Networked device branding for secure interaction in trust webs on open networks
First Claim
1. A branding process to establish a trust web of networked computing devices on an open multi-access network, comprising:
- securely networking a security-uninitialized device with a branding device via a secured network medium;
electronically imprinting the security-uninitialized device with group membership and cryptographic key data by the branding device via the secured network medium, the cryptographic key data for verifying group membership information provided by other devices on the open multi-access network to the security-uninitialized device are authenticated by the branding device; and
initializing the security-uninitialized device to use the cryptographic key data to authenticate group membership of other devices interacting with the security-uninitialized device on the open multi-access network, and to provide the security-uninitialized device'"'"'s group membership to such other devices as authentication that the security-uninitialized device is a member of the trust web, such that at least some interaction via the open multi-access network with the security-uninitialized device is cryptographically secured to only other devices in the trust web.
2 Assignments
0 Petitions
Accused Products
Abstract
A branding process provides a networked computing device with initial set up information, including a name, a public/private key pair, and a set of certificates the device will need to inter-operate with other devices in the trust group. A branding device conveys the initial set-up information to the networked computing device via a limited access network interface, or alternatively via a broadcast network media with the device enclosed in a wave guide and/or Faraday cage. The networked computing device can then use the set up information to verify that other devices on the network that seek to interact with the device are also members of the trust group, with which networked computing device can interact.
-
Citations
18 Claims
-
1. A branding process to establish a trust web of networked computing devices on an open multi-access network, comprising:
-
securely networking a security-uninitialized device with a branding device via a secured network medium;
electronically imprinting the security-uninitialized device with group membership and cryptographic key data by the branding device via the secured network medium, the cryptographic key data for verifying group membership information provided by other devices on the open multi-access network to the security-uninitialized device are authenticated by the branding device; and
initializing the security-uninitialized device to use the cryptographic key data to authenticate group membership of other devices interacting with the security-uninitialized device on the open multi-access network, and to provide the security-uninitialized device'"'"'s group membership to such other devices as authentication that the security-uninitialized device is a member of the trust web, such that at least some interaction via the open multi-access network with the security-uninitialized device is cryptographically secured to only other devices in the trust web.
-
-
2. A branding process to establish cryptographically secured interaction among networked computing devices within a trust group on an open multi-access network, comprising:
-
securely networking a security-uninitialized device with a branding device via a secured network medium;
transmitting a branding certificate from the branding device to the security-uninitialized device via the secured network medium, the branding certificate instructing that the security-uninitialized device trust the branding device, the branding certificate further containing key data for verifying certificates provided by other devices on the open multi-access network to the security-uninitialized device are authenticated by the branding device;
transmitting a trust group membership certificate from the branding device to the security-uninitialized device via the secured network medium, the trust group membership certificate authenticating that the security-uninitialized device is a member of the trust group; and
initializing a security resolver of the security-uninitialized device to use the key data of the branding certificate to authenticate other devices interacting with the security-uninitialized device on the open multi-access network are in the trust group, and to provide the trust group membership certificate to such other devices as authentication that the security-uninitialized device is a member of the trust group, such that at least some interaction via the open multi-access network with the security-uninitialized device is cryptographically secured to only other devices in the trust group. - View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A networked computing device supporting branding to establish cryptographically secured interaction with other devices within a trust group on an open-access network, the networked computing device comprising:
-
a network interface for communicating on the open-access network;
a security resolver operational when initialized with a branding public key to authenticate trust group membership certificates provided to the networked computing device from other devices via the network interface using the branding public key, and further operational to inhibit interaction via the network interface with other devices not authenticated as in the trust group, the security resolver being initially uninitialized; and
a security initializer operational to receive the branding public key from a branding device securely networked to the networked computing device, and further operational to initialize the security resolver with the branding public key. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification