris data transmitted by GNSS to determine a pseudo range according to the following equation: Rp1=R1+Rb where: Rp1 is the measured pseudo range to satellite P1;R1 is the actual range to satellite P1; andRb is the satellite pseudo range bias. 5. The GNSS In-Band Authentication system of claim 1, wherein the at least one GNSS receiver is configured to calculate the authentication tune for the one or more DAS satellites using the following equation: AR pseudo range=AR+Rb, orAR=AR pseudo range−Rb where: AR is the estimated range (authentication range) to DAS satellite;Rb is the satellite pseudo range bias; andAR pseudo range is the measured pseudo range to the DAS satellite including the satellite pseudo range bias. 6. The GNSS In-Band Authentication system of claim wherein the surveillance system is configured to receive the position report transmits the position report to a third party authenticator and request the third party authenticator to verify the position report of the at least one GNSS receiver. 7. The GNSS In-Band Authentication system of claim 6, wherein the third party authenticator accesses uncorrupted ephemeris data and uncorrupted C/A code data for the one or more DAS satellites to compute verification ranges. 8. The GNSS In-Band Authentication system of claim 1, wherein the one or more DAS satellites are configured to transmit correct ephemeris data on the P(Y) code signal on the L2 band. 9. The GNSS In-Band Authentication system of claim 1, wherein the position report includes authentication ranges to two DAS satellites. 10. The GNSS In-Band Authentication system of claim 1, wherein the position report is an ADS-B report. 11. The GNSS In-Band Authentication system of claim 10, wherein the surveillance system is configured to use the authentication ranges to the one or more DAS satellites to verify the validity of the reported position of the at least one GNSS receiver. 12. The GNSS In-Band Authentication system of claim wherein the authentication system is configured to use DAS authentication ranges are used as a secure position selective communication (PSC) layer. 13. The GNSS In-Band Authentication system of claim 12, wherein the PSC layer provides a secure communications channel that is only available at predetermined locations, wherein each user attempting to link to the secure communications channel reports its own position, and wherein the reported position is compared to the predetermined locations before the user is granted access to the secure communications channel. 14. The GNSS In-Band Authentication system of claim 12, wherein the PSC layer is used with other cryptographic layers to secure communications channels. 15. The GNSS In-Band Authentication system of claim 1, wherein for information push applications, the authentication system is configured to use the authentication range as a public key to decrypt data encrypted by a private key generated from the verification range to one or more DAS satellites. 16. The GNSS In-Band Authentication system of claim 15, wherein data is encrypted using a DAS satellite position and a known position of a designated receiving unit and transmitted to the designated receiving unit, and only the designated receiving unit at the known position can decrypt the received data. 17. The GNSS In-Band Authentication system of claim 1, wherein the authentication system is configured to allow a credit card user to designate one or more locations as valid for on-line credit card transactions, and use the DAS authentication ranges as a physical location verification layer for an additional security layer for authorizing on-line transactions from only the one or more designated locations. 18. The GNSS In-Band Authentication system of claim 1, wherein the authentication system is configured to allow a user to designate one or more locations as valid personal locations, and use the DAS authentication ranges as a physical location verification layer as an additional security layer for an enhanced electronic signature verification to the one or more designated locations. 19. The GNSS In-Band Authentication system of claim 1, wherein the authentication system is configured to allow a user to designate one or more locations as valid WLAN access locations, and use the DAS authentication ranges as a physical location verification layer to restrict access to the WLAN to the one or more designated locations. 20. The GNSS In-Band Authentication system of claim 1, wherein the authentication system is configured to allow a user to designate one or more locations as valid WAN/WiMax access locations, and use the DAS authentication ranges as a physical location verification layer to restrict access to the WAN/WiMax to the one or more designated locations. 21. The GNSS In-Band Authentication system of claim 1, wherein the authentication system is configured to allow a user to designate one or more locations as valid to receive satellite broadcasting, and use the DAS authentication ranges as a physical location verification layer to restrict receiving satellite broadcasting to the one or more designated locations. 22. The GNSS In-Band Authentication system of claim 1, wherein the surveillance system is configured to transmit the received position report from the GNSS receiver to a third party authenticator and the third party authenticator computes verification ranges to the one or more DAS satellites from the reported position of the GNSS receiver, and compare the computed verification ranges to the reported authentication ranges and transmit a verification to the surveillance system when the computed verification ranges and the verification ranges in the received position report are within a predetermined tolerance. 