Abstract: A mobile device may be operable to determine, based on a known location of the mobile device, a location for a RF communication device that communicates with the mobile device, whenever the mobile device is within proximate range of the RF communication device. The determined location for the RF communication device may be stored in a location database in a location server and/or a memory in the RF communication device. The stored location of the RF communication device may then be used to determine a location for other mobile devices that may communicate with the RF communication device and are within proximate range of the RF communication device. The RF communication device may comprise a radio-frequency identification (RFID) device and/or a near field communication (NFC) device. The determined location for the RF communication device may comprise the known location of the mobile device.

Abstract: A method and system for secure and scalable key management for cryptographic processing of data is described herein. In the method, a General Purpose Cryptographic Engine (GPE) receives key material via a secure channel from a key server and stores the received Key encryption keys (KEKs) and/or plain text keys in a secure key cache. When a request is received from a host to cryptographically process a block of data, the requesting entity is authenticated using an authentication tag included in the request. The GPE retrieves a plaintext key or generate a plaintext using a KEK if the authentication is successful, cryptographically processes the data using the plaintext key and transmits the processed data. The system includes a key server that securely provides encrypted keys and/or key handles to a host and key encryption keys and/or plaintext keys to the GPE.

Abstract: A multi-radio mobile device comprises a plurality of different radios. When a location update occurs, the multi-radio mobile device, at a specific location, acquires location-based radio information from a remote location server. The multi-radio mobile device selects a radio for use in the specific location based on the acquired location-based radio information comprising available radios in the specific location and radio weights. The radio is selected from the available radios based on the radio weights in the specific location. Transmissions of a desired service are received in the specific location utilizing the selected radio. Location-based radio measurements reports to the remote location server are generated utilizing signal strength measurements for the received signals. Radio quality information of the available radios is calculated by the location server utilizing location-based radio measurement reports from associated users.

Abstract: Systems and methods for embedded tamper mesh protection are provided. The embedded tamper mesh includes a series of protection bond wires surrounding bond wires carrying sensitive signals. The protection bond wires are positioned to be vertically higher than the signal bond wires. The protection wires may be bonded to outer contacts on the substrate while the signal bond wires are bonded to inner contacts, thereby creating a bond wire cage around the signal wires. Methods and systems for providing package level protection are also provided. An exemplary secure package includes a substrate having multiple contacts surrounding a die disposed on an upper surface of the substrate. A mesh die including a series of mesh die pads is coupled to the upper surface of the die. Bond wires are coupled from the mesh die pads to contacts on the substrate thereby creating a bond wire cage surrounding the die.

Abstract: A secure processor such as a TPM generates one-time-passwords used to authenticate a communication device to a service provider. In some embodiments the TPM maintains one-time-password data and performs the one-time-password algorithm within a secure boundary associated with the TPM. In some embodiments the TPM generates one-time-password data structures and associated parent keys and manages the parent keys in the same manner it manages standard TPM keys.

Abstract: Methods and systems are provided that use smartcards, such as subscriber identity module (SIM) cards to provide secure functions for a mobile client. One embodiment of the invention provides a mobile communication network system that includes a mobile network, a mobile terminal, a server coupled to the mobile terminal via the mobile network, and a subscriber identity module (SIM) card coupled to the mobile terminal. The SIM card includes a first key and a second key. The first key is used to authenticate an intended user of the mobile terminal to the mobile network. Upon successful authentication of the intended user to the mobile network, the mobile terminal downloads a function offered from the server through the mobile network. The second key is then used by the mobile terminal to authenticate the intended user to the downloaded function so that the intended user can utilize the function.

Abstract: A system and method is provided for processing and storing captured data in a wireless communication device based on detected biometric event data. The captured data may be acquired through a data acquisition system with devices or sensors in an integrated or distributed configuration. The captured data may include multimedia data of an event with time, date and/or location stamping, and captured physiological and behavioral biometric event data in response to the event. The captured data may be dynamically stored in a data binding format or as raw data in a local host device or communicated externally to be stored in a remote host or storage. At least one user preference may be specified for linking a biometric event data to the mapped, analyzed, categorized and stored captured data in a database. Captured data may be retrieved by matching biometric event data to at least one user preference from the database.

