Provisioning of Electronic Devices

US 20150063164A1
Filed: 08/12/2014
Published: 03/05/2015
Est. Priority Date: 12/22/2012
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

receiving a first message at a provisioning server, the first message originated by a computing device, the first message including a device identifier associated with an automation device;

receiving a second message at the provisioning server, the second message originated by the automation device and including at least a device identifier portion; and

in response to the device identifier portion of the second message matching the device identifier of the first message, and in response to the automation device not being associated with a provisioning account, providing configuration information to the automation device.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for provisioning electronic devices. In some embodiments, a method may include receiving a first message at a provisioning server, the first message originated by a computing device, the first message including a device identifier associated with an automation device. The method may also include receiving a second message at the provisioning server, the second message originated by the automation device and including at least a device identifier portion. In response to the device identifier portion of the second message matching the device identifier of the first message and/or in response to the automation device not being associated with a provisioning account, the method may then include providing configuration information to the automation device.

58 Citations

View as Search Results

20 Claims

1. A method, comprising:
- receiving a first message at a provisioning server, the first message originated by a computing device, the first message including a device identifier associated with an automation device;
  
  receiving a second message at the provisioning server, the second message originated by the automation device and including at least a device identifier portion; and
  
  in response to the device identifier portion of the second message matching the device identifier of the first message, and in response to the automation device not being associated with a provisioning account, providing configuration information to the automation device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the automation device includes at least one of:
    - a lighting control device, a thermostat device, a shading device, a security device, an appliance, or an entertainment device, and wherein the computer device includes at least one of;
      
      a mobile phone, a tablet computer, a laptop computer, or a desktop computer.
  - 3. The method of claim 1, wherein the first message is originated in response to the computing device having received the device identifier via at least one of:
    - a text entry, a bar code, a two-dimensional code, a Quick Response (QR) code, a Radio Frequency Identification (RFID) tag, a Near Field Communication (NFC) chip, or a Personal Area Network (PAN) communication.
  - 4. The method of claim 1, wherein the first message is received at the provisioning server while the automation device is powered off, and wherein the second message is received at the provisioning server after the first message has been received.
  - 5. The method of claim 1, wherein providing the configuration information includes providing the configuration in response to a difference between a time of the second message and a time of the first message being within a threshold value.
  - 6. The method of claim 1, wherein providing the configuration information includes providing the configuration in response to a network part of an Internet Protocol (IP) address of the second message matching a network part of an IP address of the first message.
  - 7. The method of claim 1, providing the configuration information includes providing the configuration in response to the physical location of the computing device being within a predefined geographical region where the automation device is allowed to be deployed.
  - 8. The method of claim 1, wherein the provisioning server has access to a database configured to store a plurality of device identifiers and corresponding private-public key pairs, each device identifier and corresponding private-public key pair associated with a given automation device, wherein the device identifier portion of the second message is encrypted using a public key, the public key stored in the automation device during manufacturing of the automation device, the method further comprising:
    - decrypting at least the device identifier portion of the second message into a decrypted device identifier using a private key corresponding to the public key; and
      
      in response to the decrypted device identifier matching the device identifier of the first message, transmitting the private key to the automation device by the provisioning server, the automation device configured to use the private key in a subsequent communication.
  - 9. The method of claim 8, wherein the first message is encrypted by the computing device independently of the public key, the method further comprising decrypting the first message by the provisioning server to obtain the device identifier.

