Systems and methods for providing security in smart buildings

US 10,447,736 B1
Filed: 06/09/2016
Issued: 10/15/2019
Est. Priority Date: 06/09/2016
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for providing security in smart buildings, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:

detecting the physical presence of a user in a smart building, wherein the user is authorized to enter the smart building;

determining that the user is unauthorized to access at least one resource of an Internet of Things device in a smart building network within the smart building;

in response to determining that the user is unauthorized to access the at least one resource of the Internet of Things device in the smart building network, selecting a stricter authentication policy that provides heightened security within the smart building network compared to a previous authentication policy with lower security; and

increasing security within the smart building network to reflect the physical presence of the user by implementing the stricter authentication policy within the smart building network, wherein implementing the stricter authentication policy comprises directly pushing the stricter authentication policy to all Internet of Things devices in the entire smart building network such that each Internet of Things device selects a method to control access to the Internet of Things device based on the stricter authentication policy and a type of the Internet of Things device.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer-implemented method for providing security in smart buildings may include (1) detecting the presence of a user in a smart building, (2) determining that the user is unauthorized to access at least one resource in a smart building network within the smart building, (3) in response to determining that the user is unauthorized to access the resource in the smart building network, selecting an authentication policy that provides heightened security within the smart building network, and (4) increasing security within the smart building network to reflect the presence of the user by implementing the authentication policy within the smart building network. Various other methods, systems, and computer-readable media are also disclosed.

12 Citations

20 Claims

1. A computer-implemented method for providing security in smart buildings, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
- detecting the physical presence of a user in a smart building, wherein the user is authorized to enter the smart building;
  
  determining that the user is unauthorized to access at least one resource of an Internet of Things device in a smart building network within the smart building;
  
  in response to determining that the user is unauthorized to access the at least one resource of the Internet of Things device in the smart building network, selecting a stricter authentication policy that provides heightened security within the smart building network compared to a previous authentication policy with lower security; and
  
  increasing security within the smart building network to reflect the physical presence of the user by implementing the stricter authentication policy within the smart building network, wherein implementing the stricter authentication policy comprises directly pushing the stricter authentication policy to all Internet of Things devices in the entire smart building network such that each Internet of Things device selects a method to control access to the Internet of Things device based on the stricter authentication policy and a type of the Internet of Things device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, wherein detecting the physical presence of the user comprises at least one of:
    - detecting biometric information of the user; and
      
      detecting a device of the user.
  - 3. The method of claim 2, wherein detecting the device of the user comprises at least one of:
    - scanning for devices broadcasting a signal;
      
      detecting an attempt to connect to the smart building network;
      
      detecting hardware in the smart building; and
      
      correlating the device to the user.
  - 4. The method of claim 3, wherein correlating the device to the user comprises at least one of:
    - detecting an identifier of the device;
      
      determining the identifier belongs to the user; and
      
      determining a physical proximity of the user and the device.
  - 5. The method of claim 2, wherein determining that the user is unauthorized to access the at least one resource comprises at least one of:
    - determining that the user is not registered with the smart building network;
      
      determining that the device is not registered with the smart building network; and
      
      determining that a permission level of the user does not allow access to the at least one resource.
  - 6. The method of claim 1, wherein the at least one resource comprises at least one of:
    - hardware in the smart building;
      
      software in the smart building network;
      
      a user account in the smart building network; and
      
      data in the smart building network.
  - 7. The method of claim 1, wherein the stricter authentication policy comprises at least one of:
    - an access protocol;
      
      a security policy; and
      
      a registration policy.
  - 8. The method of claim 1, wherein pushing the stricter authentication policy to the Internet of Things devices in the entire smart building network comprises pushing the stricter authentication policy to a central policy provider.
  - 9. The method of claim 8, wherein pushing the stricter authentication policy to the Internet of Things devices comprises distributing the stricter authentication policy from the central policy provider to the Internet of Things devices via the smart building network.
  - 10. The method of claim 1, further comprising:
    - verifying that the user is a trusted user within the smart building network; and
      
      reverting to the previous authentication policy with lower security within the smart building network.
  - 11. The method of claim 10, wherein verifying that the user is a trusted user comprises at least one of:
    - determining that the user is registered with the smart building network; and
      
      detecting a registration of a new device of the user with the smart building network.

12. A system for providing security in smart buildings, the system comprising:
- a detection module, stored in memory, that detects the physical presence of a user in a smart building, wherein the user is authorized to enter the smart building;
  
  a determination module, stored in memory, that determines that the user is unauthorized to access at least one resource of an Internet of Things device in a smart building network within the smart building;
  
  a selection module, stored in memory, that, in response to determining that the user is unauthorized to access the at least one resource of the Internet of Things device in the smart building network, selects a stricter authentication policy that provides heightened security within the smart building network compared to a previous authentication policy with lower security;
  
  a security module, stored in memory, that increases security within the smart building network to reflect the physical presence of the user by implementing the stricter authentication policy within the smart building network, wherein implementing the stricter authentication policy comprises directly pushing the stricter authentication policy to all Internet of Things devices in the entire smart building network such that each Internet of Things device selects a method to control access to the Internet of Things device based on the stricter authentication policy and a type of the Internet of Things device; and
  
  at least one processor that executes the detection module, the determination module, the selection module, and the security module.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
- - 13. The system of claim 12, wherein the detection module detects the physical presence of the user by at least one of:
    - detecting biometric information of the user; and
      
      detecting a device of the user.
  - 14. The system of claim 13, wherein detecting the device of the user comprises at least one of:
    - scanning for devices broadcasting a signal;
      
      detecting an attempt to connect to the smart building network;
      
      detecting hardware in the smart building; and
      
      correlating the device to the user.
  - 15. The system of claim 14, wherein correlating the device to the user comprises at least one of:
    - detecting an identifier of the device;
      
      determining the identifier belongs to the user; and
      
      determining a physical proximity of the user and the device.
  - 16. The system of claim 13, wherein the determination module determines that the user is unauthorized to access the at least one resource by at least one of:
    - determining that the user is not registered with the smart building network;
      
      determining that the device is not registered with the smart building network; and
      
      determining that a permission level of the user does not allow access to the at least one resource.
  - 17. The system of claim 12, wherein the stricter authentication policy comprises at least one of:
    - an access protocol;
      
      a security policy; and
      
      a registration policy.
  - 18. The system of claim 12, wherein pushing the stricter authentication policy to the Internet of Things devices in the entire smart building network comprises pushing the stricter authentication policy to a central policy provider.
  - 19. The system of claim 18, wherein pushing the stricter authentication policy to the Internet of Things devices comprises distributing the stricter authentication policy from the central policy provider to the Internet of Things devices via the smart building network.

20. A non-transitory computer-readable medium comprising one or more computer-executable instructions that, when executed by at least one processor of a computing device, cause the computing device to:
- detect the physical presence of a user in a smart building, wherein the user is authorized to enter the smart building;
  
  determine that the user is unauthorized to access at least one resource of an Internet of Things device in a smart building network within the smart building;
  
  in response to determining that the user is unauthorized to access the at least one resource of the Internet of Things device in the smart building network, select a stricter authentication policy that provides heightened security within the smart building network compared to a previous authentication policy with lower security; and
  
  increase security within the smart building network to reflect the physical presence of the user by implementing the stricter authentication policy within the smart building network, wherein implementing the stricter authentication policy comprises directly pushing the stricter authentication policy to all Internet of Things devices in the entire smart building network such that each Internet of Things device selects a method to control access to the Internet of Things device based on the stricter authentication policy and a type of the Internet of Things device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Gen Digital Inc.
Original Assignee
Symantec Corporation (NortonLifeLock Inc.)
Inventors
Jiang, Kevin, Sokolov, Ilya, Gu, Lei, Shavell, Michael
Primary Examiner(s)
Kim, Jung W
Assistant Examiner(s)
Stoica, Adrian

Application Number

US15/177,428
Time in Patent Office

1,223 Days
Field of Search
US Class Current
CPC Class Codes

G07C 2209/04   Access control involving a ...

G07C 2209/08   With time considerations, e...

G07C 2209/63   Comprising locating means f...

G07C 9/00571   operated by interacting wit...

G07C 9/27   with central registration

G07C 9/38   with central registration

H04L 63/0861   using biometrical features,...

H04L 63/102   Entity profiles

H04L 63/20   for managing network securi...

Systems and methods for providing security in smart buildings

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

12 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for providing security in smart buildings

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

12 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links