WO2007078940A3 - Methods, apparatuses and articles for automatic configuration of devices upon introduction into a networked environment - Google Patents

Methods, apparatuses and articles for automatic configuration of devices upon introduction into a networked environment Download PDF

Info

Publication number
WO2007078940A3
WO2007078940A3 PCT/US2006/048418 US2006048418W WO2007078940A3 WO 2007078940 A3 WO2007078940 A3 WO 2007078940A3 US 2006048418 W US2006048418 W US 2006048418W WO 2007078940 A3 WO2007078940 A3 WO 2007078940A3
Authority
WO
WIPO (PCT)
Prior art keywords
networked environment
pin
introduction
devices
automatic configuration
Prior art date
Application number
PCT/US2006/048418
Other languages
French (fr)
Other versions
WO2007078940A2 (en
Inventor
Gregory L Miller
Original Assignee
Intel Corp
Gregory L Miller
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Intel Corp, Gregory L Miller filed Critical Intel Corp
Priority to CN2006800499386A priority Critical patent/CN101366259B/en
Priority to EP06845804A priority patent/EP1966973A2/en
Priority to JP2008538129A priority patent/JP5114420B2/en
Publication of WO2007078940A2 publication Critical patent/WO2007078940A2/en
Publication of WO2007078940A3 publication Critical patent/WO2007078940A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • H04L67/125Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks involving control of end-device applications over a network
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/305Authentication, i.e. establishing the identity or authorisation of security principals by remotely controlling device operation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/42User authentication using separate channels for security data
    • G06F21/43User authentication using separate channels for security data wireless channels
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6272Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database by registering files or documents with a third party
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/73Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by creating or determining hardware identification, e.g. serial numbers
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/85Protecting input, output or interconnection devices interconnection devices, e.g. bus-connected or in-line devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/061Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2105Dual mode as a secondary aspect
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Abstract

Automatic configuration of devices upon introduction into a networked environment, can be implemented, for example, by having a device randomly generate a series of letters and/or numbers, e.g., generate a PIN (Personal Identification Number) that encodes temporary credentials that, in addition to proving ownership and/or control over the device by virtue of having access to the PIN, also allows creating a temporary secure communication channel based oh the PlN over which permanent security credentials may be transferred to the device to facilitate provisioning it to securely communicate in the networked environment. In a wireless scenario, a unique SSID and encryption key (WEP or WPA) may be determined as a function of the PIN, where both the device and its access point utilize the PIN to establish a temporary secure communication channel. Various techniques may be used to establish ownership and/or control over the device to prevent inadvertent association of the device with a wrong networked environment.
PCT/US2006/048418 2005-12-30 2006-12-19 Methods, apparatuses and articles for automatic configuration of devices upon introduction into a networked environment WO2007078940A2 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
CN2006800499386A CN101366259B (en) 2005-12-30 2006-12-19 Automatic configuration of devices upon introduction into a networked environment
EP06845804A EP1966973A2 (en) 2005-12-30 2006-12-19 Automatic configuration of devices upon introduction into a networked environment
JP2008538129A JP5114420B2 (en) 2005-12-30 2006-12-19 Method, storage medium, and system for establishing communication with network environment

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US11/323,315 2005-12-30
US11/323,315 US8041035B2 (en) 2005-12-30 2005-12-30 Automatic configuration of devices upon introduction into a networked environment

Publications (2)

Publication Number Publication Date
WO2007078940A2 WO2007078940A2 (en) 2007-07-12
WO2007078940A3 true WO2007078940A3 (en) 2007-08-23

Family

ID=38006998

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2006/048418 WO2007078940A2 (en) 2005-12-30 2006-12-19 Methods, apparatuses and articles for automatic configuration of devices upon introduction into a networked environment

Country Status (5)

Country Link
US (2) US8041035B2 (en)
EP (1) EP1966973A2 (en)
JP (1) JP5114420B2 (en)
CN (1) CN101366259B (en)
WO (1) WO2007078940A2 (en)

Families Citing this family (37)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8326951B1 (en) 2004-06-05 2012-12-04 Sonos, Inc. Establishing a secure wireless network with minimum human intervention
US8412942B2 (en) * 2007-01-22 2013-04-02 Arris Group, Inc. Method and system for seamless SSID creation, authentication and encryption
US8542665B2 (en) * 2007-08-06 2013-09-24 Sony Corporation System and method for network setup of wireless device through a single interface
KR101495722B1 (en) * 2008-01-31 2015-02-26 삼성전자주식회사 Method and apparatus for guaranteeing communication security in home network
JP4666027B2 (en) * 2008-08-29 2011-04-06 コニカミノルタビジネステクノロジーズ株式会社 Image processing apparatus and server
US8724813B2 (en) * 2009-02-25 2014-05-13 Hewlett-Packard Development Company, L.P. Wireless device setup
CN101583130B (en) * 2009-06-18 2015-09-16 中兴通讯股份有限公司 The generation method and apparatus of air interface key
US9590961B2 (en) * 2009-07-14 2017-03-07 Alcatel Lucent Automated security provisioning protocol for wide area network communication devices in open device environment
US9167194B2 (en) * 2010-04-12 2015-10-20 Dell Products, Lp Method for generating a unique service set identifier on a wireless projector
KR101064936B1 (en) 2010-04-21 2011-09-19 주식회사 넥스뷰 Access method to wireless LAN device for wireless internet sharing
ES2750031T3 (en) * 2010-09-16 2020-03-24 Nokia Technologies Oy Dynamic account creation with zone network with secured wireless coverage
CN101977381B (en) * 2010-11-18 2013-10-23 杭州华三通信技术有限公司 Method and device for processing cipher key list items
US9258703B2 (en) * 2011-07-05 2016-02-09 Texas Instruments Incorporated Method, system and computer program product for wirelessly connecting a device to a network
US8171525B1 (en) * 2011-09-15 2012-05-01 Google Inc. Enabling users to select between secure service providers using a central trusted service manager
US8831568B2 (en) 2011-09-27 2014-09-09 Qualcomm Incorporated Automatic configuration of a wireless device
US10169339B2 (en) 2011-10-31 2019-01-01 Elwha Llc Context-sensitive query enrichment
US8825008B2 (en) * 2011-12-21 2014-09-02 Verizon Patent And Licensing Inc. Method and apparatus for authorizing transfer of mobile devices
TW201327370A (en) * 2011-12-28 2013-07-01 Amtran Technology Co Ltd System and method for resource sharing and broadcasting device thereof
JP5950691B2 (en) 2012-02-09 2016-07-13 シャープ株式会社 Information processing system, information processing apparatus, and communication connection method
US9031050B2 (en) 2012-04-17 2015-05-12 Qualcomm Incorporated Using a mobile device to enable another device to connect to a wireless network
JP5675747B2 (en) 2012-10-18 2015-02-25 オリンパス株式会社 Wireless communication system, portable terminal, digital camera, communication method and program
CN103037538B (en) * 2012-12-17 2016-02-24 广州市动景计算机科技有限公司 Data transmission method and mobile terminal
US10078524B2 (en) * 2013-03-01 2018-09-18 Hewlett Packard Enterprise Development Lp Secure configuration of a headless networking device
CN103179640A (en) * 2013-03-25 2013-06-26 北京奇虎科技有限公司 Wireless local area network access system and method
US9191771B2 (en) 2013-05-31 2015-11-17 Gainspan Corporation Convenient use of push button mode of WPS (Wi-Fi protected setup) for provisioning wireless devices
CN104834458A (en) * 2014-02-11 2015-08-12 中兴通讯股份有限公司 Equipment paring method and device based on touch screen
US10827539B2 (en) 2014-03-06 2020-11-03 Gainspan Corporation Remote provisioning of wireless stations with confirmation
US10360362B2 (en) * 2014-04-30 2019-07-23 Qualcomm Incorporated Apparatuses and methods for fast onboarding an internet-enabled device
US10057813B1 (en) * 2014-05-09 2018-08-21 Plume Design, Inc. Onboarding and configuring Wi-Fi enabled devices
CN106471831B (en) * 2014-09-30 2019-11-29 华为技术有限公司 The method of configuration, the device of configuration and equipment
WO2017009915A1 (en) * 2015-07-10 2017-01-19 富士通株式会社 Device authentication system, management device, and device authentication method
US11586720B2 (en) * 2016-08-05 2023-02-21 Sharp Nec Display Solutions, Ltd. Display system, reception device, display device and communication connection method
US10893041B2 (en) 2018-10-10 2021-01-12 International Business Machines Corporation Single use passcode authentication
US11405789B1 (en) * 2019-02-12 2022-08-02 Amazon Technologies, Inc. Cloud-based secure wireless local area network (WLAN) group self-forming technologies
CN110868748A (en) * 2019-11-06 2020-03-06 北京小米移动软件有限公司 Intelligent equipment network access method, device, equipment, system and medium
FR3116981A1 (en) * 2020-11-27 2022-06-03 Orange Method and system for configuring access to a local area network.
US11824848B2 (en) * 2021-03-31 2023-11-21 Oracle International Corporation On demand operations access to cloud customer resources

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040236939A1 (en) * 2003-02-20 2004-11-25 Docomo Communications Laboratories Usa, Inc. Wireless network handoff key
US20050125669A1 (en) * 2003-12-08 2005-06-09 Palo Alto Research Center Incorporated Method and apparatus for using a secure credential infrastructure to access vehicle components
US20050226423A1 (en) * 2002-03-08 2005-10-13 Yongmao Li Method for distributes the encrypted key in wireless lan

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6366920B1 (en) * 1993-05-06 2002-04-02 International Business Machines Corporation Automatic invocation of objects during the entering of data in a data processing system user interface
KR100484209B1 (en) * 1998-09-24 2005-09-30 삼성전자주식회사 Digital Content Encryption / Decryption Device and Method
US7039688B2 (en) * 1998-11-12 2006-05-02 Ricoh Co., Ltd. Method and apparatus for automatic network configuration
GB9930145D0 (en) * 1999-12-22 2000-02-09 Kean Thomas A Method and apparatus for secure configuration of a field programmable gate array
US7382741B2 (en) * 2003-06-25 2008-06-03 Canon Kabushiki Kaisha Configuration of wireless network client
JP4290529B2 (en) 2003-11-07 2009-07-08 株式会社バッファロー Access point, terminal, encryption key setting system, encryption key setting method, and program
US7646874B2 (en) * 2005-12-22 2010-01-12 Canon Kabushiki Kaisha Establishing mutual authentication and secure channels in devices without previous credentials
US7996516B2 (en) * 2005-12-29 2011-08-09 Panasonic Electric Works Co., Ltd. Systems and methods for automatic configuration of devices within a network utilizing inherited configuration data

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050226423A1 (en) * 2002-03-08 2005-10-13 Yongmao Li Method for distributes the encrypted key in wireless lan
US20040236939A1 (en) * 2003-02-20 2004-11-25 Docomo Communications Laboratories Usa, Inc. Wireless network handoff key
US20050125669A1 (en) * 2003-12-08 2005-06-09 Palo Alto Research Center Incorporated Method and apparatus for using a secure credential infrastructure to access vehicle components

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
"Device Management Architecture; OMA-AD_DM-V1_0-20050530-D", OMA OPEN MOBILE ALLIANCE SPECIFICATIONS, 30 May 2005 (2005-05-30), pages 1 - 19, XP002433524, Retrieved from the Internet <URL:http://member.openmobilealliance.org/ftp/Public_documents/DM/Permanent_documents/OMA-AD-DM-V1_0-20050530-D.zip> [retrieved on 20070514] *
"OMA Device Management Bootstrap; OMA-TS-DM-Bootstrap-V1_2-20051216-C", OMA OPEN MOBILE ALLIANCE SPECIFICATIONS, 16 December 2005 (2005-12-16), pages 1 - 27, XP002433525, Retrieved from the Internet <URL:http://member.openmobilealliance.org/ftp/Public_documents/DM/Permanent_documents/OMA-TS-DM-Bootstrap-V1_2-20051216-C.zip> [retrieved on 20070514] *

Also Published As

Publication number Publication date
WO2007078940A2 (en) 2007-07-12
EP1966973A2 (en) 2008-09-10
JP2009513089A (en) 2009-03-26
US8375210B2 (en) 2013-02-12
JP5114420B2 (en) 2013-01-09
CN101366259B (en) 2012-12-12
CN101366259A (en) 2009-02-11
US20070157024A1 (en) 2007-07-05
US8041035B2 (en) 2011-10-18
US20120005478A1 (en) 2012-01-05

Similar Documents

Publication Publication Date Title
WO2007078940A3 (en) Methods, apparatuses and articles for automatic configuration of devices upon introduction into a networked environment
EP3651436A3 (en) Techniques for securely communicating a data packet via at least one relay user equipment
WO2011149765A3 (en) Rfid security and mobility architecture
WO2007067848A3 (en) Service provider subsidy lock
BRPI0607359A2 (en) secure auto-initiation for wireless communications
WO2008004102A8 (en) Wireless access point security for multi-hop networks
WO2010062045A3 (en) Security system and method for wireless communication system
WO2009061591A3 (en) Method for providing fast secure handoff in a wireless mesh network
WO2009011055A1 (en) Wireless terminal device, wireless connection method, and program
WO2010025280A3 (en) Integrity protection and/or ciphering for ue registration with a wireless network
AU2001234691A1 (en) Broadband communications access device
WO2005089120A3 (en) Secure authentication and network management system for wireless lan applications
WO2009031112A3 (en) Node for a network and method for establishing a distributed security architecture for a network
BR112012028066A2 (en) handset and methods to authenticate wireless network
MY142729A (en) Bootstrapping authentication using distinguished random challenges
TW200719652A (en) Method and protocol for handling access attempts for communications systems
WO2009026049A3 (en) Method and apparatus for authenticating a network device
TWI268687B (en) Cipher key setting system, access point, and cipher key setting method
WO2008112455A3 (en) Method for establishing secure associations within a communication network
NZ533457A (en) Network user authentication system and method
WO2005065133A3 (en) Communication system with adopted remote identity
WO2017123362A3 (en) Key establishment for communications within a group
ZA200509758B (en) Pervasive, user-centric network security enbaled by dynamic datagram switch and an on-demand authentication and encryption scheme through mobile intelligent data carriers
MY145534A (en) Apparatus and method of protecting management frames in wireless lan communications.
WO2008033590A3 (en) A method and apparatus to provide authentication and privacy with low complexity devices

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 200680049938.6

Country of ref document: CN

121 Ep: the epo has been informed by wipo that ep was designated in this application
ENP Entry into the national phase

Ref document number: 2008538129

Country of ref document: JP

Kind code of ref document: A

WWE Wipo information: entry into national phase

Ref document number: 2006845804

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: DE