Home automation system including encrypted device connection based upon publicly accessible connection file and related methods

US 10,630,649 B2
Filed: 06/20/2017
Issued: 04/21/2020
Est. Priority Date: 06/30/2015
Status: Active Grant

First Claim

Patent Images

1. A home automation (HA) system comprising:

a plurality of addressable HA devices that are not publicly accessible via the Internet and each having a unique device identifier (ID) and a unique last cloud session ID associated therewith;

a remote user device configured to generate a connection request to communicate with a given addressable HA device; and

a cloud server configured tocooperate with said remote user device to generate a device-specific connection file based upon the connection request and a hash of the unique device ID and the unique last cloud session ID, andstore the device-specific connection file so that the device-specific connection file is publicly accessible via the Internet, the device-specific connection file comprising instructions for establishing an encrypted on-demand tunneling connection to the given addressable HA device for operation of the given addressable HA device, the encrypted on-demand tunneling connection comprising first and second encrypted connections;

said given addressable HA device being configured to retrieve the device-specific connection file, and establish the first encrypted connection with said cloud server;

said cloud server configured to cooperate with said remote user device to establish the second encrypted connection therewith based upon the first encrypted connection.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A home automation (HA) system may include addressable HA devices that are not publicly accessible via the Internet and a remote user device configured to generate a connection request to communicate with a given addressable HA device. The HA system may also include a cloud server configured to cooperate with the remote user device to generate a connection file based upon the connection request, and store the connection file so that the connection file is publicly accessible via the Internet. The connection file may include instructions for establishing an encrypted connection to the given addressable HA device. The given addressable HA device may be configured to retrieve the connection file and establish the encrypted connection with the remote user device via the cloud server.

Citations

17 Claims

1. A home automation (HA) system comprising:
- a plurality of addressable HA devices that are not publicly accessible via the Internet and each having a unique device identifier (ID) and a unique last cloud session ID associated therewith;
  
  a remote user device configured to generate a connection request to communicate with a given addressable HA device; and
  
  a cloud server configured tocooperate with said remote user device to generate a device-specific connection file based upon the connection request and a hash of the unique device ID and the unique last cloud session ID, andstore the device-specific connection file so that the device-specific connection file is publicly accessible via the Internet, the device-specific connection file comprising instructions for establishing an encrypted on-demand tunneling connection to the given addressable HA device for operation of the given addressable HA device, the encrypted on-demand tunneling connection comprising first and second encrypted connections;
  
  said given addressable HA device being configured to retrieve the device-specific connection file, and establish the first encrypted connection with said cloud server;
  
  said cloud server configured to cooperate with said remote user device to establish the second encrypted connection therewith based upon the first encrypted connection.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The HA system of claim 1 wherein the encrypted on-demand tunneling connection comprises an on-demand secure shell (SSH) tunneling connection.
  - 3. The HA system of claim 1 wherein said given addressable HA device is configured to poll for the device-specific connection file.
  - 4. The HA system of claim 1 wherein said cloud server is configured to store the device-specific connection file thereat.
  - 5. The HA system of claim 1 further comprises a further cloud server remote from said cloud server and configured to store the device-specific connection file.
  - 6. The HA system of claim 1 wherein the device-specific connection file comprises at least one of a host name, a port number, a username, and a password.

7. A cloud server for a home automation (HA) system comprising a plurality of addressable HA devices that are not publicly accessible via the Internet and each having a unique device identifier (ID) and a unique last cloud session ID associated therewith, and a remote user device configured to generate a connection request to communicate with a given addressable HA device, the cloud server comprising:
- a processor and a memory coupled thereto and configured tocooperate with the remote user device to generate a device-specific connection file based upon the connection request and a hash of the unique device ID and the unique last cloud session ID,store the device-specific connection file so that the device-specific connection file is publicly accessible via the Internet, the device-specific connection file comprising instructions for establishing an encrypted on-demand tunneling connection to the given addressable HA device for operation of the given addressable HA device so that the given addressable HA device establishes a first encrypted connection of the encrypted on-demand tunneling connection with the cloud server upon retrieval of the device-specific connection file, andcooperate with the remote user device to establish a second encrypted connection of the encrypted on-demand tunneling connection with the remote user device based upon the first encrypted connection.
- View Dependent Claims (8, 9)
- - 8. The cloud server of claim 7 wherein the encrypted on-demand tunneling connection comprises an encrypted on-demand secure shell (SSH) tunneling connection.
  - 9. The cloud server of claim 7 wherein said processor is configured to store the device-specific connection file at a further cloud server remote from the cloud server.

