Methods, devices and modules for secure remote access to home networks

US 20070254630A1
Filed: 04/19/2007
Published: 11/01/2007
Est. Priority Date: 04/24/2006
Status: Abandoned Application

First Claim

Patent Images

1. A method, comprising:

retrieving a public encryption key of a server device by the terminal; and

registering the terminal at the server device with a public key of the terminal.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method, a terminal, and a server are provided to enable to remotely and securely grant, by an owner of a server, access to the server for a third party. A mechanism is defined to establish a trust relationship between a mobile device and a home gateway while in a home network and later to use that trust relationship when granting access to the home network (via remote access through the home gateway) to other devices.

45 Citations

View as Search Results

25 Claims

1. A method, comprising:
- retrieving a public encryption key of a server device by the terminal; and
  
  registering the terminal at the server device with a public key of the terminal.
- View Dependent Claims (2)
- - 2. The method according to claim 1, further comprising:
    - configuring a tunneling mechanism at the server device based on the public key of the terminal.

3. A method, comprising:
- requesting a terminal registered at a server device to authorize access to a requesting terminal;
  
  when access is authorized, creating an access certificate by the registered terminal based on a public key of the requesting terminal and a private key of the registered terminal; and
  
  informing the requesting terminal of the created access certificate to remotely authorize the requesting terminal access to the server device.

4. A method, comprising:
- presenting, by a terminal not registered at a server device, an access certificate to the server device;
  
  checking, at the server device, that the access certificate is signed by a terminal registered at the server device; and
  
  when checking is successful, granting access to the server for the terminal not registered at the server.

5. A method, comprising:
- requesting a terminal administering access to a server device to authorize access to a requesting terminal, when access is authorized, creating an access right for the requesting terminal at the administrating terminal; and
  
  informing the requesting terminal of the created access right to remotely authorize the requesting terminal access to the server device.
- View Dependent Claims (6)
- - 6. The method according to claim 5, further comprising:
    - encrypting the access right with a public key of the server to which access is requested; and
      
      authenticating the access right by the administrating terminal.

7. A method, comprising:
- presenting, by a terminal not administering a server device, an access right to the server device, checking, at the server device, that the access right is signed by a terminal administering the server device; and
  
  when checking is successful, granting access to the server for the terminal not administering the server device.

8. A method, comprising:
- retrieving a public encryption key of a server device by a terminal; and
  
  registering the terminal at the server device with a private encryption key and a corresponding public encryption key of the terminal, wherein only the public encryption key is delivered to other terminals.
- View Dependent Claims (9)
- - 9. The method according to claim 8, further comprising:
    - signing data at the terminal with the private encryption key; and
      
      providing the signed data to another terminal, wherein the other terminal verifies the signed data using only the public encryption key, where the other terminal does not include the private encryption key of the terminal.

10. A terminal configured to retrieve a public encryption key of a server device, and configured to be registered at the server device with a public key.
- View Dependent Claims (11)
- - 11. The terminal according to claim 10, wherein a tunneling mechanism is configured at the server device based on the public key of the terminal.

12. A terminal configured to be registered at a server, configured to receive a request to authorize access to a requesting terminal, and configured to create an access certificate based on a public key of the requesting terminal and a private key of the registered terminal when access is authorized, and configured to inform the requesting terminal of the created access certificate to remotely authorize the requesting terminal access to the server.

13. A terminal configured not to be registered at a server, and configured to present an access certificate to the server, wherein the access certificate is signed by a terminal registered at the server, and access to the server is granted for the terminal not registered at the server.

14. A terminal configured to administer access to a server, configured to receive a request to authorize access to a requesting terminal, configured to create an access right for the requesting terminal when access is authorized, and configured to inform the requesting terminal of the created access right to remotely authorize the requesting terminal access to the server.
- View Dependent Claims (15)
- - 15. The terminal according to claim 14, the terminal further configured to encrypt the access right with a public key of the server to which access is requested, and configured to authenticate the access right.

16. A terminal configured to retrieve a public encryption key of a server device, wherein the terminal is registered at the server device with a private encryption key and a corresponding public encryption key of the terminal, and wherein only the public encryption key is delivered to other terminals.
- View Dependent Claims (17)
- - 17. The terminal according to claim 16, the terminal further configured to sign data with the private encryption key, and configured to provide the signed data to another terminal.

18. A server device configured to receive, from a terminal not registered at the server device, an access certificate, and configured to check that the access certificate is signed by a terminal registered at the server device, wherein access to the server device is granted for the terminal not registered at the server device in case the check is successful.

19. A server device configured to receive, from a terminal not administering the server device, an access right, and configured to check that the access right is signed by a terminal administering the server device, wherein access to the server device is granted for the terminal not administering the server in case the check is successful.

20. A terminal, comprising:
- retrieving means for retrieving a public encryption key of a server device; and
  
  registering means for registering the terminal at the server device with a public key.

21. A terminal, comprising:
- . registering means for registering the terminal at a server;
  
  receiving means for receiving a request to authorize access to a requesting terminal; and
  
  creating means for creating an access certificate based on a public key of the requesting terminal and a private key of the registered terminal when access is authorized, wherein the requesting terminal is informed of the created access certificate to remotely authorize the requesting terminal access to the server.

22. A terminal not registered at a server, comprising:
- presenting means for presenting an access certificate to the server, the access certificate is signed by a terminal registered at the server, for granting access to the server for the terminal not registered at the server.

23. A terminal, comprising:
- administering means for administering access to a server;
  
  receiving means for receiving a request to authorize access to a requesting terminal;
  
  creating means for creating an access right for the requesting terminal when access is authorized; and
  
  informing means for informing the requesting terminal of the created access right to remotely authorize the requesting terminal access to the server.

24. A server, comprising:
- receiving means for receiving, from a terminal not registered at a server, an access certificate; and
  
  checking means for checking whether the access certificate is signed by a terminal registered at the server, wherein access to the server is granted for the terminal not registered at the server.

25. A server, comprising:
- receiving means for receiving, from a terminal not administering the server, an access right; and
  
  checking means for checking whether the access right is signed by a terminal administering the server, wherein access to the server is granted for the terminal not administering the server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nokia Corporation
Original Assignee
Nokia Corporation
Inventors
Kaarela, Kari, Costa-Requena, Jose, Parkkinen, Jukka, Koistinen, Kirmo, Moloney, Seamus, Stirbu, Vlad, Hyvarinen, Mikko

Application Number

US11/785,718
Publication Number

US 20070254630A1
Time in Patent Office

Days
Field of Search
US Class Current

455/410
CPC Class Codes

H04L 63/06 for supporting key manageme...

H04L 63/0823 using certificates cryptogr...

Methods, devices and modules for secure remote access to home networks

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

45 Citations

25 Claims

Specification

Use Cases

Quick Links

Others

Methods, devices and modules for secure remote access to home networks

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

45 Citations

25 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others