Device Communication Environment
First Claim
1. A method, comprising:
- receiving, at a device security server, a request from a manufacturer to register a device, the request comprising information associated with the device and information for use in authenticating the device;
identifying, at the device security server, a unique device identifier;
associating, at the device security server, the identified unique device identifier with the information associated with the device and with the information for use in authenticating the device;
receiving, at a device security server, a request from an entity responsible for the device to associate information identifying the entity with the device, the request comprising the unique device identifier and the information identifying the entity;
associating, at the device security server, the information identifying the entity with the unique device identifier;
authenticating, at the device security server, a request to perform a function, the authenticating employing the information for use in authenticating the device;
receiving, at the device security server, a request to control the device; and
determining, at the device security server, using the information identifying the entity that the request to control the device is authorized.
1 Assignment
0 Petitions
Accused Products
Abstract
A computing environment is disclosed that receives from devices requests directed toward services accessible in the environment, and that forwards communications from services in the environment to devices registered with the environment. During a registration process at the environment, devices are assigned a device identifier that is used to identify and authenticate each particular device and requests communicated from and to the device via the environment. The computing environment maintains state information for each device that has been registered with the system. As the device interacts with the system, the state information is updated to reflect the changes in the device. When requests to perform functions are received from devices, the computing environment determines for the particular device and the particular function requested what processing needs to be performed by the environment in response to the request.
59 Citations
20 Claims
-
1. A method, comprising:
-
receiving, at a device security server, a request from a manufacturer to register a device, the request comprising information associated with the device and information for use in authenticating the device; identifying, at the device security server, a unique device identifier; associating, at the device security server, the identified unique device identifier with the information associated with the device and with the information for use in authenticating the device; receiving, at a device security server, a request from an entity responsible for the device to associate information identifying the entity with the device, the request comprising the unique device identifier and the information identifying the entity; associating, at the device security server, the information identifying the entity with the unique device identifier; authenticating, at the device security server, a request to perform a function, the authenticating employing the information for use in authenticating the device; receiving, at the device security server, a request to control the device; and determining, at the device security server, using the information identifying the entity that the request to control the device is authorized. - View Dependent Claims (2, 3, 4)
-
-
5. A computing system, comprising:
-
one or more computing processors; and computing memory communicatively coupled with the one or more computing processors, the computing memory having stored therein computer instructions that, upon execution by the one or more processors, at least cause the computing system to perform operations comprising; in response to a request from a device provider, storing data indicating a device is registered in a system; in response to input from a device user, storing data associating the device with the device user in the system; and in response to periodic requests from the device to access the system, verifying using the stored data that the device is permitted to access the system. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13)
generating a certificate; storing the certificate in association with the device identifier; receiving one or more request from the device to access the system, wherein verifying using the stored data that the device is permitted to access the system comprises; comparing the certificate stored in association with the device identifier with a certificate in the one or more requests; comparing the generated device identifier with an identifier in the one or more requests to access the system and decrypting data received in the one or more requests to access the system using the public encryption key.
-
-
11. The computing system of claim 10, wherein comparing the certificate stored in association with the device identifier with a certificate in the one or more requests comprises performing a transport layer security handshake operation with the device.
-
12. The computing system of claim 5, comprising computer instructions that, upon execution by the one or more processors, at least cause the computing system to perform further operations comprising receiving a request to associate information identifying the device user with the device, the request comprising information identifying the device user and a device identifier,
wherein storing data associating the device with the device user in the system comprises storing data associating the information identifying the device user and the device identifier. -
13. The computing system of claim 12, comprising computer instructions that, upon execution by the one or more processors, at least cause the computing system to perform further operations comprising:
-
receiving a request to control the device from the device user, the request to control the device comprising information identifying the device user and the device identifier; determining using the information identifying the device user that the request to control the device is authorized; and upon determining the request to control the device is authorized, updating data identifying a state for the device.
-
-
14. A non-transitory computer-readable storage medium having stored thereon computer instructions that, upon execution by one or more processors, at least cause a computing system to perform operations comprising:
-
in response to a request from a device provider, associating a unique device identifier with information associated with a device and with information for use in authenticating the device; in response to a request from a device user, associating information identifying the device user with the unique device identifier; authenticating a request to perform a function, the authenticating employing the information for use in authenticating the device; receiving a request to control the device; and determining using the information identifying the device user that the request to control the device is valid. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification