US20150242614A1 - Provisioning of security credentials - Google Patents
Provisioning of security credentials Download PDFInfo
- Publication number
- US20150242614A1 US20150242614A1 US14/505,418 US201414505418A US2015242614A1 US 20150242614 A1 US20150242614 A1 US 20150242614A1 US 201414505418 A US201414505418 A US 201414505418A US 2015242614 A1 US2015242614 A1 US 2015242614A1
- Authority
- US
- United States
- Prior art keywords
- root identity
- security component
- root
- identity
- public
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
- H04L43/0805—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
- H04L43/0817—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability by checking functioning
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/73—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by creating or determining hardware identification, e.g. serial numbers
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/76—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in application-specific integrated circuits [ASIC] or field-programmable devices, e.g. field-programmable gate arrays [FPGA] or programmable logic devices [PLD]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/08—Logistics, e.g. warehousing, loading or distribution; Inventory or stock management
- G06Q10/083—Shipping
- G06Q10/0833—Tracking
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04B—TRANSMISSION
- H04B7/00—Radio transmission systems, i.e. using radiation field
- H04B7/14—Relay systems
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04H—BROADCAST COMMUNICATION
- H04H20/00—Arrangements for broadcast or for distribution combined with broadcast
- H04H20/65—Arrangements characterised by transmission systems for broadcast
- H04H20/71—Wireless systems
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
- H04L41/0813—Configuration setting characterised by the conditions triggering a change of settings
- H04L41/082—Configuration setting characterised by the conditions triggering a change of settings the condition being updates or upgrades of network functionality
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
- H04L41/084—Configuration by using pre-existing information, e.g. using templates or copying from other elements
- H04L41/0846—Configuration by using pre-existing information, e.g. using templates or copying from other elements based on copy from other elements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/085—Retrieval of network configuration; Tracking network configuration history
- H04L41/0853—Retrieval of network configuration; Tracking network configuration history by actively collecting configuration information or by backing up configuration information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/12—Discovery or management of network topologies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/14—Network analysis or design
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/06—Generation of reports
- H04L43/065—Generation of reports related to network devices
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
- H04L43/0852—Delays
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
- H04L43/0876—Network utilisation, e.g. volume of load or congestion level
- H04L43/0882—Utilisation of link capacity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/10—Active monitoring, e.g. heartbeat, ping or trace-route
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/02—Topology update or discovery
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/11—Identifying congestion
- H04L47/115—Identifying congestion using a dedicated packet
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/10—Flow control; Congestion control
- H04L47/16—Flow control; Congestion control in connection oriented networks, e.g. frame relay
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L49/00—Packet switching elements
- H04L49/15—Interconnection of switching modules
- H04L49/1553—Interconnection of ATM switching modules, e.g. ATM switching fabrics
- H04L49/1584—Full Mesh, e.g. knockout
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L5/00—Arrangements affording multiple use of the transmission path
- H04L5/003—Arrangements for allocating sub-channels of the transmission path
- H04L5/0053—Allocation of signaling, i.e. of overhead other than pilot signals
- H04L5/0055—Physical resource allocation for ACK/NACK
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/061—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1475—Passive attacks, e.g. eavesdropping or listening without modification of the traffic monitored
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1491—Countermeasures against malicious traffic using deception as countermeasure, e.g. honeypots, honeynets, decoys or entrapment
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/18—Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/2866—Architectures; Arrangements
- H04L67/30—Profiles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/22—Parsing or analysis of headers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0877—Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/50—Secure pairing of devices
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W16/00—Network planning, e.g. coverage or traffic planning tools; Network deployment, e.g. resource partitioning or cells structures
- H04W16/18—Network planning tools
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W24/00—Supervisory, monitoring or testing arrangements
- H04W24/06—Testing, supervising or monitoring using simulated traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/02—Services making use of location information
- H04W4/029—Location-based management or tracking services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/06—Selective distribution of broadcast services, e.g. multimedia broadcast multicast service [MBMS]; Services to user groups; One-way selective calling services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/30—Services specially adapted for particular environments, situations or purposes
- H04W4/38—Services specially adapted for particular environments, situations or purposes for collecting sensor information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/70—Services for machine-to-machine communication [M2M] or machine type communication [MTC]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/80—Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W40/00—Communication routing or communication path finding
- H04W40/24—Connectivity information management, e.g. connectivity discovery or connectivity update
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W52/00—Power management, e.g. TPC [Transmission Power Control], power saving or power classes
- H04W52/02—Power saving arrangements
- H04W52/0209—Power saving arrangements in terminal devices
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W52/00—Power management, e.g. TPC [Transmission Power Control], power saving or power classes
- H04W52/02—Power saving arrangements
- H04W52/0209—Power saving arrangements in terminal devices
- H04W52/0225—Power saving arrangements in terminal devices using monitoring of external events, e.g. the presence of a signal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W52/00—Power management, e.g. TPC [Transmission Power Control], power saving or power classes
- H04W52/02—Power saving arrangements
- H04W52/0209—Power saving arrangements in terminal devices
- H04W52/0251—Power saving arrangements in terminal devices using monitoring of local events, e.g. events related to user activity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W52/00—Power management, e.g. TPC [Transmission Power Control], power saving or power classes
- H04W52/02—Power saving arrangements
- H04W52/0209—Power saving arrangements in terminal devices
- H04W52/0261—Power saving arrangements in terminal devices managing power supply demand, e.g. depending on battery level
- H04W52/0274—Power saving arrangements in terminal devices managing power supply demand, e.g. depending on battery level by switching on or off the equipment or parts thereof
- H04W52/028—Power saving arrangements in terminal devices managing power supply demand, e.g. depending on battery level by switching on or off the equipment or parts thereof switching on or off only a part of the equipment circuit blocks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W52/00—Power management, e.g. TPC [Transmission Power Control], power saving or power classes
- H04W52/04—TPC
- H04W52/38—TPC being performed in particular situations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W64/00—Locating users or terminals or network equipment for network management purposes, e.g. mobility management
- H04W64/003—Locating users or terminals or network equipment for network management purposes, e.g. mobility management locating network equipment
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W72/00—Local resource management
- H04W72/12—Wireless traffic scheduling
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W72/00—Local resource management
- H04W72/20—Control channels or signalling for resource management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W76/00—Connection management
- H04W76/10—Connection setup
- H04W76/11—Allocation or use of connection identifiers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W76/00—Connection management
- H04W76/10—Connection setup
- H04W76/14—Direct-mode setup
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/22—Processing or transfer of terminal data, e.g. status or physical capabilities
- H04W8/24—Transfer of terminal data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/22—Processing or transfer of terminal data, e.g. status or physical capabilities
- H04W8/24—Transfer of terminal data
- H04W8/245—Transfer of terminal data from a network towards a terminal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W84/00—Network topologies
- H04W84/18—Self-organising networks, e.g. ad-hoc networks or sensor networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W88/00—Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
- H04W88/02—Terminal devices
- H04W88/04—Terminal devices adapted for relaying to or from another terminal or user
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W88/00—Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
- H04W88/02—Terminal devices
- H04W88/06—Terminal devices adapted for operation in multiple networks or having at least two operational modes, e.g. multi-mode terminals
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W92/00—Interfaces specially adapted for wireless communication networks
- H04W92/02—Inter-networking arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/60—Context-dependent security
- H04W12/69—Identity-dependent
- H04W12/77—Graphical identity
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02A—TECHNOLOGIES FOR ADAPTATION TO CLIMATE CHANGE
- Y02A10/00—TECHNOLOGIES FOR ADAPTATION TO CLIMATE CHANGE at coastal zones; at river basins
- Y02A10/40—Controlling or monitoring, e.g. of flood or hurricane; Forecasting, e.g. risk assessment or mapping
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Definitions
- This invention relates to provisioning a device with a means for authenticating itself to other devices.
- Security is of increasing concern in the so-called Internet of Things.
- identity and integrity of an individual device is of paramount importance in a network of potentially thousands of cooperating elements.
- a typical approach is to provide specific hardware on the device to act as the root of trust and propagate that trust up to other firmware and applications executing on the device.
- the root of trust is a fundamental concept from which the security of the whole device and the services provided to/by the device propagates.
- the component should be reliable, tamper-proof and consistently behave in an expected manner. It should provide the minimum set of functionality needed to assess the integrity of the platform and the associated trustworthiness such as: measurement/storage/reporting of a set of metrics describing the platform characteristics (e.g. signed firmware hashes), and access to data signing/encryption for authentication, integrity and confidentiality purposes.
- the secret may be a truly random number that represents or assists in the generation of a cryptographical secret, such as a symmetric key or an asymmetric key-set, embedded in a controlled environment into the hardware of the chip/device, which can be challenged later.
- the secret is usually generated outside the chip and later embedded in the chip. This creates a serious challenge in managing the secret, which must be tightly controlled and monitored all the way through.
- Information on the secret (such as a private key burnt into the chip/device) might leak before or after manufacturing, invalidate the scheme and expose the customer to the risk of cloning and theft of sensitive data.
- safe rooms or “cages” are typically required during manufacture.
- a security component for authenticating a device, within which it is incorporated, with another device, the security component comprising a root identity generator configured to generate a root identity comprising a public root identity and a private root identity and an output configured to output the public root identity for sharing with the other device and to not output the private root identity.
- the root identity generator may be configured to generate, as part of the private root identity, a private key of an asymmetric key set.
- the root identity generator may be configured to generate, as part of the public root identity, one or more of a unique identifier for the security component, a public key of an asymmetric key set and a symmetric key.
- the root identity generator may be configured to generate multiple unique root identities for the security component.
- the root identity generator may be capable of repeatably generating the root identity.
- the security component may be configured not to store the root identity.
- the root identity generator may be configured to, when the security component requires the root identity, regenerate the root identity.
- the security component may comprise a memory configured to store the root identity and the security component may be configured to, when it requires the root identity, retrieve it from memory.
- the security component may comprise an enrolment indicator and may be configured to, when the public root identity is shared with the other device, set the enrolment indicator.
- the security component may be configured not to share the public root identity if the enrolment indicator is set.
- the root identity generator may be configured to, each time that the security component is required to generate a root identity when the enrolment indicator is not set, generate a new root identity.
- the root identity generator may be configured to, each time that the security component is required to generate a root identity when the enrolment indicator is set, regenerate a previously generated root identity.
- the root identity generator may be configured to, each time that the security component is required to generate a root identity when the enrolment indicator is set, regenerate the root identity that comprises the public root identity shared with the other device.
- the root identity generator may be configured to generate a root identity during a self-test of the security component.
- the security component may be configured not to share the private root identity with parts of the device that are outside of the security component.
- the security component may comprise an encryption unit configured to encrypt and/or decrypt communications with the other device using the private root identity.
- the encryption unit may be configured to encrypt any data that it shares with the other device with a public key of the other device.
- the output may be configured to output the public root identity for sharing with a certificate authority.
- the root identity generator may comprise an entropy source.
- the security component may be for incorporation in a wireless communication device.
- a method for provisioning a device with security credentials to enable it to authorise itself with another device comprising incorporating a security component in the device, generating, by means of the security component, a root identity comprising a public root identity and a private root identity and the security component outputting the public root identity for sharing with the other device and not outputting the private root identity.
- FIG. 1 shows a method for generating an identity certificate
- FIG. 2 shows the enrolment and deployment of a chip
- FIG. 3 shows a method for blowing an enrolment fuse
- FIGS. 4 a and 4 b show examples of security components.
- FIG. 1 An example of a method for generating an identity certificate for a device is shown in FIG. 1 .
- the device incorporates a security component.
- This component may be capable of acting as a silicon root of trust for the device. It is likely to be implemented as an integrated circuit or chip.
- the method starts in step S 101 with the security component generating a root identity.
- the root identity is a fundamental, source of identification for a “thing”, e.g. a device in the Internet of Things. Its main purpose is to provide the basis for authentication, authorisation, accountability and accounting of services for the “thing”.
- the root identity can be mapped onto authenticating data such as unique identifiers (UUID), symmetric keys or private/public key sets. It can be used to seed and/or validate additional identities in order to enable access to specific services.
- the root identity should be exposed as little as possible to prevent theft, abuse and privacy loss.
- the root identity may comprise some components that are “public” in the sense that, while they should be exposed as little as possible, some public exposure is necessary to authenticate the device.
- the public parts of a root identity may include, for example, one or more of a unique identifier for the security component, a symmetric key, and a public key.
- the public root identity typically includes information that has to be exposed to a certificate authority to record a Root Identity Certificate that can later be used to authorise the security component.
- Other parts of the root identity can be considered “private” because they do not need to be exposed during any authentication procedure and should be kept secret by the device.
- An example of a private part of a root identity is a private key from an asymmetric key pair.
- the security component may generate both public and private parts of its root identity internally.
- the security component can be requested to provide its root identity (step S 102 ).
- the security component determines whether it is currently operating in an enrolment phase (step S 103 ). If yes, the security component returns its public root identity to the requester (step S 104 ). If no, the security component does not provide its public root identity to the requester (step S 105 ). The private root identity is not provided to the requester.
- FIG. 2 A more detailed example of a chip generating an identity certificate is shown in FIG. 2 , with additional information about how the chip might respond to authentication requests after deployment.
- FIG. 2 shows a chip during an enrolment phase (shown generally at 201 ) and later deployment phase (shown generally at 202 ).
