Customer Based Internet of Things (IOT) - Transparent Privacy Functionality

US 20170026472A1
Filed: 11/19/2015
Published: 01/26/2017
Est. Priority Date: 07/23/2015
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

providing, with a network interface device (“

NID”

) serving as a demarcation point between a local area network (“

LAN”

) at a customer premises and a service provider network, connectivity between the NID and each of one or more first user devices of a plurality of user devices associated with at least one of the customer premises or a user who is associated with the customer premises;

providing a customer with a user interface to select privacy settings for Internet of Things (“

IoT”

)-connected devices in a network;

receiving, via the user interface, user selections for privacy settings for at least one of one or more first user devices connected to the network or one or more applications running on one or more first user devices connected to the network; and

in response to determining that the received user selections comprise a selection to restrict access to information regarding at least one portion of the at least one of one or more first user devices connected to the network or one or more applications running on one or more first user devices connected to the network, restricting, with the NID, access by a third party to the information regarding the at least one portion of the at least one of one or more first user devices connected to the network or one or more applications running on one or more first user devices connected to the network.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Novel tools and techniques might provide for implementing customer-based Internet of Things (“IoT”)-transparent privacy functionality. Various methods, systems, and apparatuses might provide connectivity between a network interface device (“NID”) and each of one or more first user devices of a plurality of user devices associated with the customer premises and/or a user who is associated with the customer premises. In some cases, at least one virtual network function (“VNF”) might be sent to each of the one or more first user devices. The NID might restrict, in some cases using the VNF, access by a third party to the information regarding the at least one portion of the at least one of one or more first user devices connected to the network or one or more applications running on one or more first user devices connected to the network.

Citations

35 Claims

1. A method, comprising:
- providing, with a network interface device (“
  
  NID”
  
  ) serving as a demarcation point between a local area network (“
  
  LAN”
  
  ) at a customer premises and a service provider network, connectivity between the NID and each of one or more first user devices of a plurality of user devices associated with at least one of the customer premises or a user who is associated with the customer premises;
  
  providing a customer with a user interface to select privacy settings for Internet of Things (“
  
  IoT”
  
  )-connected devices in a network;
  
  receiving, via the user interface, user selections for privacy settings for at least one of one or more first user devices connected to the network or one or more applications running on one or more first user devices connected to the network; and
  
  in response to determining that the received user selections comprise a selection to restrict access to information regarding at least one portion of the at least one of one or more first user devices connected to the network or one or more applications running on one or more first user devices connected to the network, restricting, with the NID, access by a third party to the information regarding the at least one portion of the at least one of one or more first user devices connected to the network or one or more applications running on one or more first user devices connected to the network.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
- - 2. The method of claim 1, further comprising:
    - sending, with the NID, at least one virtual network function (“
      
      VNF”
      
      ) to each of the one or more first user devices via the LAN, the at least one VNF comprising a device identifier and a LAN device interconnection VNF;
      
      wherein restricting, with the NID, access by a third party to the information regarding the at least one portion of the at least one of one or more first user devices connected to the network or one or more applications running on one or more first user devices connected to the network comprises restricting, with the NID and using the at least one VNF sent to each of the one or more first user devices, access by a third party to the information regarding the at least one portion of the at least one of one or more first user devices connected to the network or one or more applications running on one or more first user devices connected to the network.
  - 3. The method of claim 1, wherein the user interface comprises a user interface displayed on at least one first user device of the one or more first user devices, a user interface displayed on at least one second user device of the plurality of user devices associated with at least one of the customer premises or the user who is associated with the customer premises, a user interface displayed on a web portal associated with the NID, or a user interface displayed on a web portal associated with a service provider associated with the service provider network.
  - 4. The method of claim 1, wherein the third party comprises at least one of a service provider, who is associated with one of an application (“
    - app”
      
      ) or a VNF that is running on the one or more of the plurality of user devices, or a party that is unassociated with the app or the VNF.
  - 5. The method of claim 1, further comprising:
    - based on a determination that the received user selections comprise a selection to set to privacy settings to private for one of a software application (“
      
      app”
      
