Communicating with a machine to machine device

US 10,313,307 B2
Filed: 09/12/2014
Issued: 06/04/2019
Est. Priority Date: 09/13/2013
Status: Active Grant

First Claim

Patent Images

1. A method for a machine-to-machine (M2M) device to administer an interface between the M2M device and a network application function (NAF) for secure communication between the M2M device and the NAF, wherein the M2M device comprises security information as a key for enabling secure communication via the interface, the method comprising the steps of initiating, before expiry of a lifetime of at least part of the security information and on wake up from a sleep cycle:

setting a secure interface lifetime parameter based on a lifetime of the at least part of the security information;

transmitting administration data to the NAF, wherein the administration data comprises the secure interface lifetime parameter;

after determining that a registration of the interface is about to expire, pre-emptively initiating a new bootstrapping process to obtain new security information, the initiating being pre-emptive as a result of obtaining the new security information prior to expiration of the registration; and

using the new security information to either update the registration or, alternatively, to carry out a new registration.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present disclosure provides methods and apparatus for administering an interface between a machine-to-machine, M2M, device and a network application function, NAF, for secure communication between the M2M device and the NAF. In one method, the M2M device comprises security information for enabling secure communication via the interface, and administers the interface by: setting a secure interface lifetime parameter based on a lifetime of at least part of the security information; and transmitting administration data to the NAF, wherein the administration data comprises the secure interface lifetime parameter.

65 Citations

View as Search Results

20 Claims

1. A method for a machine-to-machine (M2M) device to administer an interface between the M2M device and a network application function (NAF) for secure communication between the M2M device and the NAF, wherein the M2M device comprises security information as a key for enabling secure communication via the interface, the method comprising the steps of initiating, before expiry of a lifetime of at least part of the security information and on wake up from a sleep cycle:
- setting a secure interface lifetime parameter based on a lifetime of the at least part of the security information;
  
  transmitting administration data to the NAF, wherein the administration data comprises the secure interface lifetime parameter;
  
  after determining that a registration of the interface is about to expire, pre-emptively initiating a new bootstrapping process to obtain new security information, the initiating being pre-emptive as a result of obtaining the new security information prior to expiration of the registration; and
  
  using the new security information to either update the registration or, alternatively, to carry out a new registration.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein the secure interface lifetime parameter is set to a value greater than or equal to the lifetime of the at least part of the security information.
  - 3. The method of claim 1, wherein the secure interface lifetime parameter is set to a value greater than the lifetime of the at least part of the security information.
  - 4. The method of claim 1, wherein the secure interface lifetime parameter is set to a value greater than the lifetime of the at least part of the security information by a first amount.
  - 5. The method of claim 1, wherein the secure interface lifetime parameter is set to a value less than or equal to the lifetime of the at least part of the security information.
  - 6. The method of claim 1, wherein the secure interface lifetime parameter is set to a value less than or equal to the lifetime of the at least part of the security information.
  - 7. The method of claim 1, wherein the secure interface lifetime parameter is set to a value less than the lifetime of the at least part of the security information by a second amount.
  - 8. The method of claim 1, further comprising the steps of:
    - checking the remaining lifetime of the at least part of the security information; and
      
      if the remaining lifetime of the at least part of the security information is less than a security information lifetime threshold, requesting new security information from a bootstrapping server.
  - 9. The method of claim 8, further comprising the step of:
    - if the request for new security information fails, repeating the request for new security information after a period of time.
  - 10. The method of claim 8, wherein the step of checking the remaining lifetime of the security information is carried out before a secure communication transmission from the M2M device to the NAF via the interface.

11. A method for a network application function (NAF) to administer an interface between the NAF and a machine-to-machine (M2M), device, wherein the M2M device comprises security information as a key for enabling secure communication via the interface, the method comprising the steps of:
- receiving, before expiry of a lifetime of at least part of the security information and on wake up from a sleep cycle, administration data from the M2M device, the registration data comprising a secure interface lifetime parameter that has been set based on a lifetime of the at least part of the security information;
  
  transmitting an administration response to the M2M device;
  
  after determining that a registration of the interface is about to expire, pre-emptively initiating a new bootstrapping process to obtain new security information, the initiating being pre-emptive as a result of obtaining the new security information prior to expiration of the registration; and
  
