US20150245204A1 - Device authentication - Google Patents
Device authentication Download PDFInfo
- Publication number
- US20150245204A1 US20150245204A1 US14/316,404 US201414316404A US2015245204A1 US 20150245204 A1 US20150245204 A1 US 20150245204A1 US 201414316404 A US201414316404 A US 201414316404A US 2015245204 A1 US2015245204 A1 US 2015245204A1
- Authority
- US
- United States
- Prior art keywords
- message
- wireless communications
- communications protocol
- authorisation code
- value
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/73—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by creating or determining hardware identification, e.g. serial numbers
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/76—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in application-specific integrated circuits [ASIC] or field-programmable devices, e.g. field-programmable gate arrays [FPGA] or programmable logic devices [PLD]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/08—Logistics, e.g. warehousing, loading or distribution; Inventory or stock management
- G06Q10/083—Shipping
- G06Q10/0833—Tracking
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04B—TRANSMISSION
- H04B7/00—Radio transmission systems, i.e. using radiation field
- H04B7/14—Relay systems
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04H—BROADCAST COMMUNICATION
- H04H20/00—Arrangements for broadcast or for distribution combined with broadcast
- H04H20/65—Arrangements characterised by transmission systems for broadcast
- H04H20/71—Wireless systems
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
- H04L41/0813—Configuration setting characterised by the conditions triggering a change of settings
- H04L41/082—Configuration setting characterised by the conditions triggering a change of settings the condition being updates or upgrades of network functionality
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
- H04L41/084—Configuration by using pre-existing information, e.g. using templates or copying from other elements
- H04L41/0846—Configuration by using pre-existing information, e.g. using templates or copying from other elements based on copy from other elements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/085—Retrieval of network configuration; Tracking network configuration history
- H04L41/0853—Retrieval of network configuration; Tracking network configuration history by actively collecting configuration information or by backing up configuration information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/12—Discovery or management of network topologies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/14—Network analysis or design
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/06—Generation of reports
- H04L43/065—Generation of reports related to network devices
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
- H04L43/0805—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
- H04L43/0817—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability by checking functioning
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
- H04L43/0852—Delays
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
- H04L43/0876—Network utilisation, e.g. volume of load or congestion level
- H04L43/0882—Utilisation of link capacity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/10—Active monitoring, e.g. heartbeat, ping or trace-route
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/02—Topology update or discovery
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/11—Identifying congestion
- H04L47/115—Identifying congestion using a dedicated packet
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/16—Flow control; Congestion control in connection oriented networks, e.g. frame relay
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L49/00—Packet switching elements
- H04L49/15—Interconnection of switching modules
- H04L49/1553—Interconnection of ATM switching modules, e.g. ATM switching fabrics
- H04L49/1584—Full Mesh, e.g. knockout
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L5/00—Arrangements affording multiple use of the transmission path
- H04L5/003—Arrangements for allocating sub-channels of the transmission path
- H04L5/0053—Allocation of signaling, i.e. of overhead other than pilot signals
- H04L5/0055—Physical resource allocation for ACK/NACK
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/061—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1475—Passive attacks, e.g. eavesdropping or listening without modification of the traffic monitored
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1491—Countermeasures against malicious traffic using deception as countermeasure, e.g. honeypots, honeynets, decoys or entrapment
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/18—Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/2866—Architectures; Arrangements
- H04L67/30—Profiles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/22—Parsing or analysis of headers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0877—Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/50—Secure pairing of devices
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W16/00—Network planning, e.g. coverage or traffic planning tools; Network deployment, e.g. resource partitioning or cells structures
- H04W16/18—Network planning tools
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W24/00—Supervisory, monitoring or testing arrangements
- H04W24/06—Testing, supervising or monitoring using simulated traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/02—Services making use of location information
- H04W4/029—Location-based management or tracking services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/06—Selective distribution of broadcast services, e.g. multimedia broadcast multicast service [MBMS]; Services to user groups; One-way selective calling services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/30—Services specially adapted for particular environments, situations or purposes
- H04W4/38—Services specially adapted for particular environments, situations or purposes for collecting sensor information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/70—Services for machine-to-machine communication [M2M] or machine type communication [MTC]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/80—Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W40/00—Communication routing or communication path finding
- H04W40/24—Connectivity information management, e.g. connectivity discovery or connectivity update
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W52/00—Power management, e.g. TPC [Transmission Power Control], power saving or power classes
- H04W52/02—Power saving arrangements
- H04W52/0209—Power saving arrangements in terminal devices
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W52/00—Power management, e.g. TPC [Transmission Power Control], power saving or power classes
- H04W52/02—Power saving arrangements
- H04W52/0209—Power saving arrangements in terminal devices
- H04W52/0225—Power saving arrangements in terminal devices using monitoring of external events, e.g. the presence of a signal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W52/00—Power management, e.g. TPC [Transmission Power Control], power saving or power classes
- H04W52/02—Power saving arrangements
- H04W52/0209—Power saving arrangements in terminal devices
- H04W52/0251—Power saving arrangements in terminal devices using monitoring of local events, e.g. events related to user activity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W52/00—Power management, e.g. TPC [Transmission Power Control], power saving or power classes
- H04W52/02—Power saving arrangements
- H04W52/0209—Power saving arrangements in terminal devices
- H04W52/0261—Power saving arrangements in terminal devices managing power supply demand, e.g. depending on battery level
- H04W52/0274—Power saving arrangements in terminal devices managing power supply demand, e.g. depending on battery level by switching on or off the equipment or parts thereof
- H04W52/028—Power saving arrangements in terminal devices managing power supply demand, e.g. depending on battery level by switching on or off the equipment or parts thereof switching on or off only a part of the equipment circuit blocks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W52/00—Power management, e.g. TPC [Transmission Power Control], power saving or power classes
- H04W52/04—TPC
- H04W52/38—TPC being performed in particular situations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W64/00—Locating users or terminals or network equipment for network management purposes, e.g. mobility management
- H04W64/003—Locating users or terminals or network equipment for network management purposes, e.g. mobility management locating network equipment
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W72/00—Local resource management
- H04W72/12—Wireless traffic scheduling
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W72/00—Local resource management
- H04W72/20—Control channels or signalling for resource management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W76/00—Connection management
- H04W76/10—Connection setup
- H04W76/11—Allocation or use of connection identifiers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W76/00—Connection management
- H04W76/10—Connection setup
- H04W76/14—Direct-mode setup
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/22—Processing or transfer of terminal data, e.g. status or physical capabilities
- H04W8/24—Transfer of terminal data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/22—Processing or transfer of terminal data, e.g. status or physical capabilities
- H04W8/24—Transfer of terminal data
- H04W8/245—Transfer of terminal data from a network towards a terminal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W84/00—Network topologies
- H04W84/18—Self-organising networks, e.g. ad-hoc networks or sensor networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W88/00—Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
- H04W88/02—Terminal devices
- H04W88/04—Terminal devices adapted for relaying to or from another terminal or user
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W88/00—Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
- H04W88/02—Terminal devices
- H04W88/06—Terminal devices adapted for operation in multiple networks or having at least two operational modes, e.g. multi-mode terminals
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W92/00—Interfaces specially adapted for wireless communication networks
- H04W92/02—Inter-networking arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/60—Context-dependent security
- H04W12/69—Identity-dependent
- H04W12/77—Graphical identity
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02A—TECHNOLOGIES FOR ADAPTATION TO CLIMATE CHANGE
- Y02A10/00—TECHNOLOGIES FOR ADAPTATION TO CLIMATE CHANGE at coastal zones; at river basins
- Y02A10/40—Controlling or monitoring, e.g. of flood or hurricane; Forecasting, e.g. risk assessment or mapping
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Definitions
- This invention relates to a method for securely authenticating a device.
- the objects in a room be capable of communicating with each other, and also potentially to be able to communicate with the internet or cloud.
- the room may have a light, light switch, window and door. It may be desired that each of these objects be able to communicate with the others so that the home can be automated.
- a communication device that can communicate with similar communication devices attached to other objects.
- a large number of objects need to be able to communicate with each other.
- the result can be a network of many communication devices, each associated with a respective object.
- many of these objects will not have access to, or require, power themselves (for example, a window, door, packages sitting on a shelf, etc.)
- it may be desirable for the devices that communicate on the objects' behalf to be battery-powered devices that consume only a small amount of power. It may also be desirable that these devices be able to communicate wirelessly with each other so that there is no need for cables running between them.
- One suitable method of communication for such a network is to use a mesh networking protocol.
- This permits a first device to send a message to a second device, which may be outside the communication range of the first device, by transmitting the message via one or more intermediate devices.
- mesh networking protocols are typically designed around the concept of devices sending messages using complex routing tables. Such complex routing requires processing power which tends to increase power consumption of the devices.
- Such mesh networking protocols also tend to operate according to proprietary protocols. This means devices may have to be manufactured specifically for the task of communicating according to a particular mesh network. This may be undesirable because it increases the cost of devices that might be installed in a multitude locations and/or attached to a multitude of different devices.
- the mesh network may be especially vulnerable to attacks when new devices added to the network.
- One possible type of attack is an “eavesdropper attack” where an attacker passively listens to messages exchanged between devices in the mesh network.
- Another type of attack is a “man-in-the-middle attack” where an attacker intercepts messages between two devices FIG. 1 a shows how these types of attacks may be carried out when a new device is to be added to an existing mesh network.
- a new device “B”, which may be a newly purchased light, is to join a mesh network that is configured by a configuring device “C”, which may be a smartphone belonging to the purchaser.
- B may be required to be associated with the mesh network and C can perform that association.
- An eavesdropper “E” can passively listen to messages exchanged between C and B.
- a man-in-the-middle “M” can intercept messages and pretend to be C to B and pretend to be B to C and so all messages between B and C are passed through M.
- the association process can involve C sending a network key, which allows access to the network, to B. As E and M can observe these messages, the security of the network may be compromised if E or M obtain the network key.
- One method of preventing the eavesdropper attack by E is to encrypt messages between the B and C.
- a single network key may be used. Because this single network key is critical to the security of the network, this network key should never be distributed to a device insecurely. Therefore, a key exchange mechanism (e.g. a Diffie-Hellman-Merkle key exchange) could be performed before the network key is distributed to a new device.
- a key exchange mechanism e.g. a Diffie-Hellman-Merkle key exchange
- the key exchange mechanism may not prevent a man-in-the middle attack.
- M can intercept the messages and insert its own keys PK MB and PK MC , which are then sent to devices C and B respectively.
- S MC S CM
- S MB S BM
- a method for authenticating a first device capable of operating according to a wireless communications protocol, the method comprising: at a second device, receiving a first message comprising an identifier for the first device and an authorisation code associated with the first device, the first message not being received from the first device in accordance with the wireless communications protocol; at the second device, receiving a second message comprising a value, the second message being sent from the first device in accordance with the wireless communications protocol; and authenticating the first device if the authorisation code received via the first message relates, according to a predetermined algorithm, to the received value.
- the method may further comprise: at the second device and in response to authenticating the first device, sending an association message to the first device, the association message comprising an encrypted network key by means of which the first device can access a network comprising the second device.
- the method may further comprise, at the second device: receiving a public key from the first device; and calculating an encryption key in dependence the received public key and a private key stored at the second device, the network key being encrypted using the encryption key.
- the calculation may be in accordance with a Diffie-Hellman-Merkle key exchange.
- the first message may be received via an analysis of an image.
- the image may be a QR-Code, barcode or text representing the identifier and the authorisation code.
- the method may further comprise, at the second device: scanning the image, the image representing a database identifier; sending, via the internet, a request message comprising the database identifier to a computer; and in response to the request, receiving, via the internet, the first message from the computer.
- the first message may comprise one or more further identifiers and identification codes associated with respective one or more further devices.
- the value may be dependent on an authorisation code stored at the first device.
- the value may be different to the authorisation code.
- the value may be calculated using the predetermined algorithm having as inputs: the authorisation code stored at the first device, a public key of the first device and a random number generated by the first device.
- the authenticating step may comprise: receiving the random number from the first device; from the value, authorisation code and the public key, calculating a number according to the predetermined algorithm; and comparing said calculated number with the received random number and, if said numbers match, authenticating the first device.
- the method may further comprise: at the first device, broadcasting the identifier for the first device in accordance with the communications protocol.
- the second message may be received via a third device capable of operating according to the communications protocol.
- the first device may be sited at a location that is out of range of transmission from the second device.
- the second device may be capable of communicating in a mesh network.
- the wireless communications protocol may be Bluetooth Low Energy protocol.
- the wireless communications protocol may define a broadcast packet type, said second message may be received via a packet of the broadcast packet type.
- a wireless communications device capable of operating according to a wireless communications protocol, the wireless communications device comprising: an input configured to receive a first message comprising an identifier for a first device and an authorisation code associated with the first device, the first message not being received from the first device in accordance with the wireless communications protocol; a transceiver capable of operating according to the wireless communications protocol and configured to receive a second message comprising a value, the second message being sent from the first device in accordance with the wireless communications protocol; a controller configured to authenticate the first device if the authorisation code received via the first message relates, according to a predetermined algorithm, to the received value.
- the transceiver may be further configured to, in response to authenticating the first device, send an association message to the first device, the association message comprising an encrypted network key configured to allow the first device access to a network comprising the wireless communications device.
- the transceiver may be further configured to receive a public key from the first device, the controller being further configured to calculate an encryption key in dependence the received public key and a private key stored at the wireless communications device, the network key being encrypted using the encryption key.
- the controller may be further configured to calculate the encryption key in accordance with a Diffie-Hellman-Merkle key exchange.
- the input may be a camera or barcode reader configured to analyse an image.
- the image may be a QR-Code, barcode or text representing the identifier and the authorisation code.
- the wireless communications device may further comprise a camera or barcode reader configured to analyse an image representing a database identifier, the input being a network interface capable of communicating via the internet and configured to: send, via the internet, a request message comprising the database identifier to a computer; and in response to the request, receive, via the internet, the first message from the computer.
- a camera or barcode reader configured to analyse an image representing a database identifier
- the input being a network interface capable of communicating via the internet and configured to: send, via the internet, a request message comprising the database identifier to a computer; and in response to the request, receive, via the internet, the first message from the computer.
- the first message may comprise one or more further identifiers and identification codes associated with respective one or more further devices.
- the value may be dependent on an authorisation code stored at the first device.
- the value may be different to the authorisation code.
- the controller may be configured to calculate the value using the predetermined algorithm having as inputs: the authorisation code stored at the first device, a public key of the first device and a random number generated by the first device.
- the transceiver may be further configured to receive the random number from the first device; the controller may be further configured to: calculate, according to the predetermined algorithm, a number from the value, authorisation code and the public key, and compare said calculated number with the received random number and, if said numbers match, authenticate the first device.
- the first device may be sited at a location that is out of range of transmission from the transceiver.
- the transceiver may be capable of communicating in a mesh network.
- the wireless communications protocol may be Bluetooth Low Energy protocol.
- the wireless communications protocol may define a broadcast packet type, said second message being received via a packet of the broadcast packet type.
- a wireless communications device capable of operating according to a wireless communications protocol, the wireless communications device comprising: a transceiver configured to broadcast an identifier for the device in accordance with the communications protocol; a memory configured to store an authorisation code, the transceiver being further configured to: send a first message comprising a value, the value being related, according to a predetermined algorithm, to the authorisation code; and in response to sending the first message, receive a second message comprising an encrypted network key; and a controller configured to decrypt the encrypted network key by means of which the device can access a network.
- the device may be configured to not send the authorisation code unencrypted.
- FIG. 1 a shows devices in a scenario in which the security of a network may be compromised:
- FIG. 1 b shows devices in a man-in-the-middle attack scenario
- FIG. 2 shows a method of authorising a device
- FIG. 3 shows a message exchange for another method of authorising a device
- FIG. 4 shows a schematic diagram of a configuring device.
