System for protection and authentication of location services with distributed security

US 8,837,733 B2
Filed: 09/11/2012
Issued: 09/16/2014
Est. Priority Date: 05/16/2012
Status: Active Grant

First Claim

Patent Images

1. A method for providing secure location information, said method comprising:

receiving, by a secure location processor (SLP), security key exchange information including security keys from a location requesting entity, said location requesting entity external to said SLP;

obtaining location determination measurements, said obtaining performed by said SLP;

verifying that said location determination measurements have not exceeded an expiration threshold, said verifying performed by said SLP;

determining location information based on said location determination measurements, said determining performed by said SLP;

encrypting said location information based on said security keys, said encrypting performed by said SLP;

transmitting said encrypted location information from said SLP to said location requesting entity;

adjusting the accuracy of said location determination measurements based on credentials of said location requesting entity, said adjusting performed by said SLP;

encrypting said adjusted location determination measurements based on said security keys, said encrypting performed by said SLP; and

transmitting said encrypted location determination measurements from said SLP to said location requesting entity.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Generally, this disclosure provides methods and apparatus for the protection and authentication of location services based on a distributed security system. The method may include exchanging security keys between a secure location processor (SLP) and a location requesting entity, the location requesting entity external to the SLP; obtaining location determination measurements, the obtaining performed by the SLP; determining a location based on the location determination measurements, the determining performed by the SLP; encrypting the location based on the security keys, the encrypting performed by the SLP; and transmitting the encrypted location from the SLP to the location requesting entity.

Citations

19 Claims

1. A method for providing secure location information, said method comprising:
- receiving, by a secure location processor (SLP), security key exchange information including security keys from a location requesting entity, said location requesting entity external to said SLP;
  
  obtaining location determination measurements, said obtaining performed by said SLP;
  
  verifying that said location determination measurements have not exceeded an expiration threshold, said verifying performed by said SLP;
  
  determining location information based on said location determination measurements, said determining performed by said SLP;
  
  encrypting said location information based on said security keys, said encrypting performed by said SLP;
  
  transmitting said encrypted location information from said SLP to said location requesting entity;
  
  adjusting the accuracy of said location determination measurements based on credentials of said location requesting entity, said adjusting performed by said SLP;
  
  encrypting said adjusted location determination measurements based on said security keys, said encrypting performed by said SLP; and
  
  transmitting said encrypted location determination measurements from said SLP to said location requesting entity.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein said SLP provides a trusted execution environment (TEE) comprising a processor and memory, and said TEE restricts access to control and data within said SLP from entities external to said SLP.
  - 3. The method of claim 1, wherein said encryption provides security of said location information and authenticity of said location information.
  - 4. The method of claim 1, wherein said location determination measurements are obtained from a sensor selected from the group consisting of a global positioning system (GPS) receiver, a wireless fidelity (WiFi) access point, and a wireless sensor.
  - 5. The method of claim 1, further comprising providing an application programming interface (API) between said SLP and said location requesting entity, wherein said API provides standardized request and response message formats.
  - 6. The method of claim 1, wherein said location requesting entity is selected from the group consisting of a trusted application and a trusted server.
  - 7. The method of claim 1, further comprising adjusting the accuracy of said transmitted location information based on credentials of said location requesting entity.
  - 8. The method of claim 1, wherein said encryption provides security of said location determination measurements and authenticity of said location determination measurements.

9. A mobile platform with secure location capability, said platform comprising:
- a host comprising a processor and a memory, said host configured to run an operating system and one or more applications;
  
  a secure location processor (SLP) coupled to said host through an application programming interface (API) and configured to at least receive security key exchange information including security keys from a location requesting entity external to said SLP, said SLP comprising;
  
  a receiver configured to provide location measurement data;
  
  a location engine coupled to said receiver, said location engine configured to generate location information based on said location measurement data; and
  
  a trusted execution environment (TEE) configured to;
  
  restrict access to control and data within said SLP from said host and said operating system and said applications;
  
  verify that said location measurement data has not exceeded an expiration threshold;
  
  adjust the accuracy of said location measurement data based on credentials of said location requesting entity; and
  
  encrypt said adjusted location measurement data and encrypt said location information for transmission to said location requesting entity.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The platform of claim 9, wherein said encryption is based on said security keys.
  - 11. The platform of claim 9, wherein said restricted access comprises memory protection mechanisms and processor privileged mode execution mechanisms.
  - 12. The platform of claim 9, wherein said restricted access comprises physical separation of hardware.
  - 13. The platform of claim 9, wherein said receiver selected from the group consisting of a global positioning system (GPS) receiver, a wireless fidelity (WiFi) receiver, and a wireless sensor.
  - 14. The platform of claim 9, wherein said API provides standardized request and response message formats.
  - 15. The platform of claim 9, wherein said encryption provides security of said location information and authenticity of said location information.
  - 16. The platform of claim 9, wherein said location requesting entity is selected from the group consisting of a trusted application and a trusted server.

17. A non-transitory computer-readable storage medium having instructions stored thereon which when executed by a processor result in the following operations for securely providing context sensor data, said operations comprising:
- receiving, by a secure location processor (SLP), security key exchange information including security keys from a location requesting entity, said location requesting entity external to said SLP;
  
  obtaining location determination measurements, said obtaining performed by said SLP;
  
  verifying that said location determination measurements have not exceeded an expiration threshold, said verifying performed by said SLP;
  
  determining location information based on said location determination measurements, said determining performed by said SLP;
  
  adjusting the accuracy of said location information based on credentials of said location requesting entity, said adjustment performed by said SLP;
  
  encrypting said adjusted location information based on said security keys, said encrypting performed by said SLP; and
  
  transmitting said encrypted location information from said SLP to said location requesting entity.
- View Dependent Claims (18, 19)
- - 18. The computer-readable storage medium of claim 17, wherein said SLP provides a trusted execution environment (TEE) comprising a processor and memory, and said TEE restricts access to control and data within said SLP from entities external to said SLP.
  - 19. The computer-readable storage medium of claim 17, further comprising the operation of providing an application programming interface (API) between said SLP and said location requesting entity, wherein said API provides standardized request and response message formats.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Alpert, Yaron, Zukerman, Gil
Primary Examiner(s)
PERUNGAVOOR, VENKATANARAY

Application Number

US13/610,441
Publication Number

US 20130311764A1
Time in Patent Office

735 Days
Field of Search

None
US Class Current

380/270
CPC Class Codes

H04W 12/033   of the user plane, e.g. use...

H04W 12/04   Key management, e.g. using ...

H04W 12/10   Integrity

H04W 12/63   Location-dependent; Proximi...

H04W 4/02   Services making use of loca...

System for protection and authentication of location services with distributed security

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

System for protection and authentication of location services with distributed security

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links