Patents by Inventor Warren Hojilla UY
Warren Hojilla UY has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11444788Abstract: A method or system for authentication and access control in for network device management is disclosed. The method or system may include establishing a communication channel between a user device and a network device and receiving, by the network device, a public-key certificate including a specified identity of the user device. The method or system may include determining whether the public-key certificate is valid against a root certificate stored in the network device, and determining an actual identity of the user device. The method or system may include indicating that the user device is authentic and authorized when the received public-key is valid against the root certificate and when the actual identity of the user device matches the specified identity in the public-key certificate.Type: GrantFiled: April 13, 2020Date of Patent: September 13, 2022Assignee: Verizon Patent and Licensing Inc.Inventors: Warren Hojilla Uy, Young R. Choi, Manuel Enrique Caceres, Emilia C. Quijano
-
Patent number: 11438759Abstract: An improved cellular network architecture enables the provisioning of mobile profiles on devices lacking bootstrap profiles. A mobile device transmits an attach request that includes a pre-configured mobile country code (MCC) and mobile network code (MNC) uniquely associated with an emergency data session. The mobile device is then null-authenticated with a subscriber database, and an emergency data session is established, the emergency data session allowing traffic to a mobile profile manager. The mobile device can then download a mobile profile from the mobile profile using the emergency data session. Thus, a mobile device does not require a provisioning profile to download a full (or provisioning) mobile profile from a cellular network as in existing solutions.Type: GrantFiled: December 2, 2020Date of Patent: September 6, 2022Assignee: Verizon Patent and Licensing Inc.Inventors: Warren Hojilla Uy, Mun Wei Low, Manuel Enrique Caceres, Hitesh A. Anklesaria
-
Patent number: 11388594Abstract: A first wireless access device, associated with a wireless service provider, establishes a wireless local area network connection with a second wireless access device and receives a certificate including a unique identifier associated with the second wireless access device. The first wireless access device determines whether the second wireless access device is authorized to connect to the first wireless access device. For example, if the certificate is signed by a certificate authority associated with the wireless service provider and the unique identifier appears in a whitelist stored at the first wireless access device, the first wireless access device and the second wireless access device perform a mutual authentication procedure based on one or more ephemeral keys. The first wireless access device provides the second wireless access device with access to a wide area network based on successful completion of the mutual authentication procedure.Type: GrantFiled: November 14, 2018Date of Patent: July 12, 2022Assignee: Verizon Patent and Licensing Inc.Inventors: Warren Hojilla Uy, Young R. Choi, Samirkumar Patel
-
Patent number: 11375367Abstract: A device may obtain, from a remote SIM provisioning (RSP) platform associated with a wireless network, a subscription identifier for a target device to be onboarded onto the wireless network. The device may generate a derived set of credentials for the target device based on an existing set of credentials in a SIM profile associated with the device. The device may generate a derived SIM profile that includes the subscription identifier obtained from the RSP platform and the derived set of credentials, and the device may cause the derived SIM profile to be provisioned onto an embedded Universal Integrated Circuit Card (eUICC) of the target device. Accordingly, the derived SIM profile may enable the target device to use the derived set of credentials to obtain authenticated access to the wireless network.Type: GrantFiled: May 7, 2019Date of Patent: June 28, 2022Assignee: Verizon Patent and Licensing Inc.Inventors: Zhengfang Chen, Taussif Khan, Manuel Enrique Caceres, Warren Hojilla Uy
-
Publication number: 20220174474Abstract: An improved cellular network architecture enables the provisioning of mobile profiles on devices lacking bootstrap profiles. A mobile device transmits an attach request that includes a pre-configured mobile country code (MCC) and mobile network code (MNC) uniquely associated with an emergency data session. The mobile device is then null-authenticated with a subscriber database, and an emergency data session is established, the emergency data session allowing traffic to a mobile profile manager. The mobile device can then download a mobile profile from the mobile profile using the emergency data session. Thus, a mobile device does not require a provisioning profile to download a full (or provisioning) mobile profile from a cellular network as in existing solutions.Type: ApplicationFiled: December 2, 2020Publication date: June 2, 2022Applicant: VERIZON PATENT AND LICENSING INC.Inventors: Warren Hojilla UY, Mun Wei LOW, Manuel Enrique CACERES, Hitesh A. ANKLESARIA