      ) or a VNF that is running on one or more of the plurality of user devices, restricting, with the NID, a third party from at least one of;
      
      access to the one of the app or the VNF that is running on the one or more of the plurality of user devices;
      
      access to information regarding resources mapped to the one or more of the plurality of user devices on which the one of the app or the VNF that is running;
      
      access to information regarding all resources registered to the NID that are mapped to the one or more of the plurality of user devices;
      
      access to information regarding all resources registered to the NID;
      
      access to the resources mapped to the one or more of the plurality of user devices on which the one of the app or the VNF that is running;
      
      access to all resources registered to the NID that are mapped to the one or more of the plurality of user devices;
      
      oraccess to the NID.
  - 6. The method of claim 1, further comprising:
    - based on a determination that the received user selections comprise a selection to set to privacy settings to public for one of a software application (“
      
      app”
      
      ) or a VNF that is running on one or more of the plurality of user devices, providing, with the NID, a third party with at least one of;
      
      access to the one of the app or the VNF that is running on the one or more of the plurality of user devices;
      
      access to information regarding resources mapped to the one or more of the plurality of user devices on which the one of the app or the VNF that is running;
      
      access to information regarding all resources registered to the NID that are mapped to the one or more of the plurality of user devices;
      
      access to information regarding all resources registered to the NID;
      
      access to the resources mapped to the one or more of the plurality of user devices on which the one of the app or the VNF that is running;
      
      access to all resources registered to the NID that are mapped to the one or more of the plurality of user devices;
      
      oraccess to the NID.
  - 7. The method of claim 1, wherein the privacy settings for at least one of one or more user devices connected to the network or one or more applications running on one or more user devices connected to the network comprise at least one of:
    - option to allow or deny third party general access;
      
      option to allow or deny third party selective access to information about device type of at least one user device of the one or more user devices;
      
      option to allow or deny third party selective access to information about use of at least one user device of the one or more user devices;
      
      option to allow or deny third party selective access to information about one or more applications running on at least one user device of the one or more user devices;
      
      option to allow or deny third party selective access to information about one or more NFVs running on at least one user device of the one or more user devices;
      
      option to allow or deny third party selective access to information about types of resource usage on at least one user device of the one or more user devices;
      
      oroption to allow or deny third party selective access to information about amount of resource use on at least one user device of the one or more user devices.
  - 8. The method of claim 1, further comprising:
    - receiving, via the user interface, user selections for privacy settings for the NID, wherein the privacy settings for the NID comprises at least one of;
      
      option to allow or deny third party general access;
      
      option to allow or deny third party selective access to information about device type of at least one user device of the one or more user devices that is mapped to the NID;
      
      option to allow or deny third party selective access to information about use of at least one user device of the one or more user devices that is mapped to the NID;
      
      option to allow or deny third party selective access to information about one or more applications running on at least one user device of the one or more user devices that is mapped to the NID;
      
      option to allow or deny third party selective access to information about one or more NFVs running on at least one user device of the one or more user devices that is mapped to the NID;
      
      option to allow or deny third party selective access to information about types of resource usage on at least one user device of the one or more user devices that is mapped to the NID;
      
      option to allow or deny third party selective access to information about amount of resource use on at least one user device of the one or more user devices that is mapped to the NID;
      
      option to allow or deny third party selective access to information about device types of all devices in the LAN;
      
      option to allow or deny third party selective access to information about use of all devices in the LAN;
      
      option to allow or deny third party selective access to information about one or more applications running on all devices in the LAN;
      
      option to allow or deny third party selective access to information about one or more VNF running on all devices in the LAN;
      
      option to allow or deny third party selective access to information about types of resource usage on all devices in the LAN;
      
      oroption to allow or deny third party selective access to information about amount of resource use on all devices in the LAN.
  - 9. The method of claim 1, wherein the NID comprises at least one of an optical network terminal (“
    - ONT”
      
      ), a residential gateway (“
      
      RG”
      
      ) device, a business gateway (“
      
      BG”
      
      ) device, or a virtual gateway (“
      
      vG”
      
      ) device.
  - 10. The method of claim 1, wherein the plurality of user devices comprises one or more of a desktop computer, a laptop computer, a tablet computer, a smart phone, a mobile phone, a personal digital assistant, a printer, a scanner, a data storage device, a network access point (“
    - NAP”
      
      ), a television, a set-top box, an image capture device, an image projection device, a video capture device, a video projection device, a watch, a clock, a gaming console, a thermostat, a kitchen appliance, a medical device, a vehicle, a speaker, an audio headset, a telephone system, a media recording device, a media playback device, a lighting system, a sensing device, a door locking system, a customer premises security control system, a window locking system, a window covering system, or a sprinkler system.
  - 11. The method of claim 1, wherein the customer premises comprises at least one of an Internet of things (“
    - IoT”
      
      ) local environment, a customer residential premises, a multi-dwelling unit, a short-term lodging facility, a customer commercial premises, or a customer business premises.
  - 12. The method of claim 1, wherein providing connectivity between the NID and each of the one or more first user devices of the plurality of user devices associated with at least one of the customer premises or the user who is associated with the customer premises comprises:
    - determining, with the NID, whether at least one second user device of the one or more first user devices is associated with at least one of the customer premises or the user who is associated with the customer premises;
      
      authenticating, with the NID, each of the at least one second user device of the one or more first user devices as being associated with at least one of the customer premises or the user who is associated with the customer premises, based at least in part on a determination that each of the at least one second user device of the one or more first user devices is associated with at least one of the customer premises or the user who is associated with the customer premises; and
      
      providing, with the NID, connectivity between the NID and each of the at least one second user device, in response to authenticating each of the at least one of the one or more user devices.
  - 13. The method of claim 1, further comprising:
    - associating, with the NID, each of the one or more first user devices, prior to sending the at least one VNF to each of the one or more first user devices.
  - 14. The method of claim 13, wherein associating each of the one or more first user devices comprises:
    - receiving, with the NID and from the at least one third user device of the plurality of user devices, a user request to associate each of the one or more first user devices with the NID; and
      
      associating, with the NID, each of the one or more first user devices based at least in part on the user request to associate each of the one or more first user devices with the NID.
  - 15. The method of claim 13, wherein associating each of the one or more first user devices comprises:
    - determining, with the NID, whether at least one second user device of the one or more first user devices is connected to the LAN for the first time; and
      
      automatically associating, with the NID, each of the at least one second user device in response to a determination that at least one second user device is connected to the LAN for the first time.
  - 16. The method of claim 1, further comprising:
    - registering, with at least one of the NID or a network device in the service provider network, each of the one or more first user devices, prior to sending the at least one VNF to each of the one or more first user devices.
  - 17. The method of claim 16, wherein registering each of the one or more first user devices comprises:
    - receiving, with at least one of the NID or the network device in the service provider network and from the at least one third user device of the plurality of user devices, a user request to register each of the one or more first user devices with the NID; and
      
      registering, with at least one of the NID or the network device in the service provider network, each of the one or more first user devices based at least in part on the user request to register each of the one or more first user devices with the NID.
  - 18. The method of claim 16, wherein registering each of the one or more first user devices comprises:
    - determining, with at least one of the NID or the network device in the service provider network, whether at least one second user device of the one or more first user devices is connected to at least one of the LAN or the service provider network for the first time; and
      
      automatically registering, with at least one of the NID or the network device in the service provider network, each of the at least one second user device in response to a determination that at least one second user device is connected to at least one of the LAN or the service provider network for the first time.
  - 19. The method of claim 1, wherein the first user input is received via a user interface that comprises a web portal.
  - 20. The method of claim 1, wherein the first user input is received via a user interface that comprises a software application (“
    - app”
      
      ) running on the at least one third user device.
  - 21. The method of claim 1, further comprising:
    - sending, with the NID, one or more VNFs to at least one network device in the service provider network that is accessible via one of LAN-to-network service chaining or network-to-LAN service chaining, each of the one or more VNFs comprising a device identifier and a LAN device interconnection VNF.
  - 22. The method of claim 21, wherein the at least one VNF and the one or more VNFs are the same VNFs, and wherein the same VNFs are split between the one or more first user devices, which are in the LAN, and the at least one network device in the service provider network.
  - 23. The method of claim 1, further comprising:
    - mapping, with a virtual infrