Location based security data provisioning and management via RFID tags

US 20080238676A1
Filed: 03/30/2007
Published: 10/02/2008
Est. Priority Date: 03/30/2007
Status: Abandoned Application

First Claim

Patent Images

1. A method for provisioning security data based on location, comprising:

(a) writing a set of security data to a radio frequency identification (RFID) tag located in a container within a secure location;

(b) reading the set of security data from the RFID tag using an RFID reader placed at least partially within the container; and

(c) using at least a portion of the security data to establish a secure application.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for securely provisioning and managing security data based on location are provided. In an installation having one or more secure locations, a physically secure container having a security data tag is provided in a secure location. Security data required to establish a secure application (e.g., secure communications with a network element or with one or more peripheral devices in the secure location), such as a digital certificate and/or cryptographic keys, is written into the security data tag. Each secure location within an installation may have different security needs and therefore the security data tags in different locations may store different sets of security data. When a reader or device requiring access to an application enters a secure location, the security data is read from the tag and used to establish a secure application.

32 Citations

View as Search Results

20 Claims

1. A method for provisioning security data based on location, comprising:
- (a) writing a set of security data to a radio frequency identification (RFID) tag located in a container within a secure location;
  
  (b) reading the set of security data from the RFID tag using an RFID reader placed at least partially within the container; and
  
  (c) using at least a portion of the security data to establish a secure application.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, further comprising:
    - prior to step (a), receiving the set of security data for the secure location from a security server.
  - 3. The method of claim 2, wherein step (a) further comprises:
    - writing the set of security data to the RFID tag using an RFID writing device located within the container.
  - 4. The method of claim 1, wherein step (a) further comprises:
    - transmitting the security data to a second RFID reader; and
      
      writing the security data to the RFID tag using the second RFID reader, wherein the second RFID reader is placed at least partially within the container.
  - 5. The method of claim 1, wherein the container is an RF shielded box.
  - 6. The method of claim 1, wherein the set of security data includes a digital certificate for authenticating the RFID reader to a network element.
  - 7. The method of claim 1, wherein the set of security data includes a symmetric key for encrypting communications between the RFID reader and a network element.
  - 8. The method of claim 1, further comprising:
    - prior to step (c), transferring the security data from the RFID reader to a device within the secure location.
  - 9. The method of claim 1, further comprising:
    - (d) using at least a second portion of the security data to authenticate the RFID reader to an application hosted on an application server.
  - 10. The method of claim 8, further comprising:
    - (d) using at least a second portion of the security data to authenticate the device to an application hosted on an application server.
  - 11. The method of claim 1, wherein the set of security data includes a secret key for communicating with a peripheral device.
  - 12. The method of claim 1, further comprising:
    - (d) writing a second set of security data to a second RFID tag, wherein the second RFID tag is located in a container within a second secure location.

13. A system for provisioning security data in an installation having a plurality of secure locations, comprising:
- a plurality of security data tags, wherein each security data tag is located within a container in one of the plurality of secure locations and wherein each security data tag includes a set of security data for establishing a secure application; and
  
  a plurality of RFID readers, one per secure location, wherein each of the plurality of readers is configured to read the security data from the security data tags.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- - 14. The system of claim 13, further comprising:
    - a security server including the set of security data for use in each of the secure locations; and
      
      a RFID writing device coupled to the security server, the RFID writing device located within the container in a first secure location,wherein the security server is configured to transfer a first set of security data for the first secure location to the security data tag in the container in the first secure location and wherein the RFID writing device is configured to write the first set of security data to the security data tag.
  - 15. The system of claim 14, further comprising:
    - a second RFID writing device coupled to the security server, the second RFID writing device located within the container in a second secure location,wherein the security server is configured to transfer a second set of security data for the second secure location to the security data tag in the container in the second secure location and wherein the second RFID writing device is configured to write the second set of security data.
  - 16. The system of claim 14, wherein the first set of data includes a digital certificate for authenticating the RFID reader in the first location to a network element.
  - 17. The system of claim 13, further including:
    - a device located in a first secure location, wherein the device is configured to receive a first set of security data from the RFID reader in the first secure location.
  - 18. The system of claim 17, wherein the first set of data includes a digital certificate for authenticating the device in the first location to a network element.
  - 19. The system of claim 14, wherein the first set of data includes a symmetric key for encrypting communications with a network element.
  - 20. The system of claim 13, wherein the container in at least one of the plurality of secure locations is an RF shielded box.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Symbol Technologies, Inc. (Zebra Technologies Corporation)
Original Assignee
Symbol Technologies, Inc. (Zebra Technologies Corporation)
Inventors
Roslak, Thomas K., Dhillon, Parmjit S.

Application Number

US11/729,869
Publication Number

US 20080238676A1
Time in Patent Office

Days
Field of Search
US Class Current

340/572.1
CPC Class Codes

G08B 13/2482 EAS methods, e.g. descripti...

Location based security data provisioning and management via RFID tags

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

32 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Location based security data provisioning and management via RFID tags

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

32 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links