-
Publication number: 20220167152Abstract: A first user device may provide, to a provisioning device, a request for a subscriber identity module (SIM) swap that causes provisioning data to be provided to a first SIM card of the first user device and from a second SIM card of a second user device. The first user device may generate a first encrypted token based on a first identifier associated with the first SIM card. The first user device may provide, to the provisioning device, the first encrypted token and a user identifier. The first user device may selectively receive the provisioning data when the first encrypted token matches a second encrypted token generated by the second user device based on a second identifier associated with the second SIM card, or receive a message indicating that the first user device cannot be provisioned, when the first encrypted token fails to match the second encrypted token.Type: ApplicationFiled: November 20, 2020Publication date: May 26, 2022Applicant: Verizon Patent and Licensing Inc.Inventors: Warren Hojilla UY, Mun Wei LOW, Young Rak CHOI, Manuel Enrique CACERES, Taussif KHAN
-
Publication number: 20220158981Abstract: A device may receive a request to establish a virtualized environment to support a session for a client device in communication with the computing device over a network. The device may instantiate the virtualized environment in a trusted execution environment of the device, wherein the trusted execution environment may include one or more hardware resources that isolate the virtualized environment from a rich execution environment associated with the device. The device may cause a hardware security module associated with the device to obtain one or more cryptographic keys by communicating with a secure element of the client device, and the device may secure communication between a local operating system executing on the client device and the virtualized environment instantiated in the trusted execution environment using the one or more cryptographic keys.Type: ApplicationFiled: February 2, 2022Publication date: May 19, 2022Applicant: Verizon Patent and Licensing Inc.Inventors: Manuel Enrique CACERES, Taussif KHAN, Mauricio Pati CALDEIRA DE ANDRADA, Warren Hojilla UY
-
Patent number: 11272340Abstract: A method, device, and computer-readable medium provide for establishing, by a fixed wireless access (FWA) device in a customer premises equipment (CPE) network, a communication channel with a user device; dynamically generating, by the FWA device, a one-time personal identification number (PIN); sharing, by the FWA device, the one-time PIN with the user device; pairing, by the FWA device and based on activation of one-time PIN, the user device via a short-range connection; and performing, by the FWA device using the short-range connection, at least one of setup or installation of one or more devices in the CPE network.Type: GrantFiled: April 29, 2020Date of Patent: March 8, 2022Assignee: Verizon Patent and Licensing Inc.Inventors: Warren Hojilla Uy, Samirkumar Patel, Young R. Choi, Emilia C. Quijano, Dayong He, Manuel Enrique Caceres
-
Patent number: 11258773Abstract: A computing device may receive a request to establish a virtualized environment to support a session for a client device in communication with the computing device over a network. The computing device may instantiate the virtualized environment in a trusted execution environment of the computing device, wherein the trusted execution environment may include one or more hardware resources that isolate the virtualized environment from a rich execution environment associated with the computing device. The computing device may cause a hardware security module associated with the computing device to obtain one or more cryptographic keys by communicating with a secure element of the client device, and the computing device may secure communication between a local operating system executing on the client device and the virtualized environment instantiated in the trusted execution environment using the one or more cryptographic keys.Type: GrantFiled: May 13, 2019Date of Patent: February 22, 2022Assignee: Verizon Patent and Licensing Inc.Inventors: Manuel Enrique Caceres, Taussif Khan, Mauricio Pati Caldeira De Andrada, Warren Hojilla Uy
-
Patent number: 11259186Abstract: A device determines information concerning the device and sends the information concerning the device to a first device. The device receives, from the first device, information concerning a user device, and receives, from a second device, a request concerning the user device accessing the device. The request includes information identifying the device and information identifying the user device. The device generates a request response by validating the user device for access to the device based on the request and sends, to the second device, the request response to facilitate a communication session to be established between the user device and the device. The device communicates with the user device via the communication session.Type: GrantFiled: January 10, 2019Date of Patent: February 22, 2022Assignee: Verizon Patent and Licensing Inc.Inventors: Byunghun Choi, Jyotsna Kachroo, Ray P. Hwang, Dayong He, Samirkumar Patel, Emilia C. Quijano, Young Rak Choi, Warren Hojilla Uy, Feng Luo, Manuel Enrique Caceres