- the chip ( 204 ) comprises means for autonomously generating one or more root identities for the chip (RI chip ).
- the chip may generate the root identities during the enrolment phase or earlier, such as during manufacture. In one example the root identities may be generated during the first self-test of the chip.
- the chip may be configured to store the one or more root identities once generated so that they can be retrieved when needed. Alternatively the chip may also be capable of re-generating the root identities when required. Having the one or more root identities generated on the chip avoids the manufacturer having to securely manage cryptographic secrets before, during and after manufacture.
- the certificate authority ( 203 ) will still need to know the public root identity of the chip before it is deployed, however, so that it can authenticate the chip later.
- One possible opportunity for obtaining this information is at the end of manufacture, during chip testing.
- the root identity encrypted with the public key of a certification authority may be exposed to firmware and retrieved by a manufacturing testing JIG, for example.
- the root identity may then be safely stored on a local or remote server as a Root Identity Certificate before the chip is shipped to a customer.
- the public root identity may only be able to be exposed to the manufacturer until the manufacturing process is finished.
- One way of achieving this is to include one or more “enrolled fuses” on the chip. Once the enrolled fuse is blown, the root identity can no longer be read from the chip. If the manufacturer's certificate authority will be storing the Root Identity Certificate, only one enrolled fuse is required. Alternatively, the manufacturer could sell chips to customers with their own certificate authority. To enable this, some chips may have an extra enrolment fuse. This is termed “UseOtherCAPubKeyFuse” (see FIGS. 4 a and 4 b ), since if this fuse is blown by the manufacturer, it indicates that the harvesting process will be conducted using the public key of the customer's certificate authority rather than the manufacturer's.
- This additional public key may be written in NVM (non-volatile memory) or OTP (one-time programmable memory) (e.g., OTP 406 ) before enrolment takes place.
- NVM non-volatile memory
- OTP one-time programmable memory
- FIG. 3 An example method for blowing an enrolment fuses that implements the mechanism described above is shown in FIG. 3 .
- the chip may generate its root identity during a self-test procedure, as mentioned above.
- the chip may go through multiple self-tests during manufacture.
- the chip may generate one or more root identities during each of these self-tests. These root identities may be different from one another, because the chip only needs to be able to re-generate an existing root identity after that root identity has been passed to a certificate authority.
- the chip may therefore be configured to generate new root identities until the enrolment phase is complete (e.g. the fuse has blown) and thereafter either re-generate the root identities that have been passed to the certificate authority or retrieve them from memory (if the chip is configured to store its root identities).
- the re-generated identities may be the same as those that the chip previously generated, and the same as the identities shared with the certificate authority.
- An advantage of the method described above is that the private root identity, such as the private keys of the asymmetric key sets, are internally generated in the chip.
- the initial generation of the private root identity is thus independent of any external input, so the manufacturer is freed from having to protect cryptographic secrets.
- the root identity is additionally not exposed to the rest of the chip, and particularly not to firmware, after enrolment has been completed. Indeed most the information released by the chip during enrolment will be publicly exposed during use of the device anyway.
- the exception is any symmetric keys (SymKey), although the risk that these might fall into the wrong hands can be reduced by encrypting RI chip with CA PubKey . If the reduced level of security is unacceptable, then symmetric keys need not be exchanged as part of the enrolment process.
- a symmetric key may not be exchanged at enrolment, so that it forms part of the private root identity, and at other times it may be exchanged at enrolment, and form part of the public root identity.
- the Root Identity Certificates stored by the certificate authority can later be used to authenticate the chip's identity and integrity following a challenge in the field.
- An example of this is shown as part of the “deployment process” in FIG. 1 .
- a network gateway challenges the identity and application/firmware integrity of the chip.
- the actors in this process are a new device ( 204 ), a network gateway ( 205 ) that can admit the device to a network and the certificate authority ( 203 ), whose address is known to the gateway.
- the certificate authority vouches for the identity and integrity of the device (via the chip) as follows:
- the chip may autonomously re-generate its root identity. This is represented in FIG. 2 by PUF (physically unclonable function) 206 .
- PUF physically unclonable function
- the security component comprises a root identity generator, which may provide the ability to generate a configurable number (NUUID) of unique identifiers (UUIDs).
- NUUID configurable number
- the root identity generator may also be configured to generate an asymmetric private/public key set associated with each unique identifier: ⁇ PrivateKey i , PublicKey i ⁇
- the root identity generator may also be configured to generate a symmetric key associated with each unique identifier: ⁇ SymKey i ⁇ .
- the root identity generator may be capable of the following:
- the security component may comprise an output for sharing some security information with another device, so that the other device may authenticate it.
- This shared information is likely to include a unique identifier, public key of an asymmetric key pair and possibly a symmetric key pair. This information is suitably only shared during the enrolment phase, however.
- the security bit may therefore comprise an indicator such as an enrolment fuse or bit in OTP, which can be blown/set when the enrolment phase is completed.
- the security component may be configured to share the following with the other device:
- RI chip ⁇ (UUID 1 : PublicKey 1 ,SymKey 1 ),(UUID 2 : PublicKey 2 ,SymKey 2 ), . . . ⁇
- the security component may comprise an encryption unit for encrypting the information to be shared with the public key of the other device (which is likely to be associated with a certification authority).
- the information may be shared with the other device by being exposed to the firmware of the device within which the security component is incorporated, from which it can be transferred to the other device via a wired or wireless connection.
- the security component may be configured to regenerate the set of identifiers and keys (or of a part of it), in the same way as at initial switch on, at power up and/or on-demand, but the set is not exposed to any other part of the device (e.g. firmware).
- FIGS. 4 a and 4 b Examples of two different security components are shown in FIGS. 4 a and 4 b (like components across the two figures are indicated by like numerals).
- the root identity generator is implemented by crypto-block 401 .
- the root identity generator may comprise a repeatable source of entropy capable of seeding the identifier and/or keys.
- the source of entropy is Physical Unclonable Function Block (PUF) 403 , which is configured to provide a seed to cryptographic engine 402 .
- PAF Physical Unclonable Function Block
- FIG. 4 b Another embodiment is presented in FIG. 4 b .
- the source of entropy is a true random number generator 409 (possibly one that is National Institute of Science and Technology (NIST) compliant).
- the random number generator may be configured to generate the seed once at enrolment. The seed is then written in OTP and extracted from OTP every time that identifier and/or key regeneration is needed.
- Crypto-block 401 comprises a cryptographic engine 402 .
- the entropy source 403 is configured to seed the generation of a root identity by providing a seed to the cryptographic engine.
- the entropy source may generate the same or different seed for each functional unit in the cryptographic engine that generates a respective element of the root identity. Examples of suitable functional units include:
- ECC Elliptical Curve Cryptography
- the cryptoblock 401 is managed by trusted processor block 404 that has exclusive access to the configuration registers 405 of the crypto-block.
- the processor block may be configured to coordinate entropy source operation and RI chip extraction. It may also coordinate Root of Trust activities.
- the security component also comprises an output represented by bus 408 for sharing its public root identity with other parts of the device or a certificate authority.
- Bus 408 is merely an example, and any suitable wired or wireless output means might be employed.
- the security component also comprises an enrolment fuse 407 for preventing transfer of the public root key after the enrolment process is complete.
- FIGS. 4 a and 4 b are intended to correspond to a number of functional blocks in an apparatus. This is for illustrative purposes only.
- FIGS. 4 a and 4 b are not intended to define a strict division between different parts of hardware on a chip or between different programs, procedures or functions in software.
- some or all of the algorithms described herein may be performed wholly or partly in hardware.
- the algorithms may be implemented by a processor acting under software control. Any such software may be stored on a non-transient computer readable medium, such as a memory (RAM, cache, hard disk etc) or other storage means (USB stick, CD, disk etc).
- the provisioning methods and security component described above invert the role between originator and receiver of the cryptographical secret: the secret is generated on the chip and only public data is exposed during the enrolment process to the manufacturer. Private data is retained on the chip. If public data is leaked for a batch of chips, the manufacturer might lose income associated with providing a recurring identification and integrity verification service to a customer of those chips, but data confidentiality has not been compromised nor impersonation allowed. The prospect of external secret-leaking before, during and after manufacture is avoided since the focus has shifted from the securely storing keys externally provided by the manufacturer to chip internal, autonomous (re)generation of cryptographical secrets.
Abstract
Description
- This non-provisional patent application claims priority to Great Britain applications: GB 1412715.3, filed Jul. 17, 2014; GB 1405790.5, filed Mar. 31, 2014; GB 1403314.6, filed Feb. 25, 2014; GB 1405785.5, filed Mar. 31, 2014; GB 1405786.3, filed Mar. 31, 2014; GB 1405789.7, filed Mar. 31, 2014; GB 1403312.0, filed Feb. 25, 2014; GB 1405791.3, filed Mar. 31, 2014; GB 1405797.0, filed Mar. 31, 2014.
- This invention relates to provisioning a device with a means for authenticating itself to other devices.
- Security is of increasing concern in the so-called Internet of Things. The identity and integrity of an individual device is of paramount importance in a network of potentially thousands of cooperating elements. A typical approach is to provide specific hardware on the device to act as the root of trust and propagate that trust up to other firmware and applications executing on the device.
- The root of trust is a fundamental concept from which the security of the whole device and the services provided to/by the device propagates. The component should be reliable, tamper-proof and consistently behave in an expected manner. It should provide the minimum set of functionality needed to assess the integrity of the platform and the associated trustworthiness such as: measurement/storage/reporting of a set of metrics describing the platform characteristics (e.g. signed firmware hashes), and access to data signing/encryption for authentication, integrity and confidentiality purposes.
- At the heart of the root of trust is usually a secret. The secret may be a truly random number that represents or assists in the generation of a cryptographical secret, such as a symmetric key or an asymmetric key-set, embedded in a controlled environment into the hardware of the chip/device, which can be challenged later. The secret is usually generated outside the chip and later embedded in the chip. This creates a serious challenge in managing the secret, which must be tightly controlled and monitored all the way through. Information on the secret (such as a private key burnt into the chip/device) might leak before or after manufacturing, invalidate the scheme and expose the customer to the risk of cloning and theft of sensitive data. Thus safe rooms (or “cages”) are typically required during manufacture.
- There is a need for an improved mechanism for provisioning a device with security details that will enable it to authenticate itself with another device.
- According to a first embodiment, there is provided a security component for authenticating a device, within which it is incorporated, with another device, the security component comprising a root identity generator configured to generate a root identity comprising a public root identity and a private root identity and an output configured to output the public root identity for sharing with the other device and to not output the private root identity.
- The root identity generator may be configured to generate, as part of the private root identity, a private key of an asymmetric key set.
- The root identity generator may be configured to generate, as part of the public root identity, one or more of a unique identifier for the security component, a public key of an asymmetric key set and a symmetric key.
- The root identity generator may be configured to generate multiple unique root identities for the security component.
- The root identity generator may be capable of repeatably generating the root identity.
- The security component may be configured not to store the root identity.
- The root identity generator may be configured to, when the security component requires the root identity, regenerate the root identity.
- The security component may comprise a memory configured to store the root identity and the security component may be configured to, when it requires the root identity, retrieve it from memory.
- The security component may comprise an enrolment indicator and may be configured to, when the public root identity is shared with the other device, set the enrolment indicator.
- The security component may be configured not to share the public root identity if the enrolment indicator is set.
- The root identity generator may be configured to, each time that the security component is required to generate a root identity when the enrolment indicator is not set, generate a new root identity.
- The root identity generator may be configured to, each time that the security component is required to generate a root identity when the enrolment indicator is set, regenerate a previously generated root identity.
- The root identity generator may be configured to, each time that the security component is required to generate a root identity when the enrolment indicator is set, regenerate the root identity that comprises the public root identity shared with the other device.
- The root identity generator may be configured to generate a root identity during a self-test of the security component.
- The security component may be configured not to share the private root identity with parts of the device that are outside of the security component.
- The security component may comprise an encryption unit configured to encrypt and/or decrypt communications with the other device using the private root identity.
- The encryption unit may be configured to encrypt any data that it shares with the other device with a public key of the other device.
- The output may be configured to output the public root identity for sharing with a certificate authority.
- The root identity generator may comprise an entropy source.
- The security component may be for incorporation in a wireless communication device.
- According to a second embodiment, there is provided a method for provisioning a device with security credentials to enable it to authorise itself with another device, comprising incorporating a security component in the device, generating, by means of the security component, a root identity comprising a public root identity and a private root identity and the security component outputting the public root identity for sharing with the other device and not outputting the private root identity.
- The present invention will now be described by way of example with reference to the accompanying drawings. In the drawings:
-
FIG. 1 shows a method for generating an identity certificate; -
FIG. 2 shows the enrolment and deployment of a chip; -
FIG. 3 shows a method for blowing an enrolment fuse; and -
FIGS. 4 a and 4 b show examples of security components. - The following description is presented to enable any person skilled in the art to make and use the invention, and is provided in the context of a particular application. Various modifications to the disclosed embodiments will be readily apparent to those skilled in the art.
- The general principles defined herein may be applied to other embodiments and applications without departing from the spirit and scope of the present invention. Thus, the present invention is not intended to be limited to the embodiments shown, but is to be accorded the widest scope consistent with the principles and features disclosed herein.
