KR102087466B1 - Systems and methods for providing conditional access to transmitted information - Google Patents

Abstract

The present invention is based on various considerations, including the requested service type, user type, device type, software application type, payment, and / or other features associated with a particular software application or such software application, or at a receiver. A system, method, computer program product, and means for controlling access to location information from another external device. The invention also relates to a system, method, computer program product and means for performing secure data transfer for a particular application, among other applications.

Description

SYSTEM AND METHOD FOR PROVIDING CONDITIONAL ACCESS TO TRANSMITTED INFORMATION {SYSTEMS AND METHODS FOR PROVIDING CONDITIONAL ACCESS TO TRANSMITTED INFORMATION}

The present invention relates to a positioning system and method. In particular, and not by way of limitation, the present invention is directed to a system and method for controlling access to location information.

Systems for providing location information are known in the art. For example, wireless-based systems such as LORAN, GPS, GLONASS and the like have been used to provide location information for people, vehicles, equipment and the like. However, these systems are subject to restrictions related to factors such as location accuracy, transmitted and received signal levels, channel problems such as radio channel interference and / or multipath, device power consumption, and the like.

Determining the exact location of a mobile subscriber is a very difficult problem. If the subscriber is indoors or is in an impaired downtown, the subscriber's mobile device may not be able to receive signals from the GPS satellites or the network will rely on less accurate network-based triangulation / multilateral surveying methods. Also, if a subscriber is in a multi-storey building, knowing that such subscriber is in the building and not knowing what floor it is will cause delays in providing emergency assistance (potentially life-threatening). Clearly, the subscriber's computing device (e.g., mobile computing device) assists to speed up the location processing, provides more accuracy (including vertical information), and addresses the problem of location determination in cities and buildings. We need a system that can solve it. In addition, location information transmitted in a system such as GPS can be readily used on various devices without the option to specify which device can access the location information, in particular which software application on the device can use the location information. The absence of this provision imposes a bandwidth burden on network operators, where many applications in many devices transmit location information over a network to third party services associated with these applications. Having the ability to define location information usage allows network operators to maintain better levels of service for their customers while reducing unnecessary bandwidth usage. In addition, providing better control to the network operator would allow per-manipulation at the application level or service level for each user device or for each user of the user device. Accordingly, there is a need for improved positioning systems to solve these and / or other problems with existing positioning systems and devices.

Systems, methods, and computer program products, including computer usable media, have computer readable program code, the code being adapted to execute a method for providing conditional access to location information for a computing device. For example, certain features of this disclosure relate to systems, methods, and computer program products for controlling access to location information by one or more applications. Such systems, methods, computer program products and means may use the first key to decrypt a first set of encrypted location signals received from a network of terrestrial transmitters. Such systems, methods, computer program products and means further determine position information from the first set of decoded position signals, and identify the first set of position information, wherein the first set of position information is a first application. Is identified based on the first level of service associated with the. Such systems, methods, computer program products and means further encrypt the first set of location information using the second key and provide the encrypted first set of location information to the first application. Various additional features and functions are described in detail below with reference to the accompanying drawings.

In the following description, the present invention will be described in detail with reference to the accompanying drawings.
1 shows details of a terrestrial position / positioning system in which an embodiment is realized;
2 illustrates certain details of one embodiment of a terrestrial position / positioning system in which an embodiment is realized;
3 shows a transmitter / beacon;
4A illustrates details of an embodiment of a receiver;
4B illustrates details of an embodiment of a receiver / user device and other components located outside the receiver / user device;
4C illustrates details of another embodiment of a receiver and other components located external to the receiver / user device;
5A illustrates a process for determining location information associated with a receiver and controlling access to such location information at reception;
5B illustrates a process for distributing location information for an E-911 call;
5C is a diagram illustrating processing for a key not provided;
5D is a diagram illustrating processing for a key not provided;
6 illustrates an access for providing conditional access to location information;
7 illustrates a process for providing a conditional process proof;
8 is a diagram for explaining a process for processing positional information;
9 illustrates a data type for a user during conditional access processing;
10A is a diagram for explaining a packet structure;
10B illustrates a series of bits for use in accordance with certain features;
FIG. 11 illustrates a process for providing conditional access to location information at a receiver / user device. FIG.

Various features of the present invention are described below. The techniques herein can be embodied in a wide variety of forms, and any specific structure, function, or both, described herein, is merely illustrative of examples. Based on the teachings herein, those skilled in the art will appreciate that any feature herein may be practiced independently of other features, and that two or more of these features may be combined in various ways. For example, one system may be realized or one method may be practiced using some of the features disclosed herein.

As used herein, the term “exemplary” is used as an example, case or description. Features and / or embodiments described herein as "exemplary" are not necessarily to be construed as preferred or advantageous over other features and / or embodiments.

survey

The present specification provides signaling for location determination using a wide array of transmitter arrays that communicate with receivers (also used in user devices, user terminals / UEs, or similar terms), such as cellular phones or other portable devices, and high precision location. A location system and method for determining location information. The location signaling service associated with certain features may use a broadcast-only beacon / transmitter configured to transmit an encrypted location signal. Receivers with the appropriate chipset can receive and use positioning signals based on air-link access authentication technology, which authenticates by decrypting the position signals using a stored copy of the air-link access certificate (ALAC). Include. Once decrypted with ALAC during the initial decryption phase, the receiver is a software application that operates on the receiver based on additional decryption steps using an authorized service level certificate (ASLC) associated with the particular software application. Conditional access to the

Various components in the receiver can be used to perform the decryption step. For example, the decoding of the broadcast signal may occur on a GPS chip (eg, on a GPS chip) in cooperation with ALAC provided as formware in a secure hardware area. In comparison, decryption of location information using an ASIC can occur in another chip (eg, a receiver's processor) in cooperation with an ASIC that is not provided as formware (eg, through different levels of software). Accessible). Of course, one of ordinary skill in the art would be able to contemplate other alternative configurations.

Once decrypted, the location information can be processed by a processor (eg, a positioning engine) to calculate various positioning signal data such as latitude, longitude and altitude with respect to variable accuracy. An example of altitude calculation was filed Nov. 14, 2011, US Patent Application No. 13 / 296,067, entitled “WIDE AREA POSITIONING SYSTEMS,” which is incorporated herein by reference. Two-step decoding of position information at the receiver provides several advantages over the prior art. For example, the feature of two-step decryption allows a transmitter and / or receiver to provide a positioning signal to an authenticated receiver and / or to an authorized software application (hereinafter referred to as an "application") and to an unauthorized receiver and Deny access to unauthorized applications. Similarly, access to location information may be adjusted based on the user requesting access, or other kinds of considerations.

Coordinating access to location information based on authentication allows carriers and application developers to provide multiple step-level services that can be purchased based on other business agreements. Different level levels are associated with levels of accuracy, cover area, shelf life, usage, period of use, or other considerations.

Two-step decryption of the location information at the receiver also reduces the likelihood that an unauthorized user (eg, a hacker) accesses and uses the location information, resulting in a loss of revenue.

Achieving this advantage should be balanced with the performance requirements of the positioning system. Depending on certain features, the encryption and decryption steps performed in the system may not include a system performance matrix such as the time to first fix (TTFF) of the receiver location or the accuracy of any location fix. Thus, the various conditional approaches described herein can be limited based on the processing power of a particular receiver, which can rule out a process-intensive encryption process.

According to another feature, the conditional access feature can be used on a variety of device platforms and can support the delivery model identified in the use cases described herein. Other features may include producer-based or consumer-based receiver provision (in addition to re-provision), to support the conditional approach described herein. For example, various provided embodiments are described herein. Importantly, any of the conditional access processes described herein must meet E-911 functional requirements.

Various additional aspects, features, and functions are described with reference to the accompanying drawings. Although the details of the disclosed embodiments vary and are within the scope of the claims, those skilled in the art will understand that the drawings depicted herein do not suggest limitations on the scope of use or functionality of the features of the invention. These drawings and the descriptions thereof are also not to be construed as having any dependency or requirement with respect to any one or combination of components described in such drawings.

In the following description, numerous specific details are set forth in order to provide a possible understanding of the system and methods described and a detailed understanding thereof. However, one of ordinary skill in the art appreciates that these embodiments may be practiced without one or more of the specific details or with other components, systems, and the like. Moreover, well-known structures or operations are not shown or described in detail in order to avoid obscuring the features of the embodiments.

System features

1 is a diagram illustrating details of a position / positioning system 100 in which various embodiments are implemented. A positioning system, also referred to as a wide area positioning system (WAPS), or simply "system", is typically a terrestrial synchronized beacon (also called a "transmitter"), and acquires and tracks signals provided from beacons and / or other positioning signaling. And a network of user devices (also referred to simply as receiver devices or receivers) configured to provide such positioning signaling provided by satellite systems such as satellite positioning systems (GPS) and / or other satellite or terrestrial based positioning systems. Can be. Receivers optionally include a location calculation engine to determine location / location information from signals received from beacons and / or satellite systems, and system 100 may further include a server system in communication with various other systems. These various other systems include network infrastructure, beacons, and / or other networks, such as the Internet, cellular networks, wide area or regional networks, and / or other networks. The server system includes various system-related information such as a tower index, a billing interface, one or more cryptographic algorithm processing components, the cryptographic algorithm being based on one or more proprietary cryptographic algorithms, a location calculation engine, And / or other processing components to facilitate location, movement and / or positioning for the user of the system.