23. The GNSS In-Band Authentication system of claim 1, wherein the authentication system is configured to store at least the reported GNSS position, the position time and authentication range in an archive and detect alterations to the position records by comparing the altered position derived range to the DAS satellite to the stored authentication range at the position time. 24. A method of providing GNSS In-Band Authentication, the method comprising: transmitting ephemeris data in a C/A message on the L1 band from GNSS satellites in a GNSS satellite constellation, wherein one or more GNSS satellites are designated authentication support (DAS) satellites and transmit a special status signal and intentionally corrupted ephemeris data and an intentionally corrupted C/A signal including a pseudo-random error on the L1 band;receiving ephemeris data on the at least one GNSS receiver in a GNSS user segment, wherein the at least one GNSS receiver: calculates its own position using GNSS satellites in the GNSS satellite constellation other than the one or more DAS satellites,determines authentication ranges to the one or more DAS satellites within a field of view of a GNSS receiver and position time, andtransmits a position report comprising at least its calculated own position, position time, and the determined authentication range and DAS satellite identification information for the one or more DAS satellites within a field of view of the GNSS receiver to a surveillance system;wherein the surveillance system: receives the position report transmitted by the at least one GNSS receiver,computes verification ranges to the one or more DAS satellites using the reported position of the at least one GNSS receiver, uncorrupted ephemeris data for each of the one or more DAS satellites, and position time,compares the computed verification ranges to the determined authentication ranges in the received position report, andverifies the reported position of the at least one GNSS receiver when the computed verification ranges and the determined authentication ranges in the received position report are within a predetermined tolerance range. 25. The GNSS In-Band Authentication method of claim 24, wherein the surveillance system accesses the uncorrupted ephemeris data and uncorrupted C/A code without the pseudo-random error for the one or more DAS satellites to compute verification ranges. 26. The GNSS In-Band Authentication method of claim 24, wherein the position report includes authentication ranges to two DAS satellites. 27. The GNSS In-Band Authentication system of claim 24, wherein the surveillance system receives the position report, transmits the position report to a third party authenticator, and requests the third party authenticator to verify the position report of the at least one GNSS receiver. 28. The GNSS In-Band Authentication system of claim 27, wherein the third party authenticator accesses actual ephemeris and APN information for the one or more DAS satellites to compute verification ranges. 29. The GNSS In-Band Authentication method of claim 24, wherein the DAS authentication ranges to the one or more DAS satellites are used as a secure position selective communication (PSC) layer. 30. The GNSS In-Band Authentication method of claim 29, further comprising providing a secure communications channel that is only available at predetermined locations, each user attempting to link to the secure communications channel reports their position, and the reported position is compared to the predetermined locations by the PSC layer before the user is granted access to the secure communications channel. 31. The GNSS In-Band Authentication method of claim 24, wherein the PSC layer is used with other cryptographic layers to secure communications channels. 32. The GNSS In-Band Authentication method of claim 24, further comprising, for information push applications, using the authentication range to one DAS satellite as a public key to decrypt data encrypted by a private key generated using a secret range to the DAS satellite known to the surveillance system. 33. The GNSS In-Band Authentication method of claim 32, wherein data is encrypted using one DAS satellite position and a known position of a designated receiving unit and transmitted to the designated receiving unit, and only the designated receiving unit at the known position can decrypt the received data. 34. The GNSS In-Band Authentication method of claim 24, wherein a credit card user designates one or more locations as valid for on-line credit card transactions, and the DAS authentication ranges are used as a physical location verification layer for an additional security layer for authorizing on-line transactions from only the one or more locations. 35. The GNSS In-Band Authentication method of claim 24, wherein a user designates one or more locations as valid personal locations, and the DAS authentication ranges are used as a physical location verification layer as an additional security layer for an enhanced electronic signature verification to the one or more locations. 36. The GNSS In-Band Authentication method of claim 24 wherein a user designates one or more locations as valid WLAN access locations, and the DAS authentication ranges are used as a physical location verification layer to restrict access to the WLAN to the one or more locations. 37. The GNSS In-Band Authentication method of claim 24, wherein a user designates one or more locations as valid WAN/WiMax access locations, and the DAS authentication ranges are used as a physical location verification layer to restrict access to the WAN/WiMax to the one or more locations. 38. The GNSS In-Band Authentication method of claim 24, wherein a user designates one or more locations as valid to receive satellite broadcasting, and the DAS authentication ranges are used as a physical location verification layer to restrict receiving satellite broadcasting to the one or more locations. 39. The GNSS In-Band Authentication method of claim 24, wherein the surveillance system transmits the received position report from the GNSS receiver to a third party authenticator and the third party authenticator computes verification ranges to the one or more DAS satellites from the reported position of the GNSS receiver, and compares the computed verification ranges to the reported authentication ranges and transmits a verification to the surveillance system when the computed verification ranges and the verification ranges in the received position report are within a predetermined tolerance. 40. The GNSS In-Band Authentication method of claim 24, wherein at least the reported GNSS position, the position time and authentication range are stored in an archive and alterations to the position records are detected by comparing the altered position derived range to the DAS satellite to the stored authentication range at the position time.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (6)
Maeda, Toshihide; Hamano, Nobuo; Nakamura, Shigeki; Yoshida, Tomiharu; Owada, Masataka; Ikeda, Masahiko; Yabutani, Takashi; Ito, Masahiro, Communication system, communication receiving device and communication terminal in the system.
Smith, Alexander E.; Hulstrom, Russell; Evers, Carl A.; Breen, Thomas J., Method and apparatus for ADS-B validation, active and passive multilateration, and elliptical surviellance.
MacDoran Peter F. ; Mathews Michael B. ; Ziel Fred A. ; Gold Kenn L. ; Anderson Steven M. ; Coffey Mark A. ; Denning Dorothy E., Method and apparatus for authenticating the location of remote users of networked computing systems.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.