- An example of a method for generating an identity certificate for a device is shown in
FIG. 1 . The device incorporates a security component. This component may be capable of acting as a silicon root of trust for the device. It is likely to be implemented as an integrated circuit or chip. The method starts in step S101 with the security component generating a root identity. The root identity is a fundamental, source of identification for a “thing”, e.g. a device in the Internet of Things. Its main purpose is to provide the basis for authentication, authorisation, accountability and accounting of services for the “thing”. The root identity can be mapped onto authenticating data such as unique identifiers (UUID), symmetric keys or private/public key sets. It can be used to seed and/or validate additional identities in order to enable access to specific services. The root identity should be exposed as little as possible to prevent theft, abuse and privacy loss. - The root identity may comprise some components that are “public” in the sense that, while they should be exposed as little as possible, some public exposure is necessary to authenticate the device. The public parts of a root identity may include, for example, one or more of a unique identifier for the security component, a symmetric key, and a public key. The public root identity typically includes information that has to be exposed to a certificate authority to record a Root Identity Certificate that can later be used to authorise the security component. Other parts of the root identity can be considered “private” because they do not need to be exposed during any authentication procedure and should be kept secret by the device. An example of a private part of a root identity is a private key from an asymmetric key pair. The security component may generate both public and private parts of its root identity internally.
- The security component can be requested to provide its root identity (step S102). The security component determines whether it is currently operating in an enrolment phase (step S103). If yes, the security component returns its public root identity to the requester (step S104). If no, the security component does not provide its public root identity to the requester (step S105). The private root identity is not provided to the requester.
- A more detailed example of a chip generating an identity certificate is shown in
FIG. 2 , with additional information about how the chip might respond to authentication requests after deployment. -
FIG. 2 shows a chip during an enrolment phase (shown generally at 201) and later deployment phase (shown generally at 202). The chip (204) comprises means for autonomously generating one or more root identities for the chip (RIchip). The chip may generate the root identities during the enrolment phase or earlier, such as during manufacture. In one example the root identities may be generated during the first self-test of the chip. The chip may be configured to store the one or more root identities once generated so that they can be retrieved when needed. Alternatively the chip may also be capable of re-generating the root identities when required. Having the one or more root identities generated on the chip avoids the manufacturer having to securely manage cryptographic secrets before, during and after manufacture. - The certificate authority (203) will still need to know the public root identity of the chip before it is deployed, however, so that it can authenticate the chip later. One possible opportunity for obtaining this information is at the end of manufacture, during chip testing. The root identity encrypted with the public key of a certification authority may be exposed to firmware and retrieved by a manufacturing testing JIG, for example. The root identity may then be safely stored on a local or remote server as a Root Identity Certificate before the chip is shipped to a customer.
- The public root identity may only be able to be exposed to the manufacturer until the manufacturing process is finished. One way of achieving this is to include one or more “enrolled fuses” on the chip. Once the enrolled fuse is blown, the root identity can no longer be read from the chip. If the manufacturer's certificate authority will be storing the Root Identity Certificate, only one enrolled fuse is required. Alternatively, the manufacturer could sell chips to customers with their own certificate authority. To enable this, some chips may have an extra enrolment fuse. This is termed “UseOtherCAPubKeyFuse” (see
FIGS. 4 a and 4 b), since if this fuse is blown by the manufacturer, it indicates that the harvesting process will be conducted using the public key of the customer's certificate authority rather than the manufacturer's. This additional public key may be written in NVM (non-volatile memory) or OTP (one-time programmable memory) (e.g., OTP 406) before enrolment takes place. An example method for blowing an enrolment fuses that implements the mechanism described above is shown inFIG. 3 . - The chip may generate its root identity during a self-test procedure, as mentioned above. The chip may go through multiple self-tests during manufacture. The chip may generate one or more root identities during each of these self-tests. These root identities may be different from one another, because the chip only needs to be able to re-generate an existing root identity after that root identity has been passed to a certificate authority. The chip may therefore be configured to generate new root identities until the enrolment phase is complete (e.g. the fuse has blown) and thereafter either re-generate the root identities that have been passed to the certificate authority or retrieve them from memory (if the chip is configured to store its root identities). The re-generated identities may be the same as those that the chip previously generated, and the same as the identities shared with the certificate authority.
- An advantage of the method described above is that the private root identity, such as the private keys of the asymmetric key sets, are internally generated in the chip. The initial generation of the private root identity is thus independent of any external input, so the manufacturer is freed from having to protect cryptographic secrets. The root identity is additionally not exposed to the rest of the chip, and particularly not to firmware, after enrolment has been completed. Indeed most the information released by the chip during enrolment will be publicly exposed during use of the device anyway. The exception is any symmetric keys (SymKey), although the risk that these might fall into the wrong hands can be reduced by encrypting RIchip with CAPubKey. If the reduced level of security is unacceptable, then symmetric keys need not be exchanged as part of the enrolment process. Thus, the exact contents of the “private” and “public” parts of the root identity may depend on the context. In some implementations a symmetric key may not be exchanged at enrolment, so that it forms part of the private root identity, and at other times it may be exchanged at enrolment, and form part of the public root identity.
- The Root Identity Certificates stored by the certificate authority can later be used to authenticate the chip's identity and integrity following a challenge in the field. An example of this is shown as part of the “deployment process” in
FIG. 1 . In this example, after the enrolment phase has been terminated and the device (onto which the chip is embedded) deployed in the field, a network gateway challenges the identity and application/firmware integrity of the chip. The actors in this process are a new device (204), a network gateway (205) that can admit the device to a network and the certificate authority (203), whose address is known to the gateway. The certificate authority vouches for the identity and integrity of the device (via the chip) as follows: -
- The network gateway issues an identity challenge.
- The chip returns its UUID and a nonce, encrypted with the certificate authority's public key (CAPubKey).
- The network gateway transparently forwards the reply from the device to the certificate authority.
- The certificate authority decrypts the chip's initial response to the challenge, identifies the UUID and fetches from the database the associated public key of the chip (ChipPubKey)
- The certificate authority uses the public key (ChipPubKey) to encrypt a salted challenge, which the network gateway transparently forwards to the device.
- Only the real chip is able to decrypt the challenge using its private key and successfully reply using the certificate authority's public key (CAPubKey).
- The certificate authority decrypts the reply and confirms the identity of the device to the network gateway.
- The network gateway finally allows the device to join the network.
- In a further development the chip may autonomously re-generate its root identity. This is represented in
FIG. 2 by PUF (physically unclonable function) 206. Thus, rather than storing its root identity the chip may just regenerate it when required, hence improving security. - Specific examples of a security component are shown in
FIGS. 4 a and b. The security component might be incorporated into a wide range of devices but it is likely that it will most commonly be incorporated into devices that are configured for wireless communication. In general terms, the security component comprises a root identity generator, which may provide the ability to generate a configurable number (NUUID) of unique identifiers (UUIDs). The identifiers are thus unique in the sense that they are unique to the component, but each component may have multiple identifiers: {UUIDi}, i=1. NUUID - The root identity generator may also be configured to generate an asymmetric private/public key set associated with each unique identifier: {PrivateKeyi, PublicKeyi} The root identity generator may also be configured to generate a symmetric key associated with each unique identifier: {SymKeyi}.
- The root identity generator may be capable of the following:
-
- Stochastic distribution across different chips so that, taking a chip at random, it is statistically impossible to tell if the ith bit of any of the identifiers and/or keys is a 0 or a 1, even if one or more of the other bits are known and even if the output of all other chips is known.
- Generating different sizes of identifiers and/or keys and identifiers and/or keys that can be used for different purposes (e.g. signing vs. encryption).
- Autonomous regeneration of identifiers and/or keys each time that the chip is powered up or each time that the chip needs to use the identifiers and/or keys. Identifiers and/or keys may be strictly repeatable over a wide range of operative conditions, in temperature and voltage and across different power-cycling events. The key generator need only be configured to regenerate identifiers and/or keys after it has been through the enrolment phase. Before that point, the key generator may be configured to generate new identifiers and/or keys each time that the chip is powered up or goes through a self-test procedure.
- The security component may comprise an output for sharing some security information with another device, so that the other device may authenticate it. This shared information is likely to include a unique identifier, public key of an asymmetric key pair and possibly a symmetric key pair. This information is suitably only shared during the enrolment phase, however. The security bit may therefore comprise an indicator such as an enrolment fuse or bit in OTP, which can be blown/set when the enrolment phase is completed.
- If the indicator is not set, the security component may be configured to share the following with the other device:
-
RIchip={(UUID1: PublicKey1,SymKey1),(UUID2: PublicKey2,SymKey2), . . . } - The security component may comprise an encryption unit for encrypting the information to be shared with the public key of the other device (which is likely to be associated with a certification authority). The information may be shared with the other device by being exposed to the firmware of the device within which the security component is incorporated, from which it can be transferred to the other device via a wired or wireless connection.
- If the indicator is set, the security component may be configured to regenerate the set of identifiers and keys (or of a part of it), in the same way as at initial switch on, at power up and/or on-demand, but the set is not exposed to any other part of the device (e.g. firmware).
- Examples of two different security components are shown in
FIGS. 4 a and 4 b (like components across the two figures are indicated by like numerals). In the examples ofFIGS. 4 a and 4 b, the root identity generator is implemented by crypto-block 401. The root identity generator may comprise a repeatable source of entropy capable of seeding the identifier and/or keys. In the example ofFIG. 4 a, the source of entropy is Physical Unclonable Function Block (PUF) 403, which is configured to provide a seed tocryptographic engine 402. Another embodiment is presented inFIG. 4 b. In this example the source of entropy is a true random number generator 409 (possibly one that is National Institute of Science and Technology (NIST) compliant). The random number generator may be configured to generate the seed once at enrolment. The seed is then written in OTP and extracted from OTP every time that identifier and/or key regeneration is needed. - Crypto-
block 401 comprises acryptographic engine 402. Theentropy source 403 is configured to seed the generation of a root identity by providing a seed to the cryptographic engine. The entropy source may generate the same or different seed for each functional unit in the cryptographic engine that generates a respective element of the root identity. Examples of suitable functional units include: - 1. an Elliptical Curve Cryptography (ECC) multiplier to generate the public/private key pair as a set of asymmetric elliptic cryptographic keys {PrKey, PubKey};
2. a key derivation function to generate a symmetric key {SymKey}; and
3. a hashing function to generate a unique identifier {UUID}. - The
cryptoblock 401 is managed by trustedprocessor block 404 that has exclusive access to the configuration registers 405 of the crypto-block. The processor block may be configured to coordinate entropy source operation and RIchip extraction. It may also coordinate Root of Trust activities. - The security component also comprises an output represented by
bus 408 for sharing its public root identity with other parts of the device or a certificate authority.Bus 408 is merely an example, and any suitable wired or wireless output means might be employed. The security component also comprises anenrolment fuse 407 for preventing transfer of the public root key after the enrolment process is complete. - The structures shown in
FIGS. 4 a and 4 b (and indeed all block apparatus diagrams included herein) are intended to correspond to a number of functional blocks in an apparatus. This is for illustrative purposes only.FIGS. 4 a and 4 b are not intended to define a strict division between different parts of hardware on a chip or between different programs, procedures or functions in software. In some embodiments, some or all of the algorithms described herein may be performed wholly or partly in hardware. In other implementations, the algorithms may be implemented by a processor acting under software control. Any such software may be stored on a non-transient computer readable medium, such as a memory (RAM, cache, hard disk etc) or other storage means (USB stick, CD, disk etc). - The provisioning methods and security component described above invert the role between originator and receiver of the cryptographical secret: the secret is generated on the chip and only public data is exposed during the enrolment process to the manufacturer. Private data is retained on the chip. If public data is leaked for a batch of chips, the manufacturer might lose income associated with providing a recurring identification and integrity verification service to a customer of those chips, but data confidentiality has not been compromised nor impersonation allowed. The prospect of external secret-leaking before, during and after manufacture is avoided since the focus has shifted from the securely storing keys externally provided by the manufacturer to chip internal, autonomous (re)generation of cryptographical secrets. Thus, provided that side-attacks are prevented, impersonation and sensitive data stealing are not possible unless the chip's private keys are extracted from the crypto-block using lab-attacks. This is theoretically impossible with a PUF since accessing the PUF structure by definition alters its behaviour. It is also highly unlikely with OTP.
- The applicant hereby discloses in isolation each individual feature described herein and any combination of two or more such features, to the extent that such features or combinations are capable of being carried out based on the present specification as a whole in the light of the common general knowledge of a person skilled in the art, irrespective of whether such features or combinations of features solve any problems disclosed herein, and without limitation to the scope of the claims. The applicant indicates that aspects of the present invention may consist of any such individual feature or combination of features. In view of the foregoing description it will be evident to a person skilled in the art that various modifications may be made within the scope of the invention.
