US20150242614A1 - Provisioning of security credentials - Google Patents

Provisioning of security credentials Download PDF

Info

Publication number
US20150242614A1
US20150242614A1 US14/505,418 US201414505418A US2015242614A1 US 20150242614 A1 US20150242614 A1 US 20150242614A1 US 201414505418 A US201414505418 A US 201414505418A US 2015242614 A1 US2015242614 A1 US 2015242614A1
Authority
US
United States
Prior art keywords
root identity
security component
root
identity
public
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US14/505,418
Inventor
Mauro Scagnol
Nicolas Guy Alberl Graube
Dragan Boscovic
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Qualcomm Technologies International Ltd
Original Assignee
Cambridge Silicon Radio Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from GB1403312.0A external-priority patent/GB2515853B/en
Priority claimed from GB1403314.6A external-priority patent/GB2512733B/en
Application filed by Cambridge Silicon Radio Ltd filed Critical Cambridge Silicon Radio Ltd
Assigned to CAMBRIDGE SILICON RADIO LIMITED reassignment CAMBRIDGE SILICON RADIO LIMITED ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: BOSCOVIC, DRAGAN, GRAUBE, NICOLAS GUY ALBERT, SCAGNOL, MAURO
Publication of US20150242614A1 publication Critical patent/US20150242614A1/en
Assigned to QUALCOMM TECHNOLOGIES INTERNATIONAL, LTD. reassignment QUALCOMM TECHNOLOGIES INTERNATIONAL, LTD. CHANGE OF NAME (SEE DOCUMENT FOR DETAILS). Assignors: CAMBRIDGE SILICON RADIO LIMITED
Abandoned legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0805Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
    • H04L43/0817Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability by checking functioning
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/73Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by creating or determining hardware identification, e.g. serial numbers
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/76Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in application-specific integrated circuits [ASIC] or field-programmable devices, e.g. field-programmable gate arrays [FPGA] or programmable logic devices [PLD]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/08Logistics, e.g. warehousing, loading or distribution; Inventory or stock management
    • G06Q10/083Shipping
    • G06Q10/0833Tracking
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04BTRANSMISSION
    • H04B7/00Radio transmission systems, i.e. using radiation field
    • H04B7/14Relay systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04HBROADCAST COMMUNICATION
    • H04H20/00Arrangements for broadcast or for distribution combined with broadcast
    • H04H20/65Arrangements characterised by transmission systems for broadcast
    • H04H20/71Wireless systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • H04L41/0813Configuration setting characterised by the conditions triggering a change of settings
    • H04L41/082Configuration setting characterised by the conditions triggering a change of settings the condition being updates or upgrades of network functionality
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • H04L41/084Configuration by using pre-existing information, e.g. using templates or copying from other elements
    • H04L41/0846Configuration by using pre-existing information, e.g. using templates or copying from other elements based on copy from other elements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/085Retrieval of network configuration; Tracking network configuration history
    • H04L41/0853Retrieval of network configuration; Tracking network configuration history by actively collecting configuration information or by backing up configuration information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/12Discovery or management of network topologies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/14Network analysis or design
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/06Generation of reports
    • H04L43/065Generation of reports related to network devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0852Delays
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0876Network utilisation, e.g. volume of load or congestion level
    • H04L43/0882Utilisation of link capacity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/10Active monitoring, e.g. heartbeat, ping or trace-route
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/02Topology update or discovery
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/11Identifying congestion
    • H04L47/115Identifying congestion using a dedicated packet
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/16Flow control; Congestion control in connection oriented networks, e.g. frame relay
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/15Interconnection of switching modules
    • H04L49/1553Interconnection of ATM switching modules, e.g. ATM switching fabrics
    • H04L49/1584Full Mesh, e.g. knockout
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L5/00Arrangements affording multiple use of the transmission path
    • H04L5/003Arrangements for allocating sub-channels of the transmission path
    • H04L5/0053Allocation of signaling, i.e. of overhead other than pilot signals
    • H04L5/0055Physical resource allocation for ACK/NACK
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/061Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1475Passive attacks, e.g. eavesdropping or listening without modification of the traffic monitored
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1491Countermeasures against malicious traffic using deception as countermeasure, e.g. honeypots, honeynets, decoys or entrapment
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/2866Architectures; Arrangements
    • H04L67/30Profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/22Parsing or analysis of headers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0877Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/50Secure pairing of devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W16/00Network planning, e.g. coverage or traffic planning tools; Network deployment, e.g. resource partitioning or cells structures
    • H04W16/18Network planning tools
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W24/00Supervisory, monitoring or testing arrangements
    • H04W24/06Testing, supervising or monitoring using simulated traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/02Services making use of location information
    • H04W4/029Location-based management or tracking services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/06Selective distribution of broadcast services, e.g. multimedia broadcast multicast service [MBMS]; Services to user groups; One-way selective calling services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/38Services specially adapted for particular environments, situations or purposes for collecting sensor information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/70Services for machine-to-machine communication [M2M] or machine type communication [MTC]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/80Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W40/00Communication routing or communication path finding
    • H04W40/24Connectivity information management, e.g. connectivity discovery or connectivity update
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W52/00Power management, e.g. TPC [Transmission Power Control], power saving or power classes
    • H04W52/02Power saving arrangements
    • H04W52/0209Power saving arrangements in terminal devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W52/00Power management, e.g. TPC [Transmission Power Control], power saving or power classes
    • H04W52/02Power saving arrangements
    • H04W52/0209Power saving arrangements in terminal devices
    • H04W52/0225Power saving arrangements in terminal devices using monitoring of external events, e.g. the presence of a signal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W52/00Power management, e.g. TPC [Transmission Power Control], power saving or power classes
    • H04W52/02Power saving arrangements
    • H04W52/0209Power saving arrangements in terminal devices
    • H04W52/0251Power saving arrangements in terminal devices using monitoring of local events, e.g. events related to user activity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W52/00Power management, e.g. TPC [Transmission Power Control], power saving or power classes
    • H04W52/02Power saving arrangements
    • H04W52/0209Power saving arrangements in terminal devices
    • H04W52/0261Power saving arrangements in terminal devices managing power supply demand, e.g. depending on battery level
    • H04W52/0274Power saving arrangements in terminal devices managing power supply demand, e.g. depending on battery level by switching on or off the equipment or parts thereof
    • H04W52/028Power saving arrangements in terminal devices managing power supply demand, e.g. depending on battery level by switching on or off the equipment or parts thereof switching on or off only a part of the equipment circuit blocks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W52/00Power management, e.g. TPC [Transmission Power Control], power saving or power classes
    • H04W52/04TPC
    • H04W52/38TPC being performed in particular situations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W64/00Locating users or terminals or network equipment for network management purposes, e.g. mobility management
    • H04W64/003Locating users or terminals or network equipment for network management purposes, e.g. mobility management locating network equipment
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W72/00Local resource management
    • H04W72/12Wireless traffic scheduling
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W72/00Local resource management
    • H04W72/20Control channels or signalling for resource management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup
    • H04W76/11Allocation or use of connection identifiers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup
    • H04W76/14Direct-mode setup
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/22Processing or transfer of terminal data, e.g. status or physical capabilities
    • H04W8/24Transfer of terminal data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/22Processing or transfer of terminal data, e.g. status or physical capabilities
    • H04W8/24Transfer of terminal data
    • H04W8/245Transfer of terminal data from a network towards a terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/18Self-organising networks, e.g. ad-hoc networks or sensor networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/02Terminal devices
    • H04W88/04Terminal devices adapted for relaying to or from another terminal or user
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/02Terminal devices
    • H04W88/06Terminal devices adapted for operation in multiple networks or having at least two operational modes, e.g. multi-mode terminals
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W92/00Interfaces specially adapted for wireless communication networks
    • H04W92/02Inter-networking arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/69Identity-dependent
    • H04W12/77Graphical identity
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02ATECHNOLOGIES FOR ADAPTATION TO CLIMATE CHANGE
    • Y02A10/00TECHNOLOGIES FOR ADAPTATION TO CLIMATE CHANGE at coastal zones; at river basins
    • Y02A10/40Controlling or monitoring, e.g. of flood or hurricane; Forecasting, e.g. risk assessment or mapping
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Definitions

  • This invention relates to provisioning a device with a means for authenticating itself to other devices.
  • Security is of increasing concern in the so-called Internet of Things.
  • identity and integrity of an individual device is of paramount importance in a network of potentially thousands of cooperating elements.
  • a typical approach is to provide specific hardware on the device to act as the root of trust and propagate that trust up to other firmware and applications executing on the device.
  • the root of trust is a fundamental concept from which the security of the whole device and the services provided to/by the device propagates.
  • the component should be reliable, tamper-proof and consistently behave in an expected manner. It should provide the minimum set of functionality needed to assess the integrity of the platform and the associated trustworthiness such as: measurement/storage/reporting of a set of metrics describing the platform characteristics (e.g. signed firmware hashes), and access to data signing/encryption for authentication, integrity and confidentiality purposes.
  • the secret may be a truly random number that represents or assists in the generation of a cryptographical secret, such as a symmetric key or an asymmetric key-set, embedded in a controlled environment into the hardware of the chip/device, which can be challenged later.
  • the secret is usually generated outside the chip and later embedded in the chip. This creates a serious challenge in managing the secret, which must be tightly controlled and monitored all the way through.
  • Information on the secret (such as a private key burnt into the chip/device) might leak before or after manufacturing, invalidate the scheme and expose the customer to the risk of cloning and theft of sensitive data.
  • safe rooms or “cages” are typically required during manufacture.
  • a security component for authenticating a device, within which it is incorporated, with another device, the security component comprising a root identity generator configured to generate a root identity comprising a public root identity and a private root identity and an output configured to output the public root identity for sharing with the other device and to not output the private root identity.
  • the root identity generator may be configured to generate, as part of the private root identity, a private key of an asymmetric key set.
  • the root identity generator may be configured to generate, as part of the public root identity, one or more of a unique identifier for the security component, a public key of an asymmetric key set and a symmetric key.
  • the root identity generator may be configured to generate multiple unique root identities for the security component.
  • the root identity generator may be capable of repeatably generating the root identity.
  • the security component may be configured not to store the root identity.
  • the root identity generator may be configured to, when the security component requires the root identity, regenerate the root identity.
  • the security component may comprise a memory configured to store the root identity and the security component may be configured to, when it requires the root identity, retrieve it from memory.
  • the security component may comprise an enrolment indicator and may be configured to, when the public root identity is shared with the other device, set the enrolment indicator.
  • the security component may be configured not to share the public root identity if the enrolment indicator is set.
  • the root identity generator may be configured to, each time that the security component is required to generate a root identity when the enrolment indicator is not set, generate a new root identity.
  • the root identity generator may be configured to, each time that the security component is required to generate a root identity when the enrolment indicator is set, regenerate a previously generated root identity.
  • the root identity generator may be configured to, each time that the security component is required to generate a root identity when the enrolment indicator is set, regenerate the root identity that comprises the public root identity shared with the other device.
  • the root identity generator may be configured to generate a root identity during a self-test of the security component.
  • the security component may be configured not to share the private root identity with parts of the device that are outside of the security component.
  • the security component may comprise an encryption unit configured to encrypt and/or decrypt communications with the other device using the private root identity.
  • the encryption unit may be configured to encrypt any data that it shares with the other device with a public key of the other device.
  • the output may be configured to output the public root identity for sharing with a certificate authority.
  • the root identity generator may comprise an entropy source.
  • the security component may be for incorporation in a wireless communication device.
  • a method for provisioning a device with security credentials to enable it to authorise itself with another device comprising incorporating a security component in the device, generating, by means of the security component, a root identity comprising a public root identity and a private root identity and the security component outputting the public root identity for sharing with the other device and not outputting the private root identity.
  • FIG. 1 shows a method for generating an identity certificate
  • FIG. 2 shows the enrolment and deployment of a chip
  • FIG. 3 shows a method for blowing an enrolment fuse
  • FIGS. 4 a and 4 b show examples of security components.
  • FIG. 1 An example of a method for generating an identity certificate for a device is shown in FIG. 1 .
  • the device incorporates a security component.
  • This component may be capable of acting as a silicon root of trust for the device. It is likely to be implemented as an integrated circuit or chip.
  • the method starts in step S 101 with the security component generating a root identity.
  • the root identity is a fundamental, source of identification for a “thing”, e.g. a device in the Internet of Things. Its main purpose is to provide the basis for authentication, authorisation, accountability and accounting of services for the “thing”.
  • the root identity can be mapped onto authenticating data such as unique identifiers (UUID), symmetric keys or private/public key sets. It can be used to seed and/or validate additional identities in order to enable access to specific services.
  • the root identity should be exposed as little as possible to prevent theft, abuse and privacy loss.
  • the root identity may comprise some components that are “public” in the sense that, while they should be exposed as little as possible, some public exposure is necessary to authenticate the device.
  • the public parts of a root identity may include, for example, one or more of a unique identifier for the security component, a symmetric key, and a public key.
  • the public root identity typically includes information that has to be exposed to a certificate authority to record a Root Identity Certificate that can later be used to authorise the security component.
  • Other parts of the root identity can be considered “private” because they do not need to be exposed during any authentication procedure and should be kept secret by the device.
  • An example of a private part of a root identity is a private key from an asymmetric key pair.
  • the security component may generate both public and private parts of its root identity internally.
  • the security component can be requested to provide its root identity (step S 102 ).
  • the security component determines whether it is currently operating in an enrolment phase (step S 103 ). If yes, the security component returns its public root identity to the requester (step S 104 ). If no, the security component does not provide its public root identity to the requester (step S 105 ). The private root identity is not provided to the requester.
  • FIG. 2 A more detailed example of a chip generating an identity certificate is shown in FIG. 2 , with additional information about how the chip might respond to authentication requests after deployment.
  • FIG. 2 shows a chip during an enrolment phase (shown generally at 201 ) and later deployment phase (shown generally at 202 ).
  • the chip ( 204 ) comprises means for autonomously generating one or more root identities for the chip (RI chip ).
  • the chip may generate the root identities during the enrolment phase or earlier, such as during manufacture. In one example the root identities may be generated during the first self-test of the chip.
  • the chip may be configured to store the one or more root identities once generated so that they can be retrieved when needed. Alternatively the chip may also be capable of re-generating the root identities when required. Having the one or more root identities generated on the chip avoids the manufacturer having to securely manage cryptographic secrets before, during and after manufacture.
  • the certificate authority ( 203 ) will still need to know the public root identity of the chip before it is deployed, however, so that it can authenticate the chip later.
  • One possible opportunity for obtaining this information is at the end of manufacture, during chip testing.
  • the root identity encrypted with the public key of a certification authority may be exposed to firmware and retrieved by a manufacturing testing JIG, for example.
  • the root identity may then be safely stored on a local or remote server as a Root Identity Certificate before the chip is shipped to a customer.
  • the public root identity may only be able to be exposed to the manufacturer until the manufacturing process is finished.
  • One way of achieving this is to include one or more “enrolled fuses” on the chip. Once the enrolled fuse is blown, the root identity can no longer be read from the chip. If the manufacturer's certificate authority will be storing the Root Identity Certificate, only one enrolled fuse is required. Alternatively, the manufacturer could sell chips to customers with their own certificate authority. To enable this, some chips may have an extra enrolment fuse. This is termed “UseOtherCAPubKeyFuse” (see FIGS. 4 a and 4 b ), since if this fuse is blown by the manufacturer, it indicates that the harvesting process will be conducted using the public key of the customer's certificate authority rather than the manufacturer's.
  • This additional public key may be written in NVM (non-volatile memory) or OTP (one-time programmable memory) (e.g., OTP 406 ) before enrolment takes place.
  • NVM non-volatile memory
  • OTP one-time programmable memory
  • FIG. 3 An example method for blowing an enrolment fuses that implements the mechanism described above is shown in FIG. 3 .
  • the chip may generate its root identity during a self-test procedure, as mentioned above.
  • the chip may go through multiple self-tests during manufacture.
  • the chip may generate one or more root identities during each of these self-tests. These root identities may be different from one another, because the chip only needs to be able to re-generate an existing root identity after that root identity has been passed to a certificate authority.
  • the chip may therefore be configured to generate new root identities until the enrolment phase is complete (e.g. the fuse has blown) and thereafter either re-generate the root identities that have been passed to the certificate authority or retrieve them from memory (if the chip is configured to store its root identities).
  • the re-generated identities may be the same as those that the chip previously generated, and the same as the identities shared with the certificate authority.
  • An advantage of the method described above is that the private root identity, such as the private keys of the asymmetric key sets, are internally generated in the chip.
  • the initial generation of the private root identity is thus independent of any external input, so the manufacturer is freed from having to protect cryptographic secrets.
  • the root identity is additionally not exposed to the rest of the chip, and particularly not to firmware, after enrolment has been completed. Indeed most the information released by the chip during enrolment will be publicly exposed during use of the device anyway.
  • the exception is any symmetric keys (SymKey), although the risk that these might fall into the wrong hands can be reduced by encrypting RI chip with CA PubKey . If the reduced level of security is unacceptable, then symmetric keys need not be exchanged as part of the enrolment process.
  • a symmetric key may not be exchanged at enrolment, so that it forms part of the private root identity, and at other times it may be exchanged at enrolment, and form part of the public root identity.
  • the Root Identity Certificates stored by the certificate authority can later be used to authenticate the chip's identity and integrity following a challenge in the field.
  • An example of this is shown as part of the “deployment process” in FIG. 1 .
  • a network gateway challenges the identity and application/firmware integrity of the chip.
  • the actors in this process are a new device ( 204 ), a network gateway ( 205 ) that can admit the device to a network and the certificate authority ( 203 ), whose address is known to the gateway.
  • the certificate authority vouches for the identity and integrity of the device (via the chip) as follows:
  • the chip may autonomously re-generate its root identity. This is represented in FIG. 2 by PUF (physically unclonable function) 206 .
  • PUF physically unclonable function
  • the security component comprises a root identity generator, which may provide the ability to generate a configurable number (NUUID) of unique identifiers (UUIDs).
  • NUUID configurable number
  • the root identity generator may also be configured to generate an asymmetric private/public key set associated with each unique identifier: ⁇ PrivateKey i , PublicKey i ⁇
  • the root identity generator may also be configured to generate a symmetric key associated with each unique identifier: ⁇ SymKey i ⁇ .
  • the root identity generator may be capable of the following:
  • the security component may comprise an output for sharing some security information with another device, so that the other device may authenticate it.
  • This shared information is likely to include a unique identifier, public key of an asymmetric key pair and possibly a symmetric key pair. This information is suitably only shared during the enrolment phase, however.
  • the security bit may therefore comprise an indicator such as an enrolment fuse or bit in OTP, which can be blown/set when the enrolment phase is completed.
  • the security component may be configured to share the following with the other device:
  • RI chip ⁇ (UUID 1 : PublicKey 1 ,SymKey 1 ),(UUID 2 : PublicKey 2 ,SymKey 2 ), . . . ⁇
  • the security component may comprise an encryption unit for encrypting the information to be shared with the public key of the other device (which is likely to be associated with a certification authority).
  • the information may be shared with the other device by being exposed to the firmware of the device within which the security component is incorporated, from which it can be transferred to the other device via a wired or wireless connection.
  • the security component may be configured to regenerate the set of identifiers and keys (or of a part of it), in the same way as at initial switch on, at power up and/or on-demand, but the set is not exposed to any other part of the device (e.g. firmware).
  • FIGS. 4 a and 4 b Examples of two different security components are shown in FIGS. 4 a and 4 b (like components across the two figures are indicated by like numerals).
  • the root identity generator is implemented by crypto-block 401 .
  • the root identity generator may comprise a repeatable source of entropy capable of seeding the identifier and/or keys.
  • the source of entropy is Physical Unclonable Function Block (PUF) 403 , which is configured to provide a seed to cryptographic engine 402 .
  • PAF Physical Unclonable Function Block
  • FIG. 4 b Another embodiment is presented in FIG. 4 b .
  • the source of entropy is a true random number generator 409 (possibly one that is National Institute of Science and Technology (NIST) compliant).
  • the random number generator may be configured to generate the seed once at enrolment. The seed is then written in OTP and extracted from OTP every time that identifier and/or key regeneration is needed.
  • Crypto-block 401 comprises a cryptographic engine 402 .
  • the entropy source 403 is configured to seed the generation of a root identity by providing a seed to the cryptographic engine.
  • the entropy source may generate the same or different seed for each functional unit in the cryptographic engine that generates a respective element of the root identity. Examples of suitable functional units include:
  • ECC Elliptical Curve Cryptography
  • the cryptoblock 401 is managed by trusted processor block 404 that has exclusive access to the configuration registers 405 of the crypto-block.
  • the processor block may be configured to coordinate entropy source operation and RI chip extraction. It may also coordinate Root of Trust activities.
  • the security component also comprises an output represented by bus 408 for sharing its public root identity with other parts of the device or a certificate authority.
  • Bus 408 is merely an example, and any suitable wired or wireless output means might be employed.
  • the security component also comprises an enrolment fuse 407 for preventing transfer of the public root key after the enrolment process is complete.
  • FIGS. 4 a and 4 b are intended to correspond to a number of functional blocks in an apparatus. This is for illustrative purposes only.
  • FIGS. 4 a and 4 b are not intended to define a strict division between different parts of hardware on a chip or between different programs, procedures or functions in software.
  • some or all of the algorithms described herein may be performed wholly or partly in hardware.
  • the algorithms may be implemented by a processor acting under software control. Any such software may be stored on a non-transient computer readable medium, such as a memory (RAM, cache, hard disk etc) or other storage means (USB stick, CD, disk etc).
  • the provisioning methods and security component described above invert the role between originator and receiver of the cryptographical secret: the secret is generated on the chip and only public data is exposed during the enrolment process to the manufacturer. Private data is retained on the chip. If public data is leaked for a batch of chips, the manufacturer might lose income associated with providing a recurring identification and integrity verification service to a customer of those chips, but data confidentiality has not been compromised nor impersonation allowed. The prospect of external secret-leaking before, during and after manufacture is avoided since the focus has shifted from the securely storing keys externally provided by the manufacturer to chip internal, autonomous (re)generation of cryptographical secrets.

Abstract

A security component for authenticating a device, within which it is incorporated, with another device, the security component comprising a root identity generator configured to generate a root identity comprising a public root identity and a private root identity for the security component and an output configured to output the public root identity for sharing with the other device and to not output the private root identity.

