GENERATION OF SELF-CERTIFIED IDENTITY FOR EFFICIENT ACCESS CONTROL LIST MANAGEMENT

US 20100251348A1
Filed: 03/27/2009
Published: 09/30/2010
Est. Priority Date: 03/27/2009
Status: Active Grant

First Claim

Patent Images

1. A method for registering a new device to a control point in a home network, the method comprising:

generating a first self-certified identification at the control point, the generation using a pseudo-random generated number and using an identification of the control point; and

sending a secure message to the new device containing the first self-certified identification.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In a first embodiment of the present invention, a method for registering a new device to a control point in a home network is provided, the method comprising: generating a first self-certified identification at the control point, the generation using a pseudo-random generated number and using an identification of the control point; and sending a secure message to the new device containing the first self-certified identification.

15 Citations

View as Search Results

21 Claims

1. A method for registering a new device to a control point in a home network, the method comprising:
- generating a first self-certified identification at the control point, the generation using a pseudo-random generated number and using an identification of the control point; and
  
  sending a secure message to the new device containing the first self-certified identification.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, further comprising:
    - receiving a discovery request from the new device; and
      
      responding to the discovery request with an identification of the control point.
  - 3. The method of claim 1, wherein the home network is a Universal Plug and Play (UPnP) network.
  - 4. The method of claim 1, further comprising:
    - receiving a pin number from the new device;
      
      using pre-shared transport layer security to authenticate the new device using the pin number as input for the pre-shared transport layer security authentication process;
      
      generating a shared secret between the control point and the new device; and
      
      sending a group secret to the new device.
  - 5. The method of claim 4, further comprising:
    - storing an identification of the new device along with the shared secret in a table.
  - 6. The method of claim 1, further comprising presenting the first control point self-certified identification to an old device in the home network, permitting the control point to copy access control list (ACL) entries from the old device.
  - 7. The method of claim 6, further comprising:
    - generating a second control point self-certified identification at the control point, the generation using a pseudo-random generated number and using an identification of the control point; and
      
      multicasting the second control point self-certified identification to a group of devices including the new device but excluding the old device.

8. A method for copying access control list entries from a first device in a home network to a second device in a home network, the method comprising:
- sending a request to access the access control list (ACL) entries from a control point to the first device, the request including a self-certified identification of the control point, wherein the self-certified identification was generated using pseudo-random generated number and using an identification of the control point;
  
  accessing the ACL entries on the first device after the first device authenticates the self-certified identification;
  
  sending a request to access an ACL from a control point to the second device, the request including the self-certified identification of the control point; and
  
  copying the ACL entries from the first device to the second device after the second device authenticates the self-certified identification.
- View Dependent Claims (9)
- - 9. The method of claim 8, further comprising removing the first device from a group by generated a new self-certified identification at the control point but not sending the new self-certified identification to the first device.

10. A method for registering a new device to a control point in a home network, the method comprising:
- receiving a first control point self-certified identification at the new device from the control point;
  
  storing the first control point self-certified identification;
  
  maintaining a list of ACL entries; and
  
  upon receiving a request to access the ACL entries from a potentially new control point, authenticating the potentially new control point by comparing the first control point self-certified identification to a second control point self-certified identification provided by the potentially new control point.
- View Dependent Claims (11)
- - 11. The method of claim 10, further comprising:
    - receiving ACL entries copied from an old device; and
      
      storing the ACL entries.

