Apparatus and methods for secure architectures in wireless networks

US 9,769,669 B2
Filed: 10/26/2012
Issued: 09/19/2017
Est. Priority Date: 07/20/2005
Status: Active Grant

First Claim

Patent Images

1. An apparatus for exchanging data with a wireless device, comprising:

a configuration generator operable to generate a configuration for receipt by a wireless device, the configuration indicating desired information to be collected and operable to cause the wireless device to collect the desired information from a device resource on the wireless device, wherein the configuration comprises at least one software application configured to execute on a processor of the wireless device to direct the collection of the desired information by the wireless device;

an information repository operable to store the desired information collected from the wireless device based on the configuration;

a communications module and a processor operable to establish a connection between the apparatus and the wireless device over a wireless network; and

a security module operable to provide a predetermined security mechanism to the wireless device, the predetermined security mechanism being associated with the configuration and being based on a predetermined exchange protocol with the wireless device, wherein the predetermined security mechanism authenticates the apparatus to the wireless device, and wherein the predetermined security mechanism is based on a predetermined security procedure established between the apparatus and the wireless device;

wherein the communication module is configured to send the configuration to the wireless device, receive the desired information from the wireless device, and provide the desired information from the wireless device to the information repository for storage, andwherein the security module is further operable, during the connection between the apparatus and the wireless device and after the communication module receives the desired information from the wireless device, to change at least one of the predetermined security mechanism or the predetermined security procedure.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Apparatus, methods, computer readable media and processors may provide a secure architecture within which a client application on a wireless device may, in some aspects, exchange information securely with resident device resources, and in other aspects, with a remote server over a wireless network.

Citations

19 Claims

1. An apparatus for exchanging data with a wireless device, comprising:
- a configuration generator operable to generate a configuration for receipt by a wireless device, the configuration indicating desired information to be collected and operable to cause the wireless device to collect the desired information from a device resource on the wireless device, wherein the configuration comprises at least one software application configured to execute on a processor of the wireless device to direct the collection of the desired information by the wireless device;
  
  an information repository operable to store the desired information collected from the wireless device based on the configuration;
  
  a communications module and a processor operable to establish a connection between the apparatus and the wireless device over a wireless network; and
  
  a security module operable to provide a predetermined security mechanism to the wireless device, the predetermined security mechanism being associated with the configuration and being based on a predetermined exchange protocol with the wireless device, wherein the predetermined security mechanism authenticates the apparatus to the wireless device, and wherein the predetermined security mechanism is based on a predetermined security procedure established between the apparatus and the wireless device;
  
  wherein the communication module is configured to send the configuration to the wireless device, receive the desired information from the wireless device, and provide the desired information from the wireless device to the information repository for storage, andwherein the security module is further operable, during the connection between the apparatus and the wireless device and after the communication module receives the desired information from the wireless device, to change at least one of the predetermined security mechanism or the predetermined security procedure.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The apparatus of claim 1, wherein the security module further comprises at least one of an information transfer client security module or a secure resource interface module, wherein the information transfer client security module comprises a first set of predetermined procedures for authenticating the apparatus, wherein the secure resource interface module comprises a second set of predetermined procedures for authenticating an information transfer client operable to execute the configuration on the wireless device to the device resource, and wherein the security module is further operable to communicate the respective one of the information transfer client security module and the secure resource interface module to an affiliated wireless device.
  - 3. The apparatus of claim 1, wherein the desired information comprises diagnostic information for the wireless device.
  - 4. The apparatus of claim 1, wherein the desired information comprises diagnostic information for the wireless network.
  - 5. The apparatus of claim 1, wherein the desired information comprises a data log.
  - 6. The apparatus of claim 5, wherein the apparatus further comprises a log analyzer operable to generate a report based on the data log.
  - 7. The apparatus of claim 1, wherein the security mechanism comprises at least one of a digital signature or certificate, a secure hash function, an asymmetric key encryption mechanism utilizing public and private keys, a symmetric key encryption mechanism, or a session key generation algorithm.
  - 8. The apparatus of claim 1, wherein the communications module is configured to transmit secure data over the wireless network by:
    - establishing a connection with the wireless device;
      
      receiving authenticating information from the wireless device;
      
      setting up an encryption protocol with the wireless device; and
      
      transmitting encrypted data from the apparatus to the wireless device based on the encryption protocol.
  - 9. The apparatus of claim 8, wherein the security module is operable to authenticate the wireless device based upon the authenticating information.
  - 10. The apparatus of claim 8, wherein the configuration comprises at least one configuration message that indicates the desired information to be collected by directing the wireless device to particular information stored by the wireless device.
  - 11. The apparatus of claim 8, wherein the security module is further operable to change at least one of the predetermined security mechanism and the predetermined security procedure in response to receiving an indication from the wireless device to change at least one of the predetermined security mechanism or the predetermined security procedure.
  - 12. The apparatus of claim 1, wherein the wireless device includes a plurality of access levels and the predetermined security mechanism is associated with one access level of the plurality of access levels.