Description

    CROSS REFERENCE TO RELATED APPLICATIONS
  • This non-provisional patent application claims priority to Great Britain applications: GB 1412715.3, filed Jul. 17, 2014; GB 1405790.5, filed Mar. 31, 2014; GB 1403314.6, filed Feb. 25, 2014; GB 1405785.5, filed Mar. 31, 2014; GB 1405786.3, filed Mar. 31, 2014; GB 1405789.7, filed Mar. 31, 2014; GB 1403312.0, filed Feb. 25, 2014; GB 1405791.3, filed Mar. 31, 2014; GB 1405797.0, filed Mar. 31, 2014.
    • TECHNICAL FIELD
  • This invention relates to provisioning a device with a means for authenticating itself to other devices.
    • BACKGROUND
  • Security is of increasing concern in the so-called Internet of Things. The identity and integrity of an individual device is of paramount importance in a network of potentially thousands of cooperating elements. A typical approach is to provide specific hardware on the device to act as the root of trust and propagate that trust up to other firmware and applications executing on the device.
  • The root of trust is a fundamental concept from which the security of the whole device and the services provided to/by the device propagates. The component should be reliable, tamper-proof and consistently behave in an expected manner. It should provide the minimum set of functionality needed to assess the integrity of the platform and the associated trustworthiness such as: measurement/storage/reporting of a set of metrics describing the platform characteristics (e.g. signed firmware hashes), and access to data signing/encryption for authentication, integrity and confidentiality purposes.
  • At the heart of the root of trust is usually a secret. The secret may be a truly random number that represents or assists in the generation of a cryptographical secret, such as a symmetric key or an asymmetric key-set, embedded in a controlled environment into the hardware of the chip/device, which can be challenged later. The secret is usually generated outside the chip and later embedded in the chip. This creates a serious challenge in managing the secret, which must be tightly controlled and monitored all the way through. Information on the secret (such as a private key burnt into the chip/device) might leak before or after manufacturing, invalidate the scheme and expose the customer to the risk of cloning and theft of sensitive data. Thus safe rooms (or “cages”) are typically required during manufacture.
  • There is a need for an improved mechanism for provisioning a device with security details that will enable it to authenticate itself with another device.
    • SUMMARY OF THE INVENTION
  • According to a first embodiment, there is provided a security component for authenticating a device, within which it is incorporated, with another device, the security component comprising a root identity generator configured to generate a root identity comprising a public root identity and a private root identity and an output configured to output the public root identity for sharing with the other device and to not output the private root identity.
  • The root identity generator may be configured to generate, as part of the private root identity, a private key of an asymmetric key set.
  • The root identity generator may be configured to generate, as part of the public root identity, one or more of a unique identifier for the security component, a public key of an asymmetric key set and a symmetric key.
  • The root identity generator may be configured to generate multiple unique root identities for the security component.
  • The root identity generator may be capable of repeatably generating the root identity.
  • The security component may be configured not to store the root identity.
  • The root identity generator may be configured to, when the security component requires the root identity, regenerate the root identity.
  • The security component may comprise a memory configured to store the root identity and the security component may be configured to, when it requires the root identity, retrieve it from memory.
  • The security component may comprise an enrolment indicator and may be configured to, when the public root identity is shared with the other device, set the enrolment indicator.
  • The security component may be configured not to share the public root identity if the enrolment indicator is set.
  • The root identity generator may be configured to, each time that the security component is required to generate a root identity when the enrolment indicator is not set, generate a new root identity.
  • The root identity generator may be configured to, each time that the security component is required to generate a root identity when the enrolment indicator is set, regenerate a previously generated root identity.
  • The root identity generator may be configured to, each time that the security component is required to generate a root identity when the enrolment indicator is set, regenerate the root identity that comprises the public root identity shared with the other device.
  • The root identity generator may be configured to generate a root identity during a self-test of the security component.
  • The security component may be configured not to share the private root identity with parts of the device that are outside of the security component.
  • The security component may comprise an encryption unit configured to encrypt and/or decrypt communications with the other device using the private root identity.
  • The encryption unit may be configured to encrypt any data that it shares with the other device with a public key of the other device.
  • The output may be configured to output the public root identity for sharing with a certificate authority.
  • The root identity generator may comprise an entropy source.
  • The security component may be for incorporation in a wireless communication device.
  • According to a second embodiment, there is provided a method for provisioning a device with security credentials to enable it to authorise itself with another device, comprising incorporating a security component in the device, generating, by means of the security component, a root identity comprising a public root identity and a private root identity and the security component outputting the public root identity for sharing with the other device and not outputting the private root identity.
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • The present invention will now be described by way of example with reference to the accompanying drawings. In the drawings:
  • FIG. 1 shows a method for generating an identity certificate;
  • FIG. 2 shows the enrolment and deployment of a chip;
  • FIG. 3 shows a method for blowing an enrolment fuse; and
  • FIGS. 4 a and 4 b show examples of security components.
    •  DETAILED DESCRIPTION
  • The following description is presented to enable any person skilled in the art to make and use the invention, and is provided in the context of a particular application. Various modifications to the disclosed embodiments will be readily apparent to those skilled in the art.
  • The general principles defined herein may be applied to other embodiments and applications without departing from the spirit and scope of the present invention. Thus, the present invention is not intended to be limited to the embodiments shown, but is to be accorded the widest scope consistent with the principles and features disclosed herein.
  • An example of a method for generating an identity certificate for a device is shown in FIG. 1. The device incorporates a security component. This component may be capable of acting as a silicon root of trust for the device. It is likely to be implemented as an integrated circuit or chip. The method starts in step S101 with the security component generating a root identity. The root identity is a fundamental, source of identification for a “thing”, e.g. a device in the Internet of Things. Its main purpose is to provide the basis for authentication, authorisation, accountability and accounting of services for the “thing”. The root identity can be mapped onto authenticating data such as unique identifiers (UUID), symmetric keys or private/public key sets. It can be used to seed and/or validate additional identities in order to enable access to specific services. The root identity should be exposed as little as possible to prevent theft, abuse and privacy loss.
  • The root identity may comprise some components that are “public” in the sense that, while they should be exposed as little as possible, some public exposure is necessary to authenticate the device. The public parts of a root identity may include, for example, one or more of a unique identifier for the security component, a symmetric key, and a public key. The public root identity typically includes information that has to be exposed to a certificate authority to record a Root Identity Certificate that can later be used to authorise the security component. Other parts of the root identity can be considered “private” because they do not need to be exposed during any authentication procedure and should be kept secret by the device. An example of a private part of a root identity is a private key from an asymmetric key pair. The security component may generate both public and private parts of its root identity internally.
  • The security component can be requested to provide its root identity (step S102). The security component determines whether it is currently operating in an enrolment phase (step S103). If yes, the security component returns its public root identity to the requester (step S104). If no, the security component does not provide its public root identity to the requester (step S105). The private root identity is not provided to the requester.
  • A more detailed example of a chip generating an identity certificate is shown in FIG. 2, with additional information about how the chip might respond to authentication requests after deployment.
  • FIG. 2 shows a chip during an enrolment phase (shown generally at 201) and later deployment phase (shown generally at 202). The chip (204) comprises means for autonomously generating one or more root identities for the chip (RIchip). The chip may generate the root identities during the enrolment phase or earlier, such as during manufacture. In one example the root identities may be generated during the first self-test of the chip. The chip may be configured to store the one or more root identities once generated so that they can be retrieved when needed. Alternatively the chip may also be capable of re-generating the root identities when required. Having the one or more root identities generated on the chip avoids the manufacturer having to securely manage cryptographic secrets before, during and after manufacture.
  • The certificate authority (203) will still need to know the public root identity of the chip before it is deployed, however, so that it can authenticate the chip later. One possible opportunity for obtaining this information is at the end of manufacture, during chip testing. The root identity encrypted with the public key of a certification authority may be exposed to firmware and retrieved by a manufacturing testing JIG, for example. The root identity may then be safely stored on a local or remote server as a Root Identity Certificate before the chip is shipped to a customer.
  • The public root identity may only be able to be exposed to the manufacturer until the manufacturing process is finished. One way of achieving this is to include one or more “enrolled fuses” on the chip. Once the enrolled fuse is blown, the root identity can no longer be read from the chip. If the manufacturer's certificate authority will be storing the Root Identity Certificate, only one enrolled fuse is required. Alternatively, the manufacturer could sell chips to customers with their own certificate authority. To enable this, some chips may have an extra enrolment fuse. This is termed “UseOtherCAPubKeyFuse” (see FIGS. 4 a and 4 b), since if this fuse is blown by the manufacturer, it indicates that the harvesting process will be conducted using the public key of the customer's certificate authority rather than the manufacturer's. This additional public key may be written in NVM (non-volatile memory) or OTP (one-time programmable memory) (e.g., OTP 406) before enrolment takes place. An example method for blowing an enrolment fuses that implements the mechanism described above is shown in FIG. 3.
  • The chip may generate its root identity during a self-test procedure, as mentioned above. The chip may go through multiple self-tests during manufacture. The chip may generate one or more root identities during each of these self-tests. These root identities may be different from one another, because the chip only needs to be able to re-generate an existing root identity after that root identity has been passed to a certificate authority. The chip may therefore be configured to generate new root identities until the enrolment phase is complete (e.g. the fuse has blown) and thereafter either re-generate the root identities that have been passed to the certificate authority or retrieve them from memory (if the chip is configured to store its root identities). The re-generated identities may be the same as those that the chip previously generated, and the same as the identities shared with the certificate authority.
  • An advantage of the method described above is that the private root identity, such as the private keys of the asymmetric key sets, are internally generated in the chip. The initial generation of the private root identity is thus independent of any external input, so the manufacturer is freed from having to protect cryptographic secrets. The root identity is additionally not exposed to the rest of the chip, and particularly not to firmware, after enrolment has been completed. Indeed most the information released by the chip during enrolment will be publicly exposed during use of the device anyway. The exception is any symmetric keys (SymKey), although the risk that these might fall into the wrong hands can be reduced by encrypting RIchip with CAPubKey. If the reduced level of security is unacceptable, then symmetric keys need not be exchanged as part of the enrolment process. Thus, the exact contents of the “private” and “public” parts of the root identity may depend on the context. In some implementations a symmetric key may not be exchanged at enrolment, so that it forms part of the private root identity, and at other times it may be exchanged at enrolment, and form part of the public root identity.
  • The Root Identity Certificates stored by the certificate authority can later be used to authenticate the chip's identity and integrity following a challenge in the field. An example of this is shown as part of the “deployment process” in FIG. 1. In this example, after the enrolment phase has been terminated and the device (onto which the chip is embedded) deployed in the field, a network gateway challenges the identity and application/firmware integrity of the chip. The actors in this process are a new device (204), a network gateway (205) that can admit the device to a network and the certificate authority (203), whose address is known to the gateway. The certificate authority vouches for the identity and integrity of the device (via the chip) as follows:
      • The network gateway issues an identity challenge.
      • The chip returns its UUID and a nonce, encrypted with the certificate authority's public key (CAPubKey).
      • The network gateway transparently forwards the reply from the device to the certificate authority.
      • The certificate authority decrypts the chip's initial response to the challenge, identifies the UUID and fetches from the database the associated public key of the chip (ChipPubKey)
      • The certificate authority uses the public key (ChipPubKey) to encrypt a salted challenge, which the network gateway transparently forwards to the device.
      • Only the real chip is able to decrypt the challenge using its private key and successfully reply using the certificate authority's public key (CAPubKey).
      • The certificate authority decrypts the reply and confirms the identity of the device to the network gateway.
      • The network gateway finally allows the device to join the network.
  • In a further development the chip may autonomously re-generate its root identity. This is represented in FIG. 2 by PUF (physically unclonable function) 206. Thus, rather than storing its root identity the chip may just regenerate it when required, hence improving security.
  • Specific examples of a security component are shown in FIGS. 4 a and b. The security component might be incorporated into a wide range of devices but it is likely that it will most commonly be incorporated into devices that are configured for wireless communication. In general terms, the security component comprises a root identity generator, which may provide the ability to generate a configurable number (NUUID) of unique identifiers (UUIDs). The identifiers are thus unique in the sense that they are unique to the component, but each component may have multiple identifiers: {UUIDi}, i=1. NUUID
  • The root identity generator may also be configured to generate an asymmetric private/public key set associated with each unique identifier: {PrivateKeyi, PublicKeyi} The root identity generator may also be configured to generate a symmetric key associated with each unique identifier: {SymKeyi}.
  • The root identity generator may be capable of the following:
      • Stochastic distribution across different chips so that, taking a chip at random, it is statistically impossible to tell if the ith bit of any of the identifiers and/or keys is a 0 or a 1, even if one or more of the other bits are known and even if the output of all other chips is known.
      • Generating different sizes of identifiers and/or keys and identifiers and/or keys that can be used for different purposes (e.g. signing vs. encryption).
      • Autonomous regeneration of identifiers and/or keys each time that the chip is powered up or each time that the chip needs to use the identifiers and/or keys. Identifiers and/or keys may be strictly repeatable over a wide range of operative conditions, in temperature and voltage and across different power-cycling events. The key generator need only be configured to regenerate identifiers and/or keys after it has been through the enrolment phase. Before that point, the key generator may be configured to generate new identifiers and/or keys each time that the chip is powered up or goes through a self-test procedure.
  • The security component may comprise an output for sharing some security information with another device, so that the other device may authenticate it. This shared information is likely to include a unique identifier, public key of an asymmetric key pair and possibly a symmetric key pair. This information is suitably only shared during the enrolment phase, however. The security bit may therefore comprise an indicator such as an enrolment fuse or bit in OTP, which can be blown/set when the enrolment phase is completed.
  • If the indicator is not set, the security component may be configured to share the following with the other device:

  • RIchip={(UUID1: PublicKey1,SymKey1),(UUID2: PublicKey2,SymKey2), . . . }
  • The security component may comprise an encryption unit for encrypting the information to be shared with the public key of the other device (which is likely to be associated with a certification authority). The information may be shared with the other device by being exposed to the firmware of the device within which the security component is incorporated, from which it can be transferred to the other device via a wired or wireless connection.
  • If the indicator is set, the security component may be configured to regenerate the set of identifiers and keys (or of a part of it), in the same way as at initial switch on, at power up and/or on-demand, but the set is not exposed to any other part of the device (e.g. firmware).
  • Examples of two different security components are shown in FIGS. 4 a and 4 b (like components across the two figures are indicated by like numerals). In the examples of FIGS. 4 a and 4 b, the root identity generator is implemented by crypto-block 401. The root identity generator may comprise a repeatable source of entropy capable of seeding the identifier and/or keys. In the example of FIG. 4 a, the source of entropy is Physical Unclonable Function Block (PUF) 403, which is configured to provide a seed to cryptographic engine 402. Another embodiment is presented in FIG. 4 b. In this example the source of entropy is a true random number generator 409 (possibly one that is National Institute of Science and Technology (NIST) compliant). The random number generator may be configured to generate the seed once at enrolment. The seed is then written in OTP and extracted from OTP every time that identifier and/or key regeneration is needed.
  • Crypto-block 401 comprises a cryptographic engine 402. The entropy source 403 is configured to seed the generation of a root identity by providing a seed to the cryptographic engine. The entropy source may generate the same or different seed for each functional unit in the cryptographic engine that generates a respective element of the root identity. Examples of suitable functional units include:
  • 1. an Elliptical Curve Cryptography (ECC) multiplier to generate the public/private key pair as a set of asymmetric elliptic cryptographic keys {PrKey, PubKey};
    2. a key derivation function to generate a symmetric key {SymKey}; and
    3. a hashing function to generate a unique identifier {UUID}.
  • The cryptoblock 401 is managed by trusted processor block 404 that has exclusive access to the configuration registers 405 of the crypto-block. The processor block may be configured to coordinate entropy source operation and RIchip extraction. It may also coordinate Root of Trust activities.
  • The security component also comprises an output represented by bus 408 for sharing its public root identity with other parts of the device or a certificate authority. Bus 408 is merely an example, and any suitable wired or wireless output means might be employed. The security component also comprises an enrolment fuse 407 for preventing transfer of the public root key after the enrolment process is complete.
  • The structures shown in FIGS. 4 a and 4 b (and indeed all block apparatus diagrams included herein) are intended to correspond to a number of functional blocks in an apparatus. This is for illustrative purposes only. FIGS. 4 a and 4 b are not intended to define a strict division between different parts of hardware on a chip or between different programs, procedures or functions in software. In some embodiments, some or all of the algorithms described herein may be performed wholly or partly in hardware. In other implementations, the algorithms may be implemented by a processor acting under software control. Any such software may be stored on a non-transient computer readable medium, such as a memory (RAM, cache, hard disk etc) or other storage means (USB stick, CD, disk etc).
  • The provisioning methods and security component described above invert the role between originator and receiver of the cryptographical secret: the secret is generated on the chip and only public data is exposed during the enrolment process to the manufacturer. Private data is retained on the chip. If public data is leaked for a batch of chips, the manufacturer might lose income associated with providing a recurring identification and integrity verification service to a customer of those chips, but data confidentiality has not been compromised nor impersonation allowed. The prospect of external secret-leaking before, during and after manufacture is avoided since the focus has shifted from the securely storing keys externally provided by the manufacturer to chip internal, autonomous (re)generation of cryptographical secrets. Thus, provided that side-attacks are prevented, impersonation and sensitive data stealing are not possible unless the chip's private keys are extracted from the crypto-block using lab-attacks. This is theoretically impossible with a PUF since accessing the PUF structure by definition alters its behaviour. It is also highly unlikely with OTP.
  • The applicant hereby discloses in isolation each individual feature described herein and any combination of two or more such features, to the extent that such features or combinations are capable of being carried out based on the present specification as a whole in the light of the common general knowledge of a person skilled in the art, irrespective of whether such features or combinations of features solve any problems disclosed herein, and without limitation to the scope of the claims. The applicant indicates that aspects of the present invention may consist of any such individual feature or combination of features. In view of the foregoing description it will be evident to a person skilled in the art that various modifications may be made within the scope of the invention.

Claims (20)

What is claimed is:
1. A security component for authenticating a device, within which it is incorporated, with another device, the security component comprising:
a root identity generator configured to generate a root identity comprising a public root identity and a private root identity; and
an output configured to output the public root identity for sharing with the other device and to not output the private root identity.
2. The security component as claimed in claim 1, the root identity generator being configured to generate, as part of the private root identity, a private key of an asymmetric key set.
3. The security component as claimed in claim 1, the root identity generator being configured to generate, as part of the public root identity, one or more of a unique identifier for the security component, a public key of an asymmetric key set, and a symmetric key.
4. The security component as claimed in claim 1, the root identity generator being configured to generate multiple unique root identities for the security component.
5. The security component as claimed in claim 1, the root identity generator being capable of repeatably generating the root identity.
6. The security component as claimed in claim 1, the security component being configured not to store the root identity.
7. The security component as claimed in claim 1, the root identity generator being configured to, when the security component requires the root identity, regenerate the root identity.
8. The security component as claimed in claim 1, the security component comprising a memory configured to store the root identity and being configured to, when it requires the root identity, retrieve it from memory.
9. The security component as claimed in claim 1, comprising an enrolment indicator, the security component being configured to, when the public root identity is shared with the other device, set the enrolment indicator.
10. The security component as claimed in claim 9, the security component being configured not to share the public root identity if the enrolment indicator is set.
11. The security component as claimed in claim 9, the root identity generator being configured to, each time that the security component is required to generate a root identity when the enrolment indicator is not set, generate a new root identity.
12. The security component as claimed in claim 9, the root identity generator being configured to, each time that the security component is required to generate a root identity when the enrolment indicator is set, regenerate a previously generated root identity.
13. The security component as claimed in claim 9, the root identity generator being configured to, each time that the security component is required to generate a root identity when the enrolment indicator is set, regenerate the root identity that comprises the public root identity shared with the other device.
14. The security component as claimed in claim 1, the root identity generator being configured to generate a root identity during a self-test of the security component.
15. The security component as claimed in claim 1, the security component being configured not to share the private root identity with parts of the device that are outside of the security component.
16. The security component as claimed in claim 1, comprising an encryption unit configured to encrypt and/or decrypt communications with the other device using the private root identity.
17. The security component as claimed in claim 16, the encryption unit being configured to encrypt any data that it shares with the other device with a public key of the other device.
18. The security component as claimed in claim 1, the output being configured to output the public root identity for sharing with a certificate authority.
19. The security component as claimed in claim 1, in which the root identity generator comprises an entropy source.
20. A method for provisioning a device with security credentials to enable it to authorise itself with another device, comprising:
incorporating a security component in the device;
generating, by the security component, a root identity comprising a public root identity and a private root identity; and
the security component outputting the public root identity for sharing with the other device and not outputting the private root identity.
US14/505,418 2014-02-25 2014-10-02 Provisioning of security credentials Abandoned US20150242614A1 (en)

Applications Claiming Priority (18)

Application Number Priority Date Filing Date Title
GB1403312.0A GB2515853B (en) 2014-02-25 2014-02-25 Latency mitigation
GB1403314.6 2014-02-25
GB1403312.0 2014-02-25
GB1403314.6A GB2512733B (en) 2014-02-25 2014-02-25 Broadcast retransmission
GB1405786.3 2014-03-31
GB1405786.3A GB2512746B (en) 2014-02-25 2014-03-31 Thwarting traffic analysis
GB1405785.5 2014-03-31
GB1405797.0 2014-03-31
GB1405789.7 2014-03-31
GB1405785.5A GB2512501A (en) 2014-02-25 2014-03-31 Packet identification
GB1405789.7A GB2512502B (en) 2014-02-25 2014-03-31 Device authentication
GB1405791.3 2014-03-31
GB1405790.5A GB2512747B (en) 2014-02-25 2014-03-31 Mesh relay
GB1405791.3A GB2512748B (en) 2014-02-25 2014-03-31 Auto-configuration of a mesh relay's TX/RX schedule
GB1405790.5 2014-03-31
GB1405797.0A GB2512749B (en) 2014-02-25 2014-03-31 Linking ad hoc networks
GB1412715.3 2014-07-17
GB1412715.3A GB2513265B (en) 2014-02-25 2014-07-17 Provisioning of security credentials

Publications (1)

Publication Number Publication Date
US20150242614A1 true US20150242614A1 (en) 2015-08-27

Family

ID=50737759

Family Applications (14)

Application Number Title Priority Date Filing Date
US14/270,961 Active 2035-05-12 US10055570B2 (en) 2014-02-25 2014-05-06 Mesh relay
US14/270,884 Abandoned US20150244648A1 (en) 2014-02-25 2014-05-06 Auto-configuration of a mesh relay's tx/rx schedule
US14/297,324 Active 2034-12-08 US9489506B2 (en) 2014-02-25 2014-06-05 Linking ad hoc networks
US14/298,177 Abandoned US20150245203A1 (en) 2014-02-25 2014-06-06 Packet identification
US14/316,404 Abandoned US20150245204A1 (en) 2014-02-25 2014-06-26 Device authentication
US14/316,529 Abandoned US20150244828A1 (en) 2014-02-25 2014-06-26 Thwarting traffic analysis
US14/505,443 Active 2035-06-01 US9754096B2 (en) 2014-02-25 2014-10-02 Update management
US14/505,458 Active US9672346B2 (en) 2014-02-25 2014-10-02 Object tracking by establishing a mesh network and transmitting packets
US14/505,399 Active 2035-04-03 US9910976B2 (en) 2014-02-25 2014-10-02 Processing mesh communications
US14/505,437 Abandoned US20150245369A1 (en) 2014-02-25 2014-10-02 Communicating data over a mesh network
US14/505,465 Abandoned US20150244565A1 (en) 2014-02-25 2014-10-02 Network configuration
US14/505,418 Abandoned US20150242614A1 (en) 2014-02-25 2014-10-02 Provisioning of security credentials
US14/505,466 Abandoned US20150244623A1 (en) 2014-02-25 2014-10-02 Mesh profiling
US14/505,454 Expired - Fee Related US9842202B2 (en) 2014-02-25 2014-10-02 Device proximity

Family Applications Before (11)

Application Number Title Priority Date Filing Date
US14/270,961 Active 2035-05-12 US10055570B2 (en) 2014-02-25 2014-05-06 Mesh relay
US14/270,884 Abandoned US20150244648A1 (en) 2014-02-25 2014-05-06 Auto-configuration of a mesh relay's tx/rx schedule
US14/297,324 Active 2034-12-08 US9489506B2 (en) 2014-02-25 2014-06-05 Linking ad hoc networks
US14/298,177 Abandoned US20150245203A1 (en) 2014-02-25 2014-06-06 Packet identification
US14/316,404 Abandoned US20150245204A1 (en) 2014-02-25 2014-06-26 Device authentication
US14/316,529 Abandoned US20150244828A1 (en) 2014-02-25 2014-06-26 Thwarting traffic analysis
US14/505,443 Active 2035-06-01 US9754096B2 (en) 2014-02-25 2014-10-02 Update management
US14/505,458 Active US9672346B2 (en) 2014-02-25 2014-10-02 Object tracking by establishing a mesh network and transmitting packets
US14/505,399 Active 2035-04-03 US9910976B2 (en) 2014-02-25 2014-10-02 Processing mesh communications
US14/505,437 Abandoned US20150245369A1 (en) 2014-02-25 2014-10-02 Communicating data over a mesh network
US14/505,465 Abandoned US20150244565A1 (en) 2014-02-25 2014-10-02 Network configuration

Family Applications After (2)

Application Number Title Priority Date Filing Date
US14/505,466 Abandoned US20150244623A1 (en) 2014-02-25 2014-10-02 Mesh profiling
US14/505,454 Expired - Fee Related US9842202B2 (en) 2014-02-25 2014-10-02 Device proximity

Country Status (3)

Country Link
US (14) US10055570B2 (en)
DE (13) DE102014019749B3 (en)
GB (18) GB2512749B (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9489506B2 (en) 2014-02-25 2016-11-08 Qualcomm Technologies International, Ltd. Linking ad hoc networks
US9692538B2 (en) 2014-02-25 2017-06-27 Qualcomm Technologies International, Ltd. Latency mitigation
US20180145829A1 (en) * 2016-11-24 2018-05-24 Samsung Electronics Co, Ltd Data management method
CN109756324A (en) * 2017-11-02 2019-05-14 大唐移动通信设备有限公司 Cryptographic key negotiation method, terminal and gateway in a kind of Mesh network
US20190213359A1 (en) * 2018-01-10 2019-07-11 General Electric Company Secure provisioning of secrets into mpsoc devices using untrusted third-party systems
US10951653B2 (en) 2017-09-22 2021-03-16 Samsung Electronics Co., Ltd. Apparatus including secure component and method of provisioning security information into the apparatus
US11018871B2 (en) * 2018-03-30 2021-05-25 Intel Corporation Key protection for computing platform
US20210273920A1 (en) * 2020-02-28 2021-09-02 Vmware, Inc. Secure certificate or key distribution for synchronous mobile device management (mdm) clients
US11210678B2 (en) 2016-11-18 2021-12-28 Samsung Electronics Co., Ltd. Component for provisioning security data and product including the same

Families Citing this family (120)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103974225B (en) * 2013-02-01 2018-03-13 财团法人工业技术研究院 Communication device, device-to-device communication system and wireless communication method thereof
US10078811B2 (en) 2013-11-29 2018-09-18 Fedex Corporate Services, Inc. Determining node location based on context data in a wireless node network
US9451462B2 (en) * 2014-08-10 2016-09-20 Belkin International Inc. Setup of multiple IoT network devices
US9918351B2 (en) 2014-04-01 2018-03-13 Belkin International Inc. Setup of multiple IOT networks devices
US10453023B2 (en) 2014-05-28 2019-10-22 Fedex Corporate Services, Inc. Methods and node apparatus for adaptive node communication within a wireless node network
US9386605B2 (en) * 2014-07-11 2016-07-05 Motorola Solutions, Inc. Mobile dynamic mesh cluster bridging method and apparatus at incident scenes
US9872240B2 (en) 2014-08-19 2018-01-16 Belkin International Inc. Network device source entity triggered device configuration setup
FR3026587A1 (en) * 2014-09-30 2016-04-01 Orange METHOD OF ACCESS BY A MASTER DEVICE TO A VALUE TAKEN BY A CHARACTERISTIC MANAGED BY A PERIPHERAL DEVICE
FR3031822B1 (en) * 2015-01-16 2018-04-13 Airbus Operations DOWNLOADING DATA ON REMOTE EQUIPMENT
US10681479B2 (en) 2015-01-30 2020-06-09 Cassia Networks Inc. Methods, devices and systems for bluetooth audio transmission
US9769594B2 (en) * 2015-01-30 2017-09-19 Cassia Networks Inc. Methods, devices and systems for increasing wireless communication range
US11238397B2 (en) 2015-02-09 2022-02-01 Fedex Corporate Services, Inc. Methods, apparatus, and systems for generating a corrective pickup notification for a shipped item using a mobile master node
US9426616B1 (en) * 2015-02-10 2016-08-23 Tyco Fire & Security Gmbh Wireless sensor network controlled low energy link
FR3033118B1 (en) * 2015-02-19 2017-02-17 Sigfox METHOD AND SYSTEM FOR WIRELESS COMMUNICATION BETWEEN TERMINALS AND SEMI-DUPLEX BASE STATIONS
US11171941B2 (en) * 2015-02-24 2021-11-09 Nelson A. Cicchitto Mobile device enabled desktop tethered and tetherless authentication
US10848485B2 (en) 2015-02-24 2020-11-24 Nelson Cicchitto Method and apparatus for a social network score system communicably connected to an ID-less and password-less authentication system
US11122034B2 (en) 2015-02-24 2021-09-14 Nelson A. Cicchitto Method and apparatus for an identity assurance score with ties to an ID-less and password-less authentication system
EP3262893B1 (en) 2015-02-26 2019-07-03 Telefonaktiebolaget LM Ericsson (publ) Energy efficient ble mesh initialisation and operation
JP6566669B2 (en) * 2015-03-12 2019-08-28 キヤノン株式会社 Information processing apparatus, control method thereof, communication method, and program
TWI552001B (en) * 2015-04-13 2016-10-01 聚眾聯合科技股份有限公司 Connection information sharing system, computer program, and connection information sharing method thereof
CN106304303B (en) * 2015-06-09 2019-11-12 沈阳中科奥维科技股份有限公司 A kind of power regulating method suitable for WIA-PA wireless network
US10375492B2 (en) 2015-06-30 2019-08-06 Sonova, AG Method of fitting a hearing assistance device
WO2017007409A1 (en) * 2015-07-06 2017-01-12 Telefonaktiebolaget Lm Ericsson (Publ) Apparatus and method for forwarding messages
US9985839B2 (en) 2015-07-08 2018-05-29 Fedex Corporate Services, Inc. Systems, apparatus, and methods of event monitoring for an event candidate within a wireless node network based upon sighting events, sporadic events, and benchmark checkpoint events
US9843929B2 (en) 2015-08-21 2017-12-12 Afero, Inc. Apparatus and method for sharing WiFi security data in an internet of things (IoT) system
US9503969B1 (en) 2015-08-25 2016-11-22 Afero, Inc. Apparatus and method for a dynamic scan interval for a wireless device
CN108353277B (en) * 2015-09-30 2021-09-28 谷歌有限责任公司 Low energy radio and system including low energy radio
US10990616B2 (en) * 2015-11-17 2021-04-27 Nec Corporation Fast pattern discovery for log analytics
US10673646B1 (en) * 2018-12-09 2020-06-02 Olibra Llc System, device, and method of multi-path wireless communication
US10432461B2 (en) * 2015-12-04 2019-10-01 T-Mobile Usa, Inc. Peer-to-peer distribution of radio protocol data for software defined radio (SDR) updates
KR102381371B1 (en) 2015-12-10 2022-03-31 삼성전자주식회사 System and method for providing information by using near field communication
US10805344B2 (en) * 2015-12-14 2020-10-13 Afero, Inc. Apparatus and method for obscuring wireless communication patterns
US10447784B2 (en) 2015-12-14 2019-10-15 Afero, Inc. Apparatus and method for modifying packet interval timing to identify a data transfer condition
US10091242B2 (en) 2015-12-14 2018-10-02 Afero, Inc. System and method for establishing a secondary communication channel to control an internet of things (IOT) device
US9992065B2 (en) * 2015-12-15 2018-06-05 T-Mobile Usa, Inc. Selective wi-fi calling router updates
US10659442B1 (en) * 2015-12-21 2020-05-19 Marvell International Ltd. Security in smart configuration for WLAN based IOT device
US20170187602A1 (en) * 2015-12-29 2017-06-29 Vivek Pathela System and method of troubleshooting network source inefficiency
US10708842B2 (en) * 2016-01-13 2020-07-07 Locus Control LLC Low power communications system
US10148453B2 (en) * 2016-02-24 2018-12-04 Qualcomm Incorporated Using update slot to synchronize to Bluetooth LE isochronous channel and communicate state changes
CN108780538A (en) 2016-03-23 2018-11-09 联邦快递服务公司 The system, apparatus and method of broadcast setting for the node in self-adjusting wireless node network
GB2549735B (en) * 2016-04-26 2020-07-29 Checkit Ltd Network access control
US10951261B2 (en) 2016-04-29 2021-03-16 Texas Instruments Incorporated Pseudo channel hopping in mesh networks without time synchronization
US10205606B2 (en) 2016-06-15 2019-02-12 Abl Ip Holding Llc Mesh over-the-air (OTA) luminaire firmware update
US10873854B2 (en) * 2016-07-28 2020-12-22 Lg Electronics Inc. Method and apparatus for establishing connection of devices
US10798548B2 (en) * 2016-08-22 2020-10-06 Lg Electronics Inc. Method for controlling device by using Bluetooth technology, and apparatus
EP3312762B1 (en) * 2016-10-18 2023-03-01 Axis AB Method and system for tracking an object in a defined area
US9781603B1 (en) * 2016-10-20 2017-10-03 Fortress Cyber Security, LLC Combined network and physical security appliance
US10348514B2 (en) * 2016-10-26 2019-07-09 Abl Ip Holding Llc Mesh over-the-air (OTA) driver update using site profile based multiple platform image
DE102016124168A1 (en) * 2016-12-13 2018-06-14 Endress+Hauser Conducta Gmbh+Co. Kg Method for operating a specific field device via a mobile operating device
WO2018118822A1 (en) * 2016-12-20 2018-06-28 Abbott Diabetes Care Inc. Systems, devices and methods for wireless communications in analyte monitoring devices
CN106792853B (en) * 2016-12-22 2020-05-12 青岛亿联客信息技术有限公司 New equipment adding method for Bluetooth mesh network
CN106713047A (en) * 2017-01-12 2017-05-24 泰凌微电子(上海)有限公司 Node upgrading method and system in mesh network
US10433134B2 (en) 2017-01-24 2019-10-01 Arris Enterprises Llc Video gateway as an internet of things mesh enhancer apparatus and method
CN110168454B (en) * 2017-02-21 2022-05-06 欧姆龙株式会社 Method for controlling a field device, control device, technical system and storage medium
US10362612B2 (en) 2017-03-06 2019-07-23 Citrix Systems, Inc. Virtual private networking based on peer-to-peer communication
CN110352586B (en) * 2017-03-08 2021-12-07 日立能源瑞士股份公司 Method and apparatus for preserving relative timing and ordering of data packets in a network
DE102017106381A1 (en) 2017-03-24 2018-09-27 Newtec Gmbh Method and apparatus for wirelessly transmitting a data signal
EP3610661A4 (en) * 2017-04-10 2020-09-16 Itron Networked Solutions, Inc. Efficient internet-of-things device configuration via quick response codes
US10116523B1 (en) * 2017-04-12 2018-10-30 Fisher-Rosemount Systems, Inc. Predictive connectivity diagnostics for a wireless mesh network in a process control system
US11229023B2 (en) * 2017-04-21 2022-01-18 Netgear, Inc. Secure communication in network access points
US10605609B2 (en) * 2017-05-03 2020-03-31 Microsoft Technology Licensing, Llc Coupled interactive devices
DE102017207871A1 (en) * 2017-05-10 2018-11-15 Tridonic Gmbh & Co Kg Firmware Update-Over-The Air (FOTA) in building technology
CA3063105A1 (en) 2017-05-23 2018-11-29 Walmart Apollo, Llc Automated inspection system
US10389854B2 (en) * 2017-06-15 2019-08-20 Infinet, LLC Method and system for forming an ad-hoc network over heterogeneous protocols
US9955307B1 (en) * 2017-08-03 2018-04-24 Here Global B.V. Distributed relative positioning
US20210132932A1 (en) * 2017-08-15 2021-05-06 General Electric Company Smart equipment, method used by smart equipment, and smart lamp
US10666624B2 (en) * 2017-08-23 2020-05-26 Qualcomm Incorporated Systems and methods for optimized network layer message processing
CN107635215A (en) * 2017-08-25 2018-01-26 西安电子科技大学 Mesh network-building methods based on low-power consumption bluetooth
CN107508714B (en) * 2017-09-26 2020-09-15 深圳市微智电子有限公司 Method and device for carrying out network configuration on Bluetooth equipment based on Bluetooth mesh
US11057204B2 (en) * 2017-10-04 2021-07-06 Amir Keyvan Khandani Methods for encrypted data communications
US11490400B2 (en) * 2017-11-15 2022-11-01 Telefonaktiebolaget Lm Ericsson (Publ) End node, relay node, and methods performed therein for handling transmission of information
CN108064034A (en) * 2017-11-17 2018-05-22 芯海科技(深圳)股份有限公司 A kind of data collection network method of mesh networkings
EP3489922B1 (en) 2017-11-24 2022-01-05 Andreas Stihl AG & Co. KG Method of operating a wireless transmitter and a wireless receiver and system
EP3718352B1 (en) * 2017-11-28 2021-07-07 Telefonaktiebolaget LM Ericsson (publ) Message transmission with reduced interference
WO2019117763A1 (en) * 2017-12-11 2019-06-20 Telefonaktiebolaget Lm Ericsson (Publ) Channel scanning in a mesh network
US10554562B2 (en) * 2017-12-22 2020-02-04 International Business Machines Corporation Streaming network
RU2666306C1 (en) * 2017-12-27 2018-09-06 федеральное государственное автономное образовательное учреждение высшего образования "Санкт-Петербургский политехнический университет Петра Великого" (ФГАОУ ВО "СПбПУ") Method of controlling communication of single-range intercomputer data network
US10607012B2 (en) 2017-12-29 2020-03-31 Delphian Systems, LLC Bridge computing device control in local networks of interconnected devices
KR102530441B1 (en) 2018-01-29 2023-05-09 삼성전자주식회사 Electronic device, external electronic device, system comprising the same and control method thereof
US10944669B1 (en) 2018-02-09 2021-03-09 GoTenna, Inc. System and method for efficient network-wide broadcast in a multi-hop wireless network using packet echos
US11516682B2 (en) * 2018-03-16 2022-11-29 Telefonaktiebolaget Lm Ericsson (Publ) Methods and nodes for obtaining information regarding a bluetooth mesh network
US11448632B2 (en) 2018-03-19 2022-09-20 Walmart Apollo, Llc System and method for the determination of produce shelf life
US11658865B2 (en) * 2018-03-20 2023-05-23 Delphian Systems, LLC Updating devices in a local network of interconnected devices
US10869227B2 (en) * 2018-03-23 2020-12-15 Telefonaktiebolaget Lm Ericsson (Publ) Message cache management in a mesh network
US10613505B2 (en) 2018-03-29 2020-04-07 Saudi Arabian Oil Company Intelligent distributed industrial facility safety system
US10303147B1 (en) 2018-03-29 2019-05-28 Saudi Arabian Oil Company Distributed industrial facility safety system modular remote sensing devices
US10311705B1 (en) * 2018-03-29 2019-06-04 Saudi Arabian Oil Company Distributed industrial facility safety system
KR102114992B1 (en) * 2018-04-25 2020-05-25 (주)휴맥스 Wireless communication equipment and method for configuring mesh network thereof
US11146540B2 (en) * 2018-05-09 2021-10-12 Datalogic Ip Tech S.R.L. Systems and methods for public key exchange employing a peer-to-peer protocol
US11308950B2 (en) 2018-05-09 2022-04-19 4PLAN Corporation Personal location system for virtual assistant
CN110493758B (en) 2018-05-14 2023-01-13 阿里巴巴集团控股有限公司 Bluetooth Mesh network and network distribution method, equipment and storage medium thereof
CN110505606B (en) * 2018-05-18 2022-12-02 阿里巴巴集团控股有限公司 Bluetooth Mesh network and distribution network authentication method, equipment and storage medium thereof
US10574475B2 (en) * 2018-05-24 2020-02-25 Haier Us Appliance Solutions, Inc. Household appliance with bluetooth connection and authentication
WO2019237263A1 (en) * 2018-06-13 2019-12-19 卧槽科技(深圳)有限公司 Low-energy bluetooth network maintenance method, electronic device, bluetooth network, and medium
CN110636478B (en) 2018-06-22 2023-04-14 阿里巴巴集团控股有限公司 Bluetooth Mesh network system, communication method, device and storage medium thereof
US10650023B2 (en) * 2018-07-24 2020-05-12 Booz Allen Hamilton, Inc. Process for establishing trust between multiple autonomous systems for the purposes of command and control
WO2020023762A1 (en) 2018-07-26 2020-01-30 Walmart Apollo, Llc System and method for produce detection and classification
WO2020023909A1 (en) 2018-07-27 2020-01-30 GoTenna, Inc. Vine™: zero-control routing using data packet inspection for wireless mesh networks
US11140659B2 (en) * 2018-08-21 2021-10-05 Signify Holding B.V. Wireless organization of electrical devices by sensor manipulation
US11368436B2 (en) * 2018-08-28 2022-06-21 Bae Systems Information And Electronic Systems Integration Inc. Communication protocol
US11715059B2 (en) * 2018-10-12 2023-08-01 Walmart Apollo, Llc Systems and methods for condition compliance
FI128520B (en) * 2018-11-14 2020-07-15 Xiphera Oy Method for providing a secret unique key for a volatile FPGA
WO2020106332A1 (en) 2018-11-20 2020-05-28 Walmart Apollo, Llc Systems and methods for assessing products
WO2020123958A1 (en) * 2018-12-14 2020-06-18 Denso International America, Inc. System and method of determining real-time location
CN109673014B (en) * 2019-01-25 2022-07-15 欧普照明股份有限公司 Network combination method
CN111669732B (en) * 2019-03-06 2021-09-07 乐鑫信息科技(上海)股份有限公司 Method for filtering redundant data packets at nodes in bluetooth Mesh network
CN109862548B (en) 2019-03-06 2021-01-26 乐鑫信息科技(上海)股份有限公司 Method for processing data packets at a node in a bluetooth Mesh network
US11777715B2 (en) 2019-05-15 2023-10-03 Amir Keyvan Khandani Method and apparatus for generating shared secrets
CN111988268A (en) * 2019-05-24 2020-11-24 魏文科 Method for establishing and verifying input value by using asymmetric encryption algorithm and application thereof
US11265410B2 (en) * 2020-01-06 2022-03-01 Vorbeck Materials Corp. Self-organizing communications network nodes and systems
US11166339B2 (en) * 2019-07-05 2021-11-02 Samsung Electronics Co., Ltd. System and method for dynamic group data protection
CN110779500B (en) * 2019-11-14 2021-11-30 中国人民解放军国防科技大学 Mesoscale vortex detection method for incremental deployment sensor
KR102324374B1 (en) 2019-11-18 2021-11-11 한국전자통신연구원 Method and apparatus for configuring cluster in wireless communication system
US11432167B2 (en) 2020-01-22 2022-08-30 Abl Ip Holding Llc Selective updating of nodes of a nodal wireless network
US11166253B2 (en) * 2020-03-27 2021-11-02 Dell Products L.P. Data center automatic inventory and location data population and recovery using mesh network
EP3968600A1 (en) * 2020-09-11 2022-03-16 Volkswagen Ag Controlling a communication between a vehicle and a backend device
WO2022148695A1 (en) * 2021-01-06 2022-07-14 Signify Holding B.V. A method of, a node device and a system for relaying a message in a network comprising at least two mesh networks
US20230266960A1 (en) * 2022-02-24 2023-08-24 Whirlpool Corporation Systems and methods of offline over the air (ota) programming of appliances
CN115051921B (en) * 2022-05-27 2023-11-07 北京交通大学 Self-adaptive heterogeneous network attribute information collection method
US11870879B1 (en) * 2023-01-04 2024-01-09 Getac Technology Corporation Device communication during emergent conditions