As shown in the example system 100, the beacon may be in the form of multiple transmitters 110, and the receiver unit may be in the form of one or more user devices 120, which may receive signaling from the transmitter 110. Receive GPS, or optionally, satellite, or other satellite system signaling, cellular signaling, Wi-Fi signaling, Wi-Max signaling, Bluetooth, Ethernet, and / or other data or information signaling known or developed in the art. It may be any of a variety of electronic communication devices configured to. Receiver unit 120 may be in the form of a cellular or smartphone, tablet device, PDA, notebook or other computer system, digital camera, asset tracking tag and ankle bracelet and / or similar or equivalent device. In some embodiments, the receiver unit 120 may be an independent location / positioning device configured to receive signals from the transmitter 110 only preferentially and determine the location / position based at least in part on the received signals. As described above, receiver unit 120 may also be referred to herein as a “user equipment” (UE), a handset, a smartphone, a tablet, and / or a “receiver”.

Transmitter 110 (which may also be referred to as a "tower") is shown via multiple communication links 113 as shown, with only a single receiver unit 120 in FIG. 1 for illustrative purposes. Although shown, a typical system is configured to send a transmitter output signal to a receiver) which will be configured to support a large number of receiver units within a given cover area. The transmitter 110 may also be connected to the server system 130 via a communication link 133, and may be network-based (via a wired connection, cellular data connection, Wi-Fi, Wi-Max, or other wireless connection). 170 may have another communication connection (not shown).

One or more receivers 120 may receive signaling from the respective transmitter 110 via a corresponding communication link 113. In addition, as shown in FIG. 1, the receiver 120 is also a cellular network signal, a Wi-Fi network signal, for example, via a communication link 163 from a cellular base station (also known as a NodeB, eNB, or base station). And other signals, such as pager network signals, or other wired or wireless connection signaling, and satellite signaling via satellite communications link 153, such as GPS or other satellite positioning systems. The satellite positioning signaling shown in the example embodiment of FIG. 1 is shown to be provided from a GPS system satellite 150, and in other embodiments, such signaling is provided from another satellite system, and in another embodiment, From a terrestrial-based wired or wireless positioning system or other data communication system.

In an example embodiment, the transmitter 110 of the system 100 is configured to operate with an exclusive license or a shared license / unlicensed radio spectrum; However, certain embodiments may be practiced to provide signaling in an unlicensed shared spectrum. Transmitter 110 may be implemented to provide signaling in these various radio bands using novel signaling as described later herein. Such signaling may be in the form of a proprietary signal configured to provide specific data in a defined format that is beneficial for locating and navigational purposes. For example, as described herein, such signaling is configured such that traditional satellite location signaling is particularly desirable for operating in disturbed environments such as being attenuated and / or impacted by reflections, multipaths, and the like. In addition, such signaling may be configured to provide fast acquisition and location determination to allow for fast positioning, reduce power consumption, and provide other benefits when the device is powered up or there is location activation.

Various embodiments of WAPS can be combined with other positioning systems to provide improved positioning and positioning. Alternatively, or in addition, the WAPS system can be used to assist other positioning systems. In addition, information determined by the receiver unit 120 of the WAPS system may be provided via other communication network links 163 such as cellular, Wi-Fi, pager, etc., to provide location and location information to the server system (s) 130. And report to other network systems that are present or connected to network infrastructure 170. For example, in a cellular network, cellular backhaul network link 165 may be used to provide information from receiver unit 120 to associated cellular carriers and / or other devices (not shown) via network infrastructure 170. Do it. It may be used to locate the receiver 120 accurately and quickly in an emergency, or may be used to provide location-based services or other functionality from a cellular carrier or other network user or system.

In connection with this disclosure, a positioning system is to locate one or more latitude, longitude, and elevation coordinates, which may be one-, two-, or three-dimensional coordinate systems (eg, x, y, z coordinates, angular coordinates, etc.). In addition, when the term "GSP" is cited, it is understood in the sense of 'Global Navigation Satellite System', which means that other existing satellite positioning systems such as GLONASS and future positioning such as Galileo and Compass / Beidou It includes the system. Also, as noted above, in some embodiments, other positioning systems, such as terrestrial-based systems, may be used in addition to or instead of satellite-based positioning systems.

The WAPS embodiment includes multiple towers or transmitters, such as multiple transmitters 110 as shown in FIG. 1, which converts WAPS data positioning information, and / or other data or information into the transmitter output signal, as a transmitter output signal. Broadcast to. Such positioning signals can be adjusted to be synchronized across all transmitters in a particular system or area cover area and can use a trained GPS clock source for timing synchronization. WAPS data positioning transmissions include the specified communication channel resources (eg time, code and / or frequency) to transmit data required for triangulation, to notify subscriber / subscriber groups, to broadcast messages, and / or to WAPS networks. To facilitate normal operation. The content of WAPS data positioning transmission is disclosed in the related application.

In a positioning system using a difference in arrival or triangulation, such positioning information transmitted includes one or more precise timing sequences and positioning signal data, which may be located at the transmitter and in various ways. Timing corrections and other related data or information. In one WAPS embodiment, the data is associated with notification / access control messages, general broadcast messages, and / or other data or information related to system operation, users, interfaces with other networks, and other system functions for a group of subscribers. It can include the same additional message or information. The positioning signal data can be provided in a number of ways. For example, the positioning signal data may be modulated in a coded timing order, added or superimposed timing order, and / or associated timing order.

The data transmission methods and apparatus described herein can be used to provide improved location information throughput for WAPS. In particular, higher dimensional modulation data may be transmitted as pseudo-noise (PN) range data as a separate part of the information. This can be used to allow for improved acquisition speed in systems using CDMA multiplexing, TDMA multiplexing, or a combination of CDMA / TDMA multiplexing. The disclosure disclosed herein is described in connection with a wide area positioning system, wherein the multiple towers broadcast synchronized positioning signals to the UE, in particular using terrestrial towers; However, the embodiment is not so limited and other systems may be implemented without departing from the spirit and scope of the invention.

In an exemplary embodiment, WAPS uses encrypted modulation sent from a tower or transmitter, called spread spectrum modulation or pseudo-noise (PN) modulation, to achieve optical bandwidth. Corresponding receiver units, such as receiver or user device 120, include one or more components for processing such signals using, for example, a spreading circuit such as a matched filter or a series of correlators. Such a receiver ideally generates a waveform with strong peaks surrounded by lower level energy. The arrival time of the peak is representative of the arrival time of the transmitted signal at the UE. Performing this operation on multiple signals from multiple towers whose location is known accurately allows the determination of the receiver position via triangulation. In addition to signal processing received at a receiver such as receiver 120, various additional details regarding the generation of WAPS signals at a transmitter such as transmitter 110 are described in detail below.

In one embodiment, WAPS may use binary encrypted variables as a spreading method. The WAPS signal of the exemplary embodiment may include two specific kinds of information: (1) a high precision range signal (which can be communicated faster than other signals), and (2) a transmitter ID and location. Environmental conditions such as location data, time of day, health, atmospheric information (eg, pressure, temperature, humidity, wind direction and strength, etc.). WAPS, similar to GPS, transmits location information by modulating a fast binary pseudo random ranging signal with a low speed information source. In addition to such applications, integrated applications disclose embodiments of methods using pseudo random ranging signals and modulation information signals, all of which use higher dimensional modulation, such as fourth or eighth order modulation. In one embodiment, this ranging signal is a modulated binary step and the positional information is provided as a separate signal using higher dimensional modulation.

Conventional systems use the format of a location location signal (eg, used in time division multiplexing (TDMA)), where each slot transmission includes a pseudo random ranging signal followed by various types of location data. These conventional systems also include a sync. Signal, which can be deleted if a pseudo random ranging signal is used as the sync signal. However, as in other previous systems, the location data of these conventional systems is binary, which limits throughput. These systems also transmit a large number of binary bits while the location data is being transmitted.

To address these limitations, in an exemplary embodiment, a binary or quaternary, pseudo-random signal may be sent to a particular slot, followed by a very high dimensional modulated data signal. For example, one or more location information symbols in a given slot may be transmitted using differential 16-step modulation to transmit 4 bits of information per slot. This represents a 1 bit to 4 times throughput improvement typically transmitted when binary phase modulation is imposed on the pseudo random carrier. Other kinds of location information modulation, such as 16 QAM, may also be used. Also constant error control modulation methods such as Trellis codes can be used for higher level modulation. These modulation methods generally reduce the error rate.

2 illustrates certain features of a positioning system 240 configured to perform the conditional access process described herein. As shown in FIG. 2, such a positioning system 240 may perform various functions. For example, such a positioning system 240 may produce and make available ALACs, and may be a producer and / or service provider in an ALAC block for addition to a user device 220 (eg, GPS FW image). 230 may be generated and provided separately. ALAC can be implemented in a device-specific manner, including the use of device identifiers, and device-specific algorithms, to provide an additional layer of protection for ALAC. Such positioning system 240 may further operate the billing and auditing system to track the use of the positioning function provided by the positioning system 240 and to bill for such use.

