ACCESS CONTROL LISTS FOR PRIVATE NETWORKS OF SYSTEM AGNOSTIC CONNECTED DEVICES

US 20150249642A1
Filed: 03/03/2015
Published: 09/03/2015
Est. Priority Date: 03/03/2014
Status: Active Grant

First Claim

Patent Images

1. A system comprising:

a gateway device coupled to a public and to a private network and for precluding access from the public network to the private network;

one or more internet-of-things (IoT) devices on the private network;

an app download server comprising a third-party app, the third-party app for requesting download to the gateway device and for requesting access to at least one function of an IoT device on the private network regardless as to the IoT device on which the function operates;

a manifest file;

an app connectivity service configured to;

record the at least one function requested by the third-party app to the manifest file;

identify available functions on the one or more IoT devices that match the at least one function requested by the third-party app;

record in the manifest file a mapping between those of the available functions that match the at least one function requested by the third-party app, one or more IoT devices hosting those of the available functions, and the third-party app;

prompt a user to allow the third-party app to have access to the available functions that match the at least one function requested by the third-party app; and

upon receiving authorization from the user, download and install the third-party app on the gateway device and allow the third-party app to access the available functions on the one or more IoT devices authorized by the user.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The disclosure relates to using a control service to control external access to APIs of IoT devices on a private network. An external application can request access to an API, and in response, the control service can monitor broadcasts from the IoT devices indicating what APIs they have available. If a match exists, the control service can request user authorization to allow the requested access. The user can grant or deny the requested access, and place limitations on the authorized access. The control service uses this information to open a connection between the requesting application and the IoT device having the requested API, and via this connection, the requesting application can access and control the device running the requested API.

65 Citations

View as Search Results

15 Claims

1. A system comprising:
- a gateway device coupled to a public and to a private network and for precluding access from the public network to the private network;
  
  one or more internet-of-things (IoT) devices on the private network;
  
  an app download server comprising a third-party app, the third-party app for requesting download to the gateway device and for requesting access to at least one function of an IoT device on the private network regardless as to the IoT device on which the function operates;
  
  a manifest file;
  
  an app connectivity service configured to;
  
  record the at least one function requested by the third-party app to the manifest file;
  
  identify available functions on the one or more IoT devices that match the at least one function requested by the third-party app;
  
  record in the manifest file a mapping between those of the available functions that match the at least one function requested by the third-party app, one or more IoT devices hosting those of the available functions, and the third-party app;
  
  prompt a user to allow the third-party app to have access to the available functions that match the at least one function requested by the third-party app; and
  
  upon receiving authorization from the user, download and install the third-party app on the gateway device and allow the third-party app to access the available functions on the one or more IoT devices authorized by the user.

4. A method of controlling access to internet-of-things (IoT) devices selectively isolated from a public network by a gateway device, the method comprising:
- compiling a list of available APIs on IoT devices that are on a private network;
  
  receiving a request from a third-party app to access a requested function regardless of an IoT device on the private network having the requested function;
  
  identifying matches between the requested function and the available APIs in the list of available APIs that provide the requested function;
  
  prompting a user to allow the third-party app to access the available APIs that provide the requested function;
  
  upon receiving authorization from the user, downloading and installing the third-party app on a device having access to the private network; and
  
  enabling the third-party app, once installed, to have access to those ones of the available APIs authorized by the user.
- View Dependent Claims (5, 6, 7, 8, 9)
- - 5. The method of claim 4, wherein, for a second third-party app that also requests access to a requested function, if authorization from the user is not received, then precluding download and install of the second third-party app.
  - 6. The method of claim 4, wherein the device on which the third-party app is installed is a gateway device for isolating the private network from the public network.
  - 7. The method of claim 4, wherein the device on which the third-party app is installed is a user device distinct from a gateway device, the gateway device for isolating the private network from the public network.
  - 8. The method of claim 4, wherein the device on which the third-party app is installed is one of the IoT devices.
  - 9. The method of claim 4, further comprising prompting the user to allow the third-party app to access a newly-available API after the API appears on the private network and after the third-party app has been installed on the device having access to the private network.

10. A system for controlling access to interment-of things (IoT) devices selectively isolated from a public network by a gateway device, the system comprising:
- means for compiling a list of available APIs on IoT devices that are on a private network;
  
  means for receiving a request from a third-party app to access a requested function regardless of an IoT device on the private network having the requested function;
  
  means for identifying matches between the requested function and the available APIs in the list of available APIs that provide the requested function;
  
  means for prompting a user to allow the third-party app to access the available APIs that provide the requested function;
  
  means for upon receiving authorization from the user, downloading and installing the third-party app on a device having access to the private network; and
  
  means for enabling the third-party app, once installed, to have access to those ones of the available APIs authorized by the user.
- View Dependent Claims (2, 3, 11, 12, 13, 14, 15)
- - 2. The system of claim 12, wherein the app connectivity service identifies the available functions by receiving announce messages from IoT devices having the available functions.
  - 3. The system of claim 13, wherein the IoT devices send the announce messages in response to polling from the app connectivity service.
  - 11. The system of claim 10, wherein, for a second third-party app that also requests access to a requested function, if authorization from the user is not received, then precluding download and install of the second third-party app.
  - 12. The system of claim 10, wherein the device on which the third-party app is installed is a gateway device for isolating the private network from the public network.
  - 13. The system of claim 10, wherein the device on which the third-party app is installed is a user device distinct from a gateway device, the gateway device for isolating the private network from the public network.
  - 14. The system of claim 10, wherein the device on which the third-party app is installed is one of the IoT devices.
  - 15. The system of claim 10, further comprising prompting the user to allow the third-party app to access a newly-available API after the API appears on the private network and after the third-party app has been installed on the device having access to the private network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Qualcomm Connected Experiences, Inc. (Qualcomm, Inc.)
Original Assignee
Qualcomm Connected Experiences, Inc. (Qualcomm, Inc.)
Inventors
Burns, Gregory, Hershberg, Joshua Dickenson, Nguyen, Phil Tien, Geffen, Fruma Adina

Granted Patent

US 9,712,491 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/629   to features or functions of...

G06F 2221/2141   Access rights, e.g. capabil...

G06F 8/61   Installation

H04L 12/6418   Hybrid transport

H04L 12/66   Arrangements for connecting...

H04L 63/0272   Virtual private networks

H04L 63/101   Access control lists [ACL]

H04L 63/108   when the policy decisions a...

H04L 67/12   specially adapted for propr...

H04W 84/22   with access to wired networks

ACCESS CONTROL LISTS FOR PRIVATE NETWORKS OF SYSTEM AGNOSTIC CONNECTED DEVICES

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

65 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

ACCESS CONTROL LISTS FOR PRIVATE NETWORKS OF SYSTEM AGNOSTIC CONNECTED DEVICES

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

65 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links