Citations (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050246533A1 (en) * 2002-08-28 2005-11-03 Docomo Communications Laboratories Usa, Inc. Certificate-based encryption and public key infrastructure
US20060156390A1 (en) * 2005-01-07 2006-07-13 Baugher Mark J Using a network-service credential for access control
US20060209584A1 (en) * 2004-11-12 2006-09-21 Srinivas Devadas Securely field configurable device
US20090222659A1 (en) * 2008-03-03 2009-09-03 Sony Corporation Communication device and communication method
US20110099368A1 (en) * 2009-10-26 2011-04-28 Hon Hai Precision Industry Co., Ltd. Cable modem and certificate testing method thereof
US20130051552A1 (en) * 2010-01-20 2013-02-28 Héléna Handschuh Device and method for obtaining a cryptographic key
US20130129087A1 (en) * 2011-11-21 2013-05-23 Zheng Qi Secure Key Generation
US8516269B1 (en) * 2010-07-28 2013-08-20 Sandia Corporation Hardware device to physical structure binding and authentication
US20140108786A1 (en) * 2011-03-11 2014-04-17 Emsycon Gmbh Tamper-protected hardware and method for using same
US20140111234A1 (en) * 2012-10-22 2014-04-24 Infineon Technologies Ag Die, Chip, Method for Driving a Die or a Chip and Method for Manufacturing a Die or a Chip
US8938792B2 (en) * 2012-12-28 2015-01-20 Intel Corporation Device authentication using a physically unclonable functions based key generation system
US20150052351A1 (en) * 2013-08-19 2015-02-19 Smartguard, Llc Secure installation of encryption enabling software onto electronic devices
US20150143130A1 (en) * 2013-11-18 2015-05-21 Vixs Systems Inc. Integrated circuit provisioning using physical unclonable function

Family Cites Families (175)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6079034A (en) * 1997-12-05 2000-06-20 Hewlett-Packard Company Hub-embedded system for automated network fault detection and isolation
US7010604B1 (en) * 1998-10-30 2006-03-07 Science Applications International Corporation Agile network protocol for secure communications with assured system availability
US6986046B1 (en) 2000-05-12 2006-01-10 Groove Networks, Incorporated Method and apparatus for managing secure collaborative transactions
US6836466B1 (en) * 2000-05-26 2004-12-28 Telcordia Technologies, Inc. Method and system for measuring IP performance metrics
US6745027B2 (en) 2000-12-22 2004-06-01 Seekernet Incorporated Class switched networks for tracking articles
US20030014507A1 (en) 2001-03-13 2003-01-16 International Business Machines Corporation Method and system for providing performance analysis for clusters
WO2002078272A1 (en) * 2001-03-23 2002-10-03 Kent Ridge Digital Labs A method and system for providing bridged mobile ad-hoc networks
US20030037237A1 (en) 2001-04-09 2003-02-20 Jean-Paul Abgrall Systems and methods for computer device authentication
DE10145596A1 (en) * 2001-09-15 2003-04-03 Philips Corp Intellectual Pty Network with several sub-networks
WO2003034669A1 (en) 2001-10-17 2003-04-24 British Telecommunications Public Limited Company Network location management system
KR100408525B1 (en) * 2001-10-31 2003-12-06 삼성전자주식회사 System and method of network adaptive real- time multimedia streaming
US7391731B1 (en) 2002-03-07 2008-06-24 Ibasis, Inc. Method for determining best path
US6917974B1 (en) * 2002-01-03 2005-07-12 The United States Of America As Represented By The Secretary Of The Air Force Method and apparatus for preventing network traffic analysis
US7760645B2 (en) 2002-02-25 2010-07-20 Olsonet Communications Method for routing ad-hoc signals
US7532862B2 (en) 2002-03-19 2009-05-12 Apple Inc. Method and apparatus for configuring a wireless device through reverse advertising
US20030212821A1 (en) 2002-05-13 2003-11-13 Kiyon, Inc. System and method for routing packets in a wired or wireless network
US7251235B2 (en) 2002-06-12 2007-07-31 Conexant, Inc. Event-based multichannel direct link
US20040001483A1 (en) 2002-06-27 2004-01-01 Schmidt Kurt E. Distribution and reconstruction of AD-HOC timing signals
US7474874B2 (en) 2002-06-28 2009-01-06 Nokia Corporation Local browsing
US6898751B2 (en) * 2002-07-31 2005-05-24 Transdimension, Inc. Method and system for optimizing polling in systems using negative acknowledgement protocols
GB0313473D0 (en) 2003-06-11 2003-07-16 Koninkl Philips Electronics Nv Configuring a radio network for selective broadcast
KR100547133B1 (en) 2003-07-11 2006-01-26 삼성전자주식회사 Apparatus and method for constructing ad-hoc network of heterogeneous terminals
KR100640327B1 (en) * 2003-11-24 2006-10-30 삼성전자주식회사 The Frame Structure and Data Transmission Method for Bridge Operation of WPAN
US20050175184A1 (en) * 2004-02-11 2005-08-11 Phonex Broadband Corporation Method and apparatus for a per-packet encryption system
US7436790B2 (en) 2004-03-25 2008-10-14 Research In Motion Limited Wireless access point methods and apparatus for reduced power consumption and cost
US20080069030A1 (en) 2004-05-31 2008-03-20 Matsushita Electric Industrial Co., Ltd. Mobile Terminal Managing Device, Mobile Terminal, and Communication System
US20060025180A1 (en) 2004-07-30 2006-02-02 Qualcomm Incorporated Method for waking a wireless device
KR20090016007A (en) 2004-08-10 2009-02-12 메시네트웍스, 인코포레이티드 Software architecture and hardware abstraction layer for multi-radio routing and method for providing the same
DE102004040069B3 (en) 2004-08-18 2006-03-23 Siemens Ag Establishment of a wireless communication network with determination of local topology information from the identifiers of the communication devices
US7747774B2 (en) * 2004-08-23 2010-06-29 At&T Intellectual Property I, L.P. Methods, systems and computer program products for obscuring traffic in a distributed system
KR100594127B1 (en) * 2004-11-16 2006-06-28 삼성전자주식회사 Bonding process method and device in a Bluetooth device
US7496059B2 (en) * 2004-12-09 2009-02-24 Itt Manufacturing Enterprises, Inc. Energy-efficient medium access control protocol and system for sensor networks
JP4550636B2 (en) * 2005-03-18 2010-09-22 富士通株式会社 Electronic device, its registration method and registration program
US7522540B1 (en) 2005-04-15 2009-04-21 Nvidia Corporation Extended service set mesh topology discovery
US8027289B2 (en) * 2005-04-27 2011-09-27 Raytheon Bbn Technologies Corp. Ultra-low latency packet transport in ad hoc networks
US7894372B2 (en) 2005-05-31 2011-02-22 Iac Search & Media, Inc. Topology-centric resource management for large scale service clusters
US7606178B2 (en) 2005-05-31 2009-10-20 Cisco Technology, Inc. Multiple wireless spanning tree protocol for use in a wireless mesh network
US7653011B2 (en) 2005-05-31 2010-01-26 Cisco Technology, Inc. Spanning tree protocol for wireless networks
KR20080025095A (en) 2005-06-01 2008-03-19 밀레니얼 넷, 인크. Communicating over a wireless network
US9654200B2 (en) 2005-07-18 2017-05-16 Mutualink, Inc. System and method for dynamic wireless aerial mesh network
GB2467656B (en) * 2005-07-21 2010-09-15 Firetide Inc Method for enabling the efficient operation of arbitrarily in erconnected mesh networks
US7787361B2 (en) 2005-07-29 2010-08-31 Cisco Technology, Inc. Hybrid distance vector protocol for wireless mesh networks
US8948805B2 (en) * 2005-08-26 2015-02-03 Qualcomm Incorporated Method and apparatus for reliable transmit power and timing control in wireless communication
US7778270B1 (en) 2005-08-31 2010-08-17 Hrl Laboratories, Llc Code-switching in wireless multi-hop networks
US7546139B2 (en) 2005-12-27 2009-06-09 F4W, Inc. System and method for establishing and maintaining communications across disparate networks
US20100005294A1 (en) * 2005-10-18 2010-01-07 Kari Kostiainen Security in Wireless Environments Using Out-Of-Band Channel Communication
JP4641245B2 (en) 2005-10-26 2011-03-02 三菱電機株式会社 Ad hoc network system, wireless ad hoc terminal and failure detection method thereof
US7978666B2 (en) 2005-10-31 2011-07-12 Robert Bosch Gmbh Node control in wireless sensor networks
US7539488B2 (en) 2005-11-09 2009-05-26 Texas Instruments Norway As Over-the-air download (OAD) methods and apparatus for use in facilitating application programming in wireless network devices of ad hoc wireless communication networks
US20070110024A1 (en) 2005-11-14 2007-05-17 Cisco Technology, Inc. System and method for spanning tree cross routes
US7593376B2 (en) 2005-12-07 2009-09-22 Motorola, Inc. Method and apparatus for broadcast in an ad hoc network using elected broadcast relay nodes
US20130219482A1 (en) 2006-01-31 2013-08-22 Sigma Designs, Inc. Method for uniquely addressing a group of network units in a sub-network
US7848261B2 (en) * 2006-02-17 2010-12-07 Isilon Systems, Inc. Systems and methods for providing a quiescing protocol
US8023478B2 (en) 2006-03-06 2011-09-20 Cisco Technology, Inc. System and method for securing mesh access points in a wireless mesh network, including rapid roaming
US7647078B2 (en) * 2006-03-07 2010-01-12 Samsung Electronics Co., Ltd. Power-saving method for wireless sensor network
US8340106B2 (en) * 2006-03-13 2012-12-25 Microsoft Corporation Connecting multi-hop mesh networks using MAC bridge
US8519566B2 (en) 2006-03-28 2013-08-27 Wireless Environment, Llc Remote switch sensing in lighting devices
US7786885B2 (en) 2006-04-25 2010-08-31 Hrl Laboratories, Llc Event localization within a distributed sensor array
US8681671B1 (en) * 2006-04-25 2014-03-25 Cisco Technology, Inc. System and method for reducing power used for radio transmission and reception
US8406794B2 (en) 2006-04-26 2013-03-26 Qualcomm Incorporated Methods and apparatuses of initiating communication in wireless networks
CN101083597A (en) 2006-05-31 2007-12-05 朗迅科技公司 SIP based instant message of mobile self-organizing network
DE102006036109B4 (en) 2006-06-01 2008-06-19 Nokia Siemens Networks Gmbh & Co.Kg Method and system for providing a mesh key
WO2008004102A2 (en) * 2006-07-06 2008-01-10 Nortel Networks Limited Wireless access point security for multi-hop networks
FR2903830B1 (en) 2006-07-11 2008-08-22 Alcatel Sa METHOD AND DEVICE FOR MONITORING OPTICAL CONNECTION PATHS FOR A TRANSPARENT OPTICAL NETWORK
US8411651B2 (en) 2006-07-27 2013-04-02 Interdigital Technology Corporation Media independent multi-rat function in a converged device
EP1892913A1 (en) 2006-08-24 2008-02-27 Siemens Aktiengesellschaft Method and arrangement for providing a wireless mesh network
US8634342B2 (en) 2006-10-05 2014-01-21 Cisco Technology, Inc. Upgrading mesh access points in a wireless mesh network
US8270302B2 (en) 2006-10-20 2012-09-18 Stmicroelectronics, Inc. System and method for providing an adaptive value of TTL (time to live) for broadcast/multicast messages in a mesh network using a hybrid wireless mesh protocol
US8149748B2 (en) 2006-11-14 2012-04-03 Raytheon Company Wireless data networking
KR100879026B1 (en) 2006-12-05 2009-01-15 한국전자통신연구원 Method for grouping among sensor nodes in heterogeneous wireless sensor networks
US8838481B2 (en) * 2011-07-26 2014-09-16 Golba Llc Method and system for location based hands-free payment
US8270340B2 (en) 2006-12-19 2012-09-18 Telefonaktiebolaget Lm Ericsson (Publ) Handling of idle gap commands in a telecommunication system
US9760146B2 (en) 2007-01-08 2017-09-12 Imagination Technologies Limited Conditional activation and deactivation of a microprocessor
US7787427B1 (en) 2007-01-09 2010-08-31 Dust Networks, Inc. Providing low average latency communication in wireless mesh networks
US20080205385A1 (en) 2007-02-26 2008-08-28 Motorola, Inc. Data frame formats to improve groupcast efficiency in multi-hop wireless networks
US8325627B2 (en) 2007-04-13 2012-12-04 Hart Communication Foundation Adaptive scheduling in a wireless network
US8406248B2 (en) 2007-04-13 2013-03-26 Hart Communication Foundation Priority-based scheduling and routing in a wireless network
US8451752B2 (en) 2007-05-21 2013-05-28 Arrowspan, Inc. Seamless handoff scheme for multi-radio wireless mesh network
US20080292105A1 (en) 2007-05-22 2008-11-27 Chieh-Yih Wan Lightweight key distribution and management method for sensor networks
EA201070199A1 (en) * 2007-08-01 2010-06-30 Филип Моррис Продактс С.А. BIODRAINED CIGARETT FILTER
US8189506B2 (en) * 2007-09-12 2012-05-29 Nokia Corporation Deep sleep mode for mesh points
KR101405688B1 (en) 2007-09-14 2014-06-12 엘지이노텍 주식회사 Zigbee system
US20090089408A1 (en) 2007-09-28 2009-04-02 Alcatel Lucent XML Router and method of XML Router Network Overlay Topology Creation
US7941663B2 (en) 2007-10-23 2011-05-10 Futurewei Technologies, Inc. Authentication of 6LoWPAN nodes using EAP-GPSK
WO2009063947A1 (en) 2007-11-16 2009-05-22 Fujitsu Ten Limited Authentication method, authentication system, on-vehicle device, and authentication device
US9166934B2 (en) 2007-11-25 2015-10-20 Trilliant Networks, Inc. System and method for operating mesh devices in multi-tree overlapping mesh networks
US8289883B2 (en) 2007-12-21 2012-10-16 Samsung Electronics Co., Ltd. Hybrid multicast routing protocol for wireless mesh networks
US7929446B2 (en) 2008-01-04 2011-04-19 Radiient Technologies, Inc. Mesh networking for wireless communications
KR20090090461A (en) * 2008-02-21 2009-08-26 삼성전자주식회사 Method for prolonging lifetime of sensor nodes in a wireless sensor network and system therefor
US8116247B2 (en) * 2008-03-11 2012-02-14 Nokia Siemens Networks Oy Adaptive mechanism for dynamic reconfiguration of mesh networks
US8923285B2 (en) 2008-04-30 2014-12-30 Qualcomm Incorporated Apparatus and methods for transmitting data over a wireless mesh network
EP2308259B1 (en) 2008-07-29 2017-12-06 Orange Routing adaptable to electromagnetic conditions in a multihop network
US8179845B2 (en) 2008-08-21 2012-05-15 Motorola Solutions, Inc. Antenna-aware method for transmitting packets in a wireless communication network
WO2010027495A1 (en) 2008-09-04 2010-03-11 Trilliant Networks, Inc. A system and method for implementing mesh network communications using a mesh network protocol
CA2733268A1 (en) 2008-09-25 2010-04-01 Fisher-Rosemount Systems, Inc. Wireless mesh network with pinch point and low battery alerts
GB2464125A (en) 2008-10-04 2010-04-07 Ibm Topology discovery comprising partitioning network nodes into groups and using multiple discovery agents operating concurrently in each group.
US8782746B2 (en) 2008-10-17 2014-07-15 Comcast Cable Communications, Llc System and method for supporting multiple identities for a secure identity device
WO2010057312A1 (en) * 2008-11-24 2010-05-27 Certicom Corp. System and method for hardware based security
US8294573B2 (en) 2008-12-11 2012-10-23 International Business Machines Corporation System and method for optimizing power consumption of container tracking devices through mesh networks
US8498229B2 (en) 2008-12-30 2013-07-30 Intel Corporation Reduced power state network processing
US8904177B2 (en) * 2009-01-27 2014-12-02 Sony Corporation Authentication for a multi-tier wireless home mesh network
US8254251B2 (en) 2009-02-03 2012-08-28 Mobix Wireless Solutions Ltd. Mesh hybrid communication network
US8964634B2 (en) 2009-02-06 2015-02-24 Sony Corporation Wireless home mesh network bridging adaptor
US9172612B2 (en) 2009-02-12 2015-10-27 Hewlett-Packard Development Company, L.P. Network device configuration management by physical location
EP2528279A3 (en) 2009-02-13 2013-03-27 Nokia Siemens Networks Oy Method, system and nodes for network topology detection in communication networks
US8194576B2 (en) 2009-03-27 2012-06-05 Research In Motion Limited Wireless access point methods and apparatus using dynamically-activated service intervals
US8171292B2 (en) 2009-04-08 2012-05-01 Research In Motion Limited Systems, devices, and methods for securely transmitting a security parameter to a computing device
US9069727B2 (en) * 2011-08-12 2015-06-30 Talari Networks Incorporated Adaptive private network with geographically redundant network control nodes
WO2011010181A1 (en) * 2009-07-23 2011-01-27 Nokia Corporation Method and apparatus for reduced power consumption when operating as a bluetooth low energy device
KR20110020005A (en) * 2009-08-21 2011-03-02 주식회사 팬택 Method for tranmitting and receiving data in wireless communication system
JP5338567B2 (en) * 2009-08-25 2013-11-13 沖電気工業株式会社 Wireless terminal and wireless system
EP2306692B1 (en) * 2009-10-02 2014-05-21 BlackBerry Limited Methods and devices for facilitating bluetooth pairing using a camera as a barcode scanner
US8879994B2 (en) 2009-10-02 2014-11-04 Blackberry Limited Methods and devices for facilitating Bluetooth pairing using a camera as a barcode scanner
US20150058409A1 (en) 2013-03-22 2015-02-26 Frank C. Wang Enhanced content delivery system and method spanning multiple data processing systems
EP2486697B1 (en) 2009-10-06 2013-12-11 Thomson Licensing A method and apparatus for hop-by hop reliable multicast in wireless networks
JP5544863B2 (en) 2009-12-17 2014-07-09 富士通株式会社 Reception device, reception method, and reception program
CN101729296B (en) 2009-12-29 2012-12-19 中兴通讯股份有限公司 Method and system for statistical analysis of ethernet traffic
US10645628B2 (en) 2010-03-04 2020-05-05 Rosemount Inc. Apparatus for interconnecting wireless networks separated by a barrier
US8495618B1 (en) 2010-03-31 2013-07-23 American Megatrends, Inc. Updating firmware in a high availability enabled computer system
US9173196B2 (en) 2010-10-07 2015-10-27 GM Global Technology Operations LLC Adaptive multi-channel access for vehicular networks
WO2012064178A1 (en) * 2010-11-11 2012-05-18 Mimos Berhad Method for use in providing an adaptable sensor nodes schedule in a wireless sensor network
EP2643951B1 (en) 2010-11-25 2014-04-23 Koninklijke Philips N.V. System and method for optimizing data transmission to nodes of a wireless mesh network
US8873526B2 (en) 2010-12-17 2014-10-28 Cisco Technology, Inc. Collision avoidance for wireless networks
US20120163292A1 (en) 2010-12-23 2012-06-28 Nokia Corporation Frame Header in Wireless Communication System
US9094316B2 (en) 2011-01-28 2015-07-28 Hewlett-Packard Development Company, L.P. Dynamic name generation
US20120198434A1 (en) 2011-01-31 2012-08-02 Digi International Inc. Virtual bundling of remote device firmware upgrade
US8769525B2 (en) 2011-01-31 2014-07-01 Digi International Inc. Remote firmware upgrade device mapping
US20120196534A1 (en) 2011-02-01 2012-08-02 Nokia Corporation Method, apparatus, and computer program product for broadcasting in short-range communication
US9716659B2 (en) * 2011-03-23 2017-07-25 Hughes Network Systems, Llc System and method for providing improved quality of service over broadband networks
US9268545B2 (en) * 2011-03-31 2016-02-23 Intel Corporation Connecting mobile devices, internet-connected hosts, and cloud services
CN102761941B (en) 2011-04-28 2016-08-03 北京云天创科技有限公司 A kind of method utilizing ultra-low power consumption wireless smart sensor's network protocol transmission
US20130128809A1 (en) 2011-05-19 2013-05-23 Qualcomm Incorporated Apparatus and methods for media access control header compression
US8553536B2 (en) 2011-07-12 2013-10-08 General Electric Company Mesh network management system
CN102355351B (en) 2011-07-21 2014-11-05 华为技术有限公司 Key generation, backup and migration method and system based on trusted computing
US8849202B2 (en) 2011-08-19 2014-09-30 Apple Inc. Audio transfer using the Bluetooth Low Energy standard
US8982785B2 (en) 2011-09-08 2015-03-17 Cisco Technology, Inc. Access point assisted direct client discovery
US9445305B2 (en) 2011-09-12 2016-09-13 Microsoft Corporation Low energy beacon encoding
GB2577423B (en) 2011-09-15 2020-09-02 Fisher Rosemount Systems Inc Communicating data frames across communication networks that use incompatible network routing protocols
US8892866B2 (en) 2011-09-26 2014-11-18 Tor Anumana, Inc. Secure cloud storage and synchronization systems and methods
US8649883B2 (en) 2011-10-04 2014-02-11 Advanergy, Inc. Power distribution system and method
WO2013057666A1 (en) 2011-10-17 2013-04-25 Koninklijke Philips Electronics N.V. Automatic recommissioning of electronic devices in a networked system
US8654869B2 (en) 2011-10-27 2014-02-18 Cooper Technologies Company Multi-path radio transmission input/output devices, network, systems and methods with link suitability determination
US9936382B2 (en) * 2011-11-21 2018-04-03 Vital Connect, Inc. Method and system for pairing a sensor device to a user
US9191461B2 (en) 2012-02-21 2015-11-17 Entropic Communications, Inc. Software upgrade using layer-2 management entity messaging
US9270584B2 (en) * 2012-02-28 2016-02-23 Cisco Technology, Inc. Diverse paths using a single source route in computer networks
US9172636B2 (en) 2012-02-28 2015-10-27 Cisco Technology, Inc. Efficient link repair mechanism triggered by data traffic
US20130279409A1 (en) 2012-04-18 2013-10-24 Draker, Inc. Establishing a Mesh Network
US9629063B2 (en) 2012-05-09 2017-04-18 Trellisware Technologies, Inc. Method and system for global topology discovery in multi-hop ad hoc networks
US8844026B2 (en) 2012-06-01 2014-09-23 Blackberry Limited System and method for controlling access to secure resources
US20150195692A1 (en) 2012-06-26 2015-07-09 Nokia Corporation Method and apparatus for providing device ringtone coordination
US8751615B2 (en) 2012-07-18 2014-06-10 Accedian Networks Inc. Systems and methods of discovering and controlling devices without explicit addressing
JP5881047B2 (en) 2012-08-08 2016-03-09 株式会社日立製作所 Network management system, network management computer, and network management method
US10779212B2 (en) 2012-09-05 2020-09-15 Interdigital Patent Holdings, Inc. Methods for MAC frame extensibility and frame specific MAC header design for WLAN systems
US9208676B2 (en) 2013-03-14 2015-12-08 Google Inc. Devices, methods, and associated information processing for security in a smart-sensored home
US9081643B2 (en) 2012-09-21 2015-07-14 Silver Sring Networks, Inc. System and method for efficiently updating firmware for nodes in a mesh network
US9306660B2 (en) * 2012-10-22 2016-04-05 Qualcomm Technologies International, Ltd. Dynamic interactive zone driven proximity awareness system
CN102984798B (en) 2012-11-21 2016-02-03 越亮传奇科技股份有限公司 Position-based accurate positioning method
US20140167912A1 (en) 2012-12-17 2014-06-19 David M. Snyder System, method and apparatus for providing security systems integrated with solid state lighting systems
US20140171062A1 (en) 2012-12-19 2014-06-19 Telefonaktiebolaget L M Ericsson (Publ) Wireless Devices, Network Node and Methods for Handling Relay Assistance in a Wireless Communications Network
US9628373B2 (en) 2012-12-19 2017-04-18 Comcast Cable Communications, Llc Multipath communication in a network
WO2014098504A1 (en) 2012-12-19 2014-06-26 엘지전자 주식회사 Method for communicating in wireless communication system supporting multiple access network and apparatus supporting same
US20140181172A1 (en) 2012-12-20 2014-06-26 Brent J. Elliott Offloading tethering-related communication processing
EP2939495A4 (en) 2012-12-26 2016-08-17 Ict Res Llc Mobility extensions to industrial-strength wireless sensor networks
US9032480B2 (en) 2012-12-28 2015-05-12 Cellco Partnership Providing multiple APN connections support in a browser
US9239723B2 (en) 2013-05-13 2016-01-19 Lenovo (Singapore) Pte. Ltd. Configuring a device based on proximity to other devices
US9264892B2 (en) 2013-07-03 2016-02-16 Verizon Patent And Licensing Inc. Method and apparatus for attack resistant mesh networks
US9983651B2 (en) 2013-07-15 2018-05-29 Google Technology Holdings LLC Low-power near-field communication authentication
US20150071216A1 (en) 2013-09-09 2015-03-12 Qualcomm Connected Experiences, Inc. Allowing mass re-onboarding of headless devices
US9565576B2 (en) 2013-10-09 2017-02-07 At&T Intellectual Property I, L.P. Network operating system client architecture for mobile user equipment
US10591969B2 (en) 2013-10-25 2020-03-17 Google Technology Holdings LLC Sensor-based near-field communication authentication
GB2515853B (en) 2014-02-25 2015-08-19 Cambridge Silicon Radio Ltd Latency mitigation
GB2512749B (en) 2014-02-25 2015-04-01 Cambridge Silicon Radio Ltd Linking ad hoc networks
GB2512733B (en) 2014-02-25 2018-09-05 Qualcomm Technologies Int Ltd Broadcast retransmission
US9660836B2 (en) 2014-05-06 2017-05-23 Lattice Semiconductor Corporation Network topology discovery
US10142799B2 (en) * 2014-08-19 2018-11-27 Qualcomm Incorporated Multicasting traffic using multi-connectivity

Patent Citations (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050246533A1 (en) * 2002-08-28 2005-11-03 Docomo Communications Laboratories Usa, Inc. Certificate-based encryption and public key infrastructure
US20060209584A1 (en) * 2004-11-12 2006-09-21 Srinivas Devadas Securely field configurable device
US20060156390A1 (en) * 2005-01-07 2006-07-13 Baugher Mark J Using a network-service credential for access control
US20090222659A1 (en) * 2008-03-03 2009-09-03 Sony Corporation Communication device and communication method
US20110099368A1 (en) * 2009-10-26 2011-04-28 Hon Hai Precision Industry Co., Ltd. Cable modem and certificate testing method thereof
US20130051552A1 (en) * 2010-01-20 2013-02-28 Héléna Handschuh Device and method for obtaining a cryptographic key
US8516269B1 (en) * 2010-07-28 2013-08-20 Sandia Corporation Hardware device to physical structure binding and authentication
US20140108786A1 (en) * 2011-03-11 2014-04-17 Emsycon Gmbh Tamper-protected hardware and method for using same
US20130129087A1 (en) * 2011-11-21 2013-05-23 Zheng Qi Secure Key Generation
US8953790B2 (en) * 2011-11-21 2015-02-10 Broadcom Corporation Secure generation of a device root key in the field
US20140111234A1 (en) * 2012-10-22 2014-04-24 Infineon Technologies Ag Die, Chip, Method for Driving a Die or a Chip and Method for Manufacturing a Die or a Chip
US8938792B2 (en) * 2012-12-28 2015-01-20 Intel Corporation Device authentication using a physically unclonable functions based key generation system
US20150052351A1 (en) * 2013-08-19 2015-02-19 Smartguard, Llc Secure installation of encryption enabling software onto electronic devices
US20150143130A1 (en) * 2013-11-18 2015-05-21 Vixs Systems Inc. Integrated circuit provisioning using physical unclonable function

Cited By (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9672346B2 (en) 2014-02-25 2017-06-06 Qualcomm Technologies International, Ltd. Object tracking by establishing a mesh network and transmitting packets
US9692538B2 (en) 2014-02-25 2017-06-27 Qualcomm Technologies International, Ltd. Latency mitigation
US9754096B2 (en) 2014-02-25 2017-09-05 Qualcomm Technologies International, Ltd. Update management
US9842202B2 (en) 2014-02-25 2017-12-12 Qualcomm Technologies International, Ltd. Device proximity
US9910976B2 (en) 2014-02-25 2018-03-06 Qualcomm Technologies International, Ltd. Processing mesh communications
US10055570B2 (en) 2014-02-25 2018-08-21 QUALCOMM Technologies International, Ltd Mesh relay
US9489506B2 (en) 2014-02-25 2016-11-08 Qualcomm Technologies International, Ltd. Linking ad hoc networks
US11210678B2 (en) 2016-11-18 2021-12-28 Samsung Electronics Co., Ltd. Component for provisioning security data and product including the same
US10728026B2 (en) * 2016-11-24 2020-07-28 Samsung Electronics Co., Ltd. Data management method
US20180145829A1 (en) * 2016-11-24 2018-05-24 Samsung Electronics Co, Ltd Data management method
US10951653B2 (en) 2017-09-22 2021-03-16 Samsung Electronics Co., Ltd. Apparatus including secure component and method of provisioning security information into the apparatus
CN109756324A (en) * 2017-11-02 2019-05-14 大唐移动通信设备有限公司 Cryptographic key negotiation method, terminal and gateway in a kind of Mesh network
US10706179B2 (en) * 2018-01-10 2020-07-07 General Electric Company Secure provisioning of secrets into MPSoC devices using untrusted third-party systems
US20190213359A1 (en) * 2018-01-10 2019-07-11 General Electric Company Secure provisioning of secrets into mpsoc devices using untrusted third-party systems
US11018871B2 (en) * 2018-03-30 2021-05-25 Intel Corporation Key protection for computing platform
US20220021540A1 (en) * 2018-03-30 2022-01-20 Intel Corporation Key protection for computing platform
US11757647B2 (en) * 2018-03-30 2023-09-12 Intel Corporation Key protection for computing platform
US20210273920A1 (en) * 2020-02-28 2021-09-02 Vmware, Inc. Secure certificate or key distribution for synchronous mobile device management (mdm) clients

Also Published As

Publication number Publication date
GB2512545B (en) 2015-04-08
GB2512746B (en) 2015-03-11
GB2512544B (en) 2016-08-17
GB2512542B (en) 2015-02-25
US20150245203A1 (en) 2015-08-27
US20150245179A1 (en) 2015-08-27
US9489506B2 (en) 2016-11-08
US9910976B2 (en) 2018-03-06
US20150245231A1 (en) 2015-08-27
DE102015101604A1 (en) 2015-08-27
GB201421698D0 (en) 2015-01-21
DE102014019749B3 (en) 2017-08-31
DE102014012517B4 (en) 2017-03-02
GB201412715D0 (en) 2014-09-03
GB2512747B (en) 2015-04-01
GB201412720D0 (en) 2014-09-03
GB2512542A (en) 2014-10-01
GB2512746A (en) 2014-10-08
GB2515923B8 (en) 2015-06-17
GB2512544A (en) 2014-10-01
DE102015101699A1 (en) 2015-08-27
GB2512781A (en) 2014-10-08
GB2512545A (en) 2014-10-01
GB2512543A (en) 2014-10-01
US9754096B2 (en) 2017-09-05
DE102014012517A1 (en) 2015-08-27
GB2523444A (en) 2015-08-26
GB201405789D0 (en) 2014-05-14
GB201412716D0 (en) 2014-09-03
GB2513265A (en) 2014-10-22
GB2512256A (en) 2014-09-24
GB2515923A (en) 2015-01-07
GB2512749A (en) 2014-10-08
GB2512781B (en) 2015-08-05
GB201415178D0 (en) 2014-10-08
US20150245204A1 (en) 2015-08-27
GB2513048A (en) 2014-10-15
US20150245296A1 (en) 2015-08-27
GB201405791D0 (en) 2014-05-14
US9842202B2 (en) 2017-12-12
GB2512502B (en) 2015-03-11
DE102014012379B4 (en) 2016-05-12
US20150244828A1 (en) 2015-08-27
GB2515923A8 (en) 2015-06-17
GB2513048B (en) 2015-08-26
US20150245412A1 (en) 2015-08-27
US20150245369A1 (en) 2015-08-27
GB2518120B (en) 2015-09-30
DE102014012518A1 (en) 2015-08-27
US20150244623A1 (en) 2015-08-27
DE102015101697A1 (en) 2015-08-27
GB201412714D0 (en) 2014-09-03
GB201412722D0 (en) 2014-09-03
GB2517844A (en) 2015-03-04
GB2512256B8 (en) 2015-07-01
US9672346B2 (en) 2017-06-06
GB201405790D0 (en) 2014-05-14
GB201412719D0 (en) 2014-09-03
GB2523444B (en) 2016-05-18
GB201412718D0 (en) 2014-09-03
GB2512256A8 (en) 2015-07-01
US20150245182A1 (en) 2015-08-27
DE102015101620A1 (en) 2015-08-27
GB2512256B (en) 2015-04-15
GB2512501A (en) 2014-10-01
US10055570B2 (en) 2018-08-21
GB2512543B (en) 2015-02-11
DE102014012258A1 (en) 2015-08-27
DE102015101699B4 (en) 2019-12-24
GB2512749B (en) 2015-04-01
GB201415177D0 (en) 2014-10-08
GB201412717D0 (en) 2014-09-03
GB2515923B (en) 2015-06-03
DE102014012257B4 (en) 2015-12-03
GB2512747A (en) 2014-10-08
DE102015101698A1 (en) 2015-08-27
GB2513265B (en) 2016-10-26
DE102014012252A1 (en) 2015-08-27
GB2517844B (en) 2015-09-09
GB2512748A (en) 2014-10-08
GB2518120A (en) 2015-03-11
GB2512502A (en) 2014-10-01
US20150244648A1 (en) 2015-08-27
DE102014013471A1 (en) 2015-08-27
GB201501075D0 (en) 2015-03-11
US20150244565A1 (en) 2015-08-27
GB201405785D0 (en) 2014-05-14
DE102014012379A1 (en) 2015-08-27
US20150245220A1 (en) 2015-08-27
GB201405797D0 (en) 2014-05-14
DE102014012257A1 (en) 2015-08-27
GB2512748B (en) 2015-02-18
GB201405786D0 (en) 2014-05-14

Similar Documents

Publication Publication Date Title
US20150242614A1 (en) Provisioning of security credentials
US11921911B2 (en) Peripheral device
US9602282B2 (en) Secure software and hardware association technique
TWI487359B (en) Secure key generation
US10187373B1 (en) Hierarchical, deterministic, one-time login tokens
US9225530B2 (en) Secure crypto-processor certification
US10397216B2 (en) Systems and methods for performing secure backup operations
KR20150107796A (en) Trusted data processing in the public cloud
BR112019013584A2 (en) ADDRESSING A RELIABLE PERFORMANCE ENVIRONMENT USING THE SIGNATURE KEY
CN110690963B (en) Key agreement method and device based on FPGA
JP2017504267A (en) Key extraction during secure boot
US20230342501A1 (en) Secure Provisioning with Hardware Verification
US11176058B2 (en) Address decryption for memory storage
JP7054796B2 (en) Certificate generation method, certificate generator and computer program
KR102199464B1 (en) Method of authentication among nodes participating in consortium blockchain
US11057207B2 (en) Systems and methods of trusted ownership re-key with attestation
US11509468B2 (en) Method and system for verifying secret decryption capability of escrow agents
US20230308424A1 (en) Secure Session Resumption using Post-Quantum Cryptography
Román et al. Post-quantum Secure Communication with IoT Devices Using Kyber and SRAM Behavioral and Physical Unclonable Functions
Pujol et al. A Secure and User Friendly Multi-Purpose Asymmetric Key Derivation System (MPKDS)
CN117501271A (en) Authenticating a storage device to a host by encrypting/decrypting data using a physical unclonable function PUF

Legal Events

Date Code Title Description
AS Assignment

Owner name: CAMBRIDGE SILICON RADIO LIMITED, UNITED KINGDOM

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:SCAGNOL, MAURO;GRAUBE, NICOLAS GUY ALBERT;BOSCOVIC, DRAGAN;REEL/FRAME:033892/0819

Effective date: 20140804

AS Assignment

Owner name: QUALCOMM TECHNOLOGIES INTERNATIONAL, LTD., UNITED

Free format text: CHANGE OF NAME;ASSIGNOR:CAMBRIDGE SILICON RADIO LIMITED;REEL/FRAME:036663/0211

Effective date: 20150813

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO PAY ISSUE FEE