The positioning system 240 generates an ASLC and sends the ASLC to the producer 210, the user device 220, the service provider 230, and / or the external entity 250 (eg, an application developer or provider). Can be made available. The ASLC may be assigned a serial number to include a unique device identifier such as IMEI, MAC-Address, and so on.

Such a positioning system 240 may generate and manage developer keys, SDKs, and APIs for external entities that wish to include location information into a downloadable application. Each developer key may have several associated ASLCs based on the service level of the associated application. Each application ASLC may include the developer as a unique identifier, and may also contain other unique IDs. Such positioning system 240 may also maintain a server to handle requests from applications used in fields for dynamic transmission of ASLCs (eg, user device 220) to user device 220. .

Producer 210 may require one or more ALACs and ASLCs (e.g., obtained or maintained independently from positioning system 240 or generated and maintained independently) to formware ("FW") and software ("SW"). You can send images to the receiver together. The producer 210 may also load the library as an image. Producer 210 may include a chipset supplier, a device OEM, an OS provider. By comparison, the same ALAC can be used for all transmissions from all transmitters, and different ASLCs can be used for each application in each receiver and based on a specific user account. Both ASLC and ALAC can be encrypted or otherwise protected from unauthorized access at the UE.

The server provider 230 may provide various services to the user device 220, including cellular services and web-based services. Additional services include wireless or wired delivery of content (eg, video content, audio content, image content, text content, other content). The service provider 230 may store an ASLC related to an application provided to the user device 220. The service provider 230 may also enable Control-Plane (c-Plane) messaging flow for E-911 and network management when applicable. Service provider 230 may further enable User-Plane (u-plane) via SUPL messaging flow for in-house LBS.

The external entity 250 may include a provider that provides various location services to the user through the receiver of the user. For example, external entity 250 may include a PSAP, a location-based advertising network, an LBS application developer / publisher, and the like. Such location system 240 and service provider 230 may provide external entity 250 with a range of services including location assistance, ASLC attestation and provision, value added services, billing services, and auditing services.

The user device 220 may include a smartphone, a tablet, and a connected computing device. User device 220 may be configured to control access to location information by individual applications (eg, e-911, network management (NW), or LBS). Control of such access can be accomplished using an ASLC that is imaged and downloaded in formware after the user device 220 is produced and commercially used. As shown, the driver and library layers manage ASLC for multiple applications and users on the device, decode the location information, and limit the use of the location information decrypted by the application based on the permissions indicated by the ASLC. It can be helpful. For example, the library may associate ASLCs with related applications (eg, E911, network management, LBS, etc.) and may pass appropriate location information to the application or mediate such delivery.

Various system features have been described above, including transmitters and receivers. 3 and 4A, 4B, and 4C described above provide a more specific description of the implementation of the transmitter and the receiver.

3 is a diagram illustrating details of one embodiment 300 of a beacon / transmitter system. The same location / positioning signal is sent from the same system. The transmitter embodiment 300 communicates with the transmitter 110 shown in FIG. 1. Transmitter embodiment 300 includes various components for performing related signal reception and / or processing; However, in other embodiments, these components are otherwise combined or otherwise adjusted to provide similar or equivalent signal processing, signal generation, and signal transmission.

Although not shown in FIG. 3, the transmitter / beacon embodiment 300 receives GPS signals and processes components (not shown) from location information and / or timing data, precision disturbance (DOP) data or from GPS or other positioning systems. It may include one or more GPS components for providing other data or information provided by. Although transmitter 300 is shown as having a GPS component in FIG. 3, other components for receiving satellite or terrestrial signals and providing similar or equivalent output signals, or other information, may optionally be used in various embodiments. GPS or other timing signals may be used for precise timing operation within the transmitter and / or for timing correction in a WAPS network.

Transmitter 300 may also include one or more transmitter components (eg, RF transmission component 370) for generating and transmitting a transmitter output signal as described below. The transmitter component may also include various elements known or developed in the art for providing an output signal to a transmitting antenna, and include analog or digital logic and power circuits, signal processing circuits, tuning circuits, buffers and power amplifiers, and the like. do. Signal processing to generate an output signal may be performed in a processing component (not shown), which in some embodiments may be combined with another component described with respect to FIG. 3, and in other embodiments multiple signals. It may be a standalone processing component for performing processing and / or other computational functions.

One or more memories (not shown) may be coupled to one processing component (not shown) to provide storage and acquisition of data and / or to store and obtain execution instructions in the processing component. For example, such a command may be a command for performing various processing methods and functions described below, and may be a command for determining location information and other information related to a transmitter, where other information refers to a local environment. It may be a condition such as a condition, and may be a command for generating a transmitter output signal to be sent to the user device 120 as shown in FIG.

Transmitter 300 may include one or more environmental sensing components (not shown) for sensing or determining conditions associated with the transmitter, such as, for example, local pressure, temperature, humidity, wind, or other (collective or discrete, "wait") conditions. May not be included). In an example embodiment, atmospheric (eg pressure) information may be generated in an environmental sensing component and provided to a processing component to integrate with other data in the transmitter output signal as described below. One or more server interface components (not shown) may also be included within the transmitter 300 to provide an interface between the transmitter and the server system to a network infrastructure, such as the network infrastructure 170 shown in FIG. The server system is the same as the server system 130 shown in FIG. For example, system 130 may send data or information related to the location system and / or user device to transmitter 300 via the transmitter's interface component.

Each of the transmitters 300 can send data at the physical layer at an adjustable number of bits per slot per second (eg, 96 bits per slot or more per second), each of which includes its location information and that is different from other transmitters. Can be independent The transmitter 300 may include various components for generating, encrypting, protecting, modulating and transmitting data. For example, the transmitter 300 may include a data generation component 310 for generating location information, an encryption component 320 for encrypting location information based on a specific air-link access credential (ALAC), and for storing ALAC. Access proof storage component 330, and other components such as packet ID / CRC component 340, encoding, puncturing and interleaving component 350, modulation component 360, and RF transmission component 370. . Components 340 and 350 provide forward error correction (FEC) and CRC methods along with other data formatting methods to reduce the effects of fading, path loss, and other environmental conditions. Component 360 provides modulation in the data.

Although modulation and signal structure vary and a variable number of bits per frame may be used, 190 bits per frame may be used for transmission from the transmitter 300. For example, 102 data bits may be used after encoding the overhead, of which seven bits are reserved for decrypted frame information, which leaves 95 bits for encrypted location information. It is recommended that encryption be used minimally to maintain low overhead. For example, one encryption rate may be about 95 bits every three seconds. The transmission repeats itself for several periods (10 or 30 seconds) before the data is changed. Various payloads are expected, including: latitude, longitude, altitude, pressure, temperature, transmission correction, and transmission quality. Additional payloads may include security information, service IDs, conditional access data (eg, ASLC, information). These various payloads are divided into segments through multiple slots. One technique is to know different payloads, different number of bits, and various ways of packing payloads.

In some cases, a request for an n-bit indicator to indicate the type of packet being sent, such as what kind of information will be transmitted through multiple packets, or how many packets with the same information are related to each other There is. The packet structure includes an n-bit indicator as such at some point in the packet. FIG. 10A shows an example of a packet structure showing four packet type indicator bits, and another bit, and FIG. 10B illustrates an example of a series of packets using a 4-bit packet type indicator.

As shown in FIGS. 10A and 10B, four bits indicate a packet type and the main packet payload may include 98 bits. The 4 bits can be decrypted, a packet type of '0' can be decrypted, and a packet type of '1' can be encrypted. For example, for a packet type other than '0' or '1', for example, but not limited to, the fifth bit may be an encryption bit and may indicate whether such a packet is encrypted or not. This bit can be decoded. The sixth bit may be a start bit, which may indicate whether it starts a new packet 1 or is a continuation of a previous packet (0). This bit can be decoded. The seventh bit may be a stop bit, which may indicate whether it is the last packet (1) or not (0). This bit can be decrypted. The next 95 bits contain the main packet payload, which can be encrypted if the encryption bit is 1, and not encrypted if the encryption bit is 0. This payload may optionally include the index of the current packet and / or the total number of packets expected by the currently sent information.

4A is now described. 4A illustrates the characteristics of the receiver 400 and allows the transmitter signal to be reached and processed at the receiver to determine location / position information (eg, on behalf of an E-911 or LBS application).

Receiver embodiment 400 communicates with user device 120 as shown in FIG. 1 and includes one or more GPS components 480 to receive GPS signals and provide location information and / or other data. . The location information and / or other data here is such as timing data, precision disturbance (DOP) data, or other data or information provided from a GPS or other positioning system to a processing component (not shown). Of course, other global navigation satellite systems (GNSS) may be envisioned and it should be understood that the disclosure related to GPS also applies to these other systems. Although receiver 400 is shown in FIG. 4A with a GPS component, other components for receiving satellite or terrestrial signals and providing similar or equivalent output signals, data, or other information may be used alternately in various embodiments. Of course, all location processors may be adapted to receive and process the location information described herein.

Receiver 400 may also include one or more cellular components 490 to send and receive data or information via a cellular or other data communication system. Optionally or in addition, a communication component (not shown) for the receiver 400 to send and / or receive data over another wired or wireless communication network, such as Wi-Fi, Wi-Max, Bluetooth, USB, or other networks. ) May be included.