13. A method for secure information exchange with a wireless device over a wireless network, comprising:
- establishing a communication protocol between an apparatus and the wireless device;
  
  generating a collection configuration indicating desired information to be collected and operable to cause the wireless device to collect the desired information from a device resource on the wireless device, wherein the collection configuration comprises at least one software application configured to execute on a processor of the wireless device to direct the collection of the desired information by the wireless device;
  
  establishing a connection with the wireless device using the communication protocol on the wireless network;
  
  transmitting the collection configuration and a security mechanism, associated with the collection configuration, to the wireless device over the wireless network, wherein the security mechanism is based on a predetermined security procedure established between the apparatus and the wireless device;
  
  receiving from the wireless device the desired information based on the collection configuration in response to the security mechanism authenticating the apparatus to the wireless device based on a predetermined security procedure; and
  
  changing at least one of the security mechanism or the predetermined security procedure during the connection between the apparatus and the wireless device and after receiving from the wireless device the desired information.
- View Dependent Claims (14, 15, 16)
- - 14. The method of claim 13, comprising receiving secure data over the wireless network, including:
    - receiving authenticating information from the wireless device, the apparatus operable to authenticate the wireless device based upon the authenticating information;
      
      setting up an encryption protocol with the wireless device; and
      
      transmitting encrypted data from the apparatus to the wireless device based on the encryption protocol.
  - 15. The method claim 13, wherein the desired information comprises a data log, and wherein the method further comprises generating a report based on the data log.
  - 16. The method claim 13, wherein the apparatus comprises a remote server.

17. A machine-readable non-transitory medium comprising instructions which, when executed by a machine, cause the machine to perform operations comprising:
- establishing a communication protocol between an apparatus and a wireless device;
  
  generating a collection configuration indicating desired information to be collected and operable to cause the wireless device to collect the desired information from a device resource on the wireless device, wherein the collection configuration comprises at least one software application configured to execute on a processor of the wireless device to direct the collection of the desired information by the wireless device;
  
  establishing a connection with the wireless device using the communication protocol on the wireless network;
  
  transmitting the collection configuration and a security mechanism, associated with the collection configuration, to the wireless device over a wireless network, wherein the security mechanism is based on a predetermined security procedure established between the apparatus and the wireless device;
  
  receiving from the wireless device the predetermined information based on the collection configuration; and
  
  changing at least one of the security mechanism or the predetermined security procedure during the connection between the apparatus and the wireless device and after receiving from the wireless device the predetermined information.

18. At least one processor configured to perform actions comprising:
- establishing a communication protocol between an apparatus and a wireless device;
  
  generating a collection configuration indicating desired information to be collected and operable to cause the wireless device to collect the desired information from a device resource on the wireless device, wherein the collection configuration comprises at least one software application configured to execute on a processor of the wireless device to direct the collection of the desired information by the wireless device;
  
  establishing a connection with the wireless device using the communication protocol on the wireless network;
  
  transmitting the collection configuration and a security mechanism, associated with the collection configuration, to the wireless device over a wireless network, wherein the security mechanism is based on a predetermined security procedure established between the apparatus and the wireless device;
  
  receiving from the wireless device the predetermined information based on the collection configuration; and
  
  changing at least one of the security mechanism or the predetermined security procedure during the connection between the apparatus and the wireless device and after receiving from the wireless device the predetermined information.

19. A remote server, comprising:
- means for establishing a communication protocol between an apparatus and a wireless device;
  
  means for generating a collection configuration indicating desired information to be collected and operable to cause the wireless device to collect the desired information from a device resource on the wireless device, wherein the collection configuration comprises at least one software application configured to execute on a processor of the wireless device to direct the collection of the desired information by the wireless device;
  
  means for establishing a connection with the wireless device using the communication protocol on the wireless network;
  
  means for transmitting the collection configuration and a security mechanism, associated with the collection configuration, to the wireless device over a wireless network, wherein the security mechanism is based on a predetermined security procedure established between the apparatus and the wireless device;
  
  means for receiving from the wireless device the predetermined information based on the collection configuration; and
  
  means for changing at least one of the security mechanism or the predetermined security procedure during the connection between the apparatus and the wireless device and after the means for receiving receives from the wireless device the predetermined information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Qualcomm, Inc.
Original Assignee
Qualcomm, Inc.
Inventors
Fok, Kenny, Yip, Eric Chi Chung
Primary Examiner(s)
AJIBADE AKONAI, OLUMIDE

Application Number

US13/661,816
Publication Number

US 20130054973A1
Time in Patent Office

1,789 Days
Field of Search

455410, 455411, 455423, 455418, 455419, 380247, 380248, 380249, 380270, 380282, 726 4, 726 10, 713150, 713152, 713168, 713171, 713172, 713181, 713182
US Class Current
CPC Class Codes

G06F 21/445   by mutual authentication, e...

H04W 12/04   Key management, e.g. using ...

H04W 12/069   using certificates or pre-s...

H04W 12/122   Counter-measures against at...

H04W 88/02   Terminal devices

Apparatus and methods for secure architectures in wireless networks

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Apparatus and methods for secure architectures in wireless networks

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links