  using the new security information to either update the registration or, alternatively, to carry out a new registration.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The method of claim 11, wherein the administration data comprises the at least part of the security information, the method further comprising:
    - checking the lifetime of the at least part of the security information; and
      
      comparing the secure interface lifetime parameter with the lifetime of the at least part of the security information;
      
      wherein if the comparison does not meet a comparison condition, the administration response is set to indicate an error in the administration data.
  - 13. The method of claim 12, wherein the comparison condition is that the secure interface lifetime parameter is greater than or equal to the lifetime of the at least part of the security information.
  - 14. The method of claim 12, wherein the comparison condition is that the secure interface lifetime parameter is greater than the lifetime of the at least part of the security information.
  - 15. The method of claim 12, wherein the comparison condition is that the secure interface lifetime parameter is greater than the lifetime of the at least part of the security information by a first amount.
  - 16. The method of claim 12, wherein the comparison condition is that the secure interface lifetime parameter is less than or equal to the lifetime of the at least part of the security information.
  - 17. The method of claim 12, wherein the comparison condition is that the secure interface lifetime parameter is less than the lifetime of the at least part of the security information.
  - 18. The method of claim 12, wherein the comparison condition is that the secure interface lifetime parameter is less than the lifetime of the at least part of the security information by a second amount.
  - 19. The method of claim 11, further comprising a step of:
    - obtaining the lifetime of the at least part of the security information.
  - 20. The method of claim 11, wherein:
    - the administration data further comprises a name for the M2M device; and
      
      wherein the name for the M2M device is equal to, or derived at least in part from, orotherwise linked to, at least part of data that are shared between the M2M device and the bootstrapping server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
DABCO Ltd. (Vodafone Group PLC)
Original Assignee
Vodafone IP Licensing Limited (Vodafone Group PLC)
Inventors
Bone, Nick
Primary Examiner(s)
Hoffman, Brandon S
Assistant Examiner(s)
Woldemariam, Nega

Application Number

US15/021,879
Publication Number

US 20160234255A1
Time in Patent Office

1,726 Days
Field of Search

726 3
US Class Current
CPC Class Codes

G06F 13/1689   Synchronisation and timing ...

G06F 13/28   using burst mode transfer, ...

G06F 13/4027   using bus bridges G06F13/40...

G06F 21/606   by securing the transmissio...

G06F 21/71   to assure secure computing ...

G06F 9/4401   Bootstrapping security arra...

H04B 1/3816   Mechanical arrangements for...

H04L 2463/061   applying further key deriva...

H04L 63/029   Firewall traversal, e.g. tu...

H04L 63/04   for providing a confidentia...

H04L 63/0428   wherein the data content is...

H04L 63/0442   wherein the sending and rec...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/062   for key distribution, e.g. ...

H04L 63/08   for authentication of entit...

H04L 63/0823   using certificates cryptogr...

H04L 63/0838   using one-time-passwords

H04L 63/0869   for achieving mutual authen...

H04L 63/0876   based on the identity of th...

H04L 63/10   for controlling access to d...

H04L 63/166 : at the transport layer

H04L 63/20 : for managing network securi...

H04L 67/01 : Protocols

H04L 67/1095 : Replication or mirroring of...

H04L 67/125 : involving control of end-de...

H04L 9/0861 : Generation of secret inform...

H04W 12/02 : Protecting privacy or anony...

H04W 12/04 : Key management, e.g. using ...

H04W 12/0431 : Key distribution or pre-dis...

H04W 12/06 : Authentication

H04W 12/37 : Managing security policies ...

H04W 4/12 : Messaging; Mailboxes; Annou...

H04W 4/14 : Short messaging services, e...

H04W 4/50 : Service provisioning or rec...

H04W 4/70 : Services for machine-to-mac...

H04W 52/0229 : where the received signal i...

H04W 8/04 : Registration at HLR or HSS ...

H04W 80/06 : Transport layer protocols, ...

H04W 88/02 : Terminal devices

H04W 88/06 : adapted for operation in mu...

Y02D 10/00 : Energy efficient computing,...

Y02D 30/70 : in wireless communication n...

View All

Communicating with a machine to machine device

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

65 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Communicating with a machine to machine device

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

65 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links