APPLICATION LAYER AUTHORIZATION TOKEN AND METHOD

US 20090136042A1
Filed: 11/21/2008
Published: 05/28/2009
Est. Priority Date: 11/25/2007
Status: Abandoned Application

First Claim

Patent Images

1. A system comprising:

a key repository for storing a key;

a key manager coupled to the key repository including a key generator for creating an authorization token using the key from the key repository; and

an operation provider in communication with the key manager which requests the authorization token from the key manager to provide security for an operation.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An authorization token may provide security for operations. The authorization token may be encrypted by a key manager of a head end system so that only a target device may decrypt the authorization token and perform an operation.

124 Citations

26 Claims

1. A system comprising:
- a key repository for storing a key;
  
  a key manager coupled to the key repository including a key generator for creating an authorization token using the key from the key repository; and
  
  an operation provider in communication with the key manager which requests the authorization token from the key manager to provide security for an operation.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The system of claim 1, further comprising an audit database coupled to the key manager.
  - 3. The system of claim 1, further comprising upgrades coupled to the operation provider.
  - 4. The system of claim 3, wherein the upgrades comprise at least one of a software upgrade and a firmware upgrade.
  - 5. The system of claim 1, further comprising status coupled to the operation provider.
  - 6. The system of claim 1, wherein the key database includes an entry associating a key with a key identifier.
  - 7. The system of claim 1, wherein the key manager includes a key generator;
    - wherein, in operation, the key generator produces an authorization token.
  - 8. The system of claim 1, further comprising a key stored in the key repository.
  - 9. The system of claim 1, further comprising:
    - an audit database coupled to the key manager;
      
      upgrades coupled to the operation provider, the upgrades comprise at least one of a software upgrade and a firmware upgrade;
      
      status coupled to the operation provider;
      
      the key database includes an entry associating a key with a key identifier;
      
      the key manager includes a key generator, and in operation, the key generator produces an authorization token.
  - 10. The system of claim 9, further comprising a key stored in the key repository.

11. A device comprising:
- a nonvolatile storage for storing a key;
  
  a radio receiving an authorization token and an operation; and
  
  a logic unit coupled to the nonvolatile storage unit and the radio, wherein the logic unit receives the authorization token and the operation, decrypts the authorization token using the key, verifies the operation, and performs the operation.
- View Dependent Claims (12)
- - 12. The device of claim 11, further comprising the key stored in the nonvolatile storage.

13. A method comprising:
- receiving a request for an authorization token specifying a target device;
  
  retrieving a key associated with the target device;
  
  generating a single use authorization token associated with an upgrade for the target device; and
  
  providing the authorization token along with the upgrade to the target device.
- View Dependent Claims (14, 15, 16)
- - 14. The method of claim 13, wherein the target device is at least one of a radio, a communications card, a thermostat, and an electricity meter;
    - and firmware of the target device is authorized for a secure upgrade by the authorization token.
  - 15. The method of claim 13, wherein the target device controls power incoming into a building, and the target device may enable and disable the power incoming into the building.
  - 16. The method of claim 13, wherein the target device is given a load limit.

17. A method comprising:
- receiving an operational data;
  
  receiving a key associated with a target device;
  
  encrypting the allowed operation using the key associated with the target devices as an authorization token; and
  
  providing the authorization token.
- View Dependent Claims (18)
- - 18. The method of claim 17, wherein the encryption is symmetric with a second key stored in the target device.

19. A data structure embodied in a computer readable medium comprising:
- transaction-allowed identifier specifying a permitted action associated with an operation and a target device; and
  
  a signature validating the operation for the target device using a key of the target device.
- View Dependent Claims (20, 21, 22)
- - 20. The data structure of claim 19, wherein the transaction-allowed identifier is associated with transmitting data, implementing network layer security, installing an application, or operation and maintenance, configuration modification, home network security, or device configuration.
  - 21. The data structure of claim 19, further comprising an expiration element defining a time after which the target device will no longer accept the operation.
  - 22. The data structure of claim 19, further comprising a sequence number identifying an upgrade as one operation of a series of operations of the target device, wherein, in operation, the target device will not accept the operation if the sequence number has been used before, or is lower than or equal to the sequence number of the most recent operation.

23. A system comprising:
- means for storing a key;
  
  means, coupled to the key storage, for generating an authorization token using the key; and
  
  means for requesting the generated authorization to provide security for an operation.

24. A device comprising:
- a nonvolatile storage means for storing a key;
  
  a radio receiving an authorization token and an operation instruction; and
  
  logic means coupled to the nonvolatile storage means and to the radio, wherein the logic means adapted to receive the authorization token and the operation instruction, to decrypts the authorization token using the key, to verify the operation instruction, and to perform the operation instruction.

25. A computer program stored in a computer readable form for execution in a processor and a processor coupled memory to implement a method comprising:
- receiving a request for an authorization token specifying a target device;
  
  retrieving a key associated with the target device;
  
  generating a single use authorization token associated with an upgrade for the target device; and
  
  providing the authorization token along with the upgrade to the target device.

26. A computer program stored in a computer readable form for execution in a processor and a processor coupled memory to implement a method comprising:
- receiving an operational data;
  
  receiving a key associated with a target device;
  
  encrypting the allowed operation using the key associated with the target devices as an authorization token; and
  
  providing the authorization token.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Trilliant Networks Incorporated
Original Assignee
Trilliant Networks Incorporated
Inventors
VEILLETTE, Michel

Application Number

US12/275,275
Publication Number

US 20090136042A1
Time in Patent Office

Days
Field of Search
US Class Current

380/279
CPC Class Codes

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/10   for controlling access to d...

Y02D 30/70   in wireless communication n...

APPLICATION LAYER AUTHORIZATION TOKEN AND METHOD

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

124 Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

APPLICATION LAYER AUTHORIZATION TOKEN AND METHOD

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

124 Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links