Receiver 400 includes one or more components indicated by dashed border 420 (hereinafter referred to as “component 420”) and is configured to receive signals from terrestrial transmitters, such as transmitter 110 shown in FIG. The signal may be processed to determine the location / location information described herein. Component 420 shares resources such as antennas, RF circuits, and the like with other components shown in FIG. 4A. For example, component 420 and GPS component 480 share some or all of the radio front end (FRE) component and / or processing elements. One processing component (not shown, but referred to as having processing functionality at the receiver 400) integrates some or all of the components, or resources with some or all of the component 420 and / or the GPS component 480. Share to determine location / location information and / or perform other processing functions described herein. Similarly, cellular component 490 may share RF and / or processing functionality with RF component 410 and / or component 420. Network component 460 is also shown, which represents a local, wide area, or other network using some kind of wired or wireless communication path. Components 410, 420, 460, 480, and 490 communicate data to location engine 440, respectively, which uses the data to determine the estimated location of receiver 400. The position engine 400 may be implemented as known in the art or may be developed later in the art and includes an implementation that includes a processor configured to calculate a predicted location.

For example, in one embodiment, component 490 securely delivers positioning data via a control plane or user plane, or the data can be obtained directly via an internet link. Data over the interface between the component 490 and the cellular modem may also be protected through interface encryption / decryption specific to the receiver 400.

One or more memories 430 may be combined with processing components (not shown) and other components to provide storage and acquisition of data, and to provide storage and acquisition of instructions for execution in the processing component. For example, such instructions may perform the various processing methods and functions described herein, which include decoding location information and determining location information. Thus, certain components included in component 420 (eg, components 421-424) may perform processing of location information, decryption keys, and / or other information described. Some and all of these processes can be performed alternately in a standalone processor (not shown).

Location data, including location estimates or information used for remote location calculations, may be generated using industry standard protocols such as control-plane signaling or user plane (SUPL) signaling or Internet / data protocols or combinations thereof. Are sent to these remote components.

Receiver 400 includes one or more environmental sensing components (not shown) and conditions related to the receiver such as, for example, conditions related to local pressure, temperature, humidity or other conditions used to determine the location of the receiver. Detect or determine. In an example embodiment, pressure information may be generated at an environmental sensing component and used to determine location / location information in cooperation with a received transmitter, GPS, cellular or other signal.

Receiver 400 further includes various additional user interface components, such as user input components (not shown), which may be in the form of a keypad, touchscreen display, mouse, or other user interface element. Audio and / or video data or information may be provided at an output component (not shown), which may include one or more speakers or other audio transducers, one or more visual displays, such as a touch screen, and / or It may be in the form of other user I / O elements known or developed. In an example embodiment, such an output component can be used to visually display location / location information determined based on the received transmitter signal, wherein the determined location / location information is also a carrier or other device associated with the cellular component 490. Can also be sent to.

Receiver 400 may include other various components configured to perform various features in the specification, including the processing described in FIGS. 5A, 6, 7 and 8. For example, such a component 420 may be configured to modulate an RF signal received from the RF component 410 and to evaluate a time of arrival (TOA) for later use to determine a location. ) May be included. The signal processing component 421 may further include a pseudorange generating component 421b and a data processing component 421c. Such pseudorange generating component 421b generates " raw " positioning pseudorange data from the evaluated TOA, modifies the pseudorange data, and sends such pseudorange data to positioning engine 440. It is configured to provide. The positioning engine uses the pseudo distance data to determine the location of the receiver 400. The data processing component 421c is configured to decrypt the decrypted location information, extract encrypted packet data from the encrypted location information, and perform error correction (eg, CRC) on the data. This data processing component 421c outputs the encrypted packet data to the first encryption component 422.

The first encryption component 422 is configured to at least decrypt location information from the encrypted packet data based on the ALAC stored in the memory 430. Multiple ALACs are stored in the receiver 400, only one of which is applicable at a given time, and allows the first encryption block 422 to determine the corrected ALAC key to use using various features. The data packet itself may have a CRC / Digest field that passes a check only when a calibration ALAC key is applied. When a CRC / Digest field does not exist due to packet content limitations, the individual fields of the decrypted packet are checked against the expected value range of the field. In addition, because the receiver can obtain packet data from multiple transmitters close to the receiver, the location information from the multiple transmitters can only be determined by the distance from the transmitter, the area identifier, and others when the correct ALAC key is selected. Will pass the same consistency check. The first encryption component 422 can also receive an indication that an emergency 911 call has begun, and output the decrypted location information to the appropriate processing component associated with the E-911 procedure.

In FIG. 4A component 420 further includes a second cryptographic component 423 configured to decrypt some or all of the location information based on the appropriate ASLC stored in memory 430. The ASLC can be determined by which application requests location information or location fixation. For example, an ASLC may be associated with an LBS application or an E-911 at the receiver 400.

Once the location information has been decrypted by the second encryption component 423, the decrypted location information can be translated into location information (eg, latitude, longitude, altitude, pressure, temperature, humidity, system time, timing calibration and / or transmitter). Output unit 424, which determines a discrete data unit of ID). The specific data unit of the location information may then be sent to the location engine 440 based on the service level indicated by the ASLC for the application that requested access to the location information.

 This location engine 440 is configured to process location information (and, in some cases, GPS data, cell data, and / or other network data) such that the receiver is within certain limits (e.g., accuracy level, etc.). 400) to determine the position. Once determined, location information is provided to the application 450. Those skilled in the art will appreciate that the location engine 440 means any processor capable of determining location information, including a GPS location engine or other location engine. The location of the various components shown in 4A can be in different chip spaces in the receiver.

As described elsewhere herein, and as described again herein, each application at the receiver 400 requires its own ASLC to access location information, to determine the location of the receiver 400. do. With respect to some features, one ASLC may be used by multiple applications and multiple ASLCs may be used by one application, but such is the case for other users or under different circumstances. ASLC may be used to limit the use of specific location information for a certain time and in a particular service area.

 E-911, network support and LBS applications / services are handled separately from each other, each of which ASLC is loaded into the formware of the receiver 400 or into memory after manufacture of the receiver 400. Each ASLC provides its own location information supply for each application / service. Separate processing paths are used to further separate these applications / services.

Receiver 400 may have limited hardware / software capabilities designated for location determination. The total space available for the conditional access feature described herein may be about 32 kilobytes. Other total spaces are also considered.

The location information may be processed by a GPS processor, an application processor or an external server. According to one feature, the features described herein are performed at the receiver or in cooperation with a GPS integrated circuit (IC). For example, a host processor may be used at the receiver to communicate with the GPS IC over a bidirectional serial link. Latitude and longitude can be transmitted using this serial link along with other information. The serial link can be used for certificate exchange (eg ASLC) to a GPS IC. The GPS IC can demodulate the signal received from the transmitter to examine the transmitter (e.g., through correlation with the PN sequence) and obtain a physical layer payload, where the received signal is in encrypted form. (In accordance with the embodiments described herein). The decryption engine may decrypt the data before presenting it to the next processing layer, which may be a location engine. Such a location engine can use the decrypted data to calculate the receiver location. Various engines may be provided by the GPS IC or by other receiver circuits.

4B, which shows the receiver 400 in the first position, is now illustrated, which further illustrates components in other positions away from the position of the receiver 400. FIG. Receiver 400 and other components may determine location information based on processing of the transmitter signal collectively or individually. Certain features of FIG. 4A are also shown in FIG. 4B. Thus, the description of these features with respect to FIG. 4A extends to these features in FIG. 4B, but not all of these features are the same.

As shown in FIG. 4B, receiver 400 includes an interface (I / F) encryption / decryption (also referred to as “scramble / descramble”) component, which crosses the interface boundary where data is not protected. Protects data when it is being used or when it is communicated through an unprotected communication channel. In some cases, these I / F components may operate via I / F keys generated independently by each of the receivers 400.

4B provides a position calculation at the receiver 400 prior to the second encryption component 423a, which component does not present the result of the position calculation at the application 450 or the receiver 400 at the receiver 400. Provided by application 499a. Optionally, the location calculation may be performed by a remote component (e.g., remote location engine 440b of the server) using location data received from receiver 400, whereby remote location calculation is performed by the receiver ( May be sent back to 400 or may be used by the remote application 499b.

Data transfer between the components shown in dashed lines in FIG. 4B may be performed directly between these components or may be performed through an intermediate component (eg, RF component 410 or network component 460). Do. Dotted lines indicate alternative implementations. For example, the application manager 498a may receive location data from the second encryption component 423a, after which the application manager 498a causes the location data to be delivered to the remote application service 499a (eg For example, a network component 460, or an RF component 410, or other component in a receiver 400). The remote application service 499a then uses the location data (eg, location assessment) to provide e911 or LBS services in connection with the receiver 400.

In another embodiment, the application manager 498a receives data directly from the data unit output component 424 or performs data through an intermediate component (eg, an I / F encryption component), and then the application The manager 498b may allow such location data to be passed to a remote location engine 440b that calculates the estimated location of the receiver 400 (eg, latitude, longitude, altitude of the receiver 400). The remote location engine 440b may perform such location assessment via the second cryptographic component 423a (eg, via the network component 460, or the RF component 423b, or other components at the receiver 400) or these. The component may send to the second encryption component 423b for further processing. For example, the second encryption component 423b may be one or more application services 499b or an application 450 running on the receiver 400 (eg, the network component 460 or the RF component 410 or Control access to the position estimate by way of the delivery of the position estimate via another component in the receiver 400). The remote application service 499b or application 450 then uses location assessment to provide an e911 or LBS service associated with the receiver 400. All of the remote components may be located together or in different geographical locations.

In FIG. 4B, the first cryptographic component 422 converts the decrypted location information into discrete data units of location information (eg, latitude, longitude, altitude, pressure, temperature, other atmospheric information or measurements, system time, timing calibration, And / or to a data unit output component 424 that determines the transmitter ID). These data units are then sent to location engine 440a or 440b. Such location engine 440a or 440b is configured to process location information (and in some cases, GPS data, cell data, and / or other network data), such that certain limits (eg, accuracy levels, and other limits) are used. ) To determine the location of the receiver 400. Once determined, location information may be provided to the application 450 via second level encryption 423a or 423b (and possibly via another intermediate component). Those skilled in the art will appreciate that location engine 440a or 440b means any processor capable of determining location information, including a GPS location engine or other location engine.

The second encryption component 423a is configured to encrypt certain data using session keys for a particular application or group of applications with a particular service level. The service level may grant access to a subset of data units (eg, latitude, longitude, altitude, accuracy, etc.) for a given application.

After encrypted data (eg, using a session key), the second encryption component 423a may make such encrypted data available to the application 450 and periodically for improved security. can be changed. When a single session key is used for a group of applications, such a session key may change when the ASLC validity expires for a certain application, thus causing the application group to request a new session key.

In one embodiment, the second encryption component 423 validates the ASLC for a particular application before exchanging a session key with the application so that such application can decrypt the data for that application. The second cryptographic component 423 may initially receive an ASLC from the application, or may be instructed to look for an ASLC in memory 430 or elsewhere. Specific encrypted data units for the location information may then be accessible to such applications.

The ASLC indicates a service-level grant for that application. In order to manage access to only the data authorized for a particular application, the second cryptographic component 423a exchanges a session key with the application to send encrypted data according to the authorization indicated in the ASLC for that application.

For the remote application 499a, the remote application manager 499a provides a communication interface for carrying the ASLC and session key between the remote application and the second cryptographic component 423a.

4C is now described. C illustrates various features of the present disclosure in connection with a receiver and other components that send data to or receive data from the receiver. As shown in FIG. 4C, a position signal is obtained from the transmitter (eg, using signal processing to find the transmitter through correlation with the PN). Signal processing may also modulate the signal to obtain the raw arrival time (TOA) and physical layer payload for each transmitter. These signals may be obtained and tracked by various hardware (HW), formware (FW), and / or software (SW) components. For example, the FW and / or HW in a GPS chip may operate to decrypt packets from one of the various sub-frames of the signal transmission and to verify ARC. Optionally, the host processor can decrypt and verify the CRC.

Tracking the HW / FW / SW may be operable to generate raw TOA data and send the original encrypted data (eg, packets) to the decryption component. In certain implementations, the packet ID is not encrypted for all packet types. The original encrypted data can be decrypted using the ALAC key in a specific HW / FW (eg, WAPS specific HW / FW). The ALAC may be encrypted or otherwise wrapped based on the device ID specific to each device or device class. The device specific ID may be used for the authority of the WAPS location service in the device.

The ALAC decryption process, and / or decryption FW / HW / SW are vendor-specific at the chip-level, receiver / handset-level, or carrier-level. The original decrypted data along with the raw TOA measurements are then scrambled (e.g., using a scrambling algorithm and a device generated key), and this scrambled data is then executed on the GPS chip itself through a protected or unprotected data stream. Can be sent to a location library that is being executed or executed in a host processor, or both. Scramble is not necessary when the decryption and location libraries operate on the same HW / FW (eg GPS chip).

The location library can then descramble the raw data and TOA measurements for further use in the library. For example, such descrambled data may be assembled into data units DU 1 to 5 as follows; DU1 (latitude, longitude, altitude (LLA) of the transmitter); DU2 (transmitter pressure / temperature); DU3 (timing calibration for transmitter); DU4 (time of transmitter network (WAPS time)); And DU5 (identifier for transmitter).

Fine TOA is generated using raw and timing calibration from DU3. The positioning engine can use various data units (eg DU1, DU2, DU5) with fine TOA and pressure sensor readings to calculate the LLA of the receiver. DU4 may be used by a positioning engine configured to generate a timing signal (eg, used when the receiver is operating to synchronize with another receiver).

The LLA of the receiver or either DU1 to DU5 is encrypted based on the parameters specified by the ASLC for the requesting application or for a group of applications to which the requesting application belongs. Encryption is performed using a variety of techniques, including random or pre-defined session keys, another key defined by ASLC, or other encryption methods known in the art. Various implementations can be envisioned, including those in which service-level encryption and decryption involves a single application case or multiple different application cases.

In one embodiment, the encrypted data may only include data that may be used for the requesting application specified by the service level of that application. For example, an LLA evaluation of a receiver within a certain level of accuracy may be used (eg, accurate LLA within 100 meters, accurate LLA within 10 meters). In such an implementation, a processor at the receiver may analyze a known LLA with accuracy at x meters and then generate another LLA with accuracy at y meters in accordance with service level authentication. Such an implementation is beneficial when other paid-for service levels relate to variable levels of positioning accuracy.

The positioning engine can generate the best estimate of the reference pressure using the pressure and temperature readings received at DU2 for each of the multiple transmitters. This reference pressure can be sent in encrypted form to the positioning engine, which uses the reference pressure and pressure sensor readings of the receiver to calculate the altitude as described in the included reference.

In some SW architectures, the positioning engine may include additional measurements from other sources in hybrid implementations using signals from Wi-Fi, GPS, WAPS, and other transmitters. Such hybrid location engine may operate in cooperation with a host processor after service-level decryption of an encrypted receiver LLA or other encrypted data (eg, any of DU1 through DU5). Optionally, the hybrid location engine operates prior to service-level encryption, such that access to the resulting data from such hybrid location engines is restricted to authorized applications.

The discussion above with respect to FIG. 4C can be applied to MS-Ass (MS-A), MS-based (MS-B), or standalone user plane call flows. For control plane call flows (e.g., E-911), raw or fine TOA / pseudo-distance form data and altitude evaluation (in MS-S mode), or receiver's LLA behavioral data (MS-based) Mode) is sent to a location determination entity (PDE), a serving mobile location center (SMLC), or another device for location calculation and forwarding to the PSAP. Such transmission occurs over one or more control plane channels of the cellular system.

Although not preferred, location assistance data may be supplied to the location engine using optional communication means such as web-based paths, regional network paths, wide area network paths, and other network paths beyond the RF path. Such transmission may be necessary when there is a low signal condition between the receiver and the transmitter network. When transmitted using the optional communication means, assistance data may be encrypted using a key associated with the ALAC or using an optional key specific to the communication means. Optionally, service-level encryption and decryption can be used when no ALAC is used or a similar key is used.

Although FIG. 4C illustrates other components within other HW / FW / SW, other embodiments may include the various components of FIG. 4C into one or more hardware components, such as a host processor, a GPS chip, or both.

Methodology-related features

5A illustrates network processing details for determining location information associated with a receiver and controlling controlling access to such location information at the receiver in accordance with certain features. Reference is made to FIG. 2 while describing the processing shown in FIG. 5A. Those skilled in the art will understand that the processing flow shown in FIG. 5A is for illustrative purposes and does not limit the scope of the invention to the order of steps shown in FIG. 5A. Thus, the steps may be removed or rearranged, and additional steps not described may be performed within the scope of the present invention.

At step 501, positioning system 240 may generate and maintain information used by the receiver to control access to the location information. As an example, the positioning system 240 can generate an Air-Link Access Proof (ALAC) (or referred to as "system-level key / certificate") and an authenticated Service-Level Proof (ASLC), which proof Based on the limitations specified by the ASLC for the particular application at the receiver that was later used by the UE 220 to request location information, prior to using the location information, the network (eg, service provider 230 and / or Location information received from the positioning system 240. In step 502, the ALAC and ASLC generated in this way are provided to the manufacturer 210, which provides the ALAC / ASLC to the UE 220 in step 503 (e.g., By imaging them in formware).

In step 504 (eg, after the user purchases the UE 220), the UE 220 installs the application or initiates an emergency 911 call. Prior to step 504, such an application is downloaded to the UE 220, although not fully shown. Step 505 is not necessary if an ASLC associated with this application has been provided by the manufacturer. If not, the UE 220 sends a developer key associated with the application to the network. The routing of such developer keys is passed through the service provider 230, the location system 240, and / or the application's developer as an external entity 250 (pathing is not shown). After receiving and verifying the developer key, the network next sends an ASLC for that application to the UE 220, which can store the ASLC.

In step 506, the UE 220 obtains location information from the network. Such location information may be obtained from broadcast signals generated in the location system 240 and / or may be obtained through the service provider 230. Similarly, the UE 220 may request location information or monitor a broadcast for location information.

In steps 507-508, the UE 220 decodes the location information using an ALAC (eg, an ALAC associated with the transmitter that broadcasts the location information) and an ASLC associated with the application at the receiver requesting such location information. can do.

At steps 509-510, the decrypted location information is processed and location information related to the location of the UE 220 is determined (eg, in a location engine).

In the case of a 911 call, in steps 511-512, location information, location information, and / or information used to determine the location (eg, information about the pseudo distance and information about the transmitter whose pseudo distance has been calculated). Is sent to the PSAP operating as service provider 230 and / or external entity 250. If not, then at step 512, for the LBS-based application, location information may remain in the UE 220 to perform location based services, and an external entity to assist in providing location based services from such LBS entity. It may be sent to the LBS entity operating as. Another option for an E-911 call is for the receiver to send an encrypted packet to the server following the raw TOA information. This encrypted packet can be decrypted to extract the information needed by the server to calculate the location solution.

5B illustrates a process for distributing location information associated with a network applicator or E-911. ASLC may or may not be used in an E911 transaction. For example, if an ASLC is used in an E-911 call, a special ASLC can be installed for use in emergency calls with the highest service level and no expiration date.

6 is a diagram illustrating details of a process for providing additional access to location information at a receiver in accordance with certain features. While the processing shown in FIG. 6 is described, reference may be made to FIGS. 2 and 4A-C.

As described above, the encrypted positioning signal data may be transmitted to the receiver (e.g., receiver 400 of Figures 4A-C. Encrypting the positioning signal data securely passes to an authenticated receiver and such However, reliable encryption techniques are not feasible with bandwidth limitations and limitations in processing power at the receiver, so encryption can be significant while using minimal data / packet space and at the receiver. The transmitted data must be protected without requesting decryption, where the receiver typically does not have the processing power to perform reliable decryption for a short time.

Additional encryption may be performed by various parameters (eg, whether the payment associated with the application is valid, the user's current location, whether a fixed amount of location request by the user or application has been exceeded, when the location information was accessed, and so on. Can be used to securely use location information by authenticated applications and users. This second layer of encryption and decryption, which controls the distribution of location information for certain applications while restricting access to such location information by other applications, is a key feature of the various embodiments described herein, which is a network This is because an operator, a carrier, an application provider / developer, or another entity shown in FIG. 2 can moneyize the distribution of location information. In addition, encryption and decryption of the second layer frustrates a variety of potential attempts by unauthorized users (eg, hackers) to access location information for use with unauthorized applications.

6 illustrates two stages of decryption with respect to one feature. Those skilled in the art will appreciate that the changes in FIG. 6 are within the spirit of the invention. In step 610, the receiver starts a first application (eg, in response to user input, automatically in response to a desired condition). The receiver then determines whether a copy of the ASLC associated with the first application has been stored in the receiver's memory (eg, memory 430 of FIGS. 4A-C). If such a copy exists, the receiver is provided with an ASLC, and step 630 is executed. Otherwise, the receiver is “not provided” and step 620 is executed.

In step 620, the receiver obtains a copy of the ASLC from the network. 7 details the sub-steps of step 620. Those skilled in the art will appreciate that step 620 may be performed after the other steps shown in FIG. 6 (eg, after another step before step 660).

In step 630, the encrypted location determination signal arrives from the network to the receiver. Such positioning signals may be broadcast by the transmitter or may arrive via other communication paths (eg, cellular paths, web-based paths, local network paths). In step 640, the receiver processes the first positioning signal. The sub-steps associated with step 640 are shown in FIG. 8.

In step 650, the positioning signal arrives at a first encryption component 422, where it is decrypted using a copy of the ALAC stored in memory 430. Next, in step 660, some or all of the location data from the decrypted positioning signal is decrypted by the second encryption component 423 using an ASLC associated with the first application. The ASLC may be obtained from memory 430 or from a network (described with respect to step 620 and FIG. 7).

Finally, at step 670, location engine 440 receives the translated location data or pseudorange information along the location TOA to calculate the location of the receiver on behalf of the first application. The calculation of the location may be determined based on the service level indicated by the ASIC for the first application.

FIG. 7 illustrates in detail the process for providing conditional proof of access at a receiver in accordance with certain features and step 620 of FIG. 6. Reference may be made to FIG. 2 while describing the processing described in FIG. 7.

In step 710, the UE 220 obtains a developer key associated with the application. The developer key is stored in the UE 220 after the application is downloaded to the UE 220. The association of the developer key with the ASLC is stored in a network (eg, service provider 230, location system 240, or external entity 250). The ASLC is not only application specific but also specific to the access level of the UE 220. In step 720, the developer key is sent to the network (eg, service provider 230, location system 240, and / or developer or application provider 250) for processing.

In step 730, in response to sending the developer key, the UE 220 / receiver 400 receives an ASLC associated with the developer key / application over the network. In step 740, the ASLC is stored for future use. Optionally, the ASLC is not stored so that steps 710-730 are repeated after the application requests location information (this is the two step decryption model shown in FIG. 6 and as described elsewhere herein). ASLC related to the

FIG. 8 is a diagram illustrating certain features and details of processing for processing positioning signal data according to step 640 of FIG. 6. Reference is made to FIGS. 4A-C while describing the processing described in FIG. 8. As an example, step 640 may be performed by the signal processing component 421 in FIGS. 4A-C.

In step 810, a positioning signal received from the transmitter or RF component 410 is used to evaluate the raw TOA (eg, at digital processing component 421a). This raw TOA estimate is then converted into raw positioning pseudo distance information in pseudo range generating component 421b.

In step 820, this positioning signal is decoded in data processing component 421c. In step 830, data processing component 421c performs error detection on the positioning signal before sending it to the first encryption component 422 for decryption.

11 shows the decryption of the first stage, the decryption of the second stage, and the decryption of the third stage. Those skilled in the art will understand that changes in FIG. 11 are within the scope of the present invention. Certain steps shown in FIG. 11 may be omitted or rearranged in other implementations. The following description is largely about the receiver. However, this description may be extended to one or more processors to perform some or all of the functions specified below.

In step 1110, the first application is started (eg, in response to an automatically determined condition, in response to a user input, or in response to another event or environment). The application is particularly started at the receiver or at a receiver remote from the server. Such a server may take various forms, including those shown in FIGS. 4B-C.

In step 1120, the receiver obtains a copy of the ASLC associated with the first application. The receiver can obtain the ASLC from memory in the receiver, from the first application, or from an external source. The ASLC specifies a parameter that determines what information can be provided / accessed by the first application. And specify when and how this can be provided / accessed by the first application. It may also be conceivable to be used in place of such an ASLC, including using data in the ASLC without using proof.

In step 1130, the encrypted positioning signal arrives from the transmitter to the receiver. Each of the positioning signals is broadcast from each transmitter, reached through different communication paths (e.g., cellular paths, web-based paths, local network paths), and from all of them.

In step 1140, the receiver initially processes the positioning signal.

At step 1150, the positioning signal is decrypted using a key stored at the receiver or otherwise accessible by the receiver from an external source (e.g., specified by the ALAC).

In step 1160, the receiver may identify or determine location information from the positioning signal. Such position information is determined based on raw and fine TOA measurements, data units (DUs) described elsewhere herein, evaluated position coordinates of the receiver calculated based on the data of the positioning signals, and determined based on the evaluated position coordinates. It may include modified position coordinates or other data. The modified position coordinates are determined based on the parameters from step 1120. This parameter indicates that the application is allowed to receive the position coordinates within a given level of accuracy for the evaluated position coordinates. In this case, the processor may generate new position coordinates based on the accuracy level (eg, Changing the latitude so that it is within the measurement range of x units from the evaluated latitude, changing the latitude to zero so that only two dimensions are provided) Providing less accurate location information will enable subscription services on a per-application or per-use basis. Can be.

Some or all of the location information is encrypted at step 1170 using a key generated in or based on the ASLC or its data from step 1120. The choice of location information for encryption can be controlled by the service level conditions specified by the ASLC. Such service level conditions specify which data can be accessed by the first application and can be determined from the data described elsewhere herein and include some or all of the data described with respect to FIG. 9.

In step 1180, the encrypted location information is decrypted for use by the first application. The processor executing the first application may have knowledge of the key used to encrypt the location information. This knowledge can be obtained by accessing an ASLC (e.g., where the ASLC specifies a key or algorithm for determining a key), or else can be obtained by receiving a key (e.g., For example, a session identifier is used here).

Data related features

9 illustrates data for use during conditional access processing in accordance with certain features. As shown, the data may include application type (e.g., E-911, network management, law enforcement), UE ID or UE type, service type (e.g., usage accuracy, usage range, usage time, available data). Unit), a service provider type, a manufacturer type, a developer type, a user ID or user type, a request type, and other types of information that can be used as parameters for determining a service level for an application. It identifies and provides other types of information that determine what can be, how such information can be provided, and where such location can be provided, when such information is provided. GPS or other time may also be sent to monitor usage based on the time limit. Some or all of this data may be included in the ASLC for a particular application and / or UE, and later identified by the processing component to identify location information that may be encrypted before being sent to an application close to or away from the receiver. do. Each of the data is used by a processor at the receiver to filter the constant decrypted location information before providing the location information in encrypted form to the application, device or user. In other words, the data determines what location information is available, when it is available, and for how long. ASLC also uses cryptographic keys or algorithms (e.g., algorithms for using the encryption key using real-time data or other data distributed in a protected environment or made available during the encryption and decryption phase) to generate an encryption key. It may also be included.

The service type may be associated with accuracy levels up to high-range accuracy (eg, 3 meters), mid-range accuracy (25-50 meters), and low-range accuracy (400 meters). The service type may also be associated with a cover level including region, region, national, and global. The service type is further associated with an effective time level that includes the disappearance of access privileges with respect to one time, monthly, yearly, or lifetime, or other validity periods. The service type may also be associated with a usage level, including metered or unlimited. Various level combinations can be used.

Similar decryption for location applications for non-cellular devices can also be envisioned. For example, an E-911 call via a VoIP application (eg, Skype ™), camera / camcorder, etc. may have an ASLC imaged into formware or downloaded into memory.

Features related to the use case

Various types of computing devices and their connection status can be envisioned, including devices that are almost always connected, mostly connected, or almost unconnected to a cellular network, a location network, a local network, or other networks. Further consideration is given to the processing power of each of these computing devices.

Connection types include cellular (eg 3G / 4G, prepaid), Wi-Fi, wired (eg USB, Ethernet), and other connections.

Types of computing devices include smartphones, other cellular phones, tablets, laptops, connected TVs, VoIP phones, STBs, DMAs, consumer electronics, security systems, PGDs, PNDs, DSCs, M2M applications, asset geofencing, and the like. Connected receivers are devices such as mobile phones, tablets, and laptops (e.g. cellular and Wi-Fi / wired Ethernet) with active data pipes available. Most connected receivers are devices such as tablets and laptops that have access to non-cellular means such as Wi-Fi / wired Ethernet. Unconnected receivers or receivers with limited connectivity include receivers that are rarely connected to the Internet and have no cellular connection.

Unconnected receivers can be manufactured with a pre-approved set of programmed ALACs and ASLCs for the life of the receiver. After this initial period, key renewal can be delivered to the device via a formware update (eg, using a USB connection) or to the device by temporarily connecting the device to a data network. Such an unconnected receiver may determine their location with an appropriate RF receiver that receives encrypted location information (eg, a GPS chip).

Additional features

One or more features relate to systems, methods and computer program products for controlling access to location information by one or more applications. The system includes a processing component that can be operable to execute a method. A computer program product includes a nonvolatile computer readable medium having computer readable program code executed to perform a method.

The method uses a first key to decrypt a first set of encrypted location signals received from a terrestrial transmitter network; Determine position information from the first set of decoded position signals; Identify a first set of location information, wherein the first set of location information is identified based on a first level of service associated with the first application; Encrypt the first set of location information using the second key; And provide the encrypted first set of location information to the first application.

In accordance with an aspect of the present invention, the first set of location information includes one or more location information, timing calibrations, and atmospheric measurements of one or more transmitters from the terrestrial transmitter network.

According to an aspect of the invention, the method is further operable to calculate the estimated coordinates for the position of the receiver using the decoded position signal, wherein the first set of position information includes the estimated coordinates of the receiver. do.

According to one aspect of the invention, the decoded position signal comprises data specifying atmospheric measurements at each terrestrial transmitter, wherein the evaluated coordinates are calculated using at least one atmospheric measurement and the decoded position signal at the receiver. Contains altitude coordinates.

According to an aspect of the invention, the method steps further calculate the estimated coordinates for the position of the receiver using the decoded position signal; And based on the level of accuracy allowed for the first application, is further operable to calculate the received coordinates based on the evaluated coordinates, wherein the modified coordinates are less accurate than the evaluated coordinates in specifying the position of the receiver and The first set of positional information includes the modified coordinates.

According to an aspect of the invention, the method step further identifies a second set of location information, wherein the second set of location information is identified based on a second level of service associated with a second application, Constant position information included in the set is not included in the second set; Encrypt the second set of location information using the third key; And provide a second set of location information to the second application.

According to one aspect of the invention, the method step further decrypts the second set of encrypted location signals received from the terrestrial transmitter's network using a first key or a third key, wherein the first set of encrypted locations A signal is received at a first location of the receiver, and a second set of encrypted location signals is received at a second location of the receiver; Determine additional location information from the second set of decoded location signals; Identify a second set of additional location information, wherein the second set of additional location information is identified based on a second level of service associated with the second application; Encrypt the second set of location information using the fourth key; And provide a second set of location information to the second application.

According to an aspect of the invention, before the method step identifies the first set of location information, further determining whether information specifying the first level of service is stored at the receiver; If it is determined that information specifying a first level of service is not stored in the receiver, access a first developer key associated with a first application, and send the first developer key to a server; And in response to sending the first developer key to the server, receives information specifying a first level of service.

In accordance with an aspect of the present invention, information specifying a first level of service is included in a first authorized service-level certificate associated with a first application, wherein such proof is associated with the developer key. Related.

According to one aspect of the invention, the first level of service specifies a time period during which a second key can be used to encrypt the first set of location information and the subsequent set of location information.

According to one aspect of the invention, the second key is a session key generated after the location signal is decrypted.

According to one aspect of the invention, a first application is executed via a remote server and a first set of location information is provided to said remote server.

According to one aspect of the invention, the method step further determines a first level of service based on the parameters specified in the first attestation associated with the first application.

According to an aspect of the invention, the method steps further scramble such location information before the location information is sent over an unprotected communication path; And scramble the scramble position information before identifying the first set.

According to an aspect of the invention, the method step further scrambles the evaluated coordinates before the evaluated coordinates are sent over an unprotected communication path; And unscramble the scrambled evaluated suppository before encrypting the first set.

According to an aspect of the invention, the method step further selects a first key of the plurality of keys, wherein the CRC field of the encrypted location signal is such that the first key is used to decrypt the first set of encrypted location signals. Pass the check only when

According to an aspect of the invention, the method step further selects a first key among a plurality of keys, wherein data of the decrypted location signal is used to decrypt the first set of encrypted location signals using a first key. Matches only the expected range of values.

According to an aspect of the present invention, packets from multiple transmitters are only when the method step further selects a first key among the plurality of keys, wherein the first key is used to decrypt the first set of encrypted position signals. The data passes one or more consistency checks, and the first set of encrypted location signals includes packet data from multiple transmitters.

Other features

Further features relating to various features of the invention are described in the following concurrent patent applications, and are incorporated herein by reference:

US Patent Application 13 / 412,487, entitled Wide AREA POSITIONING SYSTEMS, filed March 5, 2012; US Patent Application No. 12 / 557,479 (current US Patent No. 8,130,141), filed WIDE AREA POSITIONING SYSTEM, filed September 10, September 10, 2009; US patent application Ser. No. 13 / 412,508, titled Wide AREA POSITIONING SYSTEMS, filed March 5, filed March 5, 2012; US patent application Ser. No. 13 / 296,067, entitled Wide AREA POSITIONING SYSTEMS, filed November 14, 2011; Application No. PCT / US12 / 44452, entitled WIDE AREA POSITIONING SYSTEMS, filed June 28, 2011; US patent application Ser. No. 13 / 535,626, entitled CODING IN WIDE AREA POSITIONING SYSTEMS, filed June 28, 2012; US patent application Ser. No. 13 / 536,051, entitled CODING IN WIDE AREA POSITIONING SYSTEMS (WAPS), filed June 28, 2012; US patent application Ser. No. 13 / 565,614, entitled Cell Organization and Transmission Schemes in a Wide Area Positioning System (WAPS), filed Aug. 2, 2012; US patent application Ser. No. 13 / 565,732, entitled Cell Organization and Transmission Schemes in a Wide Area Positioning System, filed August 2, 2012; US patent application Ser. No. 13 / 565,723, entitled Cell Organization and Transmission Schemes in a Wide Area Positioning System, filed August 2, 2012; US patent application Ser. No. 13 / 831,740, titled Systems and Methods Configured to Estimate Receiver Position Using Timing Data Associated with Reference Locations in three-dimensional space. in Three-Dimensional Space), filed March 14, 2013; US patent application Ser. No. 13 / 909,977, entitled SYSTEM and METHODS FOR LOCATION POSITIONING of USER DEVICE, filed June 4, 2013; NEXN-009-201 (U.S. Patent Application No. 14 / 010,437), entitled SYSTEM AND METHODS FOR PROVIDING CONDITIONAL ACCESS TO TRANSMITTED INFORMATION, AUG 2013 26 days; US patent application Ser. No. 14 / 011,277, entitled METHODS AND APPARATUS FOR PSEUDO-RANDOM CODING IN A WIDE AREA POSITIONING SYSTEM (WAPS), filed 8 2013 March 27. The above applications, publications and patents are referred to individually or collectively as "included references", "included applications", "included publications", "included patents" and the like. Various features, details, devices, systems, and methods herein are combined with the disclosure as set forth in any of the included references.

The systems and methods disclosed herein can track location computing devices and the like, and provide location information and provide navigation to or with such devices and the like. "GPS" means Global Navigation Satellite Systems (GNSS) such as GLONASS, Galileo, and Compass / Beidou. The transmitter may transmit the positioning data in a signal received by the user device. The positioning data may comprise "timing data" used to determine the propagation time of the signal (e.g., time of arrival (TOA)), by multiplying the signal's propagation time by the speed of such a signal. It can be used to evaluate the distance between the user device and the transmitter (e.g., pseudorange).

Various architectures of GPS receivers are contemplated. For example, the local function of a GPS receiver can be divided into two sections: (1) signal processing and (2) position calculation. The signal processing function can be implemented in hardware and the position calculation can be done in formware / software. These functions can be performed in a GPS ASIC "chip" with DSP hardware blocks and an ARM-processor subsystem that manages and calculates the DSP hardware. Such GPS chips usually generate the final latitude, longitude, and altitude in the form of NMEA messages. Optionally, location calculations are performed in the apps handler on the handset to add additional location information and build a comprehensive location solution. The present invention applies to both implementations (in addition to other configurations for signal processing and position calculation).

Various systems, methods, logic features, blocks, modules, components, circuits, and algorithm steps have been described so far and may be implemented by any suitable software known or known in the art, or by a processor (also referred to as a "processing device" and including a number of processors). May be implemented, performed or controlled by software executed by or both. A processor may perform any of the processing / methodologies disclosed herein and processing, calculations, method steps, or other system functions in connection with a system, including data analysis, manipulation, transformation or generation, or other data operations. Processors include general purpose processors, digital signal processors (DSPs), application specific semiconductors (ASICs), field programmable gate arrays (FPGAs), or other programmable logic devices, discrete gate or transistor logic, discrete hardware components, servers, or combinations thereof. do. The processor may be a traditional processor, microprocessor, controller, microcontroller, or state machine. A processor may also be referred to as a chip, which includes various components (eg, microprocessors and other components). "Processor (processor)" refers to one, two or more processors of the same or different type. The term "computer" or "computing device" or "user device" or the like refers to a device that includes a processor, or may refer to the processor itself. The software may be in RAM memory, flash memory, ROM memory, EPROM memory, EEPROM memory, registers, hard disk, removable disk, CD-ROM, or any other form of storage medium. The "memory" may be coupled to the processor to read information from and write information to the memory. The storage medium may be integrated into the processor. The software may be stored or encoded in one or more instructions or code on a computer-readable medium. The computer readable medium can be any available storage medium, and includes non-volatile media (eg, optical, magnetic, semiconductor), and the carrier may be used wirelessly, optically, or through a network using a network transmission protocol. Or transmit data and commands via wired signaling media. The features of the systems and methods described herein may be realized with features programmed into various circuits, and include the following: Features include software-based circuit emulation, discrete logic, user equipment, neural logic, quantum devices, PLDs, FPGAs It can be implemented in processors with PAL, ASIC, MOSFET, CMOS, ECL, analog and digital mixed polymer technology, hybrids of these. Data, instructions, commands, information, signals, chips that may be referenced through the description above may be represented by voltage, current, electromagnetic waves, magnetic fields or magnetic particles, light fields or particles, or any combination thereof. Computing networks can be used to perform features and can include hardware components (servers, monitors, I / O, network connections). Application programs perform features by receiving, transforming, processing, sorting, sorting, retrieving, transmitting, and / or exporting data, and may be stored in layers, networks, relationships, non-relationships, object-oriented, or other data sources. Can be. "Data" and "information" are used interchangeably. The word "comprises" is not to be interpreted in an exclusive sense (ie, consisting solely) but in a comprehensive sense (ie, without limitation). Words using the singular or plural number also include the plural or singular number respectively. The word "or" or "and" includes any and all of the items in the list. “Some” and “freezing” and one or more ”means one or more than one. The term“ apparatus ”includes one or more components (eg, processor, memory, screen). "Block", "feature", or "component" means hardware or software, or a combination of these hardware and software, and is configured to perform or achieve the functions associated with these modules, blocks, features, or components. The features in the system and device diagrams shown as rectangles refer to hardware or software, and the lines connecting these two diagrams describe the data transfer between these features, which are not directly or shown between these features. Even if they weren't, it can be generated through intermediate features. When there is no line connecting the two features, data transfer between those features May be considered unless stated otherwise, therefore, the above lines are intended to illustrate certain features but should not be construed as limiting.

The description so far is not limited to the features shown, but it will be understood by those skilled in the art to the widest extent, including equivalent systems and methods. The protection provided in the present invention is limited only by the following claims.

Claims (43)

delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete A method for controlling access to location information by one or more applications, the method comprising:
Decrypting, using the first key, a first set of encrypted location signals received from the terrestrial transmitter's network;
Determining position information from the first set of decoded position signals;
Identifying a first set of location information, wherein the first set of location information is identified based on a first level of service associated with the first application;
Encrypting the first set of location information using the second key; And
Providing the encrypted first set of location information to the first application. 20. The method of claim 19, wherein the first set of location information includes one or more of location coordinates, timing calibration, and atmospheric measurements of one or more transmitters from the terrestrial transmitter network. The method of claim 19, wherein the method is
Calculating the estimated coordinates for the location of the receiver using the decoded position signal, wherein the first set of position information includes the evaluated coordinates of the receiver. 22. The system of claim 21, wherein the decoded position signal comprises data specifying atmospheric measurements at each terrestrial transmitter, wherein the estimated coordinates are calculated using at least one atmospheric measurement and the decoded position signal at the receiver. Method comprising the coordinates. The method of claim 19, wherein the method is
Calculating the estimated coordinates for the location of the receiver using the decoded position signal; And
Calculating received coordinates based on the evaluated coordinates based on the level of accuracy allowed for the first application, wherein the modified coordinates are less accurate than the evaluated coordinates in specifying the location of the receiver, And wherein the first set of positional information includes modified coordinates. The method of claim 19, wherein the method is
Identifying a second set of location information, wherein the second set of location information is identified based on a second level of service associated with a second application, and the second set includes certain location information included in the first set. Not-;
Encrypting the second set of location information using the third key; And
Providing a second set of location information to a second application. The method of claim 19, wherein the method is
Decrypting the second set of encrypted location signals received from the network of the terrestrial transmitter using a first key or a third key, wherein the first set of encrypted location signals is received at a first location of the receiver, and Two sets of encrypted location signals are received at a second location of the receiver;
Determining additional location information from the second set of decoded location signals;
Identifying a second set of additional location information, wherein the second set of additional location information is identified based on a second level of service associated with the second application;
Encrypting the second set of location information using the fourth key; And
Providing a second set of location information to a second application. The method of claim 19, wherein the method is
Prior to identifying the first set of location information, determining whether information specifying a first level of service is stored at the receiver;
If it is determined that the information specifying the first level of service is not stored in the receiver, accessing a first developer key associated with the first application;
Sending the first developer key to a server; And
Receiving information specifying a first level of service in response to sending the first developer key to the server. 27. The method of claim 26, wherein information specifying a first level of service is included in a first authorized service-level certificate associated with a first application, wherein the attestation relates to the developer key. How to feature. 20. The method of claim 19, wherein the first level of service specifies a time period during which a second key can be used to encrypt the first set of location information and the subsequent set of location information. Way. 20. The method of claim 19, wherein the second key is a session key generated after the location signal is decrypted. 20. The method of claim 19, wherein a first application is executed via a remote server and a first set of location information is provided to the remote server. The method of claim 19, wherein the method is
Determining a first level of service based on a parameter specified in the first attestation associated with the first application. The method of claim 19, wherein the method is
Scrambled such location information before the location information is sent over an unprotected communication path; And
And unscrambled the scrambled position information before identifying the first set. The method of claim 21, wherein the method is
Scrambled the evaluated coordinates before the evaluated coordinates are sent over an unprotected communication path; And
Unscrambled the scrambled evaluated suppository prior to encrypting the first set. The method of claim 19, wherein the method is
Selecting a first key of the plurality of keys, wherein the CRC field of the encrypted location signal includes passing the check only when the first key is used to decrypt the first set of encrypted location signals. Characterized by the above. The method of claim 19, wherein the method is
Selecting a first key among a plurality of keys, wherein the data of the decrypted location signal matches values in the expected range only when the first key is used to decrypt the first set of encrypted location signals. How to include. 20. The method of claim 19, wherein the first set of encrypted location signals comprises packet data from multiple transmitters.
Selecting a first key among the plurality of keys, such that packet data from the multiple transmitters passes one or more consistency checks only when the first key is used to decrypt the first set of encrypted location signals -Including. 20. The method of claim 19, wherein the first set of location information includes location coordinates of different transmitters from a network of terrestrial transmitters. 20. The method of claim 19, wherein the first set of location information includes timing calibration from a network of terrestrial transmitters, or the location information specifies measurements of pressure from different transmitters in the network of terrestrial transmitters. 20. The method of claim 19, wherein the first set of location information includes positional coordinates of one or more transmitters, timing calibration of one or more transmitters, or atmospheric measurements taken at a location of one or more transmitters from a network of terrestrial transmitters, the method comprising: ,
Calculating coordinates of the evaluated location of the receiver using the first set of location information. 20. The method of claim 19, wherein the first set of location information includes an estimated time of arrival of a location signal from a network of terrestrial transmitters. The method of claim 19, wherein the method is
Receiving a first set of encrypted location signals at a receiver, the location signals not specifying a location of the receiver; and
Evaluating a location of the receiver using the first set of location information. 42. One or more computer-readable media comprising program instructions that, when executed by one or more processors, cause the one or more processors to perform the method of any one of claims 19-41. 42. A system for controlling access to location information by one or more applications, the system comprising at least one processor operable to perform the method of any one of claims 19-41.

Images