Network security systems and methods

US 10,419,492 B2
Filed: 04/12/2018
Issued: 09/17/2019
Est. Priority Date: 02/14/2014
Status: Active Grant

First Claim

Patent Images

1. A method of managing a first connected device comprising:

receiving, by a trusted service from a second connected device, first device information associated with a first connected device in communication with the second connected device and an indication of a first entity;

accessing, based on the first device information, a first security association record maintained by the trusted service associated with the first connected device;

determining, based on at least one electronic permission associated with the first security association record, that the trusted service may update at least a portion of the first security association record; and

updating the first security association record to indicate that the first connected device is associated with the first entity.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

This disclosure relates to systems and methods for managing connected devices and associated network connections. In certain embodiments, trust, privacy, safety, and/or security of information communicated between connected devices may be established in part through use of security associations and/or shared group tokens. In some embodiments, these security associations may be used to form an explicit private network associated with the user. A user may add and/or manage devices included in the explicit private network through management of various security associations associated with the network'"'"'s constituent devices.

Citations

17 Claims

1. A method of managing a first connected device comprising:
- receiving, by a trusted service from a second connected device, first device information associated with a first connected device in communication with the second connected device and an indication of a first entity;
  
  accessing, based on the first device information, a first security association record maintained by the trusted service associated with the first connected device;
  
  determining, based on at least one electronic permission associated with the first security association record, that the trusted service may update at least a portion of the first security association record; and
  
  updating the first security association record to indicate that the first connected device is associated with the first entity.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The method of claim 1, wherein determining that the trusted service may update the at least a portion of the first security association record comprises determining that the first security association record indicates that the first connected device is not associated with an entity.
  - 3. The method of claim 1, wherein determining that the trusted service may update the at least a portion of the first security association record comprises:
    - determining that the first security association record indicates that the first connected device is associated with a second entity,wherein determining that the trusted service may update at least the portion of the security association record comprises determining that the at least one electronic permission indicates the association with the second entity may be modified.
  - 4. The method of claim 1, wherein the first device information comprises information uniquely identifying the first connected device.
  - 5. The method of claim 4, wherein the first device information comprises at least one of a universal unique identifier, an internet protocol address, and a media access control address.
  - 6. The method of claim 1, wherein the method further comprises:
    - determining, based on the first device information, that a security association record associated with the first device information has not been generated by the trusted service; and
      
      generating, based on the first device information, the first security association record.
  - 7. The method of claim 1, wherein the indication of the first entity comprises second device information associated with the second connected device, and wherein updating the first security association record further comprises:
    - accessing a second security association record maintained by the trusted service associated with the second device information; and
      
      identifying, based on the second security association record, that the second connected device is associated with the first entity.
  - 8. The method of claim 1, wherein receiving the first device information is in response to a discovery process establishing a communication channel between the second connected device and the first connected device.
  - 9. The method of claim 1, wherein the second connected device comprises a smartphone.
  - 10. The method of claim 1, wherein the first connected device comprises at least one of a smartphone, a tablet computer system, a desktop computer system, a laptop computer system, a wearable computing device, a connected vehicle, a telematics system, a security system, a home automation system, a connected thermostat, a connected heating system, a connected cooling system, a utility meter, a medical device, a gaming system, a network infrastructure system, a television, a speaker, and a digital camera.
  - 11. The method of claim 1, wherein the second connected device and the first connected device are communicatively coupled via a proximal field communication channel.
  - 12. The method of claim 11, wherein the proximal field communication channel comprises a near field communications channel.
  - 13. The method of claim 1, wherein the first entity comprises a user.
  - 14. The method of claim 1, wherein the first entity comprises a group of users.
  - 15. The method of claim 1, wherein the first entity comprises an organization.
  - 16. The method of claim 1, wherein the trusted service comprises a device registration service.
  - 17. The method of claim 1, wherein the first security association record is included in explicit private network state information associated with the first device managed by the trusted service.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intertrust Technologies Corporation (Fidelio Acquisition Co LLC)
Original Assignee
Intertrust Technologies Corporation (Fidelio Acquisition Co LLC)
Inventors
Maher, David P., Boccon-Gibod, Gilles
Primary Examiner(s)
Zand, Kambiz
Assistant Examiner(s)
Kaplan, Benjamin A

Application Number

US15/951,610
Publication Number

US 20180337953A1
Time in Patent Office

523 Days
Field of Search

726 1
US Class Current
CPC Class Codes

G06F 21/6218   to a system of files or obj...

G06F 2221/2149   Restricted operating enviro...

H04L 12/2803   Home automation networks

H04L 63/065   for group communications cr...

H04L 63/20   for managing network securi...

H04L 67/1068   Discovery involving direct ...

H04L 67/51   Discovery or management the...

H04W 12/04   Key management, e.g. using ...

H04W 12/08   Access security

H04W 12/50   Secure pairing of devices

H04W 4/70   Services for machine-to-mac...

Network security systems and methods

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Network security systems and methods

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links