Abstract: Methods and systems for secure key generation are provided. In embodiments, during the manufacturing process, a device generates a primary seed for the device and stores the seed within the device. The device exports the device primary key to a secure manufacturer server. The secure manufacturer server generates a public/private root key for the device and requests a certificate for the public root key of the device from a certificate authority. The device, having the stored primary seed, is integrated into an end-user system. Upon occurrence of a condition, the device after integration into the end-user system generates the public/private root key in the field. The system also receives and installs the certificate for the public root key.

Abstract: Methods and systems for an atomizing function for a mobile device are disclosed and may include discovering available resources via a handheld wireless communication device (HWCD) and assessing respective cost functions for processing tasks by the HWCD and/or the discovered resources. The tasks may be apportioned for local and/or remote execution by the HWCD and/or the discovered resources based on the assessed cost functions. The assessed cost functions may be dependent on factors comprising communication bandwidth, memory space, CPU processing power, and battery power, which may be weighted. The cost functions may be dynamically assessed, enabling dynamic reapportioning of the tasks, which may be apportioned based on latency, quality of service (QoS), priority and/or user preferences associated with the local and/or remote execution. The apportioning of the processing of the tasks may be based on the assessed cost functions, and a priority and/or a QoS associated with the task.

Abstract: A method and system for secure and scalable key management for cryptographic processing of data is described herein. In the method, a General Purpose Cryptographic Engine (GPE) receives key material via a secure channel from a key server and stores the received Key encryption keys (KEKs) and/or plain text keys in a secure key cache. When a request is received from a host to cryptographically process a block of data, the requesting entity is authenticated using an authentication tag included in the request. The GPE retrieves a plaintext key or generate a plaintext using a KEK if the authentication is successful, cryptographically processes the data using the plaintext key and transmits the processed data. The system includes a key server that securely provides encrypted keys and/or key handles to a host and key encryption keys and/or plaintext keys to the GPE.

Abstract: A location server may be operable to refine a location for a RF node based on a weight applied to one or more location samples that are received from one or more mobile devices. The received location samples may be weighted based on a manufacturer and/or a model information of each of the mobile devices, properties and/or conditions of a RF environment associated with each of the mobile devices, a GNSS dilution of precision, motion sensors used by each of the mobile devices and/or a geometrical population condition associated with each of the mobile devices within range of the RF node. A valid location for the RF node may be generated utilizing the weighted location samples. The location server may update location information for the RF node, which may be stored in a location database, utilizing the valid location for the RF node.

Abstract: A mobile device collects information about application usage and associates collected application information with a location of the mobile device and/or a time that the application is accessed. The application is stored on the mobile device or on an external device and accessed via a network. The application information, location of the mobile device and time the application is accessed are communicated to another device and stored in a storage device which may be operated or managed by a service provider or another entity. The application information may comprise identification of a website, a network device or URL, the application and/or data that is input and/or output from the application. The location of the mobile device and/or the time, are determined utilizing a GNSS receiver and/or utilizing information from a network device. The application information, the location of the mobile device and/or the time may be utilized for targeted advertizing.

Abstract: A Wireless mobile communication (WMC) device may maintain user preference information, which is unique to the WMC device capabilities and the device user. The WMC device may modify and/or update the user preference information based on device use and information ascertained from applications running on the WMC device itself; for example scheduling applications. The user preference information may be utilized to create context data tags for generated data on the WMC device. Context data tags may comprise such information as time/date stamping, subject information, and/or location information. The context data tags may be utilized to tag the generated data, enabling continuous and improved cataloging. Improved cataloging may enable improved searchability of tagged data. Tagged data alternatively and/or additionally may be transferred and stored in a remote device for improved and secure back-up storage. The remote device may utilize context data tags for cataloging and storing received data.