-
Publication number: 20210389958Abstract: A network device may load, via a boot ROM application, a provider bootloader application from a memory of the network device and may calculate a first hash value based on decrypting a provider bootloader signature with a provider public key. The network device may calculate a second hash value based on the provider bootloader application and may utilize, when the first hash value and the second hash value are equivalent, the provider bootloader application to load an original equipment manufacturer (OEM) bootloader application from the memory. The network device may calculate a third hash value based on decrypting an OEM bootloader signature with one of a plurality of OEM public keys. The network device may calculate a fourth hash value based on the OEM bootloader application. The network device may complete, when the third hash value and the fourth hash value are equivalent, a boot process for the network device.Type: ApplicationFiled: June 11, 2020Publication date: December 16, 2021Applicant: Verizon Patent and Licensing Inc.Inventors: Young Rak CHOI, Warren Hojilla UY, Dayong HE, Manuel Enrique CACERES
-
Publication number: 20210345080Abstract: A method, device, and computer-readable medium provide for establishing, by a fixed wireless access (FWA) device in a customer premises equipment (CPE) network, a communication channel with a user device; dynamically generating, by the FWA device, a one-time personal identification number (PIN); sharing, by the FWA device, the one-time PIN with the user device; pairing, by the FWA device and based on activation of one-time PIN, the user device via a short-range connection; and performing, by the FWA device using the short-range connection, at least one of setup or installation of one or more devices in the CPE network.Type: ApplicationFiled: April 29, 2020Publication date: November 4, 2021Inventors: Warren Hojilla Uy, Samirkumar Patel, Young R. Choi, Emilia C. Quijano, Dayong He, Manuel Enrique Caceres
-
Patent number: 11166211Abstract: Systems, methods, and computer-readable media described herein provide for obtaining, mobility information associated with an end device, wherein the mobility information includes a starting location and a destination location; identifying multiple mobility routes from the starting location to the destination location; identifying a set of wireless resources accessible along each of the mobility routes; selecting, from the multiple mobility routes, a predetermined mobility route based on the sets of wireless resources; selecting, from the sets of wireless resources, wireless resources handover targets in the predetermined mobility route; generating mobility control information including the set of wireless station handover targets; and transmitting a mobility control message including the mobility control information to the end device and at least one of wireless resources handover targets.Type: GrantFiled: July 9, 2019Date of Patent: November 2, 2021Assignee: Verizon Patent and Licensing Inc.Inventors: Manuel Enrique Caceres, Taussif Khan, Warren Hojilla Uy, Mauricio Pati Caldeira de Andrada
-
Publication number: 20210328797Abstract: A device that includes a secure element or a secure environment receives a token for authenticating a user that has an account with a service provider. The device generates, based on the token, a set of keys that include at least a private key and a public key. The device performs a key authentication procedure to compare the set of keys and a configured set of keys and selects a public key, of the set of keys or the configured set of keys, based on a result of the key authentication procedure. The device causes a device identifier of the device and the public key to be provided to another device that uses the device identifier and the public key to perform an authentication procedure to authenticate the user. The device receives, from the other device, an indication of whether the device is connected to a network.Type: ApplicationFiled: June 30, 2021Publication date: October 21, 2021Applicant: Verizon Patent and Licensing Inc.Inventors: Warren Hojilla UY, Manuel Enrique CACERES, Bruno MENDEZ
-
Publication number: 20210320807Abstract: A method or system for authentication and access control in for network device management is disclosed. The method or system may include establishing a communication channel between a user device and a network device and receiving, by the network device, a public-key certificate including a specified identity of the user device. The method or system may include determining whether the public-key certificate is valid against a root certificate stored in the network device, and determining an actual identity of the user device. The method or system may include indicating that the user device is authentic and authorized when the received public-key is valid against the root certificate and when the actual identity of the user device matches the specified identity in the public-key certificate.Type: ApplicationFiled: April 13, 2020Publication date: October 14, 2021Inventors: Warren Hojilla Uy, Young R. Choi, Manuel Enrique Caceres, Emilia C. Quijano