12. A control point in a home network, the control point comprising:
- means for generating a first self-certified identification at the control point, the generation using a pseudo-random generated number and using an identification of the control point; and
  
  means for sending a secure message to the new device containing the first self-certified identification.
- View Dependent Claims (13, 14, 15, 16)
- - 13. The control point of claim 12, further comprising:
    - means for receiving a pin number from the new device;
      
      means for using pre-shared transport layer security to authenticate the new device using the pin number as input for the pre-shared transport layer security authentication process;
      
      means for generating a shared secret between the control point and the new device; and
      
      means for sending a group secret to the new device.
  - 14. The control point of claim 13, further comprising:
    - means for storing an identification of the new device along with the shared secret in a table.
  - 15. The control point of claim 12, further comprising means for presenting the first control point self-certified identification to an old device in the home network, permitting the control point to copy access control list (ACL) entries from the old device.
  - 16. The control point of claim 15, further comprising:
    - means for generating a second control point self-certified identification at the control point, the generation using a pseudo-random generated number and using an identification of the control point; and
      
      means for multicasting the second control point self-certified identification to a group of devices including the new device but excluding the old device.

17. A control point in a home network, the control point comprising:
- means for sending a request to access the access control list (ACL) entries from the control point to the first device, the request including a self-certified identification of the control point, wherein the self-certified identification was generated using pseudo-random generated number and using an identification of the control point;
  
  means for accessing the ACL entries on the first device after the first device authenticates the self-certified identification;
  
  means for sending a request to access an ACL from a control point to the second device, the request including the self-certified identification of the control point; and
  
  means for copying the ACL entries from the first device to the second device after the second device authenticates the self-certified identification.

18. A new device in a home network, comprising:
- means for receiving a first control point self-certified identification at the new device from the control point;
  
  means for storing the first control point self-certified identification;
  
  means for maintaining a list of ACL entries; and
  
  means for, upon receiving a request to access the ACL entries from a potentially new control point, authenticating the potentially new control point by comparing the first control point self-certified identification to a second control point self-certified identification provided by the potentially new control point.

19. A program storage device readable by a machine, tangibly embodying a set of computer instructions executable by the machine to perform a method for registering a new device to a control point in a home network, the method comprising:
- generating a first self-certified identification at the control point, the generation using a pseudo-random generated number and using an identification of the control point; and
  
  sending a secure message to the new device containing the first self-certified identification.

20. A program storage device readable by a machine, tangibly embodying a set of computer instructions executable by the machine to perform a method for copying access control list entries from a first device in a home network to a second device in a home network, the method comprising:
- sending a request to access the access control list (ACL) entries from a control point to the first device, the request including a self-certified identification of the control point, wherein the self-certified identification was generated using pseudo-random generated number and using an identification of the control point;
  
  accessing the ACL entries on the first device after the first device authenticates the self-certified identification;
  
  sending a request to access an ACL from a control point to the second device, the request including the self-certified identification of the control point; and
  
  copying the ACL entries from the first device to the second device after the second device authenticates the self-certified identification.

21. A program storage device readable by a machine, tangibly embodying a set of computer instructions executable by the machine to perform a method for registering a new device to a control point in a home network, the method comprising:
- receiving a first control point self-certified identification at the new device from the control point;
  
  storing the first control point self-certified identification;
  
  maintaining a list of ACL entries; and
  
  upon receiving a request to access the ACL entries from a potentially new control point, authenticating the potentially new control point by comparing the first control point self-certified identification to a second control point self-certified identification provided by the potentially new control point.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Samsung Electronics Co. Ltd.
Original Assignee
Samsung Electronics Co. Ltd.
Inventors
VERMA, Sanjeev

Granted Patent

US 8,600,058 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/7
CPC Class Codes

G06F 21/604   Tools and structures for ma...

G06F 2221/2103   Challenge-response

G06F 2221/2129   Authenticate client device ...

G06F 2221/2141   Access rights, e.g. capabil...

H04L 63/065   for group communications cr...

H04L 63/102   Entity profiles

H04L 9/3226   using a predetermined code,...

H04L 9/3263   involving certificates, e.g...

GENERATION OF SELF-CERTIFIED IDENTITY FOR EFFICIENT ACCESS CONTROL LIST MANAGEMENT

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

15 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

GENERATION OF SELF-CERTIFIED IDENTITY FOR EFFICIENT ACCESS CONTROL LIST MANAGEMENT

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

15 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links