Claims (20)
Applications Claiming Priority (18)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GB1403312.0A GB2515853B (en) | 2014-02-25 | 2014-02-25 | Latency mitigation |
GB1403314.6 | 2014-02-25 | ||
GB1403312.0 | 2014-02-25 | ||
GB1403314.6A GB2512733B (en) | 2014-02-25 | 2014-02-25 | Broadcast retransmission |
GB1405786.3 | 2014-03-31 | ||
GB1405786.3A GB2512746B (en) | 2014-02-25 | 2014-03-31 | Thwarting traffic analysis |
GB1405785.5 | 2014-03-31 | ||
GB1405797.0 | 2014-03-31 | ||
GB1405789.7 | 2014-03-31 | ||
GB1405785.5A GB2512501A (en) | 2014-02-25 | 2014-03-31 | Packet identification |
GB1405789.7A GB2512502B (en) | 2014-02-25 | 2014-03-31 | Device authentication |
GB1405791.3 | 2014-03-31 | ||
GB1405790.5A GB2512747B (en) | 2014-02-25 | 2014-03-31 | Mesh relay |
GB1405791.3A GB2512748B (en) | 2014-02-25 | 2014-03-31 | Auto-configuration of a mesh relay's TX/RX schedule |
GB1405790.5 | 2014-03-31 | ||
GB1405797.0A GB2512749B (en) | 2014-02-25 | 2014-03-31 | Linking ad hoc networks |
GB1412715.3 | 2014-07-17 | ||
GB1412715.3A GB2513265B (en) | 2014-02-25 | 2014-07-17 | Provisioning of security credentials |
Publications (1)
Publication Number | Publication Date |
---|---|
US20150242614A1 true US20150242614A1 (en) | 2015-08-27 |
Family
ID=50737759
Family Applications (14)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/270,961 Active 2035-05-12 US10055570B2 (en) | 2014-02-25 | 2014-05-06 | Mesh relay |
US14/270,884 Abandoned US20150244648A1 (en) | 2014-02-25 | 2014-05-06 | Auto-configuration of a mesh relay's tx/rx schedule |
US14/297,324 Active 2034-12-08 US9489506B2 (en) | 2014-02-25 | 2014-06-05 | Linking ad hoc networks |
US14/298,177 Abandoned US20150245203A1 (en) | 2014-02-25 | 2014-06-06 | Packet identification |
US14/316,404 Abandoned US20150245204A1 (en) | 2014-02-25 | 2014-06-26 | Device authentication |
US14/316,529 Abandoned US20150244828A1 (en) | 2014-02-25 | 2014-06-26 | Thwarting traffic analysis |
US14/505,443 Active 2035-06-01 US9754096B2 (en) | 2014-02-25 | 2014-10-02 | Update management |
US14/505,458 Active US9672346B2 (en) | 2014-02-25 | 2014-10-02 | Object tracking by establishing a mesh network and transmitting packets |
US14/505,399 Active 2035-04-03 US9910976B2 (en) | 2014-02-25 | 2014-10-02 | Processing mesh communications |
US14/505,437 Abandoned US20150245369A1 (en) | 2014-02-25 | 2014-10-02 | Communicating data over a mesh network |
US14/505,465 Abandoned US20150244565A1 (en) | 2014-02-25 | 2014-10-02 | Network configuration |
US14/505,418 Abandoned US20150242614A1 (en) | 2014-02-25 | 2014-10-02 | Provisioning of security credentials |
US14/505,466 Abandoned US20150244623A1 (en) | 2014-02-25 | 2014-10-02 | Mesh profiling |
US14/505,454 Expired - Fee Related US9842202B2 (en) | 2014-02-25 | 2014-10-02 | Device proximity |
Family Applications Before (11)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/270,961 Active 2035-05-12 US10055570B2 (en) | 2014-02-25 | 2014-05-06 | Mesh relay |
US14/270,884 Abandoned US20150244648A1 (en) | 2014-02-25 | 2014-05-06 | Auto-configuration of a mesh relay's tx/rx schedule |
US14/297,324 Active 2034-12-08 US9489506B2 (en) | 2014-02-25 | 2014-06-05 | Linking ad hoc networks |
US14/298,177 Abandoned US20150245203A1 (en) | 2014-02-25 | 2014-06-06 | Packet identification |
US14/316,404 Abandoned US20150245204A1 (en) | 2014-02-25 | 2014-06-26 | Device authentication |
US14/316,529 Abandoned US20150244828A1 (en) | 2014-02-25 | 2014-06-26 | Thwarting traffic analysis |
US14/505,443 Active 2035-06-01 US9754096B2 (en) | 2014-02-25 | 2014-10-02 | Update management |
US14/505,458 Active US9672346B2 (en) | 2014-02-25 | 2014-10-02 | Object tracking by establishing a mesh network and transmitting packets |
US14/505,399 Active 2035-04-03 US9910976B2 (en) | 2014-02-25 | 2014-10-02 | Processing mesh communications |
US14/505,437 Abandoned US20150245369A1 (en) | 2014-02-25 | 2014-10-02 | Communicating data over a mesh network |
US14/505,465 Abandoned US20150244565A1 (en) | 2014-02-25 | 2014-10-02 | Network configuration |
Family Applications After (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/505,466 Abandoned US20150244623A1 (en) | 2014-02-25 | 2014-10-02 | Mesh profiling |
US14/505,454 Expired - Fee Related US9842202B2 (en) | 2014-02-25 | 2014-10-02 | Device proximity |
Country Status (3)
Country | Link |
---|---|
US (14) | US10055570B2 (en) |
DE (13) | DE102014019749B3 (en) |
GB (18) | GB2512749B (en) |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9489506B2 (en) | 2014-02-25 | 2016-11-08 | Qualcomm Technologies International, Ltd. | Linking ad hoc networks |
US9692538B2 (en) | 2014-02-25 | 2017-06-27 | Qualcomm Technologies International, Ltd. | Latency mitigation |
US20180145829A1 (en) * | 2016-11-24 | 2018-05-24 | Samsung Electronics Co, Ltd | Data management method |
CN109756324A (en) * | 2017-11-02 | 2019-05-14 | 大唐移动通信设备有限公司 | Cryptographic key negotiation method, terminal and gateway in a kind of Mesh network |
US20190213359A1 (en) * | 2018-01-10 | 2019-07-11 | General Electric Company | Secure provisioning of secrets into mpsoc devices using untrusted third-party systems |
US10951653B2 (en) | 2017-09-22 | 2021-03-16 | Samsung Electronics Co., Ltd. | Apparatus including secure component and method of provisioning security information into the apparatus |
US11018871B2 (en) * | 2018-03-30 | 2021-05-25 | Intel Corporation | Key protection for computing platform |
US20210273920A1 (en) * | 2020-02-28 | 2021-09-02 | Vmware, Inc. | Secure certificate or key distribution for synchronous mobile device management (mdm) clients |
US11210678B2 (en) | 2016-11-18 | 2021-12-28 | Samsung Electronics Co., Ltd. | Component for provisioning security data and product including the same |
Families Citing this family (120)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103974225B (en) * | 2013-02-01 | 2018-03-13 | 财团法人工业技术研究院 | Communication device, device-to-device communication system and wireless communication method thereof |
US10078811B2 (en) | 2013-11-29 | 2018-09-18 | Fedex Corporate Services, Inc. | Determining node location based on context data in a wireless node network |
US9451462B2 (en) * | 2014-08-10 | 2016-09-20 | Belkin International Inc. | Setup of multiple IoT network devices |
US9918351B2 (en) | 2014-04-01 | 2018-03-13 | Belkin International Inc. | Setup of multiple IOT networks devices |
US10453023B2 (en) | 2014-05-28 | 2019-10-22 | Fedex Corporate Services, Inc. | Methods and node apparatus for adaptive node communication within a wireless node network |
US9386605B2 (en) * | 2014-07-11 | 2016-07-05 | Motorola Solutions, Inc. | Mobile dynamic mesh cluster bridging method and apparatus at incident scenes |
US9872240B2 (en) | 2014-08-19 | 2018-01-16 | Belkin International Inc. | Network device source entity triggered device configuration setup |
FR3026587A1 (en) * | 2014-09-30 | 2016-04-01 | Orange | METHOD OF ACCESS BY A MASTER DEVICE TO A VALUE TAKEN BY A CHARACTERISTIC MANAGED BY A PERIPHERAL DEVICE |
FR3031822B1 (en) * | 2015-01-16 | 2018-04-13 | Airbus Operations | DOWNLOADING DATA ON REMOTE EQUIPMENT |
US10681479B2 (en) | 2015-01-30 | 2020-06-09 | Cassia Networks Inc. | Methods, devices and systems for bluetooth audio transmission |
US9769594B2 (en) * | 2015-01-30 | 2017-09-19 | Cassia Networks Inc. | Methods, devices and systems for increasing wireless communication range |
US11238397B2 (en) | 2015-02-09 | 2022-02-01 | Fedex Corporate Services, Inc. | Methods, apparatus, and systems for generating a corrective pickup notification for a shipped item using a mobile master node |
US9426616B1 (en) * | 2015-02-10 | 2016-08-23 | Tyco Fire & Security Gmbh | Wireless sensor network controlled low energy link |
FR3033118B1 (en) * | 2015-02-19 | 2017-02-17 | Sigfox | METHOD AND SYSTEM FOR WIRELESS COMMUNICATION BETWEEN TERMINALS AND SEMI-DUPLEX BASE STATIONS |
US11171941B2 (en) * | 2015-02-24 | 2021-11-09 | Nelson A. Cicchitto | Mobile device enabled desktop tethered and tetherless authentication |
US10848485B2 (en) | 2015-02-24 | 2020-11-24 | Nelson Cicchitto | Method and apparatus for a social network score system communicably connected to an ID-less and password-less authentication system |
US11122034B2 (en) | 2015-02-24 | 2021-09-14 | Nelson A. Cicchitto | Method and apparatus for an identity assurance score with ties to an ID-less and password-less authentication system |
EP3262893B1 (en) | 2015-02-26 | 2019-07-03 | Telefonaktiebolaget LM Ericsson (publ) | Energy efficient ble mesh initialisation and operation |
JP6566669B2 (en) * | 2015-03-12 | 2019-08-28 | キヤノン株式会社 | Information processing apparatus, control method thereof, communication method, and program |
TWI552001B (en) * | 2015-04-13 | 2016-10-01 | 聚眾聯合科技股份有限公司 | Connection information sharing system, computer program, and connection information sharing method thereof |
CN106304303B (en) * | 2015-06-09 | 2019-11-12 | 沈阳中科奥维科技股份有限公司 | A kind of power regulating method suitable for WIA-PA wireless network |
US10375492B2 (en) | 2015-06-30 | 2019-08-06 | Sonova, AG | Method of fitting a hearing assistance device |
WO2017007409A1 (en) * | 2015-07-06 | 2017-01-12 | Telefonaktiebolaget Lm Ericsson (Publ) | Apparatus and method for forwarding messages |
US9985839B2 (en) | 2015-07-08 | 2018-05-29 | Fedex Corporate Services, Inc. | Systems, apparatus, and methods of event monitoring for an event candidate within a wireless node network based upon sighting events, sporadic events, and benchmark checkpoint events |
US9843929B2 (en) | 2015-08-21 | 2017-12-12 | Afero, Inc. | Apparatus and method for sharing WiFi security data in an internet of things (IoT) system |
US9503969B1 (en) | 2015-08-25 | 2016-11-22 | Afero, Inc. | Apparatus and method for a dynamic scan interval for a wireless device |
CN108353277B (en) * | 2015-09-30 | 2021-09-28 | 谷歌有限责任公司 | Low energy radio and system including low energy radio |
US10990616B2 (en) * | 2015-11-17 | 2021-04-27 | Nec Corporation | Fast pattern discovery for log analytics |
US10673646B1 (en) * | 2018-12-09 | 2020-06-02 | Olibra Llc | System, device, and method of multi-path wireless communication |
US10432461B2 (en) * | 2015-12-04 | 2019-10-01 | T-Mobile Usa, Inc. | Peer-to-peer distribution of radio protocol data for software defined radio (SDR) updates |
KR102381371B1 (en) | 2015-12-10 | 2022-03-31 | 삼성전자주식회사 | System and method for providing information by using near field communication |
US10805344B2 (en) * | 2015-12-14 | 2020-10-13 | Afero, Inc. | Apparatus and method for obscuring wireless communication patterns |
US10447784B2 (en) | 2015-12-14 | 2019-10-15 | Afero, Inc. | Apparatus and method for modifying packet interval timing to identify a data transfer condition |
US10091242B2 (en) | 2015-12-14 | 2018-10-02 | Afero, Inc. | System and method for establishing a secondary communication channel to control an internet of things (IOT) device |
US9992065B2 (en) * | 2015-12-15 | 2018-06-05 | T-Mobile Usa, Inc. | Selective wi-fi calling router updates |
US10659442B1 (en) * | 2015-12-21 | 2020-05-19 | Marvell International Ltd. | Security in smart configuration for WLAN based IOT device |
US20170187602A1 (en) * | 2015-12-29 | 2017-06-29 | Vivek Pathela | System and method of troubleshooting network source inefficiency |
US10708842B2 (en) * | 2016-01-13 | 2020-07-07 | Locus Control LLC | Low power communications system |
US10148453B2 (en) * | 2016-02-24 | 2018-12-04 | Qualcomm Incorporated | Using update slot to synchronize to Bluetooth LE isochronous channel and communicate state changes |
CN108780538A (en) | 2016-03-23 | 2018-11-09 | 联邦快递服务公司 | The system, apparatus and method of broadcast setting for the node in self-adjusting wireless node network |
GB2549735B (en) * | 2016-04-26 | 2020-07-29 | Checkit Ltd | Network access control |
US10951261B2 (en) | 2016-04-29 | 2021-03-16 | Texas Instruments Incorporated | Pseudo channel hopping in mesh networks without time synchronization |