- the identity of a new device must be verified before a configuring device in the network can trust the new device.
- a new, unverified device may not be accessible or have any form of user interface, and may possibly be a long distance from the configuring device as it may be in a mesh network, the concepts typically used in, for example. Bluetooth to “pair” devices may not be suitable.
- each device is provided with an “authorisation secret” that is only known by that device. To allow the configuring device to verify the new device, it needs to securely obtain the authorisation secret.
- FIG. 2 shows one method for the configuring device 201 to obtain the authorisation secret of a new device 202 that is to be added to a mesh network comprising configuring device 201 .
- Devices 201 and 202 and the mesh network may operate according to a wireless communications protocol such as Bluetooth Low Energy.
- the authorisation code of the new device 202 could be made available to the configuring device 201 so that new device 202 can be authenticated.
- transmitting the authorisation code over the network would allow an eavesdropper or a MITM attacker 203 to obtain the code.
- device 202 should not transmit its authorisation code in accordance with the protocol over the network.
- configuring device 201 would have to acquire the authorisation code by means other than via messages sent according to the wireless communications protocol used by the new device 202 and the mesh network.
- device 201 should not receive (directly or indirectly via an intermediate device) the authorisation code for device 202 from a message originating from device 202 , wherein the message is sent by device 202 in accordance with the wireless communication protocol of the mesh network.
- the authorisation code may instead be obtained by the configuring device 201 using another method such as via a QR-Code or a Short Code that might be printed on the new device 202 or the packaging of the device 202 .
- the code could be presented as a one-dimensional or two-dimensional bar code, or in some other way that permits a device to reliably interpret the code using a sensor installed on the device. That sensor could be a camera, an audio sensor, a magnetic sensor and so on.
- the authorisation code may be conveyed to the configuring device 201 via a QR-Code.
- the QR-Code may have encoded thereon an authorisation code and an identifier for the device 202 .
- the authorisation code and the identifier may be unique to each device.
- Device 202 may also have a matching authorisation code and identifier stored in a memory on the device 202 .
- the configuring device 201 For the configuring device 201 to verify that the new device 202 is that device and not a man-in-the-middle device 203 , the configuring device 201 is required to match the identifier and authorisation code obtained via means other than via the network (such as the QR-Code) and the authorisation code and identifier stored on the device 202 without that stored information being transmitted over the mesh network.
- the predetermined algorithm may be known to both devices 201 and 202 .
- Device 202 sends value CONFIRM B to device 201 .
- Device 202 can then send value RANDOM B to device 201 so that device 201 can calculate, using the same predetermined algorithm, a confirmation value from RANDOM B and the authorisation code obtained via the OR-Code.
- CONFIRM B and RANDOM B could be sent in the same message.
- the confirmation value calculated by device 201 matches CONFIRM B , then device 202 is verified and is therefore trusted.
- the MITM device 203 does not know the authorisation code and thus cannot generate the correct inputs to the predetermined algorithm and thus will not be able to generate the correct RANDOM B value that will allow device 201 to arrive at the correct confirmation value CONFIRM B .
- Additional messages may be exchanged between devices 201 and 202 to further enhance the security of the verification procedure to allow device 202 to be associated with the mesh network. Such an enhanced procedure is described with reference to the sequence chart of FIG. 3 .
- configuring device 201 scans a QR-Code to obtain an authorisation code and an identifier (ID) for new device 202 .
- ID an identifier
- This information can be obtained at any time, for example by taking a picture of the QR-Code on the box that the device 202 arrived in. It could also be obtained by typing in the authorisation code into a user interface at the configuring device 201 .
- device 202 advertises its ID by broadcasting it in accordance with the wireless protocol used by the mesh network.
- Configuring device 201 receives this information. This information may be received via an intermediate device within the mesh network if devices 201 and 202 are out of range from each other.
- the configuring device 201 determines that new device 202 is to be added to the network and starts a verification procedure.
- An eavesdropper or a MITM device 203 may also observe the broadcasted ID.
- the configuring device 201 sends its public key PK a to new device 202 and, in response at step 304 , device 202 send its public key PK b to configuring device 201 .
- An eavesdropper may be able to receive both of these messages.
- a MITM device 203 could have placed itself between the two devices 201 and 202 and inserted its own public keys, PK ma and PK mb into the communications in an attempt to become a man-in-the-middle.
- configuring device 201 and the new device 202 calculate a shared secret S from their respective private keys and the peer device's public key. This may be achieved using the Diffie-Hellman-Merkle key exchange method.
- the eavesdropper cannot calculate the shared secret because it does not have knowledge of the private keys used.
- the MITM 203 may be able to calculate two shared secrets, one that it could use when communicating with device 201 , S ma , when pretending to be new device 202 and one that it would use when communicating with device 202 , S mb , when pretending to be the configuring device 201 .
- the configuring device 201 sends a confirmation value CONFIRM a to new device 202 .
- the confirmation value can be determined based on a random number RANDOM a
- the public key of device 201 and the authorisation code obtained via the QR-Code CONFIRM a may be calculated using a predetermined algorithm.
- new device 202 sends its confirmation value CONFIRM b to device 201 .
- CONFIRM b can be determined based on a random number RANDOM b , the public key of device 202 and the authorisation code stored at the device 202 .
- CONFIRM b may be calculated using the same predetermined algorithm.
- the eavesdropper can receive the confirmation values.
- the values do not reveal any useful information as they appear to be random numbers to the eavesdropper.
- the MITM 203 does not know the authorisation code and therefore whilst it can generate the appropriate messages, it cannot calculate the inputs required to obtain the confirmation values.
- the configuring device 201 sends the random number RANDOM a to new device 202 .
- new device 202 sends random number RANDOM b to device 201 .
- Both devices 201 and 202 can then confirm, using the predetermined algorithm, that the received random numbers, the authorisation code available to each device and the peer's public key generate the same confirmation value that was previously received.
- the configuring device 201 has determined that the messages from the new device 202 are authentic and so new device 202 is a trusted device.
- the eavesdropper can receive these random number messages, however it does not have the authorisation code.
- the MITM 203 cannot generate two random numbers that, when sent, would match the confirmation values that were previously sent.
- devices 201 and 202 are able to verify that they are communicating with each other and not a MITM device 203 .
- the configuring device 201 sends an encrypted network key to new device 201 .
- the network key may be encrypted using S and a concatenation of RANDOM a and RANDOM b .
- the configuring device 201 may also send an encrypted allocated ID to new device 202 which will be its allocated ID for use within the mesh network. The eavesdropper cannot decrypt this message as it does not have knowledge of S.
- the MITM 203 is no longer trusted by either device 201 or 202 as the MITM 203 could not generate the correct random numbers and therefore any messages from MITM 204 message will be ignored.
- the secret key S could be used to encrypt the messages sent in any of steps 306 to 309 .
- the new device 202 is then able to securely join the mesh network and securely send and receive messages, which may be encrypted using the network key.
- the messages in steps 302 to 310 may be sent in accordance with the wireless communications protocol of the mesh network.
- Devices 201 and 202 may communicate directly with each other if they are in communications range. If they are out of direct communications range with each other, then the messages may be sent via one or more intermediate devices within the mesh network which can forward the messages so that they can reach device 201 or 202 .
- the authorisation code and device ID for a device may be assigned at manufacture and stored in the memory of the device.
- the authorisation code and ID may be static for the lifetime of the device.
- the authorisation code and the ID information may also be made available to a purchaser of the device so that the device can securely be added to their network.
- the authorisation code and ID information can be made available by number of different means such as encoding the information into a QR-Code or a ShortCode and displaying it, for example, on the device or the packaging of the device.
- the QR-Code or ShortCode may contain a URL that can provide a link to the device manufacturer's database which contains the authorisation code for the device.
- the authorisation code and ID for the device may be received in a message sent over the internet.
- a purchaser buys a large number of grouped devices, e.g. a group of lights, that are to be connected to a mesh network, it may be time consuming to scan the QR-Code for each individual light.
- the purchaser can scan in the QR-Code, which contains a group identifier and links to the manufacturer's database, e.g. via the internet, to allow a configuring device 201 to communicate with the database and extract all the authorisation codes and associated IDs for each light in that group.
- the received authorisation codes and ID can then be used to verify each device as described above.
- FIG. 4 shows an example schematic of a configuring device 201 .
- the configuring device 201 may comprise a transceiver 401 , a scanner 402 , a network interface 403 and a controller 404 .
- the configuring device 201 may be a smartphone, tablet, laptop, a computer, etc.
- the transceiver 401 may be configured to operate according to a wireless communication protocol such as Bluetooth low energy and is able to wirelessly send and receive messages over the mesh network.
- a wireless communication protocol such as Bluetooth low energy
- the scanner 402 may be any suitable device that is capable reading an image such as a OR-Code or barcode or text.
- the scanner 202 may be a camera that can capture an image of a QR-Code or barcode or text.
- the image may be analysed by, for example, the controller 404 to decode and retrieve the information in the QR-Code or barcode. If the captured image is of text, the controller 404 may perform character recognition on the image to extract the information in the text.
- the scanner 402 is capable of receiving a message coded in the image which may contain an authorisation code and ID of a device.
- the scanner 402 may be a barcode reader which is capable of scanning and decoding QR-Code and/or barcodes and providing the decoded information to the controller 404 .
- the information could be stored on a short-range NFC device or RFID tag on the new device 202 or the packaging of the new device.
- the scanner 402 may then be a NFC or RFID reader which is capable of reading and extracting the information stored on the NFC device or RFID tag.
- the message coded in the image may be a link to a database containing the authorisation code and ID of a device.
- the controller 404 may access the database via the network interface 403 .
- the network interface 403 may be, for example, a WiFi or mobile data interface which allows connection to the internet.
- the controller 404 may request, via the internet, one or more authorisation codes and associated IDs based on the information retrieved using the scanner 402 .
- the database may send the configuring device 201 , via the internet, the one or more of the requested authorisation codes and associated ID and is received via the network interface 403 .
- the controller 404 can control the transceiver 401 , scanner 402 and network interface 403 to carry out the verification procedure described above.
- the controller 404 can be configured to cause the configuring device 201 to carry out the verification and messaging procedures described above.
- the controller 404 may be configured to carry out the processing described above such as calculating the confirmation values and encryption keys, generating random numbers, comparing the values, etc.
- the new device 202 may be used with appliances such as light switches, lights, sensors, fire alarms, sensors, thermostats, etc.
- the new device 202 may comprise a transceiver configured to operate according to a wireless communication protocol such as Bluetooth low energy.
- the new device 202 may also comprise a memory configured to store data such as the authentication code and device ID, network key, allocated ID, etc.
- the new device 202 may also comprise a controller that is configured to cause the new device 202 to carry out the verification and messaging procedures described above.
- the controller and/or transceiver can be configured to cause the new device 202 to not send the authorisation code via transceiver, unless it is encrypted.
- Devices 201 and 202 may be wireless communication devices that operate according to the same wireless communication protocol.
- the wireless communication protocol could be a relatively short-range protocol.
- the effective range of each device could be less than 25 m. That characteristic can permit the devices to use less power for transmitting and/or receiving than would be expected in a longer range protocol.
- the devices could operate according to the Bluetooth protocol, specifically the Bluetooth Low Energy (BLE) protocol.
- BLE Bluetooth Low Energy
- the devices could use other protocols, for instance IEEE 802.11.
- the devices described above could form a mesh network with other wireless communication devices.
- the devices could be configured to forward some or all messages they receive.
- the messages could be sent and received via a broadcast packet type defined in the wireless communication protocol. All the devices in the network could be peers in that they have identical roles at a network level.
- Devices 201 and 202 could operate according to two different wireless communications protocols, e.g. BLE and IEEE 802.11.
- Devices 201 and 202 may be connected via an IEEE 802.11 network, which can allow secure communication between the two devices.
- New device 202 may then wish to join a mesh network (that comprises device 201 ) that is operating according to the BLE protocol.
- Device 202 may securely transmit a message comprising its authentication code and ID via IEEE 802.11 to device 201 .
- Device 201 can trust this message as it is sent over a secure IEEE 802.11 channel and can use the authentication code received via IEEE 802.11 (instead of via the QR-Code, for example) in the authentication procedure described above for adding the new device 202 to the BLE mesh network.
- the devices configured in accordance with the examples described herein could be embodied in hardware, software or any suitable combination of hardware and software.
- the receiving device of the examples described herein could comprise, for example, software for execution at one or more processors (such as at a CPU and/or GPU), and/or one or more dedicated processors (such as ASICs), and/or one or more programmable processors (such as FPGAs) suitably programmed so as to provide functionalities of the data processing system, and/or heterogeneous processors comprising one or more dedicated, programmable and general purpose processing functionalities.
- the devices comprise one or more processors and one or more memories having program code stored thereon, the data processors and the memories being such as to, in combination, provide the claimed data processing systems and/or perform the claimed methods.
- Data processing units described herein need not be provided as discrete units and represent functionalities that could (a) be combined in any manner, and (b) themselves comprise one or more data processing entities.
- Data processing units could be provided by any suitable hardware or software functionalities, or combinations of hardware and software functionalities.
- Any one of more of the methods described herein could be performed by one or more physical processing units executing program code that causes the unit(s) to perform the data processing methods.
- Each physical processing unit could be any suitable processor, such as a CPU or GPU (or a core thereof), or fixed function or programmable hardware.
- the program code could be stored in non-transitory form at a machine readable medium such as an integrated circuit memory, or optical or magnetic storage.
- a machine readable medium might comprise several memories, such as on-chip memories, computer working memories, and non-volatile storage devices.
Landscapes
- Engineering & Computer Science (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Business, Economics & Management (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Economics (AREA)
- Environmental & Geological Engineering (AREA)
- Software Systems (AREA)
- Entrepreneurship & Innovation (AREA)
- Operations Research (AREA)
- Tourism & Hospitality (AREA)
- Quality & Reliability (AREA)
- Development Economics (AREA)
- Marketing (AREA)
- Human Resources & Organizations (AREA)
- General Business, Economics & Management (AREA)
- Strategic Management (AREA)
- General Health & Medical Sciences (AREA)
- Cardiology (AREA)
- Health & Medical Sciences (AREA)
- Multimedia (AREA)
- Databases & Information Systems (AREA)
- Mathematical Physics (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Mobile Radio Communication Systems (AREA)
- Information Transfer Between Computers (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Storage Device Security (AREA)
- Telephone Function (AREA)
Abstract
A method for authenticating a first device capable of operating according to a wireless communications protocol, the method comprising: at a second device, receiving a first message comprising an identifier for the first device and an authorisation code associated with the first device, the first message not being received from the first device in accordance with the wireless communications protocol; at the second device, receiving a second message comprising a value, the second message being sent from the first device in accordance with the wireless communications protocol; and authenticating the first device if the authorisation code received via the first message relates, according to a predetermined algorithm, to the received value.
Description
- This invention relates to a method for securely authenticating a device.
- There is an increasing need for a variety of objects to be equipped with the ability to send and receive messages. In the case of a home, for example, it may be desirable that the objects in a room be capable of communicating with each other, and also potentially to be able to communicate with the internet or cloud. For example, the room may have a light, light switch, window and door. It may be desired that each of these objects be able to communicate with the others so that the home can be automated.
- To enable objects to communicate, they may be equipped with a communication device that can communicate with similar communication devices attached to other objects. For this architecture to be of greatest use, a large number of objects need to be able to communicate with each other. The result can be a network of many communication devices, each associated with a respective object. As many of these objects will not have access to, or require, power themselves (for example, a window, door, packages sitting on a shelf, etc.), it may be desirable for the devices that communicate on the objects' behalf to be battery-powered devices that consume only a small amount of power. It may also be desirable that these devices be able to communicate wirelessly with each other so that there is no need for cables running between them.