-
Patent number: 11082855Abstract: A user equipment (UE) may receive, from a certificate authority, a first onboarding identifier associated with a private key stored on the UE. The UE may transmit, to a wireless network, an attach request based on the first onboarding identifier. The UE may receive, from the wireless network, a signaling message that includes a second onboarding identifier, wherein the signaling message may be encrypted with a public key paired with the private key stored on the UE. The UE may decrypt the signaling message using the private key stored on the UE to obtain the second onboarding identifier. The UE may obtain a permanent identifier from a Remote SIM Provisioning platform based on the UE completing an authentication procedure using an authentication response obtained from the decrypted signaling message. The UE may then connect to the wireless network using the permanent identifier.Type: GrantFiled: July 20, 2020Date of Patent: August 3, 2021Assignee: Verizon Patent and Licensing Inc.Inventors: Taussif Khan, Warren Hojilla Uy, Axel Hallo De Wolf, Zhengfang Chen, Kala Narayanan, Mary Williams, Musa Kazim Guven, Manuel Enrique Caceres
-
Patent number: 11070376Abstract: A device that includes a secure element or a secure environment receives a token for authenticating a user that has an account with a service provider. The device generates, based on the token, a set of keys that include at least a private key and a public key. The device performs a key authentication procedure to compare the set of keys and a configured set of keys and selects a public key, of the set of keys or the configured set of keys, based on a result of the key authentication procedure. The device causes a device identifier of the device and the public key to be provided to another device that uses the device identifier and the public key to perform an authentication procedure to authenticate the user. The device receives, from the other device, an indication of whether the device is connected to a network.Type: GrantFiled: June 26, 2019Date of Patent: July 20, 2021Assignee: Verizon Patent and Licensing Inc.Inventors: Warren Hojilla Uy, Manuel Enrique Caceres, Bruno Mendez
-
Patent number: 10965643Abstract: A computer device may include a memory configured to store instructions and a processor configured to execute the instructions to select to use an access point name (APN) table to be received from a wireless access network and attach to the wireless access network. The processor may be further configured to execute the instructions to receive a Protocol Configuration Options (PCO) message from the wireless access network; retrieve the APN table from the received PCO message; select an APN from the retrieved APN table; and connect to a packet data network associated with the selected APN via the wireless access network using the selected APN.Type: GrantFiled: May 28, 2019Date of Patent: March 30, 2021Assignee: Verizon Patent And Licensing Inc.Inventors: Andrew Youtz, Warren Hojilla Uy, Siegfried Erhard Eichinger, James Mathison, Christopher M. Schmidt
-
Publication number: 20210014755Abstract: Systems, methods, and computer-readable media described herein provide for obtaining, mobility information associated with an end device, wherein the mobility information includes a starting location and a destination location; identifying multiple mobility routes from the starting location to the destination location; identifying a set of wireless resources accessible along each of the mobility routes; selecting, from the multiple mobility routes, a predetermined mobility route based on the sets of wireless resources; selecting, from the sets of wireless resources, wireless resources handover targets in the predetermined mobility route; generating mobility control information including the set of wireless station handover targets; and transmitting a mobility control message including the mobility control information to the end device and at least one of wireless resources handover targets.Type: ApplicationFiled: July 9, 2019Publication date: January 14, 2021Inventors: Manuel Enrique Caceres, Taussif Khan, Warren Hojilla Uy, Mauricio Pati Caldeira de Andrada
-
Publication number: 20200412539Abstract: A device that includes a secure element or a secure environment receives a token for authenticating a user that has an account with a service provider. The device generates, based on the token, a set of keys that include at least a private key and a public key. The device performs a key authentication procedure to compare the set of keys and a configured set of keys and selects a public key, of the set of keys or the configured set of keys, based on a result of the key authentication procedure. The device causes a device identifier of the device and the public key to be provided to another device that uses the device identifier and the public key to perform an authentication procedure to authenticate the user. The device receives, from the other device, an indication of whether the device is connected to a network.Type: ApplicationFiled: June 26, 2019Publication date: December 31, 2020Inventors: Warren Hojilla UY, Manuel Enrique CACERES, Bruno MENDEZ