Short message service security for zero touch deployments

US 10,108,435 B2
Filed: 07/12/2016
Issued: 10/23/2018
Est. Priority Date: 07/12/2016
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

initializing a device with an integrated wireless wide area network (WWAN) interface such that the device attaches to a WWAN;

receiving, via the WWAN interface of the device, a data message that includes encrypted bootstrap configuration information;

obtaining a key stored in a phone book portion of a subscriber identification module (SIM) card of the WWAN interface;

decrypting the encrypted bootstrap configuration information using the key;

establishing communication with a remote server using the bootstrap configuration information and obtaining configuration data from the remote server; and

performing self-configuration of the device using the configuration data.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Presented herein are techniques for enabling the zero touch deployment of devices having an integrated wireless wide area network (WWAN) interface. In one example, a method includes initializing a device with a WWAN interface such that the device attaches to a WWAN, receiving, via the WWAN interface of the device, a data message that includes encrypted bootstrap configuration information, obtaining a key stored in a subscriber identification module (SIM) card of the WWAN interface, decrypting the encrypted bootstrap configuration information using the key, establishing communication with a remote server using the bootstrap configuration information and obtaining configuration data from the remote server, and performing self-configuration of the device using the configuration data.

Citations

20 Claims

1. A method comprising:
- initializing a device with an integrated wireless wide area network (WWAN) interface such that the device attaches to a WWAN;
  
  receiving, via the WWAN interface of the device, a data message that includes encrypted bootstrap configuration information;
  
  obtaining a key stored in a phone book portion of a subscriber identification module (SIM) card of the WWAN interface;
  
  decrypting the encrypted bootstrap configuration information using the key;
  
  establishing communication with a remote server using the bootstrap configuration information and obtaining configuration data from the remote server; and
  
  performing self-configuration of the device using the configuration data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein initializing the device comprising powering on the device.
  - 3. The method of claim 1, wherein receiving a data message comprises receiving a short message service (SMS) message that includes the encrypted bootstrap configuration information.
  - 4. The method of claim 1, wherein establishing communication with the remote server comprises contacting the remote server at an internet protocol (IP) address provided in the bootstrap configuration information.
  - 5. The method of claim 4, further comprising transmitting, to the remote server, a one time password provided in the bootstrap configuration information to authenticate the device.
  - 6. The method of claim 1, further comprising decrypting, with the key, a card holder verification 1 (CHV1) code received in the data message to enable access to the remote server.
  - 7. The method of claim 1, further comprising unlocking a storage portion of the SIM card using a card holder verification 2 (CHV2) code to enable access to the key stored in the (SIM) card.
  - 8. The method of claim 1, further comprising obtaining the key from multiple entries in the phone book portion.

9. A device comprising:
- a wireless wide area network (WWAN) interface;
  
  a memory, anda processor coupled to the memory and configured to;
  
  initialize the device with the WWAN interface such that the device attaches to a WWAN;
  
  receive, via the WWAN interface, a data message that includes encrypted bootstrap configuration information;
  
  obtain a key stored in a phone book portion of a subscriber identification module (SIM) card of the WWAN interface;
  
  decrypt the encrypted bootstrap configuration information using the key;
  
  establish communication with a remote server using the bootstrap configuration information and obtain configuration data from the remote server; and
  
  perform self-configuration of the device using the configuration data.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. The device of claim 9, wherein the processor is configured to receive a short message service (SMS) message that includes the encrypted bootstrap configuration information.
  - 11. The device of claim 9, wherein the processor is further configured to establish communication with the remote server by contacting the remote server at an internet protocol (IP) address provided in the bootstrap configuration information.
  - 12. The device of claim 11, wherein the processor is further configured to transmit, to the remote server, a one time password provided in the bootstrap configuration information to authenticate the device.
  - 13. The device of claim 9, wherein the processor is further configured to decrypt, with the key, a card holder verification 1 (CHV1) code received in the data message to enable access to the remote server.
  - 14. The device of claim 9, wherein the processor is further configured to unlock a storage portion of the SIM card using a card holder verification 2 (CHV2) code to enable access to the key stored in the (SIM) card.
  - 15. The device of claim 9, wherein the processor is configured to obtain the key from multiple entries in the phone book portion.

16. One or more non-transitory computer readable storage media encoded with software comprising computer executable instructions and when the software is executed operable to:
- initialize a device with an integrated wireless wide area network (WWAN) interface such that the device attaches to a WWAN;
  
  receive, via the WWAN interface of the device, a data message that includes encrypted bootstrap configuration information;
  
  obtain a key stored in a phone book portion of a subscriber identification module (SIM) card of the WWAN interface;
  
  decrypt the encrypted bootstrap configuration information using the key;
  
  establish communication with a remote server using the bootstrap configuration information and obtain configuration data from the remote server; and
  
  perform self-configuration of the device using the configuration data.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The non-transitory computer readable storage media of claim 16, wherein the instructions operable to receive a data message comprise instructions to receive a short message service (SMS) message that includes the encrypted bootstrap configuration information.
  - 18. The non-transitory computer readable storage media of claim 16, wherein the instructions operable to establish communication with the remote server comprise instructions to contact the remote server at an internet protocol (IP) address provided in the bootstrap configuration information.
  - 19. The non-transitory computer readable storage media of claim 16, wherein the instructions are further operable to transmit, to the remote server, a one time password provided in the bootstrap configuration information to authenticate the device.
  - 20. The non-transitory computer readable storage media of claim 16, wherein the instructions are further operable to obtain the key from multiple entries in the phone book portion.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Dumov, Leo, Persaud, Andrew
Primary Examiner(s)
Chen, Xuxing

Application Number

US15/208,050
Publication Number

US 20180018184A1
Time in Patent Office

833 Days
Field of Search
US Class Current
CPC Class Codes

H04L 41/0806   for initial configuration o...

H04L 63/0428   wherein the data content is...

H04L 63/0492   by using a location-limited...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/083   using passwords cryptograph...

H04W 12/03   Protecting confidentiality,...

H04W 12/041   Key generation or derivation

H04W 12/068   using credential vaults, e....

H04W 12/069   using certificates or pre-s...

H04W 4/14   Short messaging services, e...

H04W 84/042   Public Land Mobile systems,...

Short message service security for zero touch deployments

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Short message service security for zero touch deployments

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links