Registry apparatus, agent device, application providing apparatus and corresponding methods

US 10,129,268 B2
Filed: 09/02/2015
Issued: 11/13/2018
Est. Priority Date: 09/08/2014
Status: Active Grant

First Claim

Patent Images

1. A method for a registry apparatus to enable trusted communication between at least one agent device and an application providing apparatus, the application providing apparatus comprising any device which executes an application program using data gathered from the at least one agent device and issues commands for controlling the at least one agent device, and wherein the registry apparatus maintains a device registry comprising agent device characteristics, a history of use of the at least one agent device, and authentication information for uniquely authenticating the at least one agent device, the method comprising:

(a) receiving at the registry apparatus an authentication request from the at least one agent device specifying a device identifier identifying the at least one agent device together with authentication information for authenticating the at least one agent device;

(b) obtaining from the device registry the authentication information for uniquely authenticating the at least one agent device identified by the device identifier;

(c) performing at the registry apparatus verification of the at least one agent device using the authentication information obtained from the device registry and the authentication information received together with the authentication request from the at least one agent device;

(d) responsive to determining that the verification is not successful, transmitting by the registry apparatus to at least one of the at least one agent device and the application providing apparatus revocation information for denying the trusted communication between the at least one agent device and the application providing apparatus; and

(e) responsive to determining that the verification is successful, transmitting by the registry apparatus to the at least one agent device and the application providing apparatus an application key to enable the trusted communication between the at least one agent device and the application providing apparatus using the application key to encrypt communications therebetween, wherein the enablement of the trusted communication by the registry apparatus based on the application key is accomplished without the registry apparatus storing any consumer information related to a consumer of the at least one agent device and without the at least one agent device contacting the application providing apparatus.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for verifying trusted communication between an agent device and an application providing apparatus using a registry apparatus. The registry apparatus maintains a device registry comprising authentication information for uniquely authenticating at least one agent device. The method includes the steps of obtaining from the device registry the authentication information for the agent device identified by a device identifier specified in an the authentication request from the agent device, performing verification of the agent device using the authentication information obtained from the device registry, and if the verification is not successful, transmitting to at least one of the agent device and the application providing apparatus revocation information for denying the trusted communication between the agent device and the application providing apparatus.

59 Citations

View as Search Results

15 Claims

1. A method for a registry apparatus to enable trusted communication between at least one agent device and an application providing apparatus, the application providing apparatus comprising any device which executes an application program using data gathered from the at least one agent device and issues commands for controlling the at least one agent device, and wherein the registry apparatus maintains a device registry comprising agent device characteristics, a history of use of the at least one agent device, and authentication information for uniquely authenticating the at least one agent device, the method comprising:
- (a) receiving at the registry apparatus an authentication request from the at least one agent device specifying a device identifier identifying the at least one agent device together with authentication information for authenticating the at least one agent device;
  
  (b) obtaining from the device registry the authentication information for uniquely authenticating the at least one agent device identified by the device identifier;
  
  (c) performing at the registry apparatus verification of the at least one agent device using the authentication information obtained from the device registry and the authentication information received together with the authentication request from the at least one agent device;
  
  (d) responsive to determining that the verification is not successful, transmitting by the registry apparatus to at least one of the at least one agent device and the application providing apparatus revocation information for denying the trusted communication between the at least one agent device and the application providing apparatus; and
  
  (e) responsive to determining that the verification is successful, transmitting by the registry apparatus to the at least one agent device and the application providing apparatus an application key to enable the trusted communication between the at least one agent device and the application providing apparatus using the application key to encrypt communications therebetween, wherein the enablement of the trusted communication by the registry apparatus based on the application key is accomplished without the registry apparatus storing any consumer information related to a consumer of the at least one agent device and without the at least one agent device contacting the application providing apparatus.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method according to claim 1, wherein the revocation information is transmitted to both the at least one agent device and the application providing apparatus.
  - 3. The method according to claim 1, wherein, the device identifier is transmitted by the registry apparatus to the application providing apparatus.
  - 4. The method according to claim 1, wherein at least one application providing apparatus is identified in the device registry as an application providing apparatus with which the at least one agent device was to perform trusted communication.
  - 5. The method according to claim 1, wherein the authentication information obtained from the device registry for uniquely authenticating the at least one agent device comprises agent device key information.
  - 6. The method according to claim 5, wherein the agent device key information is a public key held by the at least one agent device and the application providing apparatus.
  - 7. The method according to claim 6, wherein in response to the revocation information, transmitting by the registry apparatus to the application providing apparatus instructions for deleting the public key held by the application providing apparatus.
  - 8. The method according to claim 1, wherein the device registry includes a black list of agent devices for which trusted communication with the application providing apparatus should be denied.
  - 9. The method according to claim 8, further comprising updating automatically the black list upon a change in second authentication information for the at least one agent device.
  - 10. The method according to claim 9, wherein the change in the second authentication information is a change in a certificate of the at least one agent device.
  - 11. The method according to claim 10, wherein the change in the certificate is expiry of a lifetime of the certificate.
  - 12. The method according to claim 9, wherein in response to updating of the black list, automatically transmitting from the device registry, third authentication information for the at least one agent device to the application providing apparatus and performing verification of the at least one agent device using the third authentication information transmitted from the device registry.
  - 13. The method according to claim 1, further comprising updating by a user a black list upon a change in second authentication information for the at least one agent device.
  - 14. The method according to claim 13, wherein the user determines whether to add the at least one agent device to the black list or remove the at least one agent device from the black list.

15. A registry apparatus for enabling trusted communication between at least one agent device and an application providing apparatus, the application providing apparatus comprising any device which executes an application program using data gathered from the at least one agent device and issues commands for controlling the at least one agent device, the registry apparatus comprising:
- storage circuitry configured to store a device registry comprising agent device characteristics, a history of use of the at least one agent device, and authentication information for uniquely authenticating at the least one agent device;
  
  communication circuitry configured to receive from the at least one agent device an authentication request specifying a device identifier of the at least one agent device together with authentication information for authenticating the at least one agent device; and
  
  processing circuitry configured to obtain from the device registry the authentication information for uniquely authenticating the at least one agent device identified by the device identifier and perform verification of the at least one agent device using the authentication information obtained from the device registry and the authentication information received together with the authentication request from the at least one agent device;
  
  wherein responsive to determining that the verification is not successful, the communication circuitry is configured to transmit to at least one of the at least one agent device and the application providing apparatus revocation information for denying the trusted communication between the at least one agent device and the application providing apparatus;
  
  wherein responsive to determining that the verification is successful, the communication circuitry is configured to transmit to the at least one agent device and the application providing apparatus an application key to enable the trusted communication between the at least one agent device and the application providing apparatus using the application key to encrypt communications therebetween, wherein the enablement of the trusted communication by the registry apparatus based on the application key is accomplished without the registry apparatus storing any consumer information related to a consumer of the at least one agent device and without the at least one agent device contacting the application providing apparatus.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Arm Limited (SoftBank Group Corp.)
Original Assignee
Arm Limited (SoftBank Group Corp.)
Inventors
David, Norbert, Sasin, Szymon
Primary Examiner(s)
Nguyen, Trong

Application Number

US14/843,420
Publication Number

US 20160072808A1
Time in Patent Office

1,168 Days
Field of Search

713155-156, 713158, 713173, 713175
US Class Current
CPC Class Codes

H04L 63/0823   using certificates cryptogr...

H04L 63/126   the source of the received ...

H04L 9/3268   using certificate validatio...

Registry apparatus, agent device, application providing apparatus and corresponding methods

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

59 Citations

15 Claims

Specification

Use Cases

Quick Links

Others

Registry apparatus, agent device, application providing apparatus and corresponding methods

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

59 Citations

15 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others