Automatic secure device introduction and configuration
First Claim
Patent Images
1. A method including using out-of-band (OOB) data transferred from a new device to an environment to an existing device of the environment, said OOB data including data for establishing at least a first secure communication channel between the existing device and the new device:
- establishing the first secure communication channel based at least in part on said OOB data;
providing the new device at least one secret over the first secure communication channel;
establishing a second secure communication channel between the existing device and the new device based at least in part on knowledge of said secret;
providing configuration data to the new device over the second secure communication channel; and
automatically configuring the new device based at least in part on said configuration data.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods for transferring a credential between two devices according to a secure protocol are described. Portions of messages in the protocol are encrypted to prevent theft and tampering. Out-of-band (OOB) data is initially transferred to bootstrap trust in establishing one or more secure communication channels over which a new device may be configured. Systems using the methods are described and claimed.
159 Citations
26 Claims
-
1. A method including using out-of-band (OOB) data transferred from a new device to an environment to an existing device of the environment, said OOB data including data for establishing at least a first secure communication channel between the existing device and the new device:
-
establishing the first secure communication channel based at least in part on said OOB data;
providing the new device at least one secret over the first secure communication channel;
establishing a second secure communication channel between the existing device and the new device based at least in part on knowledge of said secret;
providing configuration data to the new device over the second secure communication channel; and
automatically configuring the new device based at least in part on said configuration data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. An article comprising a machine-accessible medium having one or more associated instructions for using out-of-band (OOB) data transferred from a new device to an environment to an existing device of the environment, said OOB data including data for establishing at least a first secure communication channel between the existing device and the new device, wherein the one or more instructions, if executed, results in a machine performing:
-
establishing the first secure communication channel based at least in part on said OOB data;
providing the new device at least one secret over the first secure communication channel;
establishing a second secure communication channel between the existing device and the new device based at least in part on knowledge of said secret;
providing configuration data from the existing device to the new device over the second secure communication channel; and
automatically configuring the new device based at least in part on said configuration data. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A system comprising:
-
a first device having a device password;
an access point to provide network access to devices having a credential; and
a registrar;
wherein the registrar is to receive the device password by an out-of-band (OOB) data transfer, and is to provide a credential to the first device for use by the first device to access the network through the access point. - View Dependent Claims (24, 25, 26)
-
Specification