System and method for implementing secure communications for internet of things (IOT) devices

US 10,412,064 B2
Filed: 03/30/2016
Issued: 09/10/2019
Est. Priority Date: 01/11/2016
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

providing, with a computing device, connectivity between a first device and a second device over at least one network, by establishing an Internet-of-Things (“

IoT”

) protocol-based, machine-to-machine communication channel between the first device and the second device over the at least one network that allows autonomous machine-to-machine communications between the first device and the second device, without any user interaction or any user input during the autonomous machine-to-machine communications;

receiving, with the computing device, an indication from at least one of the first device and the second device that at least one data packet of the plurality of data packets will contain sensitive information; and

automatically establishing, based at least in part on receiving the indication from at least one of the first device and the second device that at least one data packet of the plurality of data packets will contain sensitive information, without any user interaction or any user input, and with the computing device, a secure off-the-record (“

OTR”

) communication session within the IoT protocol-based, machine-to-machine communication channel between the first device and the second device over the at least one network, the secure OTR communication session providing encrypted machine-to-machine communications between the first device and the second device, without any content of communications that is exchanged between the first device and the second device over the secure OTR communication session being recorded or, logged wherein the secure OTR communication session utilizes one or more cryptographic protocols or techniques selected from a group consisting of AES symmetric-key algorithm, Diffie-Hellman key exchange, SHA-1 hash function, forward secrecy, deniable authentication, and malleable encryption, wherein the IoT protocol-based, machine-to-machine communication channel is established using an IoT protocol, wherein the secure OTR communication session is established using an OTR communication protocol, and wherein the OTR communication protocol is part of the IoT protocol, and wherein the first device and the second device are located in proximity to each other.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Novel tools and techniques might provide for implementing secure communications for IoT devices. In various embodiments, a gateway or computing device might provide connectivity between or amongst two or more Internet of Things (“IoT”) capable devices, by establishing an IoT protocol-based, autonomous machine-to-machine communication channel amongst the two or more IoT capable devices. For sensitive and/or private communications, the gateway or computing device might establish a secure off-the-record (“OTR”) communication session within the IoT protocol-based, autonomous machine-to-machine channel, thereby providing encrypted machine-to-machine communications amongst the two or more IoT capable devices, without any content of communications that are exchanged amongst the IoT capable devices over the secure OTR communication session being recorded or logged. In some cases, the secure OTR communication session utilizes cryptographic protocols including, without limitation, one or more of AES symmetric-key algorithm, Diffie-Hellman key exchange, SHA-1 hash function, forward secrecy, deniable authentication, malleable encryption, and/or the like.

126 Citations

14 Claims

1. A method, comprising:
- providing, with a computing device, connectivity between a first device and a second device over at least one network, by establishing an Internet-of-Things (“
  
  IoT”
  
  ) protocol-based, machine-to-machine communication channel between the first device and the second device over the at least one network that allows autonomous machine-to-machine communications between the first device and the second device, without any user interaction or any user input during the autonomous machine-to-machine communications;
  
  receiving, with the computing device, an indication from at least one of the first device and the second device that at least one data packet of the plurality of data packets will contain sensitive information; and
  
  automatically establishing, based at least in part on receiving the indication from at least one of the first device and the second device that at least one data packet of the plurality of data packets will contain sensitive information, without any user interaction or any user input, and with the computing device, a secure off-the-record (“
  
  OTR”
  