- One suitable method of communication for such a network is to use a mesh networking protocol. This permits a first device to send a message to a second device, which may be outside the communication range of the first device, by transmitting the message via one or more intermediate devices. Historically, mesh networking protocols are typically designed around the concept of devices sending messages using complex routing tables. Such complex routing requires processing power which tends to increase power consumption of the devices. Such mesh networking protocols also tend to operate according to proprietary protocols. This means devices may have to be manufactured specifically for the task of communicating according to a particular mesh network. This may be undesirable because it increases the cost of devices that might be installed in a multitude locations and/or attached to a multitude of different devices.
- Another consideration is to provide adequate security to the mesh network against potential attackers. The mesh network may be especially vulnerable to attacks when new devices added to the network. One possible type of attack is an “eavesdropper attack” where an attacker passively listens to messages exchanged between devices in the mesh network. Another type of attack is a “man-in-the-middle attack” where an attacker intercepts messages between two devices
FIG. 1 a shows how these types of attacks may be carried out when a new device is to be added to an existing mesh network. - A new device “B”, which may be a newly purchased light, is to join a mesh network that is configured by a configuring device “C”, which may be a smartphone belonging to the purchaser. B may be required to be associated with the mesh network and C can perform that association. An eavesdropper “E” can passively listen to messages exchanged between C and B. Also, a man-in-the-middle “M” can intercept messages and pretend to be C to B and pretend to be B to C and so all messages between B and C are passed through M. The association process can involve C sending a network key, which allows access to the network, to B. As E and M can observe these messages, the security of the network may be compromised if E or M obtain the network key.
- One method of preventing the eavesdropper attack by E is to encrypt messages between the B and C. To allow any device within the network to send and receive messages from any other device in the network, a single network key may be used. Because this single network key is critical to the security of the network, this network key should never be distributed to a device insecurely. Therefore, a key exchange mechanism (e.g. a Diffie-Hellman-Merkle key exchange) could be performed before the network key is distributed to a new device.
- However, the key exchange mechanism may not prevent a man-in-the middle attack. As shown in
FIG. 1 b, when devices B and C send their public keys PKB and PKC respectively, M can intercept the messages and insert its own keys PKMB and PKMC, which are then sent to devices C and B respectively. Device M can then calculate two sets of secret keys SMC=SCM and SMB=SBM that would be used for communication between devices C and B through device M. Thus the security of the network may still be compromised using known key exchange mechanisms. - There is therefore a need for improving the security of a mesh network.
- According to a first aspect there is provided a method for authenticating a first device capable of operating according to a wireless communications protocol, the method comprising: at a second device, receiving a first message comprising an identifier for the first device and an authorisation code associated with the first device, the first message not being received from the first device in accordance with the wireless communications protocol; at the second device, receiving a second message comprising a value, the second message being sent from the first device in accordance with the wireless communications protocol; and authenticating the first device if the authorisation code received via the first message relates, according to a predetermined algorithm, to the received value.
- The method may further comprise: at the second device and in response to authenticating the first device, sending an association message to the first device, the association message comprising an encrypted network key by means of which the first device can access a network comprising the second device.
- The method may further comprise, at the second device: receiving a public key from the first device; and calculating an encryption key in dependence the received public key and a private key stored at the second device, the network key being encrypted using the encryption key.
- The calculation may be in accordance with a Diffie-Hellman-Merkle key exchange.
- The first message may be received via an analysis of an image.
- The image may be a QR-Code, barcode or text representing the identifier and the authorisation code.
- The method may further comprise, at the second device: scanning the image, the image representing a database identifier; sending, via the internet, a request message comprising the database identifier to a computer; and in response to the request, receiving, via the internet, the first message from the computer.
- The first message may comprise one or more further identifiers and identification codes associated with respective one or more further devices.
- The value may be dependent on an authorisation code stored at the first device.
- The value may be different to the authorisation code.
- The value may be calculated using the predetermined algorithm having as inputs: the authorisation code stored at the first device, a public key of the first device and a random number generated by the first device.
- The authenticating step may comprise: receiving the random number from the first device; from the value, authorisation code and the public key, calculating a number according to the predetermined algorithm; and comparing said calculated number with the received random number and, if said numbers match, authenticating the first device.
- The method may further comprise: at the first device, broadcasting the identifier for the first device in accordance with the communications protocol.
- The second message may be received via a third device capable of operating according to the communications protocol.
- The first device may be sited at a location that is out of range of transmission from the second device.
- The second device may be capable of communicating in a mesh network.
- The wireless communications protocol may be Bluetooth Low Energy protocol.
- The wireless communications protocol may define a broadcast packet type, said second message may be received via a packet of the broadcast packet type.
- According to a second aspect there is provided a wireless communications device capable of operating according to a wireless communications protocol, the wireless communications device comprising: an input configured to receive a first message comprising an identifier for a first device and an authorisation code associated with the first device, the first message not being received from the first device in accordance with the wireless communications protocol; a transceiver capable of operating according to the wireless communications protocol and configured to receive a second message comprising a value, the second message being sent from the first device in accordance with the wireless communications protocol; a controller configured to authenticate the first device if the authorisation code received via the first message relates, according to a predetermined algorithm, to the received value.
- The transceiver may be further configured to, in response to authenticating the first device, send an association message to the first device, the association message comprising an encrypted network key configured to allow the first device access to a network comprising the wireless communications device.
- The transceiver may be further configured to receive a public key from the first device, the controller being further configured to calculate an encryption key in dependence the received public key and a private key stored at the wireless communications device, the network key being encrypted using the encryption key.
- The controller may be further configured to calculate the encryption key in accordance with a Diffie-Hellman-Merkle key exchange.
- The input may be a camera or barcode reader configured to analyse an image.
- The image may be a QR-Code, barcode or text representing the identifier and the authorisation code.
- The wireless communications device may further comprise a camera or barcode reader configured to analyse an image representing a database identifier, the input being a network interface capable of communicating via the internet and configured to: send, via the internet, a request message comprising the database identifier to a computer; and in response to the request, receive, via the internet, the first message from the computer.
- The first message may comprise one or more further identifiers and identification codes associated with respective one or more further devices.
- The value may be dependent on an authorisation code stored at the first device.
- The value may be different to the authorisation code.
- The controller may be configured to calculate the value using the predetermined algorithm having as inputs: the authorisation code stored at the first device, a public key of the first device and a random number generated by the first device.
- The transceiver may be further configured to receive the random number from the first device; the controller may be further configured to: calculate, according to the predetermined algorithm, a number from the value, authorisation code and the public key, and compare said calculated number with the received random number and, if said numbers match, authenticate the first device.
- The first device may be sited at a location that is out of range of transmission from the transceiver.
- The transceiver may be capable of communicating in a mesh network.
- The wireless communications protocol may be Bluetooth Low Energy protocol.
- The wireless communications protocol may define a broadcast packet type, said second message being received via a packet of the broadcast packet type.
- According to a third aspect there is provided a wireless communications device capable of operating according to a wireless communications protocol, the wireless communications device comprising: a transceiver configured to broadcast an identifier for the device in accordance with the communications protocol; a memory configured to store an authorisation code, the transceiver being further configured to: send a first message comprising a value, the value being related, according to a predetermined algorithm, to the authorisation code; and in response to sending the first message, receive a second message comprising an encrypted network key; and a controller configured to decrypt the encrypted network key by means of which the device can access a network.
- The device may be configured to not send the authorisation code unencrypted.
- The present invention will now be described by way of example with reference to the accompanying drawings. In the drawings:
-
FIG. 1 a shows devices in a scenario in which the security of a network may be compromised: -
FIG. 1 b shows devices in a man-in-the-middle attack scenario; -
FIG. 2 shows a method of authorising a device; -
FIG. 3 shows a message exchange for another method of authorising a device; and -
FIG. 4 shows a schematic diagram of a configuring device. - The following description is presented to enable any person skilled in the art to make and use the invention, and is provided in the context of a particular application. Various modifications to the disclosed embodiments will be readily apparent to those skilled in the art.
- The general principles defined herein may be applied to other embodiments and applications without departing from the spirit and scope of the present invention. Thus, the present invention is not intended to be limited to the embodiments shown, but is to be accorded the widest scope consistent with the principles and features disclosed herein.
- To protect against man-in-the-middle (MITM) attacks, the identity of a new device must be verified before a configuring device in the network can trust the new device. Given that a new, unverified device may not be accessible or have any form of user interface, and may possibly be a long distance from the configuring device as it may be in a mesh network, the concepts typically used in, for example. Bluetooth to “pair” devices may not be suitable. To verify the identity of new devices, each device is provided with an “authorisation secret” that is only known by that device. To allow the configuring device to verify the new device, it needs to securely obtain the authorisation secret.
-
FIG. 2 shows one method for theconfiguring device 201 to obtain the authorisation secret of anew device 202 that is to be added to a mesh network comprising configuringdevice 201.Devices new device 202 could be made available to theconfiguring device 201 so thatnew device 202 can be authenticated. However, transmitting the authorisation code over the network would allow an eavesdropper or aMITM attacker 203 to obtain the code. Thus, in order to protect against an attack,device 202 should not transmit its authorisation code in accordance with the protocol over the network. In other words, configuringdevice 201 would have to acquire the authorisation code by means other than via messages sent according to the wireless communications protocol used by thenew device 202 and the mesh network. Thus,device 201 should not receive (directly or indirectly via an intermediate device) the authorisation code fordevice 202 from a message originating fromdevice 202, wherein the message is sent bydevice 202 in accordance with the wireless communication protocol of the mesh network. - The authorisation code may instead be obtained by the configuring
device 201 using another method such as via a QR-Code or a Short Code that might be printed on thenew device 202 or the packaging of thedevice 202. The code could be presented as a one-dimensional or two-dimensional bar code, or in some other way that permits a device to reliably interpret the code using a sensor installed on the device. That sensor could be a camera, an audio sensor, a magnetic sensor and so on. As shown in the example ofFIG. 2 , the authorisation code may be conveyed to theconfiguring device 201 via a QR-Code. The QR-Code may have encoded thereon an authorisation code and an identifier for thedevice 202. The authorisation code and the identifier may be unique to each device.Device 202 may also have a matching authorisation code and identifier stored in a memory on thedevice 202. For theconfiguring device 201 to verify that thenew device 202 is that device and not a man-in-the-middle device 203, the configuringdevice 201 is required to match the identifier and authorisation code obtained via means other than via the network (such as the QR-Code) and the authorisation code and identifier stored on thedevice 202 without that stored information being transmitted over the mesh network. -
Device 202 can generate a random number RANDOMB and calculate a confirmation value CONFIRMB by having RANDOMB and the authorisation code as inputs to a predetermined algorithm, which may be, for example, a cryptographic hash function such as HMAC-SHA256 (e.g. CONFIRMB=HMAC (RANDOMB, authorisation code)). The predetermined algorithm may be known to bothdevices Device 202 sends value CONFIRMB todevice 201.Device 202 can then send value RANDOMB todevice 201 so thatdevice 201 can calculate, using the same predetermined algorithm, a confirmation value from RANDOMB and the authorisation code obtained via the OR-Code. CONFIRMB and RANDOMB could be sent in the same message. If the confirmation value calculated bydevice 201 matches CONFIRMB, thendevice 202 is verified and is therefore trusted. TheMITM device 203 does not know the authorisation code and thus cannot generate the correct inputs to the predetermined algorithm and thus will not be able to generate the correct RANDOMB value that will allowdevice 201 to arrive at the correct confirmation value CONFIRMB. - Additional messages may be exchanged between
devices device 202 to be associated with the mesh network. Such an enhanced procedure is described with reference to the sequence chart ofFIG. 3 . - At
step 301, configuringdevice 201 scans a QR-Code to obtain an authorisation code and an identifier (ID) fornew device 202. This information can be obtained at any time, for example by taking a picture of the QR-Code on the box that thedevice 202 arrived in. It could also be obtained by typing in the authorisation code into a user interface at theconfiguring device 201. - At
step 302,device 202 advertises its ID by broadcasting it in accordance with the wireless protocol used by the mesh network.Configuring device 201 receives this information. This information may be received via an intermediate device within the mesh network ifdevices device 201 determines thatnew device 202 is to be added to the network and starts a verification procedure. An eavesdropper or aMITM device 203 may also observe the broadcasted ID. - At
step 303, the configuringdevice 201 sends its public key PKa tonew device 202 and, in response atstep 304,device 202 send its public key PKb to configuringdevice 201. An eavesdropper may be able to receive both of these messages. AMITM device 203 could have placed itself between the twodevices - At
step 305, configuringdevice 201 and thenew device 202 calculate a shared secret S from their respective private keys and the peer device's public key. This may be achieved using the Diffie-Hellman-Merkle key exchange method. The eavesdropper cannot calculate the shared secret because it does not have knowledge of the private keys used. TheMITM 203 may be able to calculate two shared secrets, one that it could use when communicating withdevice 201, Sma, when pretending to benew device 202 and one that it would use when communicating withdevice 202, Smb, when pretending to be the configuringdevice 201. - At
step 306, the configuringdevice 201 sends a confirmation value CONFIRMa tonew device 202. The confirmation value can be determined based on a random number RANDOMa, the public key ofdevice 201 and the authorisation code obtained via the QR-Code CONFIRMa may be calculated using a predetermined algorithm. For example, the predetermined algorithm could be a cryptographic hash function such as HMAC-SHA256 with RANDOMa and a concatenation of the public key fordevice 201 and the authorisation code as inputs (e.g. CONFIRMa=HMAC (RANDOMa, Public key for 201 ∥ authorisation code)). - In response, at
step 307,new device 202 sends its confirmation value CONFIRMb todevice 201. CONFIRMb can be determined based on a random number RANDOMb, the public key ofdevice 202 and the authorisation code stored at thedevice 202. CONFIRMb may be calculated using the same predetermined algorithm. As in the example above, the predetermined algorithm could be HMAC-SHA256 with RANDOMb and a concatenation of the public key fordevice 202 and the stored authorisation code as inputs (e.g. CONFIRMb=HMAC (RANDOMb, Public key for 202 ∥ authorisation code)). The eavesdropper can receive the confirmation values. However, the values do not reveal any useful information as they appear to be random numbers to the eavesdropper. TheMITM 203 does not know the authorisation code and therefore whilst it can generate the appropriate messages, it cannot calculate the inputs required to obtain the confirmation values. - At
step 308, the configuringdevice 201 sends the random number RANDOMa tonew device 202. In response, at step 309,new device 202 sends random number RANDOMb todevice 201. Bothdevices configuring device 201 has determined that the messages from thenew device 202 are authentic and sonew device 202 is a trusted device. The eavesdropper can receive these random number messages, however it does not have the authorisation code. TheMITM 203 cannot generate two random numbers that, when sent, would match the confirmation values that were previously sent. Thusdevices MITM device 203. - At
step 310, the configuringdevice 201 sends an encrypted network key tonew device 201. The network key may be encrypted using S and a concatenation of RANDOMa and RANDOMb. The configuringdevice 201 may also send an encrypted allocated ID tonew device 202 which will be its allocated ID for use within the mesh network. The eavesdropper cannot decrypt this message as it does not have knowledge of S. TheMITM 203 is no longer trusted by eitherdevice MITM 203 could not generate the correct random numbers and therefore any messages from MITM 204 message will be ignored. - As well as in
step 310, the secret key S could be used to encrypt the messages sent in any ofsteps 306 to 309. - Using the network key, the
new device 202 is then able to securely join the mesh network and securely send and receive messages, which may be encrypted using the network key. - The messages in
steps 302 to 310 may be sent in accordance with the wireless communications protocol of the mesh network.Devices device - The authorisation code and device ID for a device may be assigned at manufacture and stored in the memory of the device. The authorisation code and ID may be static for the lifetime of the device. The authorisation code and the ID information may also be made available to a purchaser of the device so that the device can securely be added to their network. The authorisation code and ID information can be made available by number of different means such as encoding the information into a QR-Code or a ShortCode and displaying it, for example, on the device or the packaging of the device.
