Systems and methods for device authentication
First Claim
1. A system for authenticating an Internet of Things (IoT) device to a first computing device through interaction with a second computing device, comprising:
- the IoT device, comprising;
a first communication interface; and
a first processor coupled to the communication interface and configured with processor-executable instructions to perform operations comprising;
obtaining an ephemeral first transitory identity at the IoT device;
sending the first transitory identity to the first computing device and to the second computing device;
receiving an ephemeral second transitory identity from the first computing device;
sending a first authentication query including the second transitory identity to the second computing device; and
receiving from the second computing device an indication of whether the first computing device is authenticated;
the first computing device, comprising;
a second communication interface; and
a second processor coupled to the communication interface and configured with processor-executable instructions to perform operations comprising;
obtaining the second transitory identity at the first computing device;
sending the second transitory identity to the IoT device and to the second computing device;
receiving the first transitory identity from the IoT device;
sending a second authentication query including the first transitory identity to the second computing device; and
receiving from the second computing device an indication of whether the IoT device is authenticated; and
the second computing device, comprising;
a third communication interface; and
a third processor coupled to the communication interface and configured with processor-executable instructions to perform operations comprising;
receiving the first transitory identity from the IoT device;
receiving the second authentication query;
determining whether the first transitory identity from the IoT device matches the first transitory identity from the first computing device;
sending to the first computing device the indication of whether the IoT device is authenticated based on the determination of whether the first transitory identity from the IoT device matches the first transitory identity from the first computing device;
receiving the second transitory identity from the first computing device;
receiving the first authentication query;
determining whether the second transitory identity from the IoT device matches the second transitory identity from the firs computing device; and
sending to the IoT device an indication of whether the first computing device is authenticated based on the determination of whether the second transitory identity from the IoT device matches the second transitory identity from the first computing device.
3 Assignments
0 Petitions
Accused Products
Abstract
Embodiments include methods, and systems and computing devices configured to implement the methods of authenticating a computing device. A processor of a first computing device may obtain a transitory identity and may send the transitory identity to a second computing device and a third computing device. A processor of the second computing device may send the transitory identity to the third computing device with a request to authenticate the first computing device. The processor of the third computing device may authenticate the identity of the first computing device in response to determining that the transitory identity received from the first computing device matches the transitory identity received from the second computing device.
56 Citations
39 Claims
-
1. A system for authenticating an Internet of Things (IoT) device to a first computing device through interaction with a second computing device, comprising:
-
the IoT device, comprising; a first communication interface; and a first processor coupled to the communication interface and configured with processor-executable instructions to perform operations comprising; obtaining an ephemeral first transitory identity at the IoT device; sending the first transitory identity to the first computing device and to the second computing device; receiving an ephemeral second transitory identity from the first computing device; sending a first authentication query including the second transitory identity to the second computing device; and receiving from the second computing device an indication of whether the first computing device is authenticated; the first computing device, comprising; a second communication interface; and a second processor coupled to the communication interface and configured with processor-executable instructions to perform operations comprising; obtaining the second transitory identity at the first computing device; sending the second transitory identity to the IoT device and to the second computing device; receiving the first transitory identity from the IoT device; sending a second authentication query including the first transitory identity to the second computing device; and receiving from the second computing device an indication of whether the IoT device is authenticated; and the second computing device, comprising; a third communication interface; and a third processor coupled to the communication interface and configured with processor-executable instructions to perform operations comprising; receiving the first transitory identity from the IoT device; receiving the second authentication query; determining whether the first transitory identity from the IoT device matches the first transitory identity from the first computing device; sending to the first computing device the indication of whether the IoT device is authenticated based on the determination of whether the first transitory identity from the IoT device matches the first transitory identity from the first computing device; receiving the second transitory identity from the first computing device; receiving the first authentication query; determining whether the second transitory identity from the IoT device matches the second transitory identity from the firs computing device; and sending to the IoT device an indication of whether the first computing device is authenticated based on the determination of whether the second transitory identity from the IoT device matches the second transitory identity from the first computing device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. An Internet of Things (IoT) device, comprising:
-
a communication interface; and a processor coupled to the communication interface and configured with processor-executable instructions to perform operations comprising; obtaining an ephemeral first transitory identity; sending the first transitory identity to a first computing device and to a second computing device; receiving an ephemeral second transitory identity from the first computing device; sending an authentication query including the second transitory identity to the second computing device; determining whether an indication of authentication success or an indication of authentication failure is received from the second computing device; and performing an information transaction with the first computing device in response to determining that an indication of authentication success is received, wherein the processor is further configured with processor-executable instructions to repeat the operations at a frequency that is less than a determined time interval required for an attacker to obtain and use the first and second transitory identities. - View Dependent Claims (18, 19, 20, 21, 22, 23)
-
-
24. A computing device, comprising:
-
a communication interface; and a processor coupled to the communication interface and configured with processor-executable instructions to perform operations comprising; receiving from an Internet of Things (IoT) device a request to perform an information transaction; receiving from the IoT device an ephemeral transitory identity of the IoT device; sending a request comprising the transitory identity to a second computing device to confirm an identity of the IoT device; receiving from the second computing device an indication of whether the identity of the IoT device is confirmed; and sending an indication of whether performance of the information transaction is enabled based on the indication of whether the identity of the IoT device is confirmed, wherein the processor is further configured with processor-executable instructions to repeat the operations at a frequency that is less than a determined time interval required for an attacker to obtain and use the transitory identity. - View Dependent Claims (25, 26, 27, 28)
-
-
29. A computing device configured to communicate with an Internet of Things (IoT) device and a second computing device, comprising:
-
a communication interface; and a processor coupled to the communication interface and configured with processor-executable instructions to perform operations comprising; receiving an ephemeral first transitory identity from the IoT device; receiving an authentication query comprising the first transitory identity from the second computing device; determining whether the first transitory identity from the IoT device matches the first transitory identity from the second computing device; and sending to the second computing device an indication of whether the IoT device is authenticated based on the determination of whether the first transitory identity from the IoT device matches the first transitory identity from the second computing device, wherein the processor is further configured with processor-executable instructions to repeat the operations at a frequency that is less than a determined time interval required for an attacker to obtain and use the first transitory identity. - View Dependent Claims (30, 31, 32, 33, 34, 35, 36, 37, 38)
-
-
39. A method of authenticating interactions between an Internet of Things (IoT) device and a first computing device with support of a second computing device, the method comprising:
-
obtaining an ephemeral first transitory identity at the IoT device; sending the first transitory identity to the first computing device and to the second computing device; receiving in the first computing device the first transitory identity from the IoT device; obtaining an ephemeral second transitory identity at the first computing device; sending the second transitory identity from the first computing device to the IoT device and to the second computing device; receiving in the IoT device the second transitory identity from the first computing device; sending a first authentication query including the second transitory identity from the IoT device to the second computing device; sending a second authentication query including the first transitory identity from the first computing to the second computing device; receiving in the second computing device the first transitory identity from the IoT device; receiving in the second computing device the second authentication query; determining in the second computing device whether the first transitory identity from the IoT device matches the first transitory identity from the first computing device; sending by the second computing device to the first computing device an indication of whether the IoT device is authenticated based on the determination of whether the first transitory identity from the IoT device matches the first transitory identity from the first computing device; receiving in the second computing device the second transitory identity from the first computing device; receiving in the second computing device the first authentication query; determining by the second computing device whether the second transitory identity from the IoT device matches the second transitory identity from the first computing device; sending by the second computing device to the IoT device an indication of whether the first computing device is authenticated based on the determination of whether the second transitory identity from the IoT device matches the second transitory identity from the first computing device; receiving in the IoT device from the second computing device an indication of whether the first computing device is authenticated; and receiving in the first computing device from the second computing device an indication of whether the IoT device is authenticated.
-
Specification