Method for providing location certificates
First Claim
1. A secure method of establishing the location of an object by calculating in-situ the location of the object from received radio signals wherein the radio signals are received from a beacon via a two-way communication between the beacon and a sensor on the object, comprisingcomputing and transmitting at said sensor a signal including a challenge value and observing a clock associated with said sensor,recognizing at said beacon the transmitted sensor signal, observing at the beacon a clock associated with the beacon, constructing a response message including the sensor'"'"'s received challenge value, the beacon'"'"'s location, its location certificate and a time stamp, and transmitting the response message to said sensor,recognizing at said sensor said transmitted response message, observing the sensor clock, and validating the response message, computing the signal transit time and estimating the distance to the beacon, and based on the location of the beacon and the distance, calculating the location of the sensor and thereby the location of the object, andtransmitting in response to a request from a requestor a message comprising the digitally signed calculated location of the object.
0 Assignments
0 Petitions
Accused Products
Abstract
Methods and apparatus for providing location certificates to certify the position or location of an object are disclosed. The position of the object is computed using radio signals and the secure transmission of the computed position is achieved using public key encryption techniques.
-
Citations
20 Claims
-
1. A secure method of establishing the location of an object by calculating in-situ the location of the object from received radio signals wherein the radio signals are received from a beacon via a two-way communication between the beacon and a sensor on the object, comprising
computing and transmitting at said sensor a signal including a challenge value and observing a clock associated with said sensor, recognizing at said beacon the transmitted sensor signal, observing at the beacon a clock associated with the beacon, constructing a response message including the sensor'"'"'s received challenge value, the beacon'"'"'s location, its location certificate and a time stamp, and transmitting the response message to said sensor, recognizing at said sensor said transmitted response message, observing the sensor clock, and validating the response message, computing the signal transit time and estimating the distance to the beacon, and based on the location of the beacon and the distance, calculating the location of the sensor and thereby the location of the object, and transmitting in response to a request from a requestor a message comprising the digitally signed calculated location of the object.
-
6. Apparatus for providing location certificates comprising
a location certification unit for receiving radio signals from two or more beacons, said location certificate unit including position determination means and secure authorization means, said secure authorization means including a private key of a private key-public key pair for digitally signing messages sent to a requesting source, a certificate for the public key certifying that the public key is in fact the public key of the secure authorization means, a clock synchronized with clocks in the beacons, means for receiving and processing a time stamp transmitted by a beacon, and means for determining from the time stamp and the clock in the secure authorization means that a received radio signal is from a valid beacon, said beacons providing radio signals from which said position determination means can compute its position and said secure authorization means can determine that the signals are valid, and means for sending to said requesting source upon request a digitally signed message including the computed position of said location certificate unit and the certificate for the public key which public key is to be used by the requesting source to verify the signed message.
- 10. A location certification unit comprising a position determination unit, a secure authorization unit coupled to said position determination unit, a memory within said secure authorization unit, a digital signature key stored in the form of digital data in said memory, said key having an associated public key, a certificate for said public key, said certificate being stored in said memory, a sensor for receiving a message from a beacon that includes the clock time at which the message was transmitted and for processing the message to retrieve the clock time, the sensor including a clock, said position determination unit computing from the retrieved clock time and the time of sensing a received message as indicated by the sensor clock the radial distance the location certification unit is from the beacon thereby determining the location of the location certification unit as being within a geographical area centered on the beacon, and means for communicating to a requestor in response to a request the certified location of said location unit, said certified location comprising the location as determined by said position determining unit signed with said digital signature key and the certificate for said public key.
-
15. A location certification unit comprising;
-
a position determination unit for determining the position of the location certification unit from received radio signals, a secure authorization unit coupled to the position determination unit and comprising a memory, a sensor having a clock for providing clock time, and means for communicating to a requestor in response to a request a message containing the certified position of the location certification unit as determined by the position determination unit, said memory having stored therein a digital signature key and a certificate for a public key associated with the digital signature key, said clock providing a clock time for validating a received radio signal, the signal containing the time at which it was transmitted, sensed by the sensor as being from a valid source, and said certified position of the location certification unit comprising (1) the position of the location certification unit as determined by the position determination unit signed using the digital signature key and (2) the certificate. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification