METHOD AND APPARATUS FOR PROVIDING SECURE COMMUNICATION AMONG CONSTRAINED DEVICES
First Claim
1. A method for secure communication between constrained devices comprising:
- issuing, by an authorization server, cryptographic communication rights among a plurality of constrained devices where each of the plurality of constrained devices comprises no more than one cryptographic algorithm code module per cryptographic function;
receiving, by the authorization server, a cryptographic communication rights request associated with at least a first of the plurality of constrained devices in response to a cryptographic algorithm update request; and
providing, by the authorization server, a response comprising an identification of a subset of the plurality of constrained devices that have cryptographic communication rights with the identified first of the plurality of constrained devices.
3 Assignments
0 Petitions
Accused Products
Abstract
In one example, an apparatus such as an authorization server and method for secure communication between constrained devices issues cryptographic communication rights among a plurality of constrained devices. Each of the plurality of constrained devices comprises no more than one cryptographic algorithm code module per cryptographic function. The method includes receiving a cryptographic communication rights request associated with at least a first of the plurality of constrained devices in response to a cryptographic algorithm update request, and includes providing a response including an identification of a subset of the plurality of constrained devices that have cryptographic communication rights with the identified first of the plurality of constrained devices. A software update server then updates the cryptographic code modules in the sub-set of the plurality of constrained devices.
63 Citations
10 Claims
-
1. A method for secure communication between constrained devices comprising:
-
issuing, by an authorization server, cryptographic communication rights among a plurality of constrained devices where each of the plurality of constrained devices comprises no more than one cryptographic algorithm code module per cryptographic function; receiving, by the authorization server, a cryptographic communication rights request associated with at least a first of the plurality of constrained devices in response to a cryptographic algorithm update request; and providing, by the authorization server, a response comprising an identification of a subset of the plurality of constrained devices that have cryptographic communication rights with the identified first of the plurality of constrained devices. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. An apparatus comprising:
-
logic operative to; issue cryptographic communication rights among a plurality of constrained devices where each of the plurality of constrained devices comprises no more than one cryptographic algorithm code module per cryptographic function; receive a cryptographic communication rights request associated with at least a first of the plurality of constrained devices in response to a cryptographic algorithm update request; and provide a response comprising an identification of a subset of the plurality of constrained devices that have cryptographic communication rights with the identified first of the plurality of constrained devices. - View Dependent Claims (8, 9)
-
-
10. A system comprising:
-
a plurality of constrained devices; an authorization server, operatively coupled to the plurality of constrained devices, comprising logic operative to; issue cryptographic communication rights among the plurality of constrained devices where each of the plurality of constrained devices comprises no more than one cryptographic algorithm code module per cryptographic function; receive a cryptographic communication rights request associated with at least a first of the plurality of constrained devices in response to a cryptographic algorithm update request; and provide a response comprising an identification of a subset of the plurality of constrained devices that have cryptographic communication rights with the identified first of the plurality of constrained devices; and a software update server, operatively coupled to the plurality of constrained devices and to the authorization server, comprising logic operative to provision a replacement cryptographic code module, in response to a cryptographic algorithm update request, to a subset of a plurality of constrained devices that have cryptographic communication rights with an identified first of the plurality of constrained devices, wherein the replacement cryptographic code module comprises at least one of;
a data encryption code module, a key encryption code module, a data signature code module, a key agreement code module and a data digest code module.
-
Specification