- The QR-Code or ShortCode may contain a URL that can provide a link to the device manufacturer's database which contains the authorisation code for the device. Thus the authorisation code and ID for the device may be received in a message sent over the internet. In a situation where a purchaser buys a large number of grouped devices, e.g. a group of lights, that are to be connected to a mesh network, it may be time consuming to scan the QR-Code for each individual light. Thus, there may be a single QR-Code that is associated with that group which links to a manufacturer's database. The purchaser can scan in the QR-Code, which contains a group identifier and links to the manufacturer's database, e.g. via the internet, to allow a
configuring device 201 to communicate with the database and extract all the authorisation codes and associated IDs for each light in that group. The received authorisation codes and ID can then be used to verify each device as described above. -
FIG. 4 shows an example schematic of aconfiguring device 201. The configuringdevice 201 may comprise atransceiver 401, ascanner 402, anetwork interface 403 and acontroller 404. The configuringdevice 201 may be a smartphone, tablet, laptop, a computer, etc. - The
transceiver 401 may be configured to operate according to a wireless communication protocol such as Bluetooth low energy and is able to wirelessly send and receive messages over the mesh network. - The
scanner 402 may be any suitable device that is capable reading an image such as a OR-Code or barcode or text. For example, thescanner 202 may be a camera that can capture an image of a QR-Code or barcode or text. The image may be analysed by, for example, thecontroller 404 to decode and retrieve the information in the QR-Code or barcode. If the captured image is of text, thecontroller 404 may perform character recognition on the image to extract the information in the text. Thus thescanner 402 is capable of receiving a message coded in the image which may contain an authorisation code and ID of a device. Alternatively, thescanner 402 may be a barcode reader which is capable of scanning and decoding QR-Code and/or barcodes and providing the decoded information to thecontroller 404. - In another example, instead of encoding the authorisation code and ID information on an image, the information could be stored on a short-range NFC device or RFID tag on the
new device 202 or the packaging of the new device. Thescanner 402 may then be a NFC or RFID reader which is capable of reading and extracting the information stored on the NFC device or RFID tag. - As mentioned above, the message coded in the image may be a link to a database containing the authorisation code and ID of a device. The
controller 404 may access the database via thenetwork interface 403. Thenetwork interface 403 may be, for example, a WiFi or mobile data interface which allows connection to the internet. Thecontroller 404 may request, via the internet, one or more authorisation codes and associated IDs based on the information retrieved using thescanner 402. In response to the request, the database may send theconfiguring device 201, via the internet, the one or more of the requested authorisation codes and associated ID and is received via thenetwork interface 403. - The
controller 404 can control thetransceiver 401,scanner 402 andnetwork interface 403 to carry out the verification procedure described above. Thecontroller 404 can be configured to cause theconfiguring device 201 to carry out the verification and messaging procedures described above. Thecontroller 404 may be configured to carry out the processing described above such as calculating the confirmation values and encryption keys, generating random numbers, comparing the values, etc. - The
new device 202 may be used with appliances such as light switches, lights, sensors, lire alarms, sensors, thermostats, etc. Thenew device 202 may comprise a transceiver configured to operate according to a wireless communication protocol such as Bluetooth low energy. Thenew device 202 may also comprise a memory configured to store data such as the authentication code and device ID, network key, allocated ID, etc. Thenew device 202 may also comprise a controller that is configured to cause thenew device 202 to carry out the verification and messaging procedures described above. The controller and/or transceiver can be configured to cause thenew device 202 to not send the authorisation code via transceiver, unless it is encrypted. -
Devices - The devices described above could form a mesh network with other wireless communication devices. The devices could be configured to forward some or all messages they receive. The messages could be sent and received via a broadcast packet type defined in the wireless communication protocol. All the devices in the network could be peers in that they have identical roles at a network level.
-
Devices Devices New device 202 may then wish to join a mesh network (that comprises device 201) that is operating according to the BLE protocol.Device 202 may securely transmit a message comprising its authentication code and ID via IEEE 802.11 todevice 201.Device 201 can trust this message as it is sent over a secure IEEE 802.11 channel and can use the authentication code received via IEEE 802.11 (instead of via the QR-Code, for example) in the authentication procedure described above for adding thenew device 202 to the BLE mesh network. - The devices configured in accordance with the examples described herein could be embodied in hardware, software or any suitable combination of hardware and software. The receiving device of the examples described herein could comprise, for example, software for execution at one or more processors (such as at a CPU and/or GPU), and/or one or more dedicated processors (such as ASICs), and/or one or more programmable processors (such as FPGAs) suitably programmed so as to provide functionalities of the data processing system, and/or heterogeneous processors comprising one or more dedicated, programmable and general purpose processing functionalities. In the examples described herein, the devices comprise one or more processors and one or more memories having program code stored thereon, the data processors and the memories being such as to, in combination, provide the claimed data processing systems and/or perform the claimed methods.
- Data processing units described herein (e.g. controller 404) need not be provided as discrete units and represent functionalities that could (a) be combined in any manner, and (b) themselves comprise one or more data processing entities. Data processing units could be provided by any suitable hardware or software functionalities, or combinations of hardware and software functionalities.
- Any one of more of the methods described herein could be performed by one or more physical processing units executing program code that causes the unit(s) to perform the data processing methods. Each physical processing unit could be any suitable processor, such as a CPU or GPU (or a core thereof), or fixed function or programmable hardware. The program code could be stored in non-transitory form at a machine readable medium such as an integrated circuit memory, or optical or magnetic storage. A machine readable medium might comprise several memories, such as on-chip memories, computer working memories, and non-volatile storage devices.
- The applicant hereby discloses in isolation each individual feature described herein and any combination of two or more such features, to the extent that such features or combinations are capable of being carried out based on the present specification as a whole in the light of the common general knowledge of a person skilled in the art, irrespective of whether such features or combinations of features solve any problems disclosed herein, and without limitation to the scope of the claims. The applicant indicates that aspects of the present invention may consist of any such individual feature or combination of features. In view of the foregoing description it will be evident to a person skilled in the art that various modifications may be made within the scope of the invention.
Claims (20)
1. A method for authenticating a first device capable of operating according to a wireless communications protocol, the method comprising:
at a second device, receiving a database identifier and sending a request message comprising the database identifier to a computer, the database identifier not being received from the first device in accordance with the wireless communications protocol;
at the second device, receiving a response message from the computer comprising an identifier for the first device and an authorisation code associated with the first device;
at the second device, receiving a second message comprising a value, the second message being sent from the first device in accordance with the wireless communications protocol; and
authenticating the first device if the authorisation code received via the response message relates, according to a predetermined algorithm, to the received value.
2. A method as claimed in claim 1 , further comprising: at the second device and in response to authenticating the first device, sending an association message to the first device, the association message comprising an encrypted network key by means of which the first device can access a network comprising the second device.
3. A method as claimed in claim 2 , further comprising, at the second device:
receiving a public key from the first device; and
calculating an encryption key in dependence the received public key and a private key stored at the second device, the network key being encrypted using the encryption key.
4. A method as claimed in claim 3 , said calculation being in accordance with a Diffie-Hellman-Merkle key exchange.
5. A method as claimed in claim 1 , the database identifier being received via an analysis of an image.
6. A method as claimed in claim 5 , the image being a QR-Code, barcode or text representing the database identifier.
7. A method as claimed in claim 5 further comprising, at the second device:
scanning the image, the image representing the database identifier,
sending the request message, via the internet; and
in response to the request, receiving the response message, via the internet.
8. A method as claimed in claim 7 , the response message comprising one or more further identifiers and identification codes associated with respective one or more further devices.
9. A method as claimed in claim 1 , the value being dependent on an authorisation code stored at the first device.
10. A method as claimed in claim 1 , the value being different to the authorisation code.
11. A method as claimed in claim 1 , the value being calculated using the predetermined algorithm having as inputs: the authorisation code stored at the first device, a public key of the first device and a random number generated by the first device.
12. A method as claimed in claim 11 , said authenticating step comprising:
receiving the random number from the first device;
from the value, authorisation code and the public key, calculating a number according to the predetermined algorithm; and
comparing said calculated number with the received random number and, if said numbers match, authenticating the first device.
13. A method as claimed in claim 1 , further comprising: at the first device, broadcasting the identifier for the first device in accordance with the communications protocol.
14. A method as claimed in claim 1 , the second message being received via a third device capable of operating according to the communications protocol.
15. A method as claimed in claim 1 , the second device being capable of communicating in a mesh network.
16. A method as claimed in claim 1 , wherein the wireless communications protocol is Bluetooth Low Energy protocol.
17. A method as claimed in claim 1 , the wireless communications protocol defining a broadcast packet type, said second message being received via a packet of the broadcast packet type.
18. A wireless communications device capable of operating according to a wireless communications protocol, the wireless communications device comprising:
an input configured to receive a database identifier, the database identifier not being received from the first device in accordance with the wireless communications protocol;
an interface configured to send a request message comprising the database identifier to a computer and to receive a response message from the computer comprising an identifier for a first device and an authorisation code associated with the first device;
a transceiver capable of operating according to the wireless communications protocol and configured to receive a second message comprising a value, the second message being sent from the first device in accordance with the wireless communications protocol; and
a controller configured to authenticate the first device if the authorisation code received via the response message relates, according to a predetermined algorithm, to the received value.
19. A wireless communications device as claimed in claim 18 , the input being a camera or barcode reader configured to analyse an image.
20. A wireless communications device capable of operating according to a wireless communications protocol, the wireless communications device comprising:
a transceiver configured to broadcast an identifier for the device in accordance with the communications protocol, wherein the identifier is associated with a database identifier;
a memory configured to store an authorisation code,
the transceiver being further configured to:
send a first message comprising a value, the value being related, according to a predetermined algorithm, to the authorisation code; and
in response to sending the first message, receive a second message comprising an encrypted network key; and
a controller configured to decrypt the encrypted network key by means of which the device can access a network, wherein the device is configured to not send and not display the authorisation code unencrypted.
Applications Claiming Priority (6)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GB1403312.0A GB2515853B (en) | 2014-02-25 | 2014-02-25 | Latency mitigation |
GB1403314.6A GB2512733B (en) | 2014-02-25 | 2014-02-25 | Broadcast retransmission |
GB1403312.0 | 2014-02-25 | ||
GB1403314.6 | 2014-02-25 | ||
GB1405789.7A GB2512502B (en) | 2014-02-25 | 2014-03-31 | Device authentication |
GB1405789.7 | 2014-03-31 |
Publications (1)
Publication Number | Publication Date |
---|---|
US20150245204A1 true US20150245204A1 (en) | 2015-08-27 |
Family
ID=50737759
Family Applications (14)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/270,961 Active 2035-05-12 US10055570B2 (en) | 2014-02-25 | 2014-05-06 | Mesh relay |
US14/270,884 Abandoned US20150244648A1 (en) | 2014-02-25 | 2014-05-06 | Auto-configuration of a mesh relay's tx/rx schedule |
US14/297,324 Active 2034-12-08 US9489506B2 (en) | 2014-02-25 | 2014-06-05 | Linking ad hoc networks |
US14/298,177 Abandoned US20150245203A1 (en) | 2014-02-25 | 2014-06-06 | Packet identification |
US14/316,404 Abandoned US20150245204A1 (en) | 2014-02-25 | 2014-06-26 | Device authentication |
US14/316,529 Abandoned US20150244828A1 (en) | 2014-02-25 | 2014-06-26 | Thwarting traffic analysis |
US14/505,443 Active 2035-06-01 US9754096B2 (en) | 2014-02-25 | 2014-10-02 | Update management |
US14/505,458 Active US9672346B2 (en) | 2014-02-25 | 2014-10-02 | Object tracking by establishing a mesh network and transmitting packets |
US14/505,399 Active 2035-04-03 US9910976B2 (en) | 2014-02-25 | 2014-10-02 | Processing mesh communications |
US14/505,437 Abandoned US20150245369A1 (en) | 2014-02-25 | 2014-10-02 | Communicating data over a mesh network |
US14/505,465 Abandoned US20150244565A1 (en) | 2014-02-25 | 2014-10-02 | Network configuration |
US14/505,418 Abandoned US20150242614A1 (en) | 2014-02-25 | 2014-10-02 | Provisioning of security credentials |
US14/505,466 Abandoned US20150244623A1 (en) | 2014-02-25 | 2014-10-02 | Mesh profiling |
US14/505,454 Expired - Fee Related US9842202B2 (en) | 2014-02-25 | 2014-10-02 | Device proximity |
Family Applications Before (4)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/270,961 Active 2035-05-12 US10055570B2 (en) | 2014-02-25 | 2014-05-06 | Mesh relay |
US14/270,884 Abandoned US20150244648A1 (en) | 2014-02-25 | 2014-05-06 | Auto-configuration of a mesh relay's tx/rx schedule |
US14/297,324 Active 2034-12-08 US9489506B2 (en) | 2014-02-25 | 2014-06-05 | Linking ad hoc networks |
US14/298,177 Abandoned US20150245203A1 (en) | 2014-02-25 | 2014-06-06 | Packet identification |
Family Applications After (9)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/316,529 Abandoned US20150244828A1 (en) | 2014-02-25 | 2014-06-26 | Thwarting traffic analysis |
US14/505,443 Active 2035-06-01 US9754096B2 (en) | 2014-02-25 | 2014-10-02 | Update management |
US14/505,458 Active US9672346B2 (en) | 2014-02-25 | 2014-10-02 | Object tracking by establishing a mesh network and transmitting packets |
US14/505,399 Active 2035-04-03 US9910976B2 (en) | 2014-02-25 | 2014-10-02 | Processing mesh communications |
US14/505,437 Abandoned US20150245369A1 (en) | 2014-02-25 | 2014-10-02 | Communicating data over a mesh network |
US14/505,465 Abandoned US20150244565A1 (en) | 2014-02-25 | 2014-10-02 | Network configuration |
US14/505,418 Abandoned US20150242614A1 (en) | 2014-02-25 | 2014-10-02 | Provisioning of security credentials |
US14/505,466 Abandoned US20150244623A1 (en) | 2014-02-25 | 2014-10-02 | Mesh profiling |
US14/505,454 Expired - Fee Related US9842202B2 (en) | 2014-02-25 | 2014-10-02 | Device proximity |
Country Status (3)
Country | Link |
---|---|
US (14) | US10055570B2 (en) |
DE (13) | DE102014019749B3 (en) |
GB (18) | GB2512749B (en) |
Cited By (17)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20160044032A1 (en) * | 2014-08-10 | 2016-02-11 | Belkin International, Inc. | Setup of multiple iot network devices |
US20160302056A1 (en) * | 2015-04-13 | 2016-10-13 | Gunitech Corp. | Connection Information Sharing System, Computer Program, and Connection Information Sharing Method Thereof |
US9489506B2 (en) | 2014-02-25 | 2016-11-08 | Qualcomm Technologies International, Ltd. | Linking ad hoc networks |
US20170094706A1 (en) * | 2014-04-01 | 2017-03-30 | Belkin International, Inc. | Setup of multiple iot network devices |
US9692538B2 (en) | 2014-02-25 | 2017-06-27 | Qualcomm Technologies International, Ltd. | Latency mitigation |
US9872240B2 (en) | 2014-08-19 | 2018-01-16 | Belkin International Inc. | Network device source entity triggered device configuration setup |
US20180255045A1 (en) * | 2015-02-24 | 2018-09-06 | Nelson A. Cicchitto | Mobile device enabled desktop tethered and tetherless authentication |
US20190159031A1 (en) * | 2016-04-26 | 2019-05-23 | Checkit Limited | Network Access Control |
WO2019222412A1 (en) * | 2018-05-18 | 2019-11-21 | Alibaba Group Holding Limited | Bluetooth mesh network provisioning authentication |
US10574475B2 (en) * | 2018-05-24 | 2020-02-25 | Haier Us Appliance Solutions, Inc. | Household appliance with bluetooth connection and authentication |
US20200127896A1 (en) * | 2017-04-10 | 2020-04-23 | Itron Networked Solutions, Inc. | Efficient internet-of-things device configuration via quick response codes |
US10659442B1 (en) * | 2015-12-21 | 2020-05-19 | Marvell International Ltd. | Security in smart configuration for WLAN based IOT device |
US10848485B2 (en) | 2015-02-24 | 2020-11-24 | Nelson Cicchitto | Method and apparatus for a social network score system communicably connected to an ID-less and password-less authentication system |
US10951470B2 (en) | 2018-05-14 | 2021-03-16 | Alibaba Group Holding Limited | Bluetooth mesh network provisioning |
US10986573B2 (en) | 2018-06-22 | 2021-04-20 | Alibaba Group Holding Limited | Bluetooth mesh network gateway and device data communication |
US11122034B2 (en) | 2015-02-24 | 2021-09-14 | Nelson A. Cicchitto | Method and apparatus for an identity assurance score with ties to an ID-less and password-less authentication system |
US11146540B2 (en) * | 2018-05-09 | 2021-10-12 | Datalogic Ip Tech S.R.L. | Systems and methods for public key exchange employing a peer-to-peer protocol |
Families Citing this family (112)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103974225B (en) * | 2013-02-01 | 2018-03-13 | 财团法人工业技术研究院 | Communication device, device-to-device communication system and wireless communication method thereof |
US10078811B2 (en) | 2013-11-29 | 2018-09-18 | Fedex Corporate Services, Inc. | Determining node location based on context data in a wireless node network |
US10453023B2 (en) | 2014-05-28 | 2019-10-22 | Fedex Corporate Services, Inc. | Methods and node apparatus for adaptive node communication within a wireless node network |
US9386605B2 (en) * | 2014-07-11 | 2016-07-05 | Motorola Solutions, Inc. | Mobile dynamic mesh cluster bridging method and apparatus at incident scenes |
FR3026587A1 (en) * | 2014-09-30 | 2016-04-01 | Orange | METHOD OF ACCESS BY A MASTER DEVICE TO A VALUE TAKEN BY A CHARACTERISTIC MANAGED BY A PERIPHERAL DEVICE |
FR3031822B1 (en) * | 2015-01-16 | 2018-04-13 | Airbus Operations | DOWNLOADING DATA ON REMOTE EQUIPMENT |
US10681479B2 (en) | 2015-01-30 | 2020-06-09 | Cassia Networks Inc. | Methods, devices and systems for bluetooth audio transmission |
US9769594B2 (en) * | 2015-01-30 | 2017-09-19 | Cassia Networks Inc. | Methods, devices and systems for increasing wireless communication range |
US11238397B2 (en) | 2015-02-09 | 2022-02-01 | Fedex Corporate Services, Inc. | Methods, apparatus, and systems for generating a corrective pickup notification for a shipped item using a mobile master node |
US9426616B1 (en) * | 2015-02-10 | 2016-08-23 | Tyco Fire & Security Gmbh | Wireless sensor network controlled low energy link |
FR3033118B1 (en) * | 2015-02-19 | 2017-02-17 | Sigfox | METHOD AND SYSTEM FOR WIRELESS COMMUNICATION BETWEEN TERMINALS AND SEMI-DUPLEX BASE STATIONS |
EP3262893B1 (en) | 2015-02-26 | 2019-07-03 | Telefonaktiebolaget LM Ericsson (publ) | Energy efficient ble mesh initialisation and operation |
JP6566669B2 (en) * | 2015-03-12 | 2019-08-28 | キヤノン株式会社 | Information processing apparatus, control method thereof, communication method, and program |
CN106304303B (en) * | 2015-06-09 | 2019-11-12 | 沈阳中科奥维科技股份有限公司 | A kind of power regulating method suitable for WIA-PA wireless network |
US10375492B2 (en) | 2015-06-30 | 2019-08-06 | Sonova, AG | Method of fitting a hearing assistance device |
WO2017007409A1 (en) * | 2015-07-06 | 2017-01-12 | Telefonaktiebolaget Lm Ericsson (Publ) | Apparatus and method for forwarding messages |
US9985839B2 (en) | 2015-07-08 | 2018-05-29 | Fedex Corporate Services, Inc. | Systems, apparatus, and methods of event monitoring for an event candidate within a wireless node network based upon sighting events, sporadic events, and benchmark checkpoint events |
US9843929B2 (en) | 2015-08-21 | 2017-12-12 | Afero, Inc. | Apparatus and method for sharing WiFi security data in an internet of things (IoT) system |
US9503969B1 (en) | 2015-08-25 | 2016-11-22 | Afero, Inc. | Apparatus and method for a dynamic scan interval for a wireless device |
CN108353277B (en) * | 2015-09-30 | 2021-09-28 | 谷歌有限责任公司 | Low energy radio and system including low energy radio |
US10990616B2 (en) * | 2015-11-17 | 2021-04-27 | Nec Corporation | Fast pattern discovery for log analytics |
US10673646B1 (en) * | 2018-12-09 | 2020-06-02 | Olibra Llc | System, device, and method of multi-path wireless communication |
US10432461B2 (en) * | 2015-12-04 | 2019-10-01 | T-Mobile Usa, Inc. | Peer-to-peer distribution of radio protocol data for software defined radio (SDR) updates |
KR102381371B1 (en) | 2015-12-10 | 2022-03-31 | 삼성전자주식회사 | System and method for providing information by using near field communication |
US10805344B2 (en) * | 2015-12-14 | 2020-10-13 | Afero, Inc. | Apparatus and method for obscuring wireless communication patterns |
US10447784B2 (en) | 2015-12-14 | 2019-10-15 | Afero, Inc. | Apparatus and method for modifying packet interval timing to identify a data transfer condition |
US10091242B2 (en) | 2015-12-14 | 2018-10-02 | Afero, Inc. | System and method for establishing a secondary communication channel to control an internet of things (IOT) device |
US9992065B2 (en) * | 2015-12-15 | 2018-06-05 | T-Mobile Usa, Inc. | Selective wi-fi calling router updates |
US20170187602A1 (en) * | 2015-12-29 | 2017-06-29 | Vivek Pathela | System and method of troubleshooting network source inefficiency |
US10708842B2 (en) * | 2016-01-13 | 2020-07-07 | Locus Control LLC | Low power communications system |
US10148453B2 (en) * | 2016-02-24 | 2018-12-04 | Qualcomm Incorporated | Using update slot to synchronize to Bluetooth LE isochronous channel and communicate state changes |
CN108780538A (en) | 2016-03-23 | 2018-11-09 | 联邦快递服务公司 | The system, apparatus and method of broadcast setting for the node in self-adjusting wireless node network |
US10951261B2 (en) | 2016-04-29 | 2021-03-16 | Texas Instruments Incorporated | Pseudo channel hopping in mesh networks without time synchronization |
US10205606B2 (en) | 2016-06-15 | 2019-02-12 | Abl Ip Holding Llc | Mesh over-the-air (OTA) luminaire firmware update |
US10873854B2 (en) * | 2016-07-28 | 2020-12-22 | Lg Electronics Inc. | Method and apparatus for establishing connection of devices |
US10798548B2 (en) * | 2016-08-22 | 2020-10-06 | Lg Electronics Inc. | Method for controlling device by using Bluetooth technology, and apparatus |
EP3312762B1 (en) * | 2016-10-18 | 2023-03-01 | Axis AB | Method and system for tracking an object in a defined area |
US9781603B1 (en) * | 2016-10-20 | 2017-10-03 | Fortress Cyber Security, LLC | Combined network and physical security appliance |
US10348514B2 (en) * | 2016-10-26 | 2019-07-09 | Abl Ip Holding Llc | Mesh over-the-air (OTA) driver update using site profile based multiple platform image |
US11210678B2 (en) | 2016-11-18 | 2021-12-28 | Samsung Electronics Co., Ltd. | Component for provisioning security data and product including the same |
US10728026B2 (en) * | 2016-11-24 | 2020-07-28 | Samsung Electronics Co., Ltd. | Data management method |
DE102016124168A1 (en) * | 2016-12-13 | 2018-06-14 | Endress+Hauser Conducta Gmbh+Co. Kg | Method for operating a specific field device via a mobile operating device |
WO2018118822A1 (en) * | 2016-12-20 | 2018-06-28 | Abbott Diabetes Care Inc. | Systems, devices and methods for wireless communications in analyte monitoring devices |
CN106792853B (en) * | 2016-12-22 | 2020-05-12 | 青岛亿联客信息技术有限公司 | New equipment adding method for Bluetooth mesh network |
CN106713047A (en) * | 2017-01-12 | 2017-05-24 | 泰凌微电子(上海)有限公司 | Node upgrading method and system in mesh network |
US10433134B2 (en) | 2017-01-24 | 2019-10-01 | Arris Enterprises Llc | Video gateway as an internet of things mesh enhancer apparatus and method |
CN110168454B (en) * | 2017-02-21 | 2022-05-06 | 欧姆龙株式会社 | Method for controlling a field device, control device, technical system and storage medium |
US10362612B2 (en) | 2017-03-06 | 2019-07-23 | Citrix Systems, Inc. | Virtual private networking based on peer-to-peer communication |
CN110352586B (en) * | 2017-03-08 | 2021-12-07 | 日立能源瑞士股份公司 | Method and apparatus for preserving relative timing and ordering of data packets in a network |
DE102017106381A1 (en) | 2017-03-24 | 2018-09-27 | Newtec Gmbh | Method and apparatus for wirelessly transmitting a data signal |
US10116523B1 (en) * | 2017-04-12 | 2018-10-30 | Fisher-Rosemount Systems, Inc. | Predictive connectivity diagnostics for a wireless mesh network in a process control system |
US11229023B2 (en) * | 2017-04-21 | 2022-01-18 | Netgear, Inc. | Secure communication in network access points |
US10605609B2 (en) * | 2017-05-03 | 2020-03-31 | Microsoft Technology Licensing, Llc | Coupled interactive devices |
DE102017207871A1 (en) * | 2017-05-10 | 2018-11-15 | Tridonic Gmbh & Co Kg | Firmware Update-Over-The Air (FOTA) in building technology |
CA3063105A1 (en) | 2017-05-23 | 2018-11-29 | Walmart Apollo, Llc | Automated inspection system |
US10389854B2 (en) * | 2017-06-15 | 2019-08-20 | Infinet, LLC | Method and system for forming an ad-hoc network over heterogeneous protocols |
US9955307B1 (en) * | 2017-08-03 | 2018-04-24 | Here Global B.V. | Distributed relative positioning |
US20210132932A1 (en) * | 2017-08-15 | 2021-05-06 | General Electric Company | Smart equipment, method used by smart equipment, and smart lamp |
US10666624B2 (en) * | 2017-08-23 | 2020-05-26 | Qualcomm Incorporated | Systems and methods for optimized network layer message processing |
CN107635215A (en) * | 2017-08-25 | 2018-01-26 | 西安电子科技大学 | Mesh network-building methods based on low-power consumption bluetooth |
US10951653B2 (en) | 2017-09-22 | 2021-03-16 | Samsung Electronics Co., Ltd. | Apparatus including secure component and method of provisioning security information into the apparatus |
CN107508714B (en) * | 2017-09-26 | 2020-09-15 | 深圳市微智电子有限公司 | Method and device for carrying out network configuration on Bluetooth equipment based on Bluetooth mesh |
US11057204B2 (en) * | 2017-10-04 | 2021-07-06 | Amir Keyvan Khandani | Methods for encrypted data communications |
CN109756324A (en) * | 2017-11-02 | 2019-05-14 | 大唐移动通信设备有限公司 | Cryptographic key negotiation method, terminal and gateway in a kind of Mesh network |
US11490400B2 (en) * | 2017-11-15 | 2022-11-01 | Telefonaktiebolaget Lm Ericsson (Publ) | End node, relay node, and methods performed therein for handling transmission of information |
CN108064034A (en) * | 2017-11-17 | 2018-05-22 | 芯海科技(深圳)股份有限公司 | A kind of data collection network method of mesh networkings |
EP3489922B1 (en) | 2017-11-24 | 2022-01-05 | Andreas Stihl AG & Co. KG | Method of operating a wireless transmitter and a wireless receiver and system |
EP3718352B1 (en) * | 2017-11-28 | 2021-07-07 | Telefonaktiebolaget LM Ericsson (publ) | Message transmission with reduced interference |
WO2019117763A1 (en) * | 2017-12-11 | 2019-06-20 | Telefonaktiebolaget Lm Ericsson (Publ) | Channel scanning in a mesh network |
US10554562B2 (en) * | 2017-12-22 | 2020-02-04 | International Business Machines Corporation | Streaming network |
RU2666306C1 (en) * | 2017-12-27 | 2018-09-06 | федеральное государственное автономное образовательное учреждение высшего образования "Санкт-Петербургский политехнический университет Петра Великого" (ФГАОУ ВО "СПбПУ") | Method of controlling communication of single-range intercomputer data network |
US10607012B2 (en) | 2017-12-29 | 2020-03-31 | Delphian Systems, LLC | Bridge computing device control in local networks of interconnected devices |
US10706179B2 (en) * | 2018-01-10 | 2020-07-07 | General Electric Company | Secure provisioning of secrets into MPSoC devices using untrusted third-party systems |
KR102530441B1 (en) | 2018-01-29 | 2023-05-09 | 삼성전자주식회사 | Electronic device, external electronic device, system comprising the same and control method thereof |
US10944669B1 (en) | 2018-02-09 | 2021-03-09 | GoTenna, Inc. | System and method for efficient network-wide broadcast in a multi-hop wireless network using packet echos |
US11516682B2 (en) * | 2018-03-16 | 2022-11-29 | Telefonaktiebolaget Lm Ericsson (Publ) | Methods and nodes for obtaining information regarding a bluetooth mesh network |
US11448632B2 (en) | 2018-03-19 | 2022-09-20 | Walmart Apollo, Llc | System and method for the determination of produce shelf life |
US11658865B2 (en) * | 2018-03-20 | 2023-05-23 | Delphian Systems, LLC | Updating devices in a local network of interconnected devices |
US10869227B2 (en) * | 2018-03-23 | 2020-12-15 | Telefonaktiebolaget Lm Ericsson (Publ) | Message cache management in a mesh network |
US10613505B2 (en) | 2018-03-29 | 2020-04-07 | Saudi Arabian Oil Company | Intelligent distributed industrial facility safety system |
US10303147B1 (en) | 2018-03-29 | 2019-05-28 | Saudi Arabian Oil Company | Distributed industrial facility safety system modular remote sensing devices |
US10311705B1 (en) * | 2018-03-29 | 2019-06-04 | Saudi Arabian Oil Company | Distributed industrial facility safety system |
US11018871B2 (en) * | 2018-03-30 | 2021-05-25 | Intel Corporation | Key protection for computing platform |
KR102114992B1 (en) * | 2018-04-25 | 2020-05-25 | (주)휴맥스 | Wireless communication equipment and method for configuring mesh network thereof |
US11308950B2 (en) | 2018-05-09 | 2022-04-19 | 4PLAN Corporation | Personal location system for virtual assistant |
WO2019237263A1 (en) * | 2018-06-13 | 2019-12-19 | 卧槽科技(深圳)有限公司 | Low-energy bluetooth network maintenance method, electronic device, bluetooth network, and medium |
US10650023B2 (en) * | 2018-07-24 | 2020-05-12 | Booz Allen Hamilton, Inc. | Process for establishing trust between multiple autonomous systems for the purposes of command and control |
WO2020023762A1 (en) | 2018-07-26 | 2020-01-30 | Walmart Apollo, Llc | System and method for produce detection and classification |
WO2020023909A1 (en) | 2018-07-27 | 2020-01-30 | GoTenna, Inc. | Vine™: zero-control routing using data packet inspection for wireless mesh networks |
US11140659B2 (en) * | 2018-08-21 | 2021-10-05 | Signify Holding B.V. | Wireless organization of electrical devices by sensor manipulation |
US11368436B2 (en) * | 2018-08-28 | 2022-06-21 | Bae Systems Information And Electronic Systems Integration Inc. | Communication protocol |
US11715059B2 (en) * | 2018-10-12 | 2023-08-01 | Walmart Apollo, Llc | Systems and methods for condition compliance |
FI128520B (en) * | 2018-11-14 | 2020-07-15 | Xiphera Oy | Method for providing a secret unique key for a volatile FPGA |
WO2020106332A1 (en) | 2018-11-20 | 2020-05-28 | Walmart Apollo, Llc | Systems and methods for assessing products |
WO2020123958A1 (en) * | 2018-12-14 | 2020-06-18 | Denso International America, Inc. | System and method of determining real-time location |
CN109673014B (en) * | 2019-01-25 | 2022-07-15 | 欧普照明股份有限公司 | Network combination method |
CN111669732B (en) * | 2019-03-06 | 2021-09-07 | 乐鑫信息科技(上海)股份有限公司 | Method for filtering redundant data packets at nodes in bluetooth Mesh network |
CN109862548B (en) | 2019-03-06 | 2021-01-26 | 乐鑫信息科技(上海)股份有限公司 | Method for processing data packets at a node in a bluetooth Mesh network |
US11777715B2 (en) | 2019-05-15 | 2023-10-03 | Amir Keyvan Khandani | Method and apparatus for generating shared secrets |
CN111988268A (en) * | 2019-05-24 | 2020-11-24 | 魏文科 | Method for establishing and verifying input value by using asymmetric encryption algorithm and application thereof |
US11265410B2 (en) * | 2020-01-06 | 2022-03-01 | Vorbeck Materials Corp. | Self-organizing communications network nodes and systems |
US11166339B2 (en) * | 2019-07-05 | 2021-11-02 | Samsung Electronics Co., Ltd. | System and method for dynamic group data protection |
CN110779500B (en) * | 2019-11-14 | 2021-11-30 | 中国人民解放军国防科技大学 | Mesoscale vortex detection method for incremental deployment sensor |
KR102324374B1 (en) | 2019-11-18 | 2021-11-11 | 한국전자통신연구원 | Method and apparatus for configuring cluster in wireless communication system |
US11432167B2 (en) | 2020-01-22 | 2022-08-30 | Abl Ip Holding Llc | Selective updating of nodes of a nodal wireless network |
US20210273920A1 (en) * | 2020-02-28 | 2021-09-02 | Vmware, Inc. | Secure certificate or key distribution for synchronous mobile device management (mdm) clients |
US11166253B2 (en) * | 2020-03-27 | 2021-11-02 | Dell Products L.P. | Data center automatic inventory and location data population and recovery using mesh network |
EP3968600A1 (en) * | 2020-09-11 | 2022-03-16 | Volkswagen Ag | Controlling a communication between a vehicle and a backend device |
WO2022148695A1 (en) * | 2021-01-06 | 2022-07-14 | Signify Holding B.V. | A method of, a node device and a system for relaying a message in a network comprising at least two mesh networks |
US20230266960A1 (en) * | 2022-02-24 | 2023-08-24 | Whirlpool Corporation | Systems and methods of offline over the air (ota) programming of appliances |
CN115051921B (en) * | 2022-05-27 | 2023-11-07 | 北京交通大学 | Self-adaptive heterogeneous network attribute information collection method |
US11870879B1 (en) * | 2023-01-04 | 2024-01-09 | Getac Technology Corporation | Device communication during emergent conditions |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030181203A1 (en) * | 2002-03-19 | 2003-09-25 | Cheshire Stuart D. | Method and apparatus for configuring a wireless device through reverse advertising |
US20100241857A1 (en) * | 2007-11-16 | 2010-09-23 | Okude Kazuhiro | Authentication method, authentication system, in-vehicle device, and authentication apparatus |
US20100262828A1 (en) * | 2009-04-08 | 2010-10-14 | Research In Motion Limited | Systems, devices, and methods for securely transmitting a security parameter to a computing device |
US20110081860A1 (en) * | 2009-10-02 | 2011-04-07 | Research In Motion Limited | Methods and devices for facilitating bluetooth pairing using a camera as a barcode scanner |
Family Cites Families (184)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6079034A (en) * | 1997-12-05 | 2000-06-20 | Hewlett-Packard Company | Hub-embedded system for automated network fault detection and isolation |
US7010604B1 (en) * | 1998-10-30 | 2006-03-07 | Science Applications International Corporation | Agile network protocol for secure communications with assured system availability |
US6986046B1 (en) | 2000-05-12 | 2006-01-10 | Groove Networks, Incorporated | Method and apparatus for managing secure collaborative transactions |
US6836466B1 (en) * | 2000-05-26 | 2004-12-28 | Telcordia Technologies, Inc. | Method and system for measuring IP performance metrics |
US6745027B2 (en) | 2000-12-22 | 2004-06-01 | Seekernet Incorporated | Class switched networks for tracking articles |
US20030014507A1 (en) | 2001-03-13 | 2003-01-16 | International Business Machines Corporation | Method and system for providing performance analysis for clusters |
WO2002078272A1 (en) * | 2001-03-23 | 2002-10-03 | Kent Ridge Digital Labs | A method and system for providing bridged mobile ad-hoc networks |
US20030037237A1 (en) | 2001-04-09 | 2003-02-20 | Jean-Paul Abgrall | Systems and methods for computer device authentication |
DE10145596A1 (en) * | 2001-09-15 | 2003-04-03 | Philips Corp Intellectual Pty | Network with several sub-networks |
WO2003034669A1 (en) | 2001-10-17 | 2003-04-24 | British Telecommunications Public Limited Company | Network location management system |
KR100408525B1 (en) * | 2001-10-31 | 2003-12-06 | 삼성전자주식회사 | System and method of network adaptive real- time multimedia streaming |
US7391731B1 (en) | 2002-03-07 | 2008-06-24 | Ibasis, Inc. | Method for determining best path |
US6917974B1 (en) * | 2002-01-03 | 2005-07-12 | The United States Of America As Represented By The Secretary Of The Air Force | Method and apparatus for preventing network traffic analysis |
US7760645B2 (en) | 2002-02-25 | 2010-07-20 | Olsonet Communications | Method for routing ad-hoc signals |
US20030212821A1 (en) | 2002-05-13 | 2003-11-13 | Kiyon, Inc. | System and method for routing packets in a wired or wireless network |
US7251235B2 (en) | 2002-06-12 | 2007-07-31 | Conexant, Inc. | Event-based multichannel direct link |
US20040001483A1 (en) | 2002-06-27 | 2004-01-01 | Schmidt Kurt E. | Distribution and reconstruction of AD-HOC timing signals |
US7474874B2 (en) | 2002-06-28 | 2009-01-06 | Nokia Corporation | Local browsing |
US6898751B2 (en) * | 2002-07-31 | 2005-05-24 | Transdimension, Inc. | Method and system for optimizing polling in systems using negative acknowledgement protocols |
AU2003262908A1 (en) | 2002-08-28 | 2004-03-19 | Docomo Communications Laboratories Usa, Inc. | Certificate-based encryption and public key infrastructure |
GB0313473D0 (en) | 2003-06-11 | 2003-07-16 | Koninkl Philips Electronics Nv | Configuring a radio network for selective broadcast |
KR100547133B1 (en) | 2003-07-11 | 2006-01-26 | 삼성전자주식회사 | Apparatus and method for constructing ad-hoc network of heterogeneous terminals |
KR100640327B1 (en) * | 2003-11-24 | 2006-10-30 | 삼성전자주식회사 | The Frame Structure and Data Transmission Method for Bridge Operation of WPAN |
US20050175184A1 (en) * | 2004-02-11 | 2005-08-11 | Phonex Broadband Corporation | Method and apparatus for a per-packet encryption system |
US7436790B2 (en) | 2004-03-25 | 2008-10-14 | Research In Motion Limited | Wireless access point methods and apparatus for reduced power consumption and cost |
US20080069030A1 (en) | 2004-05-31 | 2008-03-20 | Matsushita Electric Industrial Co., Ltd. | Mobile Terminal Managing Device, Mobile Terminal, and Communication System |
US20060025180A1 (en) | 2004-07-30 | 2006-02-02 | Qualcomm Incorporated | Method for waking a wireless device |
KR20090016007A (en) | 2004-08-10 | 2009-02-12 | 메시네트웍스, 인코포레이티드 | Software architecture and hardware abstraction layer for multi-radio routing and method for providing the same |
DE102004040069B3 (en) | 2004-08-18 | 2006-03-23 | Siemens Ag | Establishment of a wireless communication network with determination of local topology information from the identifiers of the communication devices |
US7747774B2 (en) * | 2004-08-23 | 2010-06-29 | At&T Intellectual Property I, L.P. | Methods, systems and computer program products for obscuring traffic in a distributed system |
US7702927B2 (en) | 2004-11-12 | 2010-04-20 | Verayo, Inc. | Securely field configurable device |
KR100594127B1 (en) * | 2004-11-16 | 2006-06-28 | 삼성전자주식회사 | Bonding process method and device in a Bluetooth device |
US7496059B2 (en) * | 2004-12-09 | 2009-02-24 | Itt Manufacturing Enterprises, Inc. | Energy-efficient medium access control protocol and system for sensor networks |
US7533258B2 (en) | 2005-01-07 | 2009-05-12 | Cisco Technology, Inc. | Using a network-service credential for access control |
JP4550636B2 (en) * | 2005-03-18 | 2010-09-22 | 富士通株式会社 | Electronic device, its registration method and registration program |
US7522540B1 (en) | 2005-04-15 | 2009-04-21 | Nvidia Corporation | Extended service set mesh topology discovery |
US8027289B2 (en) * | 2005-04-27 | 2011-09-27 | Raytheon Bbn Technologies Corp. | Ultra-low latency packet transport in ad hoc networks |
US7894372B2 (en) | 2005-05-31 | 2011-02-22 | Iac Search & Media, Inc. | Topology-centric resource management for large scale service clusters |
US7606178B2 (en) | 2005-05-31 | 2009-10-20 | Cisco Technology, Inc. | Multiple wireless spanning tree protocol for use in a wireless mesh network |
US7653011B2 (en) | 2005-05-31 | 2010-01-26 | Cisco Technology, Inc. | Spanning tree protocol for wireless networks |
KR20080025095A (en) | 2005-06-01 | 2008-03-19 | 밀레니얼 넷, 인크. | Communicating over a wireless network |
US9654200B2 (en) | 2005-07-18 | 2017-05-16 | Mutualink, Inc. | System and method for dynamic wireless aerial mesh network |
GB2467656B (en) * | 2005-07-21 | 2010-09-15 | Firetide Inc | Method for enabling the efficient operation of arbitrarily in erconnected mesh networks |
US7787361B2 (en) | 2005-07-29 | 2010-08-31 | Cisco Technology, Inc. | Hybrid distance vector protocol for wireless mesh networks |
US8948805B2 (en) * | 2005-08-26 | 2015-02-03 | Qualcomm Incorporated | Method and apparatus for reliable transmit power and timing control in wireless communication |
US7778270B1 (en) | 2005-08-31 | 2010-08-17 | Hrl Laboratories, Llc | Code-switching in wireless multi-hop networks |
US7546139B2 (en) | 2005-12-27 | 2009-06-09 | F4W, Inc. | System and method for establishing and maintaining communications across disparate networks |
US20100005294A1 (en) * | 2005-10-18 | 2010-01-07 | Kari Kostiainen | Security in Wireless Environments Using Out-Of-Band Channel Communication |
JP4641245B2 (en) | 2005-10-26 | 2011-03-02 | 三菱電機株式会社 | Ad hoc network system, wireless ad hoc terminal and failure detection method thereof |
US7978666B2 (en) | 2005-10-31 | 2011-07-12 | Robert Bosch Gmbh | Node control in wireless sensor networks |
US7539488B2 (en) | 2005-11-09 | 2009-05-26 | Texas Instruments Norway As | Over-the-air download (OAD) methods and apparatus for use in facilitating application programming in wireless network devices of ad hoc wireless communication networks |
US20070110024A1 (en) | 2005-11-14 | 2007-05-17 | Cisco Technology, Inc. | System and method for spanning tree cross routes |
US7593376B2 (en) | 2005-12-07 | 2009-09-22 | Motorola, Inc. | Method and apparatus for broadcast in an ad hoc network using elected broadcast relay nodes |
US20130219482A1 (en) | 2006-01-31 | 2013-08-22 | Sigma Designs, Inc. | Method for uniquely addressing a group of network units in a sub-network |
US7848261B2 (en) * | 2006-02-17 | 2010-12-07 | Isilon Systems, Inc. | Systems and methods for providing a quiescing protocol |
US8023478B2 (en) | 2006-03-06 | 2011-09-20 | Cisco Technology, Inc. | System and method for securing mesh access points in a wireless mesh network, including rapid roaming |
US7647078B2 (en) * | 2006-03-07 | 2010-01-12 | Samsung Electronics Co., Ltd. | Power-saving method for wireless sensor network |
US8340106B2 (en) * | 2006-03-13 | 2012-12-25 | Microsoft Corporation | Connecting multi-hop mesh networks using MAC bridge |
US8519566B2 (en) | 2006-03-28 | 2013-08-27 | Wireless Environment, Llc | Remote switch sensing in lighting devices |
US7786885B2 (en) | 2006-04-25 | 2010-08-31 | Hrl Laboratories, Llc | Event localization within a distributed sensor array |
US8681671B1 (en) * | 2006-04-25 | 2014-03-25 | Cisco Technology, Inc. | System and method for reducing power used for radio transmission and reception |
US8406794B2 (en) | 2006-04-26 | 2013-03-26 | Qualcomm Incorporated | Methods and apparatuses of initiating communication in wireless networks |
CN101083597A (en) | 2006-05-31 | 2007-12-05 | 朗迅科技公司 | SIP based instant message of mobile self-organizing network |
DE102006036109B4 (en) | 2006-06-01 | 2008-06-19 | Nokia Siemens Networks Gmbh & Co.Kg | Method and system for providing a mesh key |
WO2008004102A2 (en) * | 2006-07-06 | 2008-01-10 | Nortel Networks Limited | Wireless access point security for multi-hop networks |
FR2903830B1 (en) | 2006-07-11 | 2008-08-22 | Alcatel Sa | METHOD AND DEVICE FOR MONITORING OPTICAL CONNECTION PATHS FOR A TRANSPARENT OPTICAL NETWORK |
US8411651B2 (en) | 2006-07-27 | 2013-04-02 | Interdigital Technology Corporation | Media independent multi-rat function in a converged device |
EP1892913A1 (en) | 2006-08-24 | 2008-02-27 | Siemens Aktiengesellschaft | Method and arrangement for providing a wireless mesh network |
US8634342B2 (en) | 2006-10-05 | 2014-01-21 | Cisco Technology, Inc. | Upgrading mesh access points in a wireless mesh network |
US8270302B2 (en) | 2006-10-20 | 2012-09-18 | Stmicroelectronics, Inc. | System and method for providing an adaptive value of TTL (time to live) for broadcast/multicast messages in a mesh network using a hybrid wireless mesh protocol |
US8149748B2 (en) | 2006-11-14 | 2012-04-03 | Raytheon Company | Wireless data networking |
KR100879026B1 (en) | 2006-12-05 | 2009-01-15 | 한국전자통신연구원 | Method for grouping among sensor nodes in heterogeneous wireless sensor networks |
US8838481B2 (en) * | 2011-07-26 | 2014-09-16 | Golba Llc | Method and system for location based hands-free payment |
US8270340B2 (en) | 2006-12-19 | 2012-09-18 | Telefonaktiebolaget Lm Ericsson (Publ) | Handling of idle gap commands in a telecommunication system |
US9760146B2 (en) | 2007-01-08 | 2017-09-12 | Imagination Technologies Limited | Conditional activation and deactivation of a microprocessor |
US7787427B1 (en) | 2007-01-09 | 2010-08-31 | Dust Networks, Inc. | Providing low average latency communication in wireless mesh networks |
US20080205385A1 (en) | 2007-02-26 | 2008-08-28 | Motorola, Inc. | Data frame formats to improve groupcast efficiency in multi-hop wireless networks |
US8325627B2 (en) | 2007-04-13 | 2012-12-04 | Hart Communication Foundation | Adaptive scheduling in a wireless network |
US8406248B2 (en) | 2007-04-13 | 2013-03-26 | Hart Communication Foundation | Priority-based scheduling and routing in a wireless network |
US8451752B2 (en) | 2007-05-21 | 2013-05-28 | Arrowspan, Inc. | Seamless handoff scheme for multi-radio wireless mesh network |
US20080292105A1 (en) | 2007-05-22 | 2008-11-27 | Chieh-Yih Wan | Lightweight key distribution and management method for sensor networks |
EA201070199A1 (en) * | 2007-08-01 | 2010-06-30 | Филип Моррис Продактс С.А. | BIODRAINED CIGARETT FILTER |
US8189506B2 (en) * | 2007-09-12 | 2012-05-29 | Nokia Corporation | Deep sleep mode for mesh points |
KR101405688B1 (en) | 2007-09-14 | 2014-06-12 | 엘지이노텍 주식회사 | Zigbee system |
US20090089408A1 (en) | 2007-09-28 | 2009-04-02 | Alcatel Lucent | XML Router and method of XML Router Network Overlay Topology Creation |
US7941663B2 (en) | 2007-10-23 | 2011-05-10 | Futurewei Technologies, Inc. | Authentication of 6LoWPAN nodes using EAP-GPSK |
US9166934B2 (en) | 2007-11-25 | 2015-10-20 | Trilliant Networks, Inc. | System and method for operating mesh devices in multi-tree overlapping mesh networks |
US8289883B2 (en) | 2007-12-21 | 2012-10-16 | Samsung Electronics Co., Ltd. | Hybrid multicast routing protocol for wireless mesh networks |
US7929446B2 (en) | 2008-01-04 | 2011-04-19 | Radiient Technologies, Inc. | Mesh networking for wireless communications |
KR20090090461A (en) * | 2008-02-21 | 2009-08-26 | 삼성전자주식회사 | Method for prolonging lifetime of sensor nodes in a wireless sensor network and system therefor |
JP4613969B2 (en) | 2008-03-03 | 2011-01-19 | ソニー株式会社 | Communication apparatus and communication method |
US8116247B2 (en) * | 2008-03-11 | 2012-02-14 | Nokia Siemens Networks Oy | Adaptive mechanism for dynamic reconfiguration of mesh networks |
US8923285B2 (en) | 2008-04-30 | 2014-12-30 | Qualcomm Incorporated | Apparatus and methods for transmitting data over a wireless mesh network |
EP2308259B1 (en) | 2008-07-29 | 2017-12-06 | Orange | Routing adaptable to electromagnetic conditions in a multihop network |
US8179845B2 (en) | 2008-08-21 | 2012-05-15 | Motorola Solutions, Inc. | Antenna-aware method for transmitting packets in a wireless communication network |
WO2010027495A1 (en) | 2008-09-04 | 2010-03-11 | Trilliant Networks, Inc. | A system and method for implementing mesh network communications using a mesh network protocol |
CA2733268A1 (en) | 2008-09-25 | 2010-04-01 | Fisher-Rosemount Systems, Inc. | Wireless mesh network with pinch point and low battery alerts |
GB2464125A (en) | 2008-10-04 | 2010-04-07 | Ibm | Topology discovery comprising partitioning network nodes into groups and using multiple discovery agents operating concurrently in each group. |
US8782746B2 (en) | 2008-10-17 | 2014-07-15 | Comcast Cable Communications, Llc | System and method for supporting multiple identities for a secure identity device |
WO2010057312A1 (en) * | 2008-11-24 | 2010-05-27 | Certicom Corp. | System and method for hardware based security |
US8294573B2 (en) | 2008-12-11 | 2012-10-23 | International Business Machines Corporation | System and method for optimizing power consumption of container tracking devices through mesh networks |
US8498229B2 (en) | 2008-12-30 | 2013-07-30 | Intel Corporation | Reduced power state network processing |
US8904177B2 (en) * | 2009-01-27 | 2014-12-02 | Sony Corporation | Authentication for a multi-tier wireless home mesh network |
US8254251B2 (en) | 2009-02-03 | 2012-08-28 | Mobix Wireless Solutions Ltd. | Mesh hybrid communication network |
US8964634B2 (en) | 2009-02-06 | 2015-02-24 | Sony Corporation | Wireless home mesh network bridging adaptor |
US9172612B2 (en) | 2009-02-12 | 2015-10-27 | Hewlett-Packard Development Company, L.P. | Network device configuration management by physical location |
EP2528279A3 (en) | 2009-02-13 | 2013-03-27 | Nokia Siemens Networks Oy | Method, system and nodes for network topology detection in communication networks |
US8194576B2 (en) | 2009-03-27 | 2012-06-05 | Research In Motion Limited | Wireless access point methods and apparatus using dynamically-activated service intervals |
US9069727B2 (en) * | 2011-08-12 | 2015-06-30 | Talari Networks Incorporated | Adaptive private network with geographically redundant network control nodes |
WO2011010181A1 (en) * | 2009-07-23 | 2011-01-27 | Nokia Corporation | Method and apparatus for reduced power consumption when operating as a bluetooth low energy device |
KR20110020005A (en) * | 2009-08-21 | 2011-03-02 | 주식회사 팬택 | Method for tranmitting and receiving data in wireless communication system |
JP5338567B2 (en) * | 2009-08-25 | 2013-11-13 | 沖電気工業株式会社 | Wireless terminal and wireless system |
EP2306692B1 (en) * | 2009-10-02 | 2014-05-21 | BlackBerry Limited | Methods and devices for facilitating bluetooth pairing using a camera as a barcode scanner |
US20150058409A1 (en) | 2013-03-22 | 2015-02-26 | Frank C. Wang | Enhanced content delivery system and method spanning multiple data processing systems |
EP2486697B1 (en) | 2009-10-06 | 2013-12-11 | Thomson Licensing | A method and apparatus for hop-by hop reliable multicast in wireless networks |
CN102045280B (en) | 2009-10-26 | 2013-08-07 | 国基电子(上海)有限公司 | Cable modem (CM) and certificate test method thereof |
JP5544863B2 (en) | 2009-12-17 | 2014-07-09 | 富士通株式会社 | Reception device, reception method, and reception program |
CN101729296B (en) | 2009-12-29 | 2012-12-19 | 中兴通讯股份有限公司 | Method and system for statistical analysis of ethernet traffic |
US20130051552A1 (en) | 2010-01-20 | 2013-02-28 | Héléna Handschuh | Device and method for obtaining a cryptographic key |
US10645628B2 (en) | 2010-03-04 | 2020-05-05 | Rosemount Inc. | Apparatus for interconnecting wireless networks separated by a barrier |
US8495618B1 (en) | 2010-03-31 | 2013-07-23 | American Megatrends, Inc. | Updating firmware in a high availability enabled computer system |
US8516269B1 (en) | 2010-07-28 | 2013-08-20 | Sandia Corporation | Hardware device to physical structure binding and authentication |
US9173196B2 (en) | 2010-10-07 | 2015-10-27 | GM Global Technology Operations LLC | Adaptive multi-channel access for vehicular networks |
WO2012064178A1 (en) * | 2010-11-11 | 2012-05-18 | Mimos Berhad | Method for use in providing an adaptable sensor nodes schedule in a wireless sensor network |
EP2643951B1 (en) | 2010-11-25 | 2014-04-23 | Koninklijke Philips N.V. | System and method for optimizing data transmission to nodes of a wireless mesh network |
US8873526B2 (en) | 2010-12-17 | 2014-10-28 | Cisco Technology, Inc. | Collision avoidance for wireless networks |
US20120163292A1 (en) | 2010-12-23 | 2012-06-28 | Nokia Corporation | Frame Header in Wireless Communication System |
US9094316B2 (en) | 2011-01-28 | 2015-07-28 | Hewlett-Packard Development Company, L.P. | Dynamic name generation |
US20120198434A1 (en) | 2011-01-31 | 2012-08-02 | Digi International Inc. | Virtual bundling of remote device firmware upgrade |
US8769525B2 (en) | 2011-01-31 | 2014-07-01 | Digi International Inc. | Remote firmware upgrade device mapping |
US20120196534A1 (en) | 2011-02-01 | 2012-08-02 | Nokia Corporation | Method, apparatus, and computer program product for broadcasting in short-range communication |
WO2012122994A1 (en) | 2011-03-11 | 2012-09-20 | Kreft Heinz | Off-line transfer of electronic tokens between peer-devices |
US9716659B2 (en) * | 2011-03-23 | 2017-07-25 | Hughes Network Systems, Llc | System and method for providing improved quality of service over broadband networks |
US9268545B2 (en) * | 2011-03-31 | 2016-02-23 | Intel Corporation | Connecting mobile devices, internet-connected hosts, and cloud services |
CN102761941B (en) | 2011-04-28 | 2016-08-03 | 北京云天创科技有限公司 | A kind of method utilizing ultra-low power consumption wireless smart sensor's network protocol transmission |
US20130128809A1 (en) | 2011-05-19 | 2013-05-23 | Qualcomm Incorporated | Apparatus and methods for media access control header compression |
US8553536B2 (en) | 2011-07-12 | 2013-10-08 | General Electric Company | Mesh network management system |
CN102355351B (en) | 2011-07-21 | 2014-11-05 | 华为技术有限公司 | Key generation, backup and migration method and system based on trusted computing |
US8849202B2 (en) | 2011-08-19 | 2014-09-30 | Apple Inc. | Audio transfer using the Bluetooth Low Energy standard |
US8982785B2 (en) | 2011-09-08 | 2015-03-17 | Cisco Technology, Inc. | Access point assisted direct client discovery |
US9445305B2 (en) | 2011-09-12 | 2016-09-13 | Microsoft Corporation | Low energy beacon encoding |
GB2577423B (en) | 2011-09-15 | 2020-09-02 | Fisher Rosemount Systems Inc | Communicating data frames across communication networks that use incompatible network routing protocols |
US8892866B2 (en) | 2011-09-26 | 2014-11-18 | Tor Anumana, Inc. | Secure cloud storage and synchronization systems and methods |
US8649883B2 (en) | 2011-10-04 | 2014-02-11 | Advanergy, Inc. | Power distribution system and method |
WO2013057666A1 (en) | 2011-10-17 | 2013-04-25 | Koninklijke Philips Electronics N.V. | Automatic recommissioning of electronic devices in a networked system |
US8654869B2 (en) | 2011-10-27 | 2014-02-18 | Cooper Technologies Company | Multi-path radio transmission input/output devices, network, systems and methods with link suitability determination |
US9936382B2 (en) * | 2011-11-21 | 2018-04-03 | Vital Connect, Inc. | Method and system for pairing a sensor device to a user |
US8953790B2 (en) | 2011-11-21 | 2015-02-10 | Broadcom Corporation | Secure generation of a device root key in the field |
US9191461B2 (en) | 2012-02-21 | 2015-11-17 | Entropic Communications, Inc. | Software upgrade using layer-2 management entity messaging |
US9270584B2 (en) * | 2012-02-28 | 2016-02-23 | Cisco Technology, Inc. | Diverse paths using a single source route in computer networks |
US9172636B2 (en) | 2012-02-28 | 2015-10-27 | Cisco Technology, Inc. | Efficient link repair mechanism triggered by data traffic |
US20130279409A1 (en) | 2012-04-18 | 2013-10-24 | Draker, Inc. | Establishing a Mesh Network |
US9629063B2 (en) | 2012-05-09 | 2017-04-18 | Trellisware Technologies, Inc. | Method and system for global topology discovery in multi-hop ad hoc networks |
US8844026B2 (en) | 2012-06-01 | 2014-09-23 | Blackberry Limited | System and method for controlling access to secure resources |
US20150195692A1 (en) | 2012-06-26 | 2015-07-09 | Nokia Corporation | Method and apparatus for providing device ringtone coordination |
US8751615B2 (en) | 2012-07-18 | 2014-06-10 | Accedian Networks Inc. | Systems and methods of discovering and controlling devices without explicit addressing |
JP5881047B2 (en) | 2012-08-08 | 2016-03-09 | 株式会社日立製作所 | Network management system, network management computer, and network management method |
US10779212B2 (en) | 2012-09-05 | 2020-09-15 | Interdigital Patent Holdings, Inc. | Methods for MAC frame extensibility and frame specific MAC header design for WLAN systems |
US9208676B2 (en) | 2013-03-14 | 2015-12-08 | Google Inc. | Devices, methods, and associated information processing for security in a smart-sensored home |
US9081643B2 (en) | 2012-09-21 | 2015-07-14 | Silver Sring Networks, Inc. | System and method for efficiently updating firmware for nodes in a mesh network |
US9279856B2 (en) | 2012-10-22 | 2016-03-08 | Infineon Technologies Ag | Die, chip, method for driving a die or a chip and method for manufacturing a die or a chip |
US9306660B2 (en) * | 2012-10-22 | 2016-04-05 | Qualcomm Technologies International, Ltd. | Dynamic interactive zone driven proximity awareness system |
CN102984798B (en) | 2012-11-21 | 2016-02-03 | 越亮传奇科技股份有限公司 | Position-based accurate positioning method |
US20140167912A1 (en) | 2012-12-17 | 2014-06-19 | David M. Snyder | System, method and apparatus for providing security systems integrated with solid state lighting systems |
US20140171062A1 (en) | 2012-12-19 | 2014-06-19 | Telefonaktiebolaget L M Ericsson (Publ) | Wireless Devices, Network Node and Methods for Handling Relay Assistance in a Wireless Communications Network |
US9628373B2 (en) | 2012-12-19 | 2017-04-18 | Comcast Cable Communications, Llc | Multipath communication in a network |
WO2014098504A1 (en) | 2012-12-19 | 2014-06-26 | 엘지전자 주식회사 | Method for communicating in wireless communication system supporting multiple access network and apparatus supporting same |
US20140181172A1 (en) | 2012-12-20 | 2014-06-26 | Brent J. Elliott | Offloading tethering-related communication processing |
EP2939495A4 (en) | 2012-12-26 | 2016-08-17 | Ict Res Llc | Mobility extensions to industrial-strength wireless sensor networks |
US9032480B2 (en) | 2012-12-28 | 2015-05-12 | Cellco Partnership | Providing multiple APN connections support in a browser |
US8938792B2 (en) | 2012-12-28 | 2015-01-20 | Intel Corporation | Device authentication using a physically unclonable functions based key generation system |
US9239723B2 (en) | 2013-05-13 | 2016-01-19 | Lenovo (Singapore) Pte. Ltd. | Configuring a device based on proximity to other devices |
US9264892B2 (en) | 2013-07-03 | 2016-02-16 | Verizon Patent And Licensing Inc. | Method and apparatus for attack resistant mesh networks |
US9983651B2 (en) | 2013-07-15 | 2018-05-29 | Google Technology Holdings LLC | Low-power near-field communication authentication |
US9386008B2 (en) | 2013-08-19 | 2016-07-05 | Smartguard, Llc | Secure installation of encryption enabling software onto electronic devices |
US20150071216A1 (en) | 2013-09-09 | 2015-03-12 | Qualcomm Connected Experiences, Inc. | Allowing mass re-onboarding of headless devices |
US9565576B2 (en) | 2013-10-09 | 2017-02-07 | At&T Intellectual Property I, L.P. | Network operating system client architecture for mobile user equipment |
US10591969B2 (en) | 2013-10-25 | 2020-03-17 | Google Technology Holdings LLC | Sensor-based near-field communication authentication |
US20150143130A1 (en) | 2013-11-18 | 2015-05-21 | Vixs Systems Inc. | Integrated circuit provisioning using physical unclonable function |
GB2515853B (en) | 2014-02-25 | 2015-08-19 | Cambridge Silicon Radio Ltd | Latency mitigation |
GB2512749B (en) | 2014-02-25 | 2015-04-01 | Cambridge Silicon Radio Ltd | Linking ad hoc networks |
GB2512733B (en) | 2014-02-25 | 2018-09-05 | Qualcomm Technologies Int Ltd | Broadcast retransmission |
US9660836B2 (en) | 2014-05-06 | 2017-05-23 | Lattice Semiconductor Corporation | Network topology discovery |
US10142799B2 (en) * | 2014-08-19 | 2018-11-27 | Qualcomm Incorporated | Multicasting traffic using multi-connectivity |
-
2014
- 2014-03-31 GB GB1405797.0A patent/GB2512749B/en not_active Expired - Fee Related
- 2014-03-31 GB GB1421698.0A patent/GB2523444B/en not_active Expired - Fee Related
- 2014-03-31 GB GB1405786.3A patent/GB2512746B/en not_active Expired - Fee Related
- 2014-03-31 GB GB1415177.3A patent/GB2515923B8/en not_active Expired - Fee Related
- 2014-03-31 GB GB1405789.7A patent/GB2512502B/en not_active Expired - Fee Related
- 2014-03-31 GB GB1415178.1A patent/GB2517844B/en not_active Expired - Fee Related
- 2014-03-31 GB GB1405790.5A patent/GB2512747B/en not_active Expired - Fee Related
- 2014-03-31 GB GB1405785.5A patent/GB2512501A/en not_active Withdrawn
- 2014-03-31 GB GB1405791.3A patent/GB2512748B/en not_active Expired - Fee Related
- 2014-05-06 US US14/270,961 patent/US10055570B2/en active Active
- 2014-05-06 US US14/270,884 patent/US20150244648A1/en not_active Abandoned
- 2014-06-05 US US14/297,324 patent/US9489506B2/en active Active
- 2014-06-06 US US14/298,177 patent/US20150245203A1/en not_active Abandoned
- 2014-06-26 US US14/316,404 patent/US20150245204A1/en not_active Abandoned
- 2014-06-26 US US14/316,529 patent/US20150244828A1/en not_active Abandoned
- 2014-07-17 GB GB1412716.1A patent/GB2512542B/en not_active Expired - Fee Related
- 2014-07-17 GB GB1412719.5A patent/GB2512545B/en not_active Expired - Fee Related
- 2014-07-17 GB GB1412718.7A patent/GB2512544B/en not_active Expired - Fee Related
- 2014-07-17 GB GB1412720.3A patent/GB2513048B/en not_active Expired - Fee Related
- 2014-07-17 GB GB1412722.9A patent/GB2512781B/en not_active Expired - Fee Related
- 2014-07-17 GB GB1412714.6A patent/GB2512256B8/en not_active Expired - Fee Related
- 2014-07-17 GB GB1501075.4A patent/GB2518120B/en not_active Expired - Fee Related
- 2014-07-17 GB GB1412717.9A patent/GB2512543B/en not_active Expired - Fee Related
- 2014-07-17 GB GB1412715.3A patent/GB2513265B/en not_active Expired - Fee Related
- 2014-08-19 DE DE102014019749.2A patent/DE102014019749B3/en not_active Expired - Fee Related
- 2014-08-19 DE DE102014012257.3A patent/DE102014012257B4/en not_active Expired - Fee Related
- 2014-08-19 DE DE102014012252.2A patent/DE102014012252A1/en not_active Ceased
- 2014-08-19 DE DE102014012258.1A patent/DE102014012258A1/en not_active Withdrawn
- 2014-08-20 DE DE102014012379.0A patent/DE102014012379B4/en not_active Expired - Fee Related
- 2014-08-25 DE DE102014012518.1A patent/DE102014012518A1/en not_active Withdrawn
- 2014-08-25 DE DE102014012517.3A patent/DE102014012517B4/en not_active Expired - Fee Related
- 2014-09-11 DE DE102014013471.7A patent/DE102014013471A1/en not_active Withdrawn
- 2014-10-02 US US14/505,443 patent/US9754096B2/en active Active
- 2014-10-02 US US14/505,458 patent/US9672346B2/en active Active
- 2014-10-02 US US14/505,399 patent/US9910976B2/en active Active
- 2014-10-02 US US14/505,437 patent/US20150245369A1/en not_active Abandoned
- 2014-10-02 US US14/505,465 patent/US20150244565A1/en not_active Abandoned
- 2014-10-02 US US14/505,418 patent/US20150242614A1/en not_active Abandoned
- 2014-10-02 US US14/505,466 patent/US20150244623A1/en not_active Abandoned
- 2014-10-02 US US14/505,454 patent/US9842202B2/en not_active Expired - Fee Related
-
2015
- 2015-02-04 DE DE102015101604.4A patent/DE102015101604A1/en not_active Withdrawn
- 2015-02-04 DE DE102015101620.6A patent/DE102015101620A1/en not_active Withdrawn
- 2015-02-05 DE DE102015101699.0A patent/DE102015101699B4/en not_active Expired - Fee Related
- 2015-02-05 DE DE102015101698.2A patent/DE102015101698A1/en not_active Withdrawn
- 2015-02-05 DE DE102015101697.4A patent/DE102015101697A1/en not_active Withdrawn
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030181203A1 (en) * | 2002-03-19 | 2003-09-25 | Cheshire Stuart D. | Method and apparatus for configuring a wireless device through reverse advertising |
US20100241857A1 (en) * | 2007-11-16 | 2010-09-23 | Okude Kazuhiro | Authentication method, authentication system, in-vehicle device, and authentication apparatus |
US20100262828A1 (en) * | 2009-04-08 | 2010-10-14 | Research In Motion Limited | Systems, devices, and methods for securely transmitting a security parameter to a computing device |
US20110081860A1 (en) * | 2009-10-02 | 2011-04-07 | Research In Motion Limited | Methods and devices for facilitating bluetooth pairing using a camera as a barcode scanner |
Cited By (38)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9754096B2 (en) | 2014-02-25 | 2017-09-05 | Qualcomm Technologies International, Ltd. | Update management |
US10055570B2 (en) | 2014-02-25 | 2018-08-21 | QUALCOMM Technologies International, Ltd | Mesh relay |
US9910976B2 (en) | 2014-02-25 | 2018-03-06 | Qualcomm Technologies International, Ltd. | Processing mesh communications |
US9489506B2 (en) | 2014-02-25 | 2016-11-08 | Qualcomm Technologies International, Ltd. | Linking ad hoc networks |
US9672346B2 (en) | 2014-02-25 | 2017-06-06 | Qualcomm Technologies International, Ltd. | Object tracking by establishing a mesh network and transmitting packets |
US9842202B2 (en) | 2014-02-25 | 2017-12-12 | Qualcomm Technologies International, Ltd. | Device proximity |
US9692538B2 (en) | 2014-02-25 | 2017-06-27 | Qualcomm Technologies International, Ltd. | Latency mitigation |
US9918351B2 (en) * | 2014-04-01 | 2018-03-13 | Belkin International Inc. | Setup of multiple IOT networks devices |
US11122635B2 (en) | 2014-04-01 | 2021-09-14 | Belkin International, Inc. | Grouping of network devices |
US20170094706A1 (en) * | 2014-04-01 | 2017-03-30 | Belkin International, Inc. | Setup of multiple iot network devices |
US9686682B2 (en) * | 2014-08-10 | 2017-06-20 | Belkin International Inc. | Setup of multiple IoT network devices |
US9713003B2 (en) * | 2014-08-10 | 2017-07-18 | Belkin International Inc. | Setup of multiple IoT network devices |
US20160044032A1 (en) * | 2014-08-10 | 2016-02-11 | Belkin International, Inc. | Setup of multiple iot network devices |
US9451462B2 (en) * | 2014-08-10 | 2016-09-20 | Belkin International Inc. | Setup of multiple IoT network devices |
US20160088478A1 (en) * | 2014-08-10 | 2016-03-24 | Belkin International, Inc. | Setup of multiple iot network devices |
US20160081133A1 (en) * | 2014-08-10 | 2016-03-17 | Belkin International, Inc. | Setup of multiple iot network devices |
US10524197B2 (en) | 2014-08-19 | 2019-12-31 | Belkin International, Inc. | Network device source entity triggered device configuration setup |
US9872240B2 (en) | 2014-08-19 | 2018-01-16 | Belkin International Inc. | Network device source entity triggered device configuration setup |
US20180255045A1 (en) * | 2015-02-24 | 2018-09-06 | Nelson A. Cicchitto | Mobile device enabled desktop tethered and tetherless authentication |
US11122034B2 (en) | 2015-02-24 | 2021-09-14 | Nelson A. Cicchitto | Method and apparatus for an identity assurance score with ties to an ID-less and password-less authentication system |
US11811750B2 (en) | 2015-02-24 | 2023-11-07 | Nelson A. Cicchitto | Mobile device enabled desktop tethered and tetherless authentication |
US11171941B2 (en) * | 2015-02-24 | 2021-11-09 | Nelson A. Cicchitto | Mobile device enabled desktop tethered and tetherless authentication |
US10848485B2 (en) | 2015-02-24 | 2020-11-24 | Nelson Cicchitto | Method and apparatus for a social network score system communicably connected to an ID-less and password-less authentication system |
US9832637B2 (en) * | 2015-04-13 | 2017-11-28 | Gunitech Corp. | Connection information sharing system, computer program, and connection information sharing method thereof |
US20160302056A1 (en) * | 2015-04-13 | 2016-10-13 | Gunitech Corp. | Connection Information Sharing System, Computer Program, and Connection Information Sharing Method Thereof |
US10659442B1 (en) * | 2015-12-21 | 2020-05-19 | Marvell International Ltd. | Security in smart configuration for WLAN based IOT device |
US20190159031A1 (en) * | 2016-04-26 | 2019-05-23 | Checkit Limited | Network Access Control |
US11451445B2 (en) * | 2017-04-10 | 2022-09-20 | Itron Networked Solutions, Inc. | Efficient internet-of-things device configuration via quick response codes |
US20200127896A1 (en) * | 2017-04-10 | 2020-04-23 | Itron Networked Solutions, Inc. | Efficient internet-of-things device configuration via quick response codes |
US11146540B2 (en) * | 2018-05-09 | 2021-10-12 | Datalogic Ip Tech S.R.L. | Systems and methods for public key exchange employing a peer-to-peer protocol |
US10951470B2 (en) | 2018-05-14 | 2021-03-16 | Alibaba Group Holding Limited | Bluetooth mesh network provisioning |
US11563631B2 (en) | 2018-05-14 | 2023-01-24 | Alibaba Group Holding Limited | Bluetooth mesh network provisioning |
US11259178B2 (en) * | 2018-05-18 | 2022-02-22 | Alibaba Group Holding Limited | Bluetooth mesh network provisioning authentication |
CN110505606A (en) * | 2018-05-18 | 2019-11-26 | 阿里巴巴集团控股有限公司 | Bluetooth Mesh network and its distribution method for authenticating, equipment and storage medium |
TWI816761B (en) * | 2018-05-18 | 2023-10-01 | 香港商阿里巴巴集團服務有限公司 | Bluetooth mesh network and its distribution network authentication method, equipment and storage media |
WO2019222412A1 (en) * | 2018-05-18 | 2019-11-21 | Alibaba Group Holding Limited | Bluetooth mesh network provisioning authentication |
US10574475B2 (en) * | 2018-05-24 | 2020-02-25 | Haier Us Appliance Solutions, Inc. | Household appliance with bluetooth connection and authentication |
US10986573B2 (en) | 2018-06-22 | 2021-04-20 | Alibaba Group Holding Limited | Bluetooth mesh network gateway and device data communication |
Also Published As
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20150245204A1 (en) | Device authentication | |
US11146400B2 (en) | Methods for verifying data integrity | |
USRE49876E1 (en) | Secure configuration of a headless networking device | |
US10547613B1 (en) | Simplified association of devices with a network using unique codes on the devices and side channel communication | |
US10693848B2 (en) | Installation of a terminal in a secure system | |
EP3105904B1 (en) | Assisted device provisioning in a network | |
US10862684B2 (en) | Method and apparatus for providing service on basis of identifier of user equipment | |
Naeem et al. | A scalable and secure RFID mutual authentication protocol using ECC for Internet of Things | |
EP2963959B1 (en) | Method, configuration device, and wireless device for establishing connection between devices | |
EP2424185B1 (en) | Method and device for challenge-response authentication | |
CN105191253A (en) | Seamless device configuration in a communication network | |
EP1806869A1 (en) | Communication device, and communication method | |
KR20180098589A (en) | Network system for secure communication | |
CN108923927A (en) | System and method for being connected to video camera supply dynamic Q R code with BLE | |
US10356090B2 (en) | Method and system for establishing a secure communication channel | |
EP2993933B1 (en) | Wireless terminal configuration method, apparatus and wireless terminal | |
KR20180119201A (en) | Electronic device for authentication system | |
CN112566119A (en) | Terminal authentication method and device, computer equipment and storage medium | |
CN107950003B (en) | Method and device for dual-user authentication | |
KR102322605B1 (en) | Method for setting secret key and authenticating mutual device of internet of things environment | |
CN114422216B (en) | Internet of things equipment binding method, device and storage medium | |
KR20160146090A (en) | Communication method and apparatus in smart-home system | |
CN111885595B (en) | Intelligent household appliance configuration networking method, device and system | |
KR101709086B1 (en) | security method and system thereof based context for Internet of Things environment | |
Lounis | Security of short-range wireless technologies and an authentication protocol for IoT |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: CAMBRIDGE SILICON RADIO LIMITED, UNITED KINGDOM Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:HEYDON, ROBIN;REEL/FRAME:033190/0786 Effective date: 20140522 |
|
AS | Assignment |
Owner name: QUALCOMM TECHNOLOGIES INTERNATIONAL, LTD., UNITED Free format text: CHANGE OF NAME;ASSIGNOR:CAMBRIDGE SILICON RADIO LIMITED;REEL/FRAME:036663/0211 Effective date: 20150813 |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |