ONLINE SECURE DEVICE PROVISIONING FRAMEWORK
First Claim
Patent Images
1. A method for updating network-enabled devices with new identity data, comprising:
- generating a plurality of new identity data records;
loading the new identity data records onto an update server;
receiving at the update server a request for new identity data from at least one network-enabled device having a previously assigned identity linked to an identifier;
linking the previously assigned identifier to a new identifier linked to one of the new identity data records; and
securely delivering one or more new identity data records to the network-enabled device.
4 Assignments
0 Petitions
Accused Products
Abstract
A method for updating network-enabled devices with new identity data includes generating a plurality of new identity data records and loading the new identity data records onto an update server. A request is received at the update server for new identity data from at least one network-enabled device having a previously assigned identity linked to an identifier. The previously assigned identifier is linked to a new identifier that is linked to one of the new identity data records. One or more new identity data records are securely delivered to the network-enabled device.
-
Citations
34 Claims
-
1. A method for updating network-enabled devices with new identity data, comprising:
-
generating a plurality of new identity data records; loading the new identity data records onto an update server; receiving at the update server a request for new identity data from at least one network-enabled device having a previously assigned identity linked to an identifier; linking the previously assigned identifier to a new identifier linked to one of the new identity data records; and securely delivering one or more new identity data records to the network-enabled device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. An identity management system, comprising:
-
an identity data generator configured to generate a plurality of new identity data records; a whitelist manager configured to (i) receive one or more identifiers associated with each of a plurality of network-enabled devices deployed for use in association with a network and (ii) produce a whitelist relating the one or more identifiers to each of the network-enabled device that are authorized to receive new identity data, wherein at least one of the identifiers associated with each network-enabled device is a previously assigned identifier; an update server configured to (i) receive the new identity data records from the identity data generator, (ii) receive requests for new identity data from the plurality of network-enabled devices (iii) authenticate each of the network-enabled devices and (iv);
deliver a new identity data record to each one of the authenticated network-enabled device that are authorized to receive a new identity data record in accordance with the whitelist, said new identity data record being linked to the previously assigned identifier of the authenticated network-enabled device. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. An identity data management system, comprising:
-
one or more databases storing at least two identifiers associated with a plurality of network-enabled devices, a first and second of the two identifiers being identifiers of a first and second type, respectively; a whitelist manager for receiving a first set of data specifying one or more of the network-enabled devices that are authorized to be updated with new identity data, wherein the one or more network-enabled devices are identified in the first set of data by identifiers of the first type, wherein the whitelist manager is configured to access the one or more databases to retrieve identifiers of the first and second type which correspond to the identifiers of the first type included in the first set of data and to establish a whitelist that includes corresponding identifiers of the first and second type and to deliver said whitelist to an identity data generator and to an update server; an identity data generator configured to generate identity data records that are each identified by an identifier of the second type, said generated identity records being generated for network-enabled devices specified on the whitelist received from the whitelist manager, wherein the identity data generator is further configured to associate the identity data records with the whitelist; and an update server configured to receive over a communications network a request for new identity data from a deployed network-enabled device, and, said update server being further configured to send the generated identity data records received from the identity data generator to the deployed network-enabled devices respectively identified by identifiers of the first type in the whitelist and in data received from the identity data generator. - View Dependent Claims (27, 28, 29, 30)
-
-
31. At least one computer-readable medium encoded with instructions which, when executed by a processor, performs a method for updating network-enabled devices with new identity data, each of said network-enabled devices having at least two types of identifiers associated therewith, comprising:
-
receiving over a communications network a request for new identity data for a plurality of network-enabled devices, each of said requests including an identifier of the second type associated with the network-enabled devices; obtaining an identifier of the first type associated with each of the network-enabled devices, said first identifier type being an identifier that is included in identity data with which the network-enabled device is currently provisioned, wherein the network-enabled devices have previously been provisioned with identifiers of the first type by respectively assigning the identifiers of the first type to network-enabled devices that are already identified by identifiers of the second type; receiving new identity data assigned with new identifiers of the second type, wherein each of the new identifiers is matched with a corresponding identifier of the first type; and delivering over the communications network the new identity data to respective ones of the network-enabled devices in accordance with their respective second identifiers. - View Dependent Claims (32, 33, 34)
-
Specification