US10205606B2 (en) | 2016-06-15 | 2019-02-12 | Abl Ip Holding Llc | Mesh over-the-air (OTA) luminaire firmware update |
US10873854B2 (en) * | 2016-07-28 | 2020-12-22 | Lg Electronics Inc. | Method and apparatus for establishing connection of devices |
US10798548B2 (en) * | 2016-08-22 | 2020-10-06 | Lg Electronics Inc. | Method for controlling device by using Bluetooth technology, and apparatus |
EP3312762B1 (en) * | 2016-10-18 | 2023-03-01 | Axis AB | Method and system for tracking an object in a defined area |
US9781603B1 (en) * | 2016-10-20 | 2017-10-03 | Fortress Cyber Security, LLC | Combined network and physical security appliance |
US10348514B2 (en) * | 2016-10-26 | 2019-07-09 | Abl Ip Holding Llc | Mesh over-the-air (OTA) driver update using site profile based multiple platform image |
DE102016124168A1 (en) * | 2016-12-13 | 2018-06-14 | Endress+Hauser Conducta Gmbh+Co. Kg | Method for operating a specific field device via a mobile operating device |
WO2018118822A1 (en) * | 2016-12-20 | 2018-06-28 | Abbott Diabetes Care Inc. | Systems, devices and methods for wireless communications in analyte monitoring devices |
CN106792853B (en) * | 2016-12-22 | 2020-05-12 | 青岛亿联客信息技术有限公司 | New equipment adding method for Bluetooth mesh network |
CN106713047A (en) * | 2017-01-12 | 2017-05-24 | 泰凌微电子(上海)有限公司 | Node upgrading method and system in mesh network |
US10433134B2 (en) | 2017-01-24 | 2019-10-01 | Arris Enterprises Llc | Video gateway as an internet of things mesh enhancer apparatus and method |
CN110168454B (en) * | 2017-02-21 | 2022-05-06 | 欧姆龙株式会社 | Method for controlling a field device, control device, technical system and storage medium |
US10362612B2 (en) | 2017-03-06 | 2019-07-23 | Citrix Systems, Inc. | Virtual private networking based on peer-to-peer communication |
CN110352586B (en) * | 2017-03-08 | 2021-12-07 | 日立能源瑞士股份公司 | Method and apparatus for preserving relative timing and ordering of data packets in a network |
DE102017106381A1 (en) | 2017-03-24 | 2018-09-27 | Newtec Gmbh | Method and apparatus for wirelessly transmitting a data signal |
EP3610661A4 (en) * | 2017-04-10 | 2020-09-16 | Itron Networked Solutions, Inc. | Efficient internet-of-things device configuration via quick response codes |
US10116523B1 (en) * | 2017-04-12 | 2018-10-30 | Fisher-Rosemount Systems, Inc. | Predictive connectivity diagnostics for a wireless mesh network in a process control system |
US11229023B2 (en) * | 2017-04-21 | 2022-01-18 | Netgear, Inc. | Secure communication in network access points |
US10605609B2 (en) * | 2017-05-03 | 2020-03-31 | Microsoft Technology Licensing, Llc | Coupled interactive devices |
DE102017207871A1 (en) * | 2017-05-10 | 2018-11-15 | Tridonic Gmbh & Co Kg | Firmware Update-Over-The Air (FOTA) in building technology |
CA3063105A1 (en) | 2017-05-23 | 2018-11-29 | Walmart Apollo, Llc | Automated inspection system |
US10389854B2 (en) * | 2017-06-15 | 2019-08-20 | Infinet, LLC | Method and system for forming an ad-hoc network over heterogeneous protocols |
US9955307B1 (en) * | 2017-08-03 | 2018-04-24 | Here Global B.V. | Distributed relative positioning |
US20210132932A1 (en) * | 2017-08-15 | 2021-05-06 | General Electric Company | Smart equipment, method used by smart equipment, and smart lamp |
US10666624B2 (en) * | 2017-08-23 | 2020-05-26 | Qualcomm Incorporated | Systems and methods for optimized network layer message processing |
CN107635215A (en) * | 2017-08-25 | 2018-01-26 | 西安电子科技大学 | Mesh network-building methods based on low-power consumption bluetooth |
CN107508714B (en) * | 2017-09-26 | 2020-09-15 | 深圳市微智电子有限公司 | Method and device for carrying out network configuration on Bluetooth equipment based on Bluetooth mesh |
US11057204B2 (en) * | 2017-10-04 | 2021-07-06 | Amir Keyvan Khandani | Methods for encrypted data communications |
US11490400B2 (en) * | 2017-11-15 | 2022-11-01 | Telefonaktiebolaget Lm Ericsson (Publ) | End node, relay node, and methods performed therein for handling transmission of information |
CN108064034A (en) * | 2017-11-17 | 2018-05-22 | 芯海科技(深圳)股份有限公司 | A kind of data collection network method of mesh networkings |
EP3489922B1 (en) | 2017-11-24 | 2022-01-05 | Andreas Stihl AG & Co. KG | Method of operating a wireless transmitter and a wireless receiver and system |
EP3718352B1 (en) * | 2017-11-28 | 2021-07-07 | Telefonaktiebolaget LM Ericsson (publ) | Message transmission with reduced interference |
WO2019117763A1 (en) * | 2017-12-11 | 2019-06-20 | Telefonaktiebolaget Lm Ericsson (Publ) | Channel scanning in a mesh network |
US10554562B2 (en) * | 2017-12-22 | 2020-02-04 | International Business Machines Corporation | Streaming network |
RU2666306C1 (en) * | 2017-12-27 | 2018-09-06 | федеральное государственное автономное образовательное учреждение высшего образования "Санкт-Петербургский политехнический университет Петра Великого" (ФГАОУ ВО "СПбПУ") | Method of controlling communication of single-range intercomputer data network |
US10607012B2 (en) | 2017-12-29 | 2020-03-31 | Delphian Systems, LLC | Bridge computing device control in local networks of interconnected devices |
KR102530441B1 (en) | 2018-01-29 | 2023-05-09 | 삼성전자주식회사 | Electronic device, external electronic device, system comprising the same and control method thereof |
US10944669B1 (en) | 2018-02-09 | 2021-03-09 | GoTenna, Inc. | System and method for efficient network-wide broadcast in a multi-hop wireless network using packet echos |
US11516682B2 (en) * | 2018-03-16 | 2022-11-29 | Telefonaktiebolaget Lm Ericsson (Publ) | Methods and nodes for obtaining information regarding a bluetooth mesh network |
US11448632B2 (en) | 2018-03-19 | 2022-09-20 | Walmart Apollo, Llc | System and method for the determination of produce shelf life |
US11658865B2 (en) * | 2018-03-20 | 2023-05-23 | Delphian Systems, LLC | Updating devices in a local network of interconnected devices |
US10869227B2 (en) * | 2018-03-23 | 2020-12-15 | Telefonaktiebolaget Lm Ericsson (Publ) | Message cache management in a mesh network |
US10613505B2 (en) | 2018-03-29 | 2020-04-07 | Saudi Arabian Oil Company | Intelligent distributed industrial facility safety system |
US10303147B1 (en) | 2018-03-29 | 2019-05-28 | Saudi Arabian Oil Company | Distributed industrial facility safety system modular remote sensing devices |
US10311705B1 (en) * | 2018-03-29 | 2019-06-04 | Saudi Arabian Oil Company | Distributed industrial facility safety system |
KR102114992B1 (en) * | 2018-04-25 | 2020-05-25 | (주)휴맥스 | Wireless communication equipment and method for configuring mesh network thereof |
US11146540B2 (en) * | 2018-05-09 | 2021-10-12 | Datalogic Ip Tech S.R.L. | Systems and methods for public key exchange employing a peer-to-peer protocol |
US11308950B2 (en) | 2018-05-09 | 2022-04-19 | 4PLAN Corporation | Personal location system for virtual assistant |
CN110493758B (en) | 2018-05-14 | 2023-01-13 | 阿里巴巴集团控股有限公司 | Bluetooth Mesh network and network distribution method, equipment and storage medium thereof |
CN110505606B (en) * | 2018-05-18 | 2022-12-02 | 阿里巴巴集团控股有限公司 | Bluetooth Mesh network and distribution network authentication method, equipment and storage medium thereof |
US10574475B2 (en) * | 2018-05-24 | 2020-02-25 | Haier Us Appliance Solutions, Inc. | Household appliance with bluetooth connection and authentication |
WO2019237263A1 (en) * | 2018-06-13 | 2019-12-19 | 卧槽科技(深圳)有限公司 | Low-energy bluetooth network maintenance method, electronic device, bluetooth network, and medium |
CN110636478B (en) | 2018-06-22 | 2023-04-14 | 阿里巴巴集团控股有限公司 | Bluetooth Mesh network system, communication method, device and storage medium thereof |
US10650023B2 (en) * | 2018-07-24 | 2020-05-12 | Booz Allen Hamilton, Inc. | Process for establishing trust between multiple autonomous systems for the purposes of command and control |
WO2020023762A1 (en) | 2018-07-26 | 2020-01-30 | Walmart Apollo, Llc | System and method for produce detection and classification |
WO2020023909A1 (en) | 2018-07-27 | 2020-01-30 | GoTenna, Inc. | Vine™: zero-control routing using data packet inspection for wireless mesh networks |
US11140659B2 (en) * | 2018-08-21 | 2021-10-05 | Signify Holding B.V. | Wireless organization of electrical devices by sensor manipulation |
US11368436B2 (en) * | 2018-08-28 | 2022-06-21 | Bae Systems Information And Electronic Systems Integration Inc. | Communication protocol |
US11715059B2 (en) * | 2018-10-12 | 2023-08-01 | Walmart Apollo, Llc | Systems and methods for condition compliance |
FI128520B (en) * | 2018-11-14 | 2020-07-15 | Xiphera Oy | Method for providing a secret unique key for a volatile FPGA |
WO2020106332A1 (en) | 2018-11-20 | 2020-05-28 | Walmart Apollo, Llc | Systems and methods for assessing products |
WO2020123958A1 (en) * | 2018-12-14 | 2020-06-18 | Denso International America, Inc. | System and method of determining real-time location |
CN109673014B (en) * | 2019-01-25 | 2022-07-15 | 欧普照明股份有限公司 | Network combination method |
CN111669732B (en) * | 2019-03-06 | 2021-09-07 | 乐鑫信息科技(上海)股份有限公司 | Method for filtering redundant data packets at nodes in bluetooth Mesh network |
CN109862548B (en) | 2019-03-06 | 2021-01-26 | 乐鑫信息科技(上海)股份有限公司 | Method for processing data packets at a node in a bluetooth Mesh network |
US11777715B2 (en) | 2019-05-15 | 2023-10-03 | Amir Keyvan Khandani | Method and apparatus for generating shared secrets |
CN111988268A (en) * | 2019-05-24 | 2020-11-24 | 魏文科 | Method for establishing and verifying input value by using asymmetric encryption algorithm and application thereof |
US11265410B2 (en) * | 2020-01-06 | 2022-03-01 | Vorbeck Materials Corp. | Self-organizing communications network nodes and systems |
US11166339B2 (en) * | 2019-07-05 | 2021-11-02 | Samsung Electronics Co., Ltd. | System and method for dynamic group data protection |
CN110779500B (en) * | 2019-11-14 | 2021-11-30 | 中国人民解放军国防科技大学 | Mesoscale vortex detection method for incremental deployment sensor |
KR102324374B1 (en) | 2019-11-18 | 2021-11-11 | 한국전자통신연구원 | Method and apparatus for configuring cluster in wireless communication system |
US11432167B2 (en) | 2020-01-22 | 2022-08-30 | Abl Ip Holding Llc | Selective updating of nodes of a nodal wireless network |
US11166253B2 (en) * | 2020-03-27 | 2021-11-02 | Dell Products L.P. | Data center automatic inventory and location data population and recovery using mesh network |
EP3968600A1 (en) * | 2020-09-11 | 2022-03-16 | Volkswagen Ag | Controlling a communication between a vehicle and a backend device |
WO2022148695A1 (en) * | 2021-01-06 | 2022-07-14 | Signify Holding B.V. | A method of, a node device and a system for relaying a message in a network comprising at least two mesh networks |
US20230266960A1 (en) * | 2022-02-24 | 2023-08-24 | Whirlpool Corporation | Systems and methods of offline over the air (ota) programming of appliances |
CN115051921B (en) * | 2022-05-27 | 2023-11-07 | 北京交通大学 | Self-adaptive heterogeneous network attribute information collection method |
US11870879B1 (en) * | 2023-01-04 | 2024-01-09 | Getac Technology Corporation | Device communication during emergent conditions |
Citations (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050246533A1 (en) * | 2002-08-28 | 2005-11-03 | Docomo Communications Laboratories Usa, Inc. | Certificate-based encryption and public key infrastructure |
US20060156390A1 (en) * | 2005-01-07 | 2006-07-13 | Baugher Mark J | Using a network-service credential for access control |
US20060209584A1 (en) * | 2004-11-12 | 2006-09-21 | Srinivas Devadas | Securely field configurable device |
US20090222659A1 (en) * | 2008-03-03 | 2009-09-03 | Sony Corporation | Communication device and communication method |
US20110099368A1 (en) * | 2009-10-26 | 2011-04-28 | Hon Hai Precision Industry Co., Ltd. | Cable modem and certificate testing method thereof |
