Legitimacy verification of a node in a distributed network
First Claim
1. A method of legitimacy verification of a node in a distributed network, wherein the distributed network comprises a plurality of nodes and a secure element, which are connected to a shared medium of the distributed network, each of the plurality of nodes is provisioned with an identity certificate comprising a serial number, and each serial number is specific to the respective node, said method comprising:
- receiving, with the secure element, from one of the plurality of nodes, a request for the legitimacy verification including the serial number, wherein the identity certificate is signed by a certificate authority and includes an indication of membership of receiver nodes;
comparing, with the secure element, the serial number included in the received request with a plurality of serial numbers in a whitelist maintained at the secure element;
transmitting, with the secure element, back to the requesting node, a request response comprising an indication whether or not the serial number is comprised in the whitelist.
1 Assignment
0 Petitions
Accused Products
Abstract
According to an example, a method and a secure element legitimacy verification of a node in a distributed network is provided. The distributed network comprises a plurality of nodes and a secure element, which are connected to a shared medium of the distributed network. Each of the plurality of nodes is provisioned with an identity certificate comprising a serial number. Each serial number is specific to the respective node. The secure element receives from one of the plurality of nodes a request for legitimacy verification including the serial number. The secure element compares the serial number included in the received request with a plurality of serial numbers comprises in a whitelist maintained at the secure element. The secure element transmits back to the requesting node a request response comprising an indication whether or not the serial number is comprised in the whitelist.
-
Citations
16 Claims
-
1. A method of legitimacy verification of a node in a distributed network, wherein the distributed network comprises a plurality of nodes and a secure element, which are connected to a shared medium of the distributed network, each of the plurality of nodes is provisioned with an identity certificate comprising a serial number, and each serial number is specific to the respective node, said method comprising:
-
receiving, with the secure element, from one of the plurality of nodes, a request for the legitimacy verification including the serial number, wherein the identity certificate is signed by a certificate authority and includes an indication of membership of receiver nodes; comparing, with the secure element, the serial number included in the received request with a plurality of serial numbers in a whitelist maintained at the secure element; transmitting, with the secure element, back to the requesting node, a request response comprising an indication whether or not the serial number is comprised in the whitelist. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A secure element connected to a shared medium of a distributed network, wherein the secure element is configured to:
-
receive from one of the plurality of nodes a request for legitimacy verification including the serial number, compare the serial number included in the received request with a plurality of serial numbers in a whitelist maintained at the secure element, wherein an identity certificate for each serial number of the plurality of serial numbers is signed by a certificate authority and includes an indication of membership of receiver nodes, transmit back to the requesting node a request response comprising an indication whether or not the serial number is comprised in the whitelist. - View Dependent Claims (10, 11, 12, 13)
-
-
14. A system comprising a plurality of nodes and a secure element connected to a shared medium of a distributed network, wherein each node of the plurality of nodes is a member of at least one group of a plurality of groups, each group is associated with a secret group key, each node of the plurality of nodes stores only the secret group keys of each group of which it is a member, and for updating and distributing secret keys in the distributed network, the first node is configured to:
-
generate an authenticated update key request, wherein the authenticated update key request comprises an indication of a membership, of which the first node is member; broadcast the authenticated update key request on the shared medium of the distributed network, wherein each remaining node of the plurality of nodes is configured to; receive the authenticated key update; perform an authentication verification based on the authenticated key update request; match the respective memberships with the indication of a membership of the first node comprised in the authenticated key update request wherein an identity certificate is signed by a certificate authority and includes an indication of membership of receiver nodes; after a partial matching of memberships, generate an authenticated update key request response, which comprises an indication of the membership of the respective remaining node; and generate an authenticated update key request and broadcasting the authenticated update key request on the shared medium of the distributed network, wherein the authenticated update key request comprises an indication of a membership, of which the respective remaining node is member, wherein for legitimacy verification of a node in a distributed network the secure element is configured to; receive from one of the plurality of nodes a request for legitimacy verification including the serial number, compare the serial number included in the received request with a plurality of serial numbers comprises in a whitelist maintained at the secure element, and transmit back to the requesting node a request response comprising an indication whether or not the serial number is comprised in the whitelist. - View Dependent Claims (15, 16)
-
Specification