Method and apparatus for secure aggregated event reporting

US 10,505,948 B2
Filed: 11/02/2016
Issued: 12/10/2019
Est. Priority Date: 11/05/2015
Status: Active Grant

First Claim

Patent Images

1. A computer implemented method for generating a secure aggregated event report comprising:

determining, by a device of a plurality of devices, that a status change has occurred at the device, wherein the status change is one of a loss of power or a restoration of power, temperature, pressure drop, pressure surge, pipe failure, sound, motion, signal light outages, street light outages, or flood detection;

receiving, by the device, a status change report from one or more child devices;

generating, by the device, a device status change record, wherein the status change record comprises an event type, unique device identifier, and one or more time fields for a start time of the status change, an end time of the status change, or a duration of the status change;

generating, by the device, a record verification field, comprising;

combining a nonce, the event type, and the unique device identifier;

generating a message integrity check code for the combined nonce, event type and device identifier; and

appending the message integrity check code to the device status change record;

appending, by the device, the device status change record to the received status change report; and

transmitting, by the device, the status change report to one or more parent devices toward a head end system;

receiving, by the head end system, the status change report, wherein the status change report comprises at least one status change record from a device in a plurality of devices in a network;

retrieving, by the head end system, the device identifier, the event type, and the message integrity check code from the at least one record;

retrieving, by the head end system, an encryption key associated with the device identifier;

performing, by the head end system, a keyed hash function on a combination of the nonce, the event type, and the unique device identifier using the encryption key associated with the device identifier;

comparing, by the head end system, a result of the keyed hash function to the message integrity check code retrieved from the at least one record;

determining, by the head end system, the record is from the device associated with the device identifier when the result of the keyed hash function matches the message integrity check code retrieved from the at least one record; and

discarding, by the head end system, the record when the result of the keyed hash function does not match the message integrity check code retrieved from the at least one record.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer implemented method and system for secure aggregated event reports. The method comprises determining, by a device, that a status change has occurred at the device; receiving, by the device, a status change report from one or more child devices; generating, by the device, a device status change record; generating a record verification field, comprising: combining a nonce, an event type, and a unique device identifier; generating a message integrity check code for the combined nonce, event type and device identifier; and appending the message integrity check code to the device status change record; appending the device status change record to the received status change report; and transmitting, by the device, the status change report to one or more parent devices toward a head end system.

Citations

17 Claims

1. A computer implemented method for generating a secure aggregated event report comprising:
- determining, by a device of a plurality of devices, that a status change has occurred at the device, wherein the status change is one of a loss of power or a restoration of power, temperature, pressure drop, pressure surge, pipe failure, sound, motion, signal light outages, street light outages, or flood detection;
  
  receiving, by the device, a status change report from one or more child devices;
  
  generating, by the device, a device status change record, wherein the status change record comprises an event type, unique device identifier, and one or more time fields for a start time of the status change, an end time of the status change, or a duration of the status change;
  
  generating, by the device, a record verification field, comprising;
  
  combining a nonce, the event type, and the unique device identifier;
  
  generating a message integrity check code for the combined nonce, event type and device identifier; and
  
  appending the message integrity check code to the device status change record;
  
  appending, by the device, the device status change record to the received status change report; and
  
  transmitting, by the device, the status change report to one or more parent devices toward a head end system;
  
  receiving, by the head end system, the status change report, wherein the status change report comprises at least one status change record from a device in a plurality of devices in a network;
  
  retrieving, by the head end system, the device identifier, the event type, and the message integrity check code from the at least one record;
  
  retrieving, by the head end system, an encryption key associated with the device identifier;
  
  performing, by the head end system, a keyed hash function on a combination of the nonce, the event type, and the unique device identifier using the encryption key associated with the device identifier;
  
  comparing, by the head end system, a result of the keyed hash function to the message integrity check code retrieved from the at least one record;
  
  determining, by the head end system, the record is from the device associated with the device identifier when the result of the keyed hash function matches the message integrity check code retrieved from the at least one record; and
  
  discarding, by the head end system, the record when the result of the keyed hash function does not match the message integrity check code retrieved from the at least one record.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the nonce is a first report time of a first status change.
  - 3. The method of claim 1, wherein the unique device identifier is a Media Access Control address of the device.
  - 4. The method of claim 1, wherein generating the message integrity check comprises performing a keyed hash function on the combined nonce, the event type, and device identifier using a pre-defined encryption key associated with the device.
  - 5. The method of claim 1, wherein the device status change record of the device includes additional information about the event.
  - 6. The method of claim 5, wherein the message integrity check comprises performing a keyed hash function on the combined nonce, the event type, the device identifier, and the other information about the event.
  - 7. The method of claim 1, wherein each record of the status change report comprises an event type associated with a type of the status change at the device, and wherein an event type of a first record of the status change report is different from an event type of a second record of the status change report.
  - 8. The method of claim 1, wherein the status change report comprises a common event type that is used by each record.

9. A system for verifying records in a secure aggregated event report, comprising:
- a plurality of devices, wherein each device comprises;
  
  a) at least one processor;
  
  b) at least one input device; and
  
  c) at least one storage device storing processor executable instructions which, when executed by the at least one processor, perform a method including;
  
  determining, by a device, that a status change has occurred at the device, wherein the status change is one of a loss of power or a restoration of power, temperature, pressure drop, pressure surge, pipe failure, sound, motion, signal light outages, street light outages, or flood detection;
  
  receiving, by the device, a status change report from one or more child devices;
  
  generating, by the device, a device status change record, wherein the status change record comprises an event type, unique device identifier, and one or more time fields for a start time of the status change, an end time of the status change, or a duration of the status change;
  
  generating a record verification field, comprising;
  
  combining a nonce, the event type, and the unique device identifier;
  
  generating a message integrity check code for the combined nonce, event type and device identifier; and
  
  appending the message integrity check code to the device status change record;
  
  appending the device status change record to the received status change report; and
  
  transmitting, by the device, the status change report to one or more parent devices toward a head end system; and
  
  a server comprising;
  
  a) at least one processor;
  
  b) at least one input device; and
  
  c) at least one storage device storing processor executable instructions which, when executed by the at least one processor, perform a method including;
  
  receiving the status change report, wherein the status change report comprises at least one status change record from a device in a plurality of devices in a network;
  
  retrieving the device identifier, the event type, and the message integrity check code from the at least one record;
  
  retrieving an encryption key associated with the device identifier;
  
  performing a keyed hash function on a combination of the nonce, the event type, and the unique device identifier using the encryption key associated with the device identifier;
  
  comparing a result of the keyed hash function to the message integrity check code retrieved from the at least one record;
  
  determining the record is from the device associated with the device identifier when the result of the keyed hash function matches the message integrity check code retrieved from the at least one record; and
  
  discarding the record when the result of the keyed hash function does not match the message integrity check code retrieved from the at least one record.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The system of claim 9, wherein the nonce is a first report time of a first status change.
  - 11. The system of claim 9, wherein the unique device identifier is a Media Access Control address of the device.
  - 12. The system of claim 9, wherein generating the message integrity check comprises performing a keyed hash function on the combined nonce, the event type, and device identifier using a pre-defined encryption key associated with the device.
  - 13. The system of claim 9, wherein the device status change record of the device includes additional information about the event.
  - 14. The system of claim 13, wherein the message integrity check comprises performing a keyed hash function on the combined nonce, the event type, the device identifier, and the other information about the event.
  - 15. The system of claim 9, wherein each record of the status change report comprises an event type associated with a type of the status change at the device, and wherein an event type of a first record of the status change report is different from an event type of a second record of the status change report.
  - 16. The system of claim 9, wherein the status change report comprises a common event type that is used by each record.

17. A non-transitory computer readable medium for storing computer instructions that, when executed by at least one processor causes the at least one processor to perform a method for verifying records in a secure aggregated event report, comprising:
- determining, by a device of a plurality of devices, that a status change has occurred at the device, wherein the status change is one of a loss of power or a restoration of power, temperature, pressure drop, pressure surge, pipe failure, sound, motion, signal light outages, street light outages, or flood detection;
  
  receiving, by the device, a status change report from one or more child devices;
  
  generating, by the device, a device status change record, wherein the status change record comprises an event type, unique device identifier, and one or more time fields for a start time of the status change, an end time of the status change, or a duration of the status change;
  
  generating, by the device, a record verification field, comprising;
  
  combining a nonce, the event type, and the unique device identifier;
  
  generating a message integrity check code for the combined nonce, event type and device identifier; and
  
  appending the message integrity check code to the device status change record;
  
  appending, by the device, the device status change record to the received status change report; and
  
  transmitting, by the device, the status change report to one or more parent devices toward a head end system;
  
  receiving, by the head end system, the status change report, wherein the status change report comprises at least one status change record from a device in a plurality of devices in a network;
  
  retrieving, by the head end system, the unique device identifier, the event type, and a message integrity check code from the at least one record, wherein the device identifier is unique to the device;
  
  retrieving, by the head end system, an encryption key associated with the device identifier;
  
  performing, by the head end system, a keyed hash function on a combination of a nonce, the event type, and the unique device identifier using the encryption key associated with the device identifier;
  
  comparing a result of the keyed hash function to the message integrity check code retrieved from at least one record;
  
  determining, by the head end system, the record is from the device associated with the device identifier when the result of the keyed hash function matches the message integrity check code retrieved from at least one record; and
  
  discarding, by the head end system, the record when the result of the keyed hash function does not match the message integrity check code retrieved from at least one record.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Trilliant Networks Incorporated
Original Assignee
Trilliant Networks Incorporated
Inventors
Enns, Frederick, Veillette, Michel
Primary Examiner(s)
King, John B

Application Number

US15/341,137
Publication Number

US 20170134395A1
Time in Patent Office

1,133 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/554   involving event detection a...

G06F 2221/2111   Location-sensitive, e.g. ge...

H04L 2101/622   Layer-2 addresses, e.g. med...

H04L 41/0686   Additional information in t...

H04L 41/069   using logs of notifications...

H04L 41/28   Restricting access to netwo...

H04L 43/065   related to network devices

H04L 43/08   Monitoring or testing based...

H04L 63/0428   wherein the data content is...

H04L 63/0876   based on the identity of th...

H04L 63/123   received data contents, e.g...

H04L 63/126   the source of the received ...

H04L 67/12   specially adapted for propr...

H04L 9/3242   involving keyed hash functi...

H04W 12/71   Hardware identity

H04W 4/70   Services for machine-to-mac...

H04W 84/18   Self-organising networks, e...

Method and apparatus for secure aggregated event reporting

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for secure aggregated event reporting

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links