US20130051552A1 (en) * | 2010-01-20 | 2013-02-28 | Héléna Handschuh | Device and method for obtaining a cryptographic key |
US20130129087A1 (en) * | 2011-11-21 | 2013-05-23 | Zheng Qi | Secure Key Generation |
US8516269B1 (en) * | 2010-07-28 | 2013-08-20 | Sandia Corporation | Hardware device to physical structure binding and authentication |
US20140108786A1 (en) * | 2011-03-11 | 2014-04-17 | Emsycon Gmbh | Tamper-protected hardware and method for using same |
US20140111234A1 (en) * | 2012-10-22 | 2014-04-24 | Infineon Technologies Ag | Die, Chip, Method for Driving a Die or a Chip and Method for Manufacturing a Die or a Chip |
US8938792B2 (en) * | 2012-12-28 | 2015-01-20 | Intel Corporation | Device authentication using a physically unclonable functions based key generation system |
US20150052351A1 (en) * | 2013-08-19 | 2015-02-19 | Smartguard, Llc | Secure installation of encryption enabling software onto electronic devices |
US20150143130A1 (en) * | 2013-11-18 | 2015-05-21 | Vixs Systems Inc. | Integrated circuit provisioning using physical unclonable function |
Family Cites Families (175)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6079034A (en) * | 1997-12-05 | 2000-06-20 | Hewlett-Packard Company | Hub-embedded system for automated network fault detection and isolation |
US7010604B1 (en) * | 1998-10-30 | 2006-03-07 | Science Applications International Corporation | Agile network protocol for secure communications with assured system availability |
US6986046B1 (en) | 2000-05-12 | 2006-01-10 | Groove Networks, Incorporated | Method and apparatus for managing secure collaborative transactions |
US6836466B1 (en) * | 2000-05-26 | 2004-12-28 | Telcordia Technologies, Inc. | Method and system for measuring IP performance metrics |
US6745027B2 (en) | 2000-12-22 | 2004-06-01 | Seekernet Incorporated | Class switched networks for tracking articles |
US20030014507A1 (en) | 2001-03-13 | 2003-01-16 | International Business Machines Corporation | Method and system for providing performance analysis for clusters |
WO2002078272A1 (en) * | 2001-03-23 | 2002-10-03 | Kent Ridge Digital Labs | A method and system for providing bridged mobile ad-hoc networks |
US20030037237A1 (en) | 2001-04-09 | 2003-02-20 | Jean-Paul Abgrall | Systems and methods for computer device authentication |
DE10145596A1 (en) * | 2001-09-15 | 2003-04-03 | Philips Corp Intellectual Pty | Network with several sub-networks |
WO2003034669A1 (en) | 2001-10-17 | 2003-04-24 | British Telecommunications Public Limited Company | Network location management system |
KR100408525B1 (en) * | 2001-10-31 | 2003-12-06 | 삼성전자주식회사 | System and method of network adaptive real- time multimedia streaming |
US7391731B1 (en) | 2002-03-07 | 2008-06-24 | Ibasis, Inc. | Method for determining best path |
US6917974B1 (en) * | 2002-01-03 | 2005-07-12 | The United States Of America As Represented By The Secretary Of The Air Force | Method and apparatus for preventing network traffic analysis |
US7760645B2 (en) | 2002-02-25 | 2010-07-20 | Olsonet Communications | Method for routing ad-hoc signals |
US7532862B2 (en) | 2002-03-19 | 2009-05-12 | Apple Inc. | Method and apparatus for configuring a wireless device through reverse advertising |
US20030212821A1 (en) | 2002-05-13 | 2003-11-13 | Kiyon, Inc. | System and method for routing packets in a wired or wireless network |
US7251235B2 (en) | 2002-06-12 | 2007-07-31 | Conexant, Inc. | Event-based multichannel direct link |
US20040001483A1 (en) | 2002-06-27 | 2004-01-01 | Schmidt Kurt E. | Distribution and reconstruction of AD-HOC timing signals |
US7474874B2 (en) | 2002-06-28 | 2009-01-06 | Nokia Corporation | Local browsing |
US6898751B2 (en) * | 2002-07-31 | 2005-05-24 | Transdimension, Inc. | Method and system for optimizing polling in systems using negative acknowledgement protocols |
GB0313473D0 (en) | 2003-06-11 | 2003-07-16 | Koninkl Philips Electronics Nv | Configuring a radio network for selective broadcast |
KR100547133B1 (en) | 2003-07-11 | 2006-01-26 | 삼성전자주식회사 | Apparatus and method for constructing ad-hoc network of heterogeneous terminals |
KR100640327B1 (en) * | 2003-11-24 | 2006-10-30 | 삼성전자주식회사 | The Frame Structure and Data Transmission Method for Bridge Operation of WPAN |
US20050175184A1 (en) * | 2004-02-11 | 2005-08-11 | Phonex Broadband Corporation | Method and apparatus for a per-packet encryption system |
US7436790B2 (en) | 2004-03-25 | 2008-10-14 | Research In Motion Limited | Wireless access point methods and apparatus for reduced power consumption and cost |
US20080069030A1 (en) | 2004-05-31 | 2008-03-20 | Matsushita Electric Industrial Co., Ltd. | Mobile Terminal Managing Device, Mobile Terminal, and Communication System |
US20060025180A1 (en) | 2004-07-30 | 2006-02-02 | Qualcomm Incorporated | Method for waking a wireless device |
KR20090016007A (en) | 2004-08-10 | 2009-02-12 | 메시네트웍스, 인코포레이티드 | Software architecture and hardware abstraction layer for multi-radio routing and method for providing the same |
DE102004040069B3 (en) | 2004-08-18 | 2006-03-23 | Siemens Ag | Establishment of a wireless communication network with determination of local topology information from the identifiers of the communication devices |
US7747774B2 (en) * | 2004-08-23 | 2010-06-29 | At&T Intellectual Property I, L.P. | Methods, systems and computer program products for obscuring traffic in a distributed system |
KR100594127B1 (en) * | 2004-11-16 | 2006-06-28 | 삼성전자주식회사 | Bonding process method and device in a Bluetooth device |
US7496059B2 (en) * | 2004-12-09 | 2009-02-24 | Itt Manufacturing Enterprises, Inc. | Energy-efficient medium access control protocol and system for sensor networks |
JP4550636B2 (en) * | 2005-03-18 | 2010-09-22 | 富士通株式会社 | Electronic device, its registration method and registration program |
US7522540B1 (en) | 2005-04-15 | 2009-04-21 | Nvidia Corporation | Extended service set mesh topology discovery |
US8027289B2 (en) * | 2005-04-27 | 2011-09-27 | Raytheon Bbn Technologies Corp. | Ultra-low latency packet transport in ad hoc networks |
US7894372B2 (en) | 2005-05-31 | 2011-02-22 | Iac Search & Media, Inc. | Topology-centric resource management for large scale service clusters |
US7606178B2 (en) | 2005-05-31 | 2009-10-20 | Cisco Technology, Inc. | Multiple wireless spanning tree protocol for use in a wireless mesh network |
US7653011B2 (en) | 2005-05-31 | 2010-01-26 | Cisco Technology, Inc. | Spanning tree protocol for wireless networks |
KR20080025095A (en) | 2005-06-01 | 2008-03-19 | 밀레니얼 넷, 인크. | Communicating over a wireless network |
US9654200B2 (en) | 2005-07-18 | 2017-05-16 | Mutualink, Inc. | System and method for dynamic wireless aerial mesh network |
GB2467656B (en) * | 2005-07-21 | 2010-09-15 | Firetide Inc | Method for enabling the efficient operation of arbitrarily in erconnected mesh networks |
US7787361B2 (en) | 2005-07-29 | 2010-08-31 | Cisco Technology, Inc. | Hybrid distance vector protocol for wireless mesh networks |
US8948805B2 (en) * | 2005-08-26 | 2015-02-03 | Qualcomm Incorporated | Method and apparatus for reliable transmit power and timing control in wireless communication |
US7778270B1 (en) | 2005-08-31 | 2010-08-17 | Hrl Laboratories, Llc | Code-switching in wireless multi-hop networks |
US7546139B2 (en) | 2005-12-27 | 2009-06-09 | F4W, Inc. | System and method for establishing and maintaining communications across disparate networks |
US20100005294A1 (en) * | 2005-10-18 | 2010-01-07 | Kari Kostiainen | Security in Wireless Environments Using Out-Of-Band Channel Communication |
JP4641245B2 (en) | 2005-10-26 | 2011-03-02 | 三菱電機株式会社 | Ad hoc network system, wireless ad hoc terminal and failure detection method thereof |
US7978666B2 (en) | 2005-10-31 | 2011-07-12 | Robert Bosch Gmbh | Node control in wireless sensor networks |
US7539488B2 (en) | 2005-11-09 | 2009-05-26 | Texas Instruments Norway As | Over-the-air download (OAD) methods and apparatus for use in facilitating application programming in wireless network devices of ad hoc wireless communication networks |
US20070110024A1 (en) | 2005-11-14 | 2007-05-17 | Cisco Technology, Inc. | System and method for spanning tree cross routes |
US7593376B2 (en) | 2005-12-07 | 2009-09-22 | Motorola, Inc. | Method and apparatus for broadcast in an ad hoc network using elected broadcast relay nodes |
US20130219482A1 (en) | 2006-01-31 | 2013-08-22 | Sigma Designs, Inc. | Method for uniquely addressing a group of network units in a sub-network |
US7848261B2 (en) * | 2006-02-17 | 2010-12-07 | Isilon Systems, Inc. | Systems and methods for providing a quiescing protocol |
US8023478B2 (en) | 2006-03-06 | 2011-09-20 | Cisco Technology, Inc. | System and method for securing mesh access points in a wireless mesh network, including rapid roaming |
US7647078B2 (en) * | 2006-03-07 | 2010-01-12 | Samsung Electronics Co., Ltd. | Power-saving method for wireless sensor network |
US8340106B2 (en) * | 2006-03-13 | 2012-12-25 | Microsoft Corporation | Connecting multi-hop mesh networks using MAC bridge |
US8519566B2 (en) | 2006-03-28 | 2013-08-27 | Wireless Environment, Llc | Remote switch sensing in lighting devices |
US7786885B2 (en) | 2006-04-25 | 2010-08-31 | Hrl Laboratories, Llc | Event localization within a distributed sensor array |
US8681671B1 (en) * | 2006-04-25 | 2014-03-25 | Cisco Technology, Inc. | System and method for reducing power used for radio transmission and reception |
US8406794B2 (en) | 2006-04-26 | 2013-03-26 | Qualcomm Incorporated | Methods and apparatuses of initiating communication in wireless networks |
CN101083597A (en) | 2006-05-31 | 2007-12-05 | 朗迅科技公司 | SIP based instant message of mobile self-organizing network |
DE102006036109B4 (en) | 2006-06-01 | 2008-06-19 | Nokia Siemens Networks Gmbh & Co.Kg | Method and system for providing a mesh key |
WO2008004102A2 (en) * | 2006-07-06 | 2008-01-10 | Nortel Networks Limited | Wireless access point security for multi-hop networks |
FR2903830B1 (en) | 2006-07-11 | 2008-08-22 | Alcatel Sa | METHOD AND DEVICE FOR MONITORING OPTICAL CONNECTION PATHS FOR A TRANSPARENT OPTICAL NETWORK |
US8411651B2 (en) | 2006-07-27 | 2013-04-02 | Interdigital Technology Corporation | Media independent multi-rat function in a converged device |
EP1892913A1 (en) | 2006-08-24 | 2008-02-27 | Siemens Aktiengesellschaft | Method and arrangement for providing a wireless mesh network |
US8634342B2 (en) | 2006-10-05 | 2014-01-21 | Cisco Technology, Inc. | Upgrading mesh access points in a wireless mesh network |
US8270302B2 (en) | 2006-10-20 | 2012-09-18 | Stmicroelectronics, Inc. | System and method for providing an adaptive value of TTL (time to live) for broadcast/multicast messages in a mesh network using a hybrid wireless mesh protocol |
US8149748B2 (en) | 2006-11-14 | 2012-04-03 | Raytheon Company | Wireless data networking |
KR100879026B1 (en) | 2006-12-05 | 2009-01-15 | 한국전자통신연구원 | Method for grouping among sensor nodes in heterogeneous wireless sensor networks |
US8838481B2 (en) * | 2011-07-26 | 2014-09-16 | Golba Llc | Method and system for location based hands-free payment |
US8270340B2 (en) | 2006-12-19 | 2012-09-18 | Telefonaktiebolaget Lm Ericsson (Publ) | Handling of idle gap commands in a telecommunication system |
US9760146B2 (en) | 2007-01-08 | 2017-09-12 | Imagination Technologies Limited | Conditional activation and deactivation of a microprocessor |
US7787427B1 (en) | 2007-01-09 | 2010-08-31 | Dust Networks, Inc. | Providing low average latency communication in wireless mesh networks |
US20080205385A1 (en) | 2007-02-26 | 2008-08-28 | Motorola, Inc. | Data frame formats to improve groupcast efficiency in multi-hop wireless networks |
US8325627B2 (en) | 2007-04-13 | 2012-12-04 | Hart Communication Foundation | Adaptive scheduling in a wireless network |
US8406248B2 (en) | 2007-04-13 | 2013-03-26 | Hart Communication Foundation | Priority-based scheduling and routing in a wireless network |