10. An automation device, comprising:
- a memory configured to store a device identifier and a public key; and
  
  a processing circuit coupled to the memory, the processing circuit configured to execute instructions to cause the automation device to;
  
  transmit a first communication to a remotely located provisioning service, the request including the device identifier encrypted using the public key, the first communication transmitted after a message originated by a computing device is received by the provisioning service, the message including the device identifier, the provisioning service having access to a database configured to store a plurality of device identifiers and corresponding private-public key pairs, each device identifier and corresponding private-public key pair associated with an automation device; and
  
  receive a second communication from the provisioning service, the second communication including a private key corresponding to the public key, the private key identified by the provisioning service among the plurality of private-public key pairs based upon one or more attempts to decrypt the first communication using other private keys, the second communication received in response to the encrypted device identifier of the first communication matching the device identifier of the message.
- View Dependent Claims (11, 12, 13, 14, 15)
- - 11. The automation device of claim 10, the message received by the provisioning server while the automation device is powered off, and wherein the message is encrypted independently of the public key.
  - 12. The automation device of claim 10, the private key identified by the provisioning service among a subset of the plurality of private-public key pairs, the subset of the plurality of private-public key pairs selected based upon a difference between a time of the first communication and a time of the message.
  - 13. The automation device of claim 10, the private key identified by the provisioning service among a subset of the plurality of private-public key pairs, the subset of the plurality of private-public key pairs selected based upon a relationship between an Internet Protocol (IP) address of the first communication and an IP address of the message.
  - 14. The automation device of claim 10, the second communication received in response to a determination that the IP address of the computing device is not within a network where the automation device is prohibited from being deployed.
  - 15. The automation device of claim 10, the second communication received in response to a determination that the physical location of the computing device is not outside of geographical region where the automation device is prohibited from being deployed.

16. A non-transitory computer-readable storage medium having program instructions stored thereon that, upon execution by a processor within a computing device, cause the computing device to:
- obtain a device identifier associated with an automation device; and
  
  transmit a first message to a provisioning server, the first message including the device identifier, the provisioning server having access to a database configured to store a plurality of device identifiers and corresponding private-public key pairs, each device identifier and corresponding private-public key pair associated with a different automation device, the provisioning server configured to receive a second message at the provisioning server originated by the automation device, the second message including at least the device identifier encrypted using a public key, the public key stored in the automation device during manufacturing of the automation device, the provisioning service configured to decrypt the device identifier of the second message into a decrypted device identifier using a private key corresponding to the public key, the provisioning service configured to, in response to the decrypted device identifier matching the device identifier of the first message, transmit the private key to the automation device, the automation device configured to use the private key in a subsequent communication.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The non-transitory computer-readable storage medium of claim 16, wherein to obtain the device identifier, the program instructions, upon execution, cause the computing device to perform at least one of:
    - (a) scan a graphical code or text associated with the automation device, or (b) read an electromagnetic signal produced by a tag or chip associated with the automation device.
  - 18. The non-transitory computer-readable storage medium of claim 16, wherein to obtain the device identifier, the program instructions, upon execution, cause the computing device to obtain authentication information from a user authorized to provision the automation device.
  - 19. The non-transitory computer-readable storage medium of claim 16, wherein the program instructions, upon execution, cause the computing device to include an Internet Protocol (IP) address of the computing device within the first message, the provisioning service configured to transmit the private key to the automation device in response to the IP address belonging to a network where the automation device is allowed to be deployed.
  - 20. The non-transitory computer-readable storage medium of claim 16, wherein the program instructions, upon execution, cause the computing device to include Global Positioning Satellite (GPS) coordinates of the computing device within the first message, the provisioning service configured to transmit the private key to the automation device in response to the GPS coordinates being within a geographic region where the automation device is allowed to be deployed.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Arm Cloud Technology, Inc.
Original Assignee
WigWag, Inc. (SoftBank Group Corp.)
Inventors
Hemphill, Thomas E., Trinon, Jean-Marc

Granted Patent

US 9,674,879 B2
Time in Patent Office

Days
Field of Search
US Class Current

370/254
CPC Class Codes

H04L 67/34   involving the movement of s...

H04L 9/0819   Key transport or distributi...

H04W 76/11   Allocation or use of connec...

H04W 8/26   Network addressing or numbe...

Provisioning of Electronic Devices

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

58 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Provisioning of Electronic Devices

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

58 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links