Abstract: An authorized user may be provided access to a service only when a wireless token assigned to the user is in the proximity of a computing device. A user's credential may be stored on an RFID token and an RFID reader may be implemented within a security boundary on the computing device, Thus, the credential may be passed to the security boundary without passing through the computing device via software messages or applications. The security boundary may be provided, in part, by incorporating the RFID reader onto the same chip as a cryptographic processing component, Once the information is received by the RFID reader it may be encrypted within the chip. As a result, the information may never be presented in the clear outside of the chip. The cryptographic processing component may cryptographically encrypt/sign the credential received from the token.

Abstract: Techniques are provided to authenticate components in a system. Users may enter credentials into an input device and the credentials may be authenticated and/or securely transmitted to the components. The components may then provide the credentials to a server in the system. Strong authentication may thus be provided to the effect that credentials associated with specific users have been received from specific components in the system. The server may then enable the components to access selected services.

Abstract: A communication device within a GNSS group propagates GNSS assistance data to one or more other communication devices in the GNSS group utilizing direct device-to-device connections. The GNSS assistance data comprises ephemeris received from one or more GNSS satellites and/or predicted ephemeris. As a source device, the communication device generates, and/or acquires from other resources such as a remote location server, the predicted ephemeris. As a destination device, the communication device receives existing GNSS assistance data from a source device and/or other communication devices in the GNSS group. A GNSS position for the communication device and corresponding time information are used to refresh the received GNSS assistance data.

Abstract: A wireless mobile communication (WMC) device may be determine a quality of service (QOS) required to communicate data. The WMC device may utilize a plurality of physical layers available in the WMC device to retain the QOS throughout the data communication. The physical layers may comprise a plurality of wireless technologies and/or a plurality of transmission power levels within each wireless technology. Selection of physical layers that may be utilized may comprise determination of available QOS through the physical layers, available power in the WMC device, and/or power requirement for communicating data via the physical layers. Data encoding may also be utilized to alter size of communicated data while retaining the required QOS. Data encoding may comprise utilizing encoding schemes, data compression, and/or redundancy bits. A set of deadlines may be utilized to enable switching between available physical layers to ensure maintaining and/or achieving required QOS.

Abstract: A handheld wireless communication device (HWCD) establishes an ad hoc network comprising interconnected networks for a user. The HWCD gains access to content on a first device and controls communication of the content from the first device via the HWCD to a second device. The HWCD enables the second device to consume the content. The content may be streamed from the first device via the HWCD to the second device. The first device is a service provider network device or other network device. The access may be authenticated and/or secure. Secure access to the content is extended from the first device to the second device. The ad hoc network is configured and/or reconfigured until communication is complete. The HWCD comprises multiple wireless interfaces. The ad hoc network comprises a PAN, WLAN, WAN and/or cellular network. The HWCD may hand-off among base stations during communication of the content.

Abstract: Access to secured services may be controlled based on the proximity of a wireless token to a computing device through which access to the secured services is obtained. An authorized user may be provided access to a service only when a wireless token assigned to the user is in the proximity of the computing device. A user's credential may be stored on an RFID token and an RFID reader may be implemented within a security boundary on the computing device. Thus, the credential may be passed to the security boundary without passing through the computing device via software messages or applications. The security boundary may be provided, in part, by incorporating the RFID reader onto the same chip as a cryptographic processing component. Once the information is received by the RFID reader it may be encrypted within the chip. As a result, the information may never be presented in the clear outside of the chip.

Abstract: Dynamically splitting jobs in wireless system between agnostic processor may comprise evaluating a job that a wireless mobile communication device may be requested to perform. The wireless mobile communication (WMC) device may evaluate a requested job to determine if one or more tasks may be sent to a remote device. The WMC device may consider such factors as information pertaining to the WMC device itself, information relating to the connection between the devices, and/or information pertaining to the remote device. This information may comprise such data as power availability in the wireless mobile communication device, processing load in the WMC device, processing and/or storage capabilities of the remote device, and characteristics of the connectivity between the two devices.