US8451752B2 (en) | 2007-05-21 | 2013-05-28 | Arrowspan, Inc. | Seamless handoff scheme for multi-radio wireless mesh network |
US20080292105A1 (en) | 2007-05-22 | 2008-11-27 | Chieh-Yih Wan | Lightweight key distribution and management method for sensor networks |
EA201070199A1 (en) * | 2007-08-01 | 2010-06-30 | Филип Моррис Продактс С.А. | BIODRAINED CIGARETT FILTER |
US8189506B2 (en) * | 2007-09-12 | 2012-05-29 | Nokia Corporation | Deep sleep mode for mesh points |
KR101405688B1 (en) | 2007-09-14 | 2014-06-12 | 엘지이노텍 주식회사 | Zigbee system |
US20090089408A1 (en) | 2007-09-28 | 2009-04-02 | Alcatel Lucent | XML Router and method of XML Router Network Overlay Topology Creation |
US7941663B2 (en) | 2007-10-23 | 2011-05-10 | Futurewei Technologies, Inc. | Authentication of 6LoWPAN nodes using EAP-GPSK |
WO2009063947A1 (en) | 2007-11-16 | 2009-05-22 | Fujitsu Ten Limited | Authentication method, authentication system, on-vehicle device, and authentication device |
US9166934B2 (en) | 2007-11-25 | 2015-10-20 | Trilliant Networks, Inc. | System and method for operating mesh devices in multi-tree overlapping mesh networks |
US8289883B2 (en) | 2007-12-21 | 2012-10-16 | Samsung Electronics Co., Ltd. | Hybrid multicast routing protocol for wireless mesh networks |
US7929446B2 (en) | 2008-01-04 | 2011-04-19 | Radiient Technologies, Inc. | Mesh networking for wireless communications |
KR20090090461A (en) * | 2008-02-21 | 2009-08-26 | 삼성전자주식회사 | Method for prolonging lifetime of sensor nodes in a wireless sensor network and system therefor |
US8116247B2 (en) * | 2008-03-11 | 2012-02-14 | Nokia Siemens Networks Oy | Adaptive mechanism for dynamic reconfiguration of mesh networks |
US8923285B2 (en) | 2008-04-30 | 2014-12-30 | Qualcomm Incorporated | Apparatus and methods for transmitting data over a wireless mesh network |
EP2308259B1 (en) | 2008-07-29 | 2017-12-06 | Orange | Routing adaptable to electromagnetic conditions in a multihop network |
US8179845B2 (en) | 2008-08-21 | 2012-05-15 | Motorola Solutions, Inc. | Antenna-aware method for transmitting packets in a wireless communication network |
WO2010027495A1 (en) | 2008-09-04 | 2010-03-11 | Trilliant Networks, Inc. | A system and method for implementing mesh network communications using a mesh network protocol |
CA2733268A1 (en) | 2008-09-25 | 2010-04-01 | Fisher-Rosemount Systems, Inc. | Wireless mesh network with pinch point and low battery alerts |
GB2464125A (en) | 2008-10-04 | 2010-04-07 | Ibm | Topology discovery comprising partitioning network nodes into groups and using multiple discovery agents operating concurrently in each group. |
US8782746B2 (en) | 2008-10-17 | 2014-07-15 | Comcast Cable Communications, Llc | System and method for supporting multiple identities for a secure identity device |
WO2010057312A1 (en) * | 2008-11-24 | 2010-05-27 | Certicom Corp. | System and method for hardware based security |
US8294573B2 (en) | 2008-12-11 | 2012-10-23 | International Business Machines Corporation | System and method for optimizing power consumption of container tracking devices through mesh networks |
US8498229B2 (en) | 2008-12-30 | 2013-07-30 | Intel Corporation | Reduced power state network processing |
US8904177B2 (en) * | 2009-01-27 | 2014-12-02 | Sony Corporation | Authentication for a multi-tier wireless home mesh network |
US8254251B2 (en) | 2009-02-03 | 2012-08-28 | Mobix Wireless Solutions Ltd. | Mesh hybrid communication network |
US8964634B2 (en) | 2009-02-06 | 2015-02-24 | Sony Corporation | Wireless home mesh network bridging adaptor |
US9172612B2 (en) | 2009-02-12 | 2015-10-27 | Hewlett-Packard Development Company, L.P. | Network device configuration management by physical location |
EP2528279A3 (en) | 2009-02-13 | 2013-03-27 | Nokia Siemens Networks Oy | Method, system and nodes for network topology detection in communication networks |
US8194576B2 (en) | 2009-03-27 | 2012-06-05 | Research In Motion Limited | Wireless access point methods and apparatus using dynamically-activated service intervals |
US8171292B2 (en) | 2009-04-08 | 2012-05-01 | Research In Motion Limited | Systems, devices, and methods for securely transmitting a security parameter to a computing device |
US9069727B2 (en) * | 2011-08-12 | 2015-06-30 | Talari Networks Incorporated | Adaptive private network with geographically redundant network control nodes |
WO2011010181A1 (en) * | 2009-07-23 | 2011-01-27 | Nokia Corporation | Method and apparatus for reduced power consumption when operating as a bluetooth low energy device |
KR20110020005A (en) * | 2009-08-21 | 2011-03-02 | 주식회사 팬택 | Method for tranmitting and receiving data in wireless communication system |
JP5338567B2 (en) * | 2009-08-25 | 2013-11-13 | 沖電気工業株式会社 | Wireless terminal and wireless system |
EP2306692B1 (en) * | 2009-10-02 | 2014-05-21 | BlackBerry Limited | Methods and devices for facilitating bluetooth pairing using a camera as a barcode scanner |
US8879994B2 (en) | 2009-10-02 | 2014-11-04 | Blackberry Limited | Methods and devices for facilitating Bluetooth pairing using a camera as a barcode scanner |
US20150058409A1 (en) | 2013-03-22 | 2015-02-26 | Frank C. Wang | Enhanced content delivery system and method spanning multiple data processing systems |
EP2486697B1 (en) | 2009-10-06 | 2013-12-11 | Thomson Licensing | A method and apparatus for hop-by hop reliable multicast in wireless networks |
JP5544863B2 (en) | 2009-12-17 | 2014-07-09 | 富士通株式会社 | Reception device, reception method, and reception program |
CN101729296B (en) | 2009-12-29 | 2012-12-19 | 中兴通讯股份有限公司 | Method and system for statistical analysis of ethernet traffic |
US10645628B2 (en) | 2010-03-04 | 2020-05-05 | Rosemount Inc. | Apparatus for interconnecting wireless networks separated by a barrier |
US8495618B1 (en) | 2010-03-31 | 2013-07-23 | American Megatrends, Inc. | Updating firmware in a high availability enabled computer system |
US9173196B2 (en) | 2010-10-07 | 2015-10-27 | GM Global Technology Operations LLC | Adaptive multi-channel access for vehicular networks |
WO2012064178A1 (en) * | 2010-11-11 | 2012-05-18 | Mimos Berhad | Method for use in providing an adaptable sensor nodes schedule in a wireless sensor network |
EP2643951B1 (en) | 2010-11-25 | 2014-04-23 | Koninklijke Philips N.V. | System and method for optimizing data transmission to nodes of a wireless mesh network |
US8873526B2 (en) | 2010-12-17 | 2014-10-28 | Cisco Technology, Inc. | Collision avoidance for wireless networks |
US20120163292A1 (en) | 2010-12-23 | 2012-06-28 | Nokia Corporation | Frame Header in Wireless Communication System |
US9094316B2 (en) | 2011-01-28 | 2015-07-28 | Hewlett-Packard Development Company, L.P. | Dynamic name generation |
US20120198434A1 (en) | 2011-01-31 | 2012-08-02 | Digi International Inc. | Virtual bundling of remote device firmware upgrade |
US8769525B2 (en) | 2011-01-31 | 2014-07-01 | Digi International Inc. | Remote firmware upgrade device mapping |
US20120196534A1 (en) | 2011-02-01 | 2012-08-02 | Nokia Corporation | Method, apparatus, and computer program product for broadcasting in short-range communication |
US9716659B2 (en) * | 2011-03-23 | 2017-07-25 | Hughes Network Systems, Llc | System and method for providing improved quality of service over broadband networks |
US9268545B2 (en) * | 2011-03-31 | 2016-02-23 | Intel Corporation | Connecting mobile devices, internet-connected hosts, and cloud services |
CN102761941B (en) | 2011-04-28 | 2016-08-03 | 北京云天创科技有限公司 | A kind of method utilizing ultra-low power consumption wireless smart sensor's network protocol transmission |
US20130128809A1 (en) | 2011-05-19 | 2013-05-23 | Qualcomm Incorporated | Apparatus and methods for media access control header compression |
US8553536B2 (en) | 2011-07-12 | 2013-10-08 | General Electric Company | Mesh network management system |
CN102355351B (en) | 2011-07-21 | 2014-11-05 | 华为技术有限公司 | Key generation, backup and migration method and system based on trusted computing |
US8849202B2 (en) | 2011-08-19 | 2014-09-30 | Apple Inc. | Audio transfer using the Bluetooth Low Energy standard |
US8982785B2 (en) | 2011-09-08 | 2015-03-17 | Cisco Technology, Inc. | Access point assisted direct client discovery |
US9445305B2 (en) | 2011-09-12 | 2016-09-13 | Microsoft Corporation | Low energy beacon encoding |
GB2577423B (en) | 2011-09-15 | 2020-09-02 | Fisher Rosemount Systems Inc | Communicating data frames across communication networks that use incompatible network routing protocols |
US8892866B2 (en) | 2011-09-26 | 2014-11-18 | Tor Anumana, Inc. | Secure cloud storage and synchronization systems and methods |
US8649883B2 (en) | 2011-10-04 | 2014-02-11 | Advanergy, Inc. | Power distribution system and method |
WO2013057666A1 (en) | 2011-10-17 | 2013-04-25 | Koninklijke Philips Electronics N.V. | Automatic recommissioning of electronic devices in a networked system |
US8654869B2 (en) | 2011-10-27 | 2014-02-18 | Cooper Technologies Company | Multi-path radio transmission input/output devices, network, systems and methods with link suitability determination |
US9936382B2 (en) * | 2011-11-21 | 2018-04-03 | Vital Connect, Inc. | Method and system for pairing a sensor device to a user |
US9191461B2 (en) | 2012-02-21 | 2015-11-17 | Entropic Communications, Inc. | Software upgrade using layer-2 management entity messaging |
US9270584B2 (en) * | 2012-02-28 | 2016-02-23 | Cisco Technology, Inc. | Diverse paths using a single source route in computer networks |
US9172636B2 (en) | 2012-02-28 | 2015-10-27 | Cisco Technology, Inc. | Efficient link repair mechanism triggered by data traffic |
US20130279409A1 (en) | 2012-04-18 | 2013-10-24 | Draker, Inc. | Establishing a Mesh Network |
US9629063B2 (en) | 2012-05-09 | 2017-04-18 | Trellisware Technologies, Inc. | Method and system for global topology discovery in multi-hop ad hoc networks |
US8844026B2 (en) | 2012-06-01 | 2014-09-23 | Blackberry Limited | System and method for controlling access to secure resources |
US20150195692A1 (en) | 2012-06-26 | 2015-07-09 | Nokia Corporation | Method and apparatus for providing device ringtone coordination |
US8751615B2 (en) | 2012-07-18 | 2014-06-10 | Accedian Networks Inc. | Systems and methods of discovering and controlling devices without explicit addressing |
JP5881047B2 (en) | 2012-08-08 | 2016-03-09 | 株式会社日立製作所 | Network management system, network management computer, and network management method |
US10779212B2 (en) | 2012-09-05 | 2020-09-15 | Interdigital Patent Holdings, Inc. | Methods for MAC frame extensibility and frame specific MAC header design for WLAN systems |
US9208676B2 (en) | 2013-03-14 | 2015-12-08 | Google Inc. | Devices, methods, and associated information processing for security in a smart-sensored home |
US9081643B2 (en) | 2012-09-21 | 2015-07-14 | Silver Sring Networks, Inc. | System and method for efficiently updating firmware for nodes in a mesh network |
US9306660B2 (en) * | 2012-10-22 | 2016-04-05 | Qualcomm Technologies International, Ltd. | Dynamic interactive zone driven proximity awareness system |
CN102984798B (en) | 2012-11-21 | 2016-02-03 | 越亮传奇科技股份有限公司 | Position-based accurate positioning method |
US20140167912A1 (en) | 2012-12-17 | 2014-06-19 | David M. Snyder | System, method and apparatus for providing security systems integrated with solid state lighting systems |
US20140171062A1 (en) | 2012-12-19 | 2014-06-19 | Telefonaktiebolaget L M Ericsson (Publ) | Wireless Devices, Network Node and Methods for Handling Relay Assistance in a Wireless Communications Network |
US9628373B2 (en) | 2012-12-19 | 2017-04-18 | Comcast Cable Communications, Llc | Multipath communication in a network |
WO2014098504A1 (en) | 2012-12-19 | 2014-06-26 | 엘지전자 주식회사 | Method for communicating in wireless communication system supporting multiple access network and apparatus supporting same |
US20140181172A1 (en) | 2012-12-20 | 2014-06-26 | Brent J. Elliott | Offloading tethering-related communication processing |