10. A method of establishing an encrypted on-demand tunneling connection with a given one of a plurality of addressable home automation (HA) devices in an HA system, the plurality of addressable HA devices not being publicly accessible via the Internet and each having a unique device identifier (ID) and a unique last cloud session ID associated therewith, the HA system comprising a remote user device configured to generate a connection request to communicate with the given addressable HA device, the method comprising:
- using a cloud server of the HA system tocooperate with the remote user device to generate a device-specific connection file based upon the connection request and a hash of the unique device ID and the unique last cloud session ID,store the device-specific connection file so that the device-specific connection file is publicly accessible via the Internet, the device-specific connection file comprising instructions for establishing the encrypted on-demand tunneling connection to the given addressable HA device for operation of the given addressable HA device so that the given addressable HA device establishes a first encrypted connection of the encrypted on-demand tunneling connection with the cloud server upon retrieval of the device-specific connection file, andcooperate with the remote user device to establish a second encrypted connection of the encrypted on-demand tunneling connection with the remote user device based upon the first encrypted connection.
- View Dependent Claims (11, 12, 13)
- - 11. The method of claim 10 wherein the encrypted on-demand tunneling connection comprises an on-demand secure shell (SSH) tunneling connection.
  - 12. The method of claim 10 wherein the cloud server stores the device-specific connection file thereat.
  - 13. The method of claim 10 wherein the cloud server stores the device-specific connection file on a further cloud server remote from the cloud server.

14. A non-transitory computer readable medium comprising computer executable instructions that when executed by a processor of a cloud server of a home automation (HA) system, cause the cloud server to perform operations for establishing an encrypted on-demand tunneling connection with a given one of a plurality of addressable HA devices in an HA system, the plurality of addressable HA devices not being publicly accessible via the Internet and each having a unique device identifier (ID) and a unique last cloud session ID associated therewith, the HA system comprising a remote user device configured to generate a connection request to communicate with the given addressable HA device, the operations comprising:
- cooperating with the remote user device to generate a device-specific connection file based upon the connection request and a hash of the unique device ID and the unique last cloud session ID; and
  
  storing the device-specific connection file so that the device-specific connection file is publicly accessible via the Internet, the device-specific connection file comprising instructions for establishing the encrypted on-demand tunneling connection to the given addressable HA device for operation of the given addressable HA device so that the given addressable HA device establishes a first encrypted connection of the encrypted on-demand tunneling connection with the cloud server upon retrieval of the device-specific connection file; and
  
  cooperating with the remote user device to establish a second encrypted connection of the encrypted on-demand tunneling connection with the remote user device based upon the first encrypted connection.
- View Dependent Claims (15, 16, 17)
- - 15. The non-transitory computer readable medium of claim 14 wherein the encrypted on-demand tunneling connection comprises an on-demand secure shell (SSH) tunneling connection.
  - 16. The non-transitory computer readable medium of claim 14 wherein the operations cause the cloud server to store the device-specific connection file thereat.
  - 17. The non-transitory computer readable medium of claim 14 wherein the operations cause the cloud server to store the device-specific connection file on a further cloud server remote from the cloud server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
K4Connect, Inc.
Original Assignee
K4Connect, Inc.
Inventors
Gould, Jonathan Andrew, Adams, Mark Robert
Primary Examiner(s)
Pwu, Jeffrey C
Assistant Examiner(s)
Salehi, Helai

Application Number

US15/628,328
Publication Number

US 20170346793A1
Time in Patent Office

1,036 Days
Field of Search
US Class Current
CPC Class Codes

H04L 12/2803   Home automation networks

H04L 12/2818   from a device located outsi...

H04L 12/2821   Avoiding conflicts related ...

H04L 12/4633   Interconnection of networks...

H04L 63/0272   Virtual private networks

H04L 63/0428   wherein the data content is...

H04L 63/1416   Event detection, e.g. attac...

H04L 63/1425   Traffic logging, e.g. anoma...

H04L 63/1466   Active attacks involving in...

H04L 63/168   above the transport layer

H04L 63/18   using different networks or...

H04L 67/125   involving control of end-de...

Home automation system including encrypted device connection based upon publicly accessible connection file and related methods

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Home automation system including encrypted device connection based upon publicly accessible connection file and related methods

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links