최소 단어 이상 선택하여야 합니다.
최대 10 단어까지만 선택 가능합니다.
다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
NTIS 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
DataON 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Edison 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Kafe 바로가기국가/구분 | United States(US) Patent 등록 |
---|---|
국제특허분류(IPC7판) |
|
출원번호 | US-0287597 (2016-10-06) |
등록번호 | US-10064055 (2018-08-28) |
발명자 / 주소 |
|
출원인 / 주소 |
|
대리인 / 주소 |
|
인용정보 | 피인용 횟수 : 0 인용 특허 : 981 |
Secure architectures and methods for improving the security of mobile devices are disclosed. Also disclosed are apparatuses and methods to detect and mitigate fraud in device-assisted services implementations.
1. A method of operating a network system, the method comprising: receiving a first request from any first device in a plurality of similar wireless end-user devices, the first request for a secure device credential,performing a verification step of one or more device identifiers supplied by the fir
1. A method of operating a network system, the method comprising: receiving a first request from any first device in a plurality of similar wireless end-user devices, the first request for a secure device credential,performing a verification step of one or more device identifiers supplied by the first device, and,upon a successful verification in the verification step,generating a secure device credential for the first device,associating the secure device credential with one or more device identifiers of the first device, andsecurely sending the secure device credential to the wireless end-user device;based at least in part on the secure device credential, negotiating a secure message link between a message link server in the network system and a device link agent in the first device;receiving, over the secure message link, a second request from the first device, the second request for a secured application credential, for any first application identified from a plurality of device applications registered to use wireless network communications, the second request comprising a general application credential for the first application; andin response to the second request,generating, based on the identified first application and the secure device credential, a first secured application credential unique to the first device, andsending the first secured application credential to the first device over the secure message link. 2. The method of claim 1, wherein generating the first secured application credential comprises creating a combination of the general application credential and the secure device credential. 3. The method of claim 1, further comprising, in response to receiving the first request and prior to performing the verification step, returning to the first device a network system credential that is verifiable through a trusted certificate authority. 4. The method of claim 1, wherein generating a secure device credential for the first device comprises encrypting the credential with a key known by at least one element of the network system. 5. The method of claim 1, further comprising routing a network message to the identified first application over the secure message link, using the first secured application credential to indicate that the identified first application is to receive the network message. 6. The method of claim 1, wherein the first secured application credential is a run-time application credential. 7. The method of claim 6, further comprising receiving, from the device link agent over the secure message link, the run-time application credential, and evaluating the run-time application credential at an element of the network system. 8. The method of claim 7, further comprising, in response to evaluating the run-time application credential, returning a network policy setting over the secure message link to the device link agent, the network policy setting applicable to the first application. 9. The method of claim 7, wherein the element of the network system is an authentication server, the network system further comprising an application credential database coupled to the authentication server and storing secured application credentials, including the first secured application credential. 10. The method of claim 1, further comprising based on a first device event, refreshing the first secured application credential to create a different secured application credential unique to the first device, and sending the different secured application credential to the first device, the different credential superseding the first secured application credential. 11. The method of claim 1, further comprising, in response to the second request, verifying that the general application credential matches a known-application credential for the first application. 12. The method of claim 11, wherein the known-application credential is uploaded to the network system via an application developer service design center. 13. The method of claim 11, further comprising obtaining the known-application credential from an app store. 14. The method of claim 1, the verification step further comprising evaluating a subscriber identifier associated with one or more wireless end-user devices, including the first device. 15. The method of claim 14, further comprising generating the secure device credential based at least in part on one or more of the device identifiers and also on the subscriber identifier. 16. The method of claim 1, further comprising forwarding network messages to the first application on the first device over the secure message link, based on the first secured application credential. 17. The method of claim 1, wherein the secure device credential is a credential associated with a service processor on the first device, the method further comprising confirming the identity of the service processor based at least in part on the secure device credential. 18. The method of claim 1, wherein a first subscriber is associated with both the first device and with a second wireless end-user device, the method further comprising the network system generating, based on the identified first application and a second secure device credential associated with the second device, a second secured application credential unique to the second device. 19. The method of claim 2, wherein the combination comprises a hash.
Copyright KISTI. All Rights Reserved.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.