EP2939495A4 (en) | 2012-12-26 | 2016-08-17 | Ict Res Llc | Mobility extensions to industrial-strength wireless sensor networks |
US9032480B2 (en) | 2012-12-28 | 2015-05-12 | Cellco Partnership | Providing multiple APN connections support in a browser |
US9239723B2 (en) | 2013-05-13 | 2016-01-19 | Lenovo (Singapore) Pte. Ltd. | Configuring a device based on proximity to other devices |
US9264892B2 (en) | 2013-07-03 | 2016-02-16 | Verizon Patent And Licensing Inc. | Method and apparatus for attack resistant mesh networks |
US9983651B2 (en) | 2013-07-15 | 2018-05-29 | Google Technology Holdings LLC | Low-power near-field communication authentication |
US20150071216A1 (en) | 2013-09-09 | 2015-03-12 | Qualcomm Connected Experiences, Inc. | Allowing mass re-onboarding of headless devices |
US9565576B2 (en) | 2013-10-09 | 2017-02-07 | At&T Intellectual Property I, L.P. | Network operating system client architecture for mobile user equipment |
US10591969B2 (en) | 2013-10-25 | 2020-03-17 | Google Technology Holdings LLC | Sensor-based near-field communication authentication |
GB2515853B (en) | 2014-02-25 | 2015-08-19 | Cambridge Silicon Radio Ltd | Latency mitigation |
GB2512749B (en) | 2014-02-25 | 2015-04-01 | Cambridge Silicon Radio Ltd | Linking ad hoc networks |
GB2512733B (en) | 2014-02-25 | 2018-09-05 | Qualcomm Technologies Int Ltd | Broadcast retransmission |
US9660836B2 (en) | 2014-05-06 | 2017-05-23 | Lattice Semiconductor Corporation | Network topology discovery |
US10142799B2 (en) * | 2014-08-19 | 2018-11-27 | Qualcomm Incorporated | Multicasting traffic using multi-connectivity |
-
2014
- 2014-03-31 GB GB1405797.0A patent/GB2512749B/en not_active Expired - Fee Related
- 2014-03-31 GB GB1421698.0A patent/GB2523444B/en not_active Expired - Fee Related
- 2014-03-31 GB GB1405786.3A patent/GB2512746B/en not_active Expired - Fee Related
- 2014-03-31 GB GB1415177.3A patent/GB2515923B8/en not_active Expired - Fee Related
- 2014-03-31 GB GB1405789.7A patent/GB2512502B/en not_active Expired - Fee Related
- 2014-03-31 GB GB1415178.1A patent/GB2517844B/en not_active Expired - Fee Related
- 2014-03-31 GB GB1405790.5A patent/GB2512747B/en not_active Expired - Fee Related
- 2014-03-31 GB GB1405785.5A patent/GB2512501A/en not_active Withdrawn
- 2014-03-31 GB GB1405791.3A patent/GB2512748B/en not_active Expired - Fee Related
- 2014-05-06 US US14/270,961 patent/US10055570B2/en active Active
- 2014-05-06 US US14/270,884 patent/US20150244648A1/en not_active Abandoned
- 2014-06-05 US US14/297,324 patent/US9489506B2/en active Active
- 2014-06-06 US US14/298,177 patent/US20150245203A1/en not_active Abandoned
- 2014-06-26 US US14/316,404 patent/US20150245204A1/en not_active Abandoned
- 2014-06-26 US US14/316,529 patent/US20150244828A1/en not_active Abandoned
- 2014-07-17 GB GB1412716.1A patent/GB2512542B/en not_active Expired - Fee Related
- 2014-07-17 GB GB1412719.5A patent/GB2512545B/en not_active Expired - Fee Related
- 2014-07-17 GB GB1412718.7A patent/GB2512544B/en not_active Expired - Fee Related
- 2014-07-17 GB GB1412720.3A patent/GB2513048B/en not_active Expired - Fee Related
- 2014-07-17 GB GB1412722.9A patent/GB2512781B/en not_active Expired - Fee Related
- 2014-07-17 GB GB1412714.6A patent/GB2512256B8/en not_active Expired - Fee Related
- 2014-07-17 GB GB1501075.4A patent/GB2518120B/en not_active Expired - Fee Related
- 2014-07-17 GB GB1412717.9A patent/GB2512543B/en not_active Expired - Fee Related
- 2014-07-17 GB GB1412715.3A patent/GB2513265B/en not_active Expired - Fee Related
- 2014-08-19 DE DE102014019749.2A patent/DE102014019749B3/en not_active Expired - Fee Related
- 2014-08-19 DE DE102014012257.3A patent/DE102014012257B4/en not_active Expired - Fee Related
- 2014-08-19 DE DE102014012252.2A patent/DE102014012252A1/en not_active Ceased
- 2014-08-19 DE DE102014012258.1A patent/DE102014012258A1/en not_active Withdrawn
- 2014-08-20 DE DE102014012379.0A patent/DE102014012379B4/en not_active Expired - Fee Related
- 2014-08-25 DE DE102014012518.1A patent/DE102014012518A1/en not_active Withdrawn
- 2014-08-25 DE DE102014012517.3A patent/DE102014012517B4/en not_active Expired - Fee Related
- 2014-09-11 DE DE102014013471.7A patent/DE102014013471A1/en not_active Withdrawn
- 2014-10-02 US US14/505,443 patent/US9754096B2/en active Active
- 2014-10-02 US US14/505,458 patent/US9672346B2/en active Active
- 2014-10-02 US US14/505,399 patent/US9910976B2/en active Active
- 2014-10-02 US US14/505,437 patent/US20150245369A1/en not_active Abandoned
- 2014-10-02 US US14/505,465 patent/US20150244565A1/en not_active Abandoned
- 2014-10-02 US US14/505,418 patent/US20150242614A1/en not_active Abandoned
- 2014-10-02 US US14/505,466 patent/US20150244623A1/en not_active Abandoned
- 2014-10-02 US US14/505,454 patent/US9842202B2/en not_active Expired - Fee Related
-
2015
- 2015-02-04 DE DE102015101604.4A patent/DE102015101604A1/en not_active Withdrawn
- 2015-02-04 DE DE102015101620.6A patent/DE102015101620A1/en not_active Withdrawn
- 2015-02-05 DE DE102015101699.0A patent/DE102015101699B4/en not_active Expired - Fee Related
- 2015-02-05 DE DE102015101698.2A patent/DE102015101698A1/en not_active Withdrawn
- 2015-02-05 DE DE102015101697.4A patent/DE102015101697A1/en not_active Withdrawn
Patent Citations (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050246533A1 (en) * | 2002-08-28 | 2005-11-03 | Docomo Communications Laboratories Usa, Inc. | Certificate-based encryption and public key infrastructure |
US20060209584A1 (en) * | 2004-11-12 | 2006-09-21 | Srinivas Devadas | Securely field configurable device |
US20060156390A1 (en) * | 2005-01-07 | 2006-07-13 | Baugher Mark J | Using a network-service credential for access control |
US20090222659A1 (en) * | 2008-03-03 | 2009-09-03 | Sony Corporation | Communication device and communication method |
US20110099368A1 (en) * | 2009-10-26 | 2011-04-28 | Hon Hai Precision Industry Co., Ltd. | Cable modem and certificate testing method thereof |
US20130051552A1 (en) * | 2010-01-20 | 2013-02-28 | Héléna Handschuh | Device and method for obtaining a cryptographic key |
US8516269B1 (en) * | 2010-07-28 | 2013-08-20 | Sandia Corporation | Hardware device to physical structure binding and authentication |
US20140108786A1 (en) * | 2011-03-11 | 2014-04-17 | Emsycon Gmbh | Tamper-protected hardware and method for using same |
US20130129087A1 (en) * | 2011-11-21 | 2013-05-23 | Zheng Qi | Secure Key Generation |
US8953790B2 (en) * | 2011-11-21 | 2015-02-10 | Broadcom Corporation | Secure generation of a device root key in the field |
US20140111234A1 (en) * | 2012-10-22 | 2014-04-24 | Infineon Technologies Ag | Die, Chip, Method for Driving a Die or a Chip and Method for Manufacturing a Die or a Chip |
US8938792B2 (en) * | 2012-12-28 | 2015-01-20 | Intel Corporation | Device authentication using a physically unclonable functions based key generation system |
US20150052351A1 (en) * | 2013-08-19 | 2015-02-19 | Smartguard, Llc | Secure installation of encryption enabling software onto electronic devices |
US20150143130A1 (en) * | 2013-11-18 | 2015-05-21 | Vixs Systems Inc. | Integrated circuit provisioning using physical unclonable function |
Cited By (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9672346B2 (en) | 2014-02-25 | 2017-06-06 | Qualcomm Technologies International, Ltd. | Object tracking by establishing a mesh network and transmitting packets |
US9692538B2 (en) | 2014-02-25 | 2017-06-27 | Qualcomm Technologies International, Ltd. | Latency mitigation |
US9754096B2 (en) | 2014-02-25 | 2017-09-05 | Qualcomm Technologies International, Ltd. | Update management |
US9842202B2 (en) | 2014-02-25 | 2017-12-12 | Qualcomm Technologies International, Ltd. | Device proximity |
US9910976B2 (en) | 2014-02-25 | 2018-03-06 | Qualcomm Technologies International, Ltd. | Processing mesh communications |
US10055570B2 (en) | 2014-02-25 | 2018-08-21 | QUALCOMM Technologies International, Ltd | Mesh relay |
US9489506B2 (en) | 2014-02-25 | 2016-11-08 | Qualcomm Technologies International, Ltd. | Linking ad hoc networks |
US11210678B2 (en) | 2016-11-18 | 2021-12-28 | Samsung Electronics Co., Ltd. | Component for provisioning security data and product including the same |
US10728026B2 (en) * | 2016-11-24 | 2020-07-28 | Samsung Electronics Co., Ltd. | Data management method |
US20180145829A1 (en) * | 2016-11-24 | 2018-05-24 | Samsung Electronics Co, Ltd | Data management method |
US10951653B2 (en) | 2017-09-22 | 2021-03-16 | Samsung Electronics Co., Ltd. | Apparatus including secure component and method of provisioning security information into the apparatus |
CN109756324A (en) * | 2017-11-02 | 2019-05-14 | 大唐移动通信设备有限公司 | Cryptographic key negotiation method, terminal and gateway in a kind of Mesh network |
US10706179B2 (en) * | 2018-01-10 | 2020-07-07 | General Electric Company | Secure provisioning of secrets into MPSoC devices using untrusted third-party systems |
US20190213359A1 (en) * | 2018-01-10 | 2019-07-11 | General Electric Company | Secure provisioning of secrets into mpsoc devices using untrusted third-party systems |
US11018871B2 (en) * | 2018-03-30 | 2021-05-25 | Intel Corporation | Key protection for computing platform |
US20220021540A1 (en) * | 2018-03-30 | 2022-01-20 | Intel Corporation | Key protection for computing platform |
US11757647B2 (en) * | 2018-03-30 | 2023-09-12 | Intel Corporation | Key protection for computing platform |
US20210273920A1 (en) * | 2020-02-28 | 2021-09-02 | Vmware, Inc. | Secure certificate or key distribution for synchronous mobile device management (mdm) clients |
Also Published As
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20150242614A1 (en) | Provisioning of security credentials | |
US11921911B2 (en) | Peripheral device | |
US9602282B2 (en) | Secure software and hardware association technique | |
TWI487359B (en) | Secure key generation | |
US10187373B1 (en) | Hierarchical, deterministic, one-time login tokens | |
US9225530B2 (en) | Secure crypto-processor certification | |
US10397216B2 (en) | Systems and methods for performing secure backup operations | |
KR20150107796A (en) | Trusted data processing in the public cloud | |
BR112019013584A2 (en) | ADDRESSING A RELIABLE PERFORMANCE ENVIRONMENT USING THE SIGNATURE KEY | |
CN110690963B (en) | Key agreement method and device based on FPGA | |
JP2017504267A (en) | Key extraction during secure boot | |
US20230342501A1 (en) | Secure Provisioning with Hardware Verification | |
US11176058B2 (en) | Address decryption for memory storage | |
JP7054796B2 (en) | Certificate generation method, certificate generator and computer program | |
KR102199464B1 (en) | Method of authentication among nodes participating in consortium blockchain | |
US11057207B2 (en) | Systems and methods of trusted ownership re-key with attestation | |
US11509468B2 (en) | Method and system for verifying secret decryption capability of escrow agents | |
US20230308424A1 (en) | Secure Session Resumption using Post-Quantum Cryptography | |
Román et al. | Post-quantum Secure Communication with IoT Devices Using Kyber and SRAM Behavioral and Physical Unclonable Functions | |
Pujol et al. | A Secure and User Friendly Multi-Purpose Asymmetric Key Derivation System (MPKDS) | |
CN117501271A (en) | Authenticating a storage device to a host by encrypting/decrypting data using a physical unclonable function PUF |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: CAMBRIDGE SILICON RADIO LIMITED, UNITED KINGDOM Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:SCAGNOL, MAURO;GRAUBE, NICOLAS GUY ALBERT;BOSCOVIC, DRAGAN;REEL/FRAME:033892/0819 Effective date: 20140804 |
|
AS | Assignment |
Owner name: QUALCOMM TECHNOLOGIES INTERNATIONAL, LTD., UNITED Free format text: CHANGE OF NAME;ASSIGNOR:CAMBRIDGE SILICON RADIO LIMITED;REEL/FRAME:036663/0211 Effective date: 20150813 |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO PAY ISSUE FEE |