  ) communication session within the IoT protocol-based, machine-to-machine communication channel between the first device and the second device over the at least one network, the secure OTR communication session providing encrypted machine-to-machine communications between the first device and the second device, without any content of communications that is exchanged between the first device and the second device over the secure OTR communication session being recorded or, logged wherein the secure OTR communication session utilizes one or more cryptographic protocols or techniques selected from a group consisting of AES symmetric-key algorithm, Diffie-Hellman key exchange, SHA-1 hash function, forward secrecy, deniable authentication, and malleable encryption, wherein the IoT protocol-based, machine-to-machine communication channel is established using an IoT protocol, wherein the secure OTR communication session is established using an OTR communication protocol, and wherein the OTR communication protocol is part of the IoT protocol, and wherein the first device and the second device are located in proximity to each other.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the content of communications that is exchanged between the first device and the second device over the secure OTR communication session comprises at least one of information about the first device, information about the second device, information about a user associated with the first device, information about a user associated with the second device, information about dates or times of the communications exchanged between the first device and the second device over the secure OTR communication session, or one or more of data content, text content, recorded voice content, image content, video content, sensor data content, or instruction content of the communications exchanged between the first device and the second device over the secure OTR communication session.
  - 3. The method of claim 1, wherein the sensitive information includes at least one of information about a user associated with at least one of the first device or the second device, information associated with a customer premises associated with the user who is associated with the at least one of the first device or the second device, information associated with communications protocols used by one or both of the first device or the second device, or information about other users who are associated with the customer premises associated with the user who is associated with the at least one of the first device or the second device.
  - 4. The method of claim 1, wherein the secure OTR communication session is based at least in part on off-the-record messaging protocol.
  - 5. The method of claim 1, wherein the computing device comprises a gateway device comprising at least one of an optical network terminal (“
    - ONT”
      
      ), a network interface device (“
      
      NID”
      
      ), an enhanced NID (“
      
      eNID”
      
      ), a residential gateway (“
      
      RG”
      
      ) device, a business gateway (“
      
      BG”
      
      ) device, or a virtual gateway (“
      
      vG”
      
      ) device, wherein the gateway device is located at or near a customer premises associated with a user who is associated with one of the first device or the second device.
  - 6. The method of claim 1, wherein the computing device comprises at least one of an optical network terminal (“
    - ONT”
      
      ), a network interface device (“
      
      NID”
      
      ), an enhanced NID (“
      
      eNID”
      
      ), or a server computer, each of which is controlled by a network service provider.
  - 7. The method of claim 1, wherein the computing device is one of the first device or the second device.
  - 8. The method of claim 1, wherein the first device and the second device each comprises one of a desktop computer, a laptop computer, a tablet computer, a smart phone, a mobile phone, a personal digital assistant, a printer, a scanner, a data storage device, a network access point (“
    - NAP”
      
      ), a television, a set-top box, an image capture device, an image projection device, a video capture device, a video projection device, a watch, a clock, a gaming console, a thermostat, a kitchen appliance, a medical device, a vehicle, a speaker, an audio headset, a telephone system, a media recording device, a media playback device, a lighting system, a sensing device, a door locking system, a customer premises security control system, a window locking system, a window covering system, or a sprinkler system.
  - 9. The method of claim 1, wherein the at least one network comprises one or more of a local area network (“
    - LAN”
      
      ), a wide area network (“
      
      WAN”
      
      ), a wireless wide area network (“
      
      WWAN”
      
      ), a virtual private network (“
      
      VPN”
      
      ), the Internet, or an extranet.

10. A computing device, comprising:
- at least one processor; and
  
  a non-transitory computer readable medium communicatively coupled to the at least one processor, the non-transitory computer readable medium having stored thereon computer software comprising a set of instructions that, when executed by the at least one processor, causes the computing device to;
  
  provide connectivity between a first device and a second device over at least one network, by establishing an Internet-of-Things (“
  
  IoT”
  
  ) protocol-based, machine-to-machine communication channel between the first device and the second device over the at least one network that allows autonomous machine-to-machine communications between the first device and the second device, without any user interaction or any user input during the autonomous machine-to-machine communications;
  
  receive an indication from at least one of the first device and the second device that at least one data packet of the plurality of data packets will contain sensitive information; and
  
  automatically establish, based at least in part on receiving the indication from at least one of the first device and the second device that at least one data packet of the plurality of data packets will contain sensitive information and without any user interaction or any user input, a secure off-the-record (“
  
  OTR”
  
  ) communication session within the IoT protocol-based, machine-to-machine communication channel between the first device and the second device over the at least one network, the secure OTR communication session providing encrypted machine-to-machine communications between the first device and the second device, without any content of communications that is exchanged between the first device and the second device over the secure OTR communication session being recorded or, logged, wherein the secure OTR communication session utilizes one or more cryptographic protocols or techniques selected from a group consisting of AES symmetric-key algorithm, Diffie-Hellman key exchange, SHA-1 hash function, forward secrecy, deniable authentication, and malleable encryption, wherein the IoT protocol-based, machine-to-machine communication channel is established using an IoT protocol, wherein the secure OTR communication session is established using an OTR communication protocol, and wherein the OTR communication protocol is part of the IoT protocol, and wherein the first device and the second device are located in proximity to each other.
- View Dependent Claims (11)
- - 11. The computing device of claim 10, wherein the secure OTR communication session is based at least in part on off-the-record messaging protocol.

12. An Internet-of-Things (“
- IoT”
  
  ) capable device, comprising;
  
  at least one processor; and
  
  a non-transitory computer readable medium communicatively coupled to the at least one processor, the non-transitory computer readable medium having stored thereon computer software comprising a set of instructions that, when executed by the at least one processor, causes the IoT capable device to;
  
  send an indication to a computing system that at least one data packet of the plurality of data packets will contain sensitive information; and
  
  send information to a second IoT capable device over a secure off-the-record (“
  
  OTR”
  
  ) communication session that is automatically established, without any user interaction or any user input, within an IoT protocol-based, machine-to-machine communication channel between the IoT capable device and the second IoT capable device over at least one network, the secure OTR communication session providing encrypted machine-to-machine communications between the IoT capable device and the second IoT capable device, without the information being recorded or, logged wherein the secure OTR communication session utilizes one or more cryptographic protocols or techniques selected from a group consisting of AES symmetric-key algorithm, Diffie-Hellman key exchange, SHA-1 hash function, forward secrecy, deniable authentication, and malleable encryption, wherein the IoT protocol-based, machine-to-machine communication channel is established using an IoT protocol, wherein the secure OTR communication session is established using an OTR communication protocol, and wherein the OTR communication protocol is part of the IoT protocol, and wherein the first device and the second device are located in proximity to each other.
- View Dependent Claims (13, 14)
- - 13. The IoT capable device of claim 12, wherein the information comprises at least one of information about the IoT capable device, information about the second IoT capable device, information about a user associated with the IoT capable device, information about a user associated with the second IoT capable device, information about dates or times of the communications exchanged between the IoT capable device and the second IoT capable device over the secure OTR communication session, or one or more of data content, text content, recorded voice content, image content, video content, sensor content, or instruction content of the communications exchanged between the IoT capable device and the second IoT capable device over the secure OTR communication session.
  - 14. The IoT capable device of claim 12, wherein the IoT capable device and the second IoT capable device each comprises one of a desktop computer, a laptop computer, a tablet computer, a smart phone, a mobile phone, a personal digital assistant, a printer, a scanner, a data storage device, a network access point (“
    - NAP”
      
      ), a television, a set-top box, an image capture device, an image projection device, a video capture device, a video projection device, a watch, a clock, a gaming console, a thermostat, a kitchen appliance, a medical device, a vehicle, a speaker, an audio headset, a telephone system, a media recording device, a media playback device, a lighting system, a sensing device, a door locking system, a customer premises security control system, a window locking system, a window covering system, or a sprinkler system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CenturyLink Intellectual Property LLC (Lumen Technologies, Inc.)
Original Assignee
CenturyLink Intellectual Property LLC (Lumen Technologies, Inc.)
Inventors
Funk, Tom
Primary Examiner(s)
Arani, Taghi T
Assistant Examiner(s)
Champakesan, Badri

Application Number

US15/084,805
Publication Number

US 20170201504A1
Time in Patent Office

1,259 Days
Field of Search

713151
US Class Current
CPC Class Codes

H04L 63/0471   applying encryption by an i...

H04L 67/12   specially adapted for propr...

H04L 67/141   Setup of application sessio...

H04W 4/70   Services for machine-to-mac...

System and method for implementing secure communications for internet of things (IOT) devices

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

126 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for implementing secure communications for internet of things (IOT) devices

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

126 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links