Secure network channel
First Claim
1. A method of establishing a secure communication channel between a first network device and a second network device that controls the first network device, comprising:
- receiving, at the second network device, at least one authentication certificate from the first network device, wherein the at least one authentication certificate includes an authentication key;
searching a data store associated with the second network device for an authentication certificate that matches the at least one authentication certificate received from the first network device;
if the data store includes a matching authentication certificate, then implementing a secure communication channel using information derived from the matching authentication certificate; and
if the data store does not include a matching authentication certificate, then;
computing a master secret from information associated with the at least one authentication certificate received from the first network device; and
implementing a secure communication channel using information derived from the new master secret.
2 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems for establishing a secure network channel between two ore more devices in a communication network are disclosed. In exemplary implementations the network may be a UPnP network. A first device passes authentication information to at least a second device to permit the second device to authenticate the first device. Optionally, the first device may request to authenticate the second device, in which authentication information associated with the second device is passed to the first device. The first device uses this information to authenticate the second device. At least one of the first and second device may store authentication information in an data store associated with the device.
-
Citations
25 Claims
-
1. A method of establishing a secure communication channel between a first network device and a second network device that controls the first network device, comprising:
-
receiving, at the second network device, at least one authentication certificate from the first network device, wherein the at least one authentication certificate includes an authentication key;
searching a data store associated with the second network device for an authentication certificate that matches the at least one authentication certificate received from the first network device;
if the data store includes a matching authentication certificate, then implementing a secure communication channel using information derived from the matching authentication certificate; and
if the data store does not include a matching authentication certificate, then;
computing a master secret from information associated with the at least one authentication certificate received from the first network device; and
implementing a secure communication channel using information derived from the new master secret. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method of adding a device to a UPnP network, comprising:
-
retrieving, at a control point in the UPnP network, a device description associated with the UPnP device;
invoking, at the control point, a first authentication process to authenticate the device with the control point;
retrieving, at the control point, a service description associated with the device; and
retrieving, at the control point, a presentation page associated with the device. - View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A method of adding a control point to a UPnP network, comprising:
-
transmitting a search request multicast from the control point to a predetermined network address;
receiving a response to the multicast from at least one device in the UPnP network, wherein the response includes an indicator requesting a secure communication between the device and the control point;
invoking, at the control point, a first authentication process to authenticate the device with the control point;
retrieving, at the control point, a device description associated with the UPnP device retrieving, at the control point, a service description associated with the device; and
retrieving, at the control point, a presentation page associated with the device. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25)
-
Specification