SECURE WIRELESS INSTRUMENTATION NETWORK SYSTEM
First Claim
1. A secure wireless instrumentation network system comprising:
- a secure trust center; and
one or more of member wireless devices; and
wherein;
the secure trust center provides a birth key (BK) via a protected link to a non-member wireless device;
the non-member wireless device uses the BK key to provide a first secure link which is used to send a request for membership to the secure trust center requesting that the non-member wireless device become a member wireless device; and
provided that the secure trust center authenticates the request for membership, the secure trust center considers the non-member device to be a member device. the protected link is not cryptographically protected;
the protected link has limited exposure to eavesdropping;
each secure link is cryptographically protected using a unique cryptographic key from the secure trust center; and
the secure trust center maintains a record of cryptographic keys.
1 Assignment
0 Petitions
Accused Products
Abstract
The present system having a secure wireless infrastructure with a key server acting as a key distribution center. The key server may be the core of the network, securely admitting new nodes or devices, deploying and updating keys and authorizing secure communications sessions. The system may also share secure keying information with a new device not already a member of a secure wireless network. The keying information may be used for authentication or encryption or both, and may be provided to the new device in a manner or mode which is not susceptible to exposure outside of the secure network. The keying information shared with the new device may be regarded as a birth key. Then the new device may send a birth key encrypted request to join the secure network via an exposed communication mode. The key server may respond with a birth key encrypted key encryption key.
-
Citations
25 Claims
-
1. A secure wireless instrumentation network system comprising:
-
a secure trust center; and one or more of member wireless devices; and wherein; the secure trust center provides a birth key (BK) via a protected link to a non-member wireless device; the non-member wireless device uses the BK key to provide a first secure link which is used to send a request for membership to the secure trust center requesting that the non-member wireless device become a member wireless device; and provided that the secure trust center authenticates the request for membership, the secure trust center considers the non-member device to be a member device. the protected link is not cryptographically protected; the protected link has limited exposure to eavesdropping; each secure link is cryptographically protected using a unique cryptographic key from the secure trust center; and the secure trust center maintains a record of cryptographic keys. - View Dependent Claims (2, 3, 4)
-
-
5. A secure wireless instrumentation network system comprising:
-
a secure trust center; one or more of member wireless devices; and a liaison device; and wherein; cryptographic information is transferred from the secure trust center via a first protected link or a first secure link to the liaison device; the liaison device transfers a birth key (BK) via a second protected link to a non-member wireless device; the non-member wireless device uses the BK from the liaison device to provide a second secure link which is specific to that device and which is used to send a request for membership to the secure trust center requesting that the non-member wireless device become a member wireless device; the first and second protected links are not cryptographically protected; the first and second protected links have limited exposure to eavesdropping; and the first, second, third and fourth secure links are cryptographically protected with a unique cryptographic key from the secure trust center. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12)
-
-
13. A method for establishing a secured wireless instrumentation network, comprising:
-
providing a key server; providing a liaison device; conveying cryptographic information from the key server to the liaison device; transferring the cryptographic information or derivations thereof that originated at the key server from the liaison device to a new node; utilizing the cryptographic information to authenticate communication between the new node and the key server, to indicate that the new node has authorization to be included in the secured network; and maintaining a record of the cryptographic information at the key server; and wherein the transferring the cryptographic information uses a communication path not susceptible to interception at a distance. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A secure wireless network system comprising:
-
a wireless network; a key server linked to the wireless network; and a liaison device that serves to transport unique secure information from the key server to new nodes; and wherein; the new nodes are able to connect to the liaison device; the key server is configured to authenticate the new nodes on the wireless network, transmit and assign a key encryption key (KEK) to each of the new nodes for communication purposes, and/or maintain a record of KEKs assigned to the new nodes; the liaison device at one time is connected to the key server and at later times is connected to the new nodes, the liaison device configured to receive the unique secure information from the key server and transmit the unique secure information or derived unique secure information to the new nodes via a protected link; and the new nodes are configured to receive the unique secure information from the liaison device, utilize the unique secure information for verification purposes, and receive the key encryption key for future secure communication with the key server. - View Dependent Claims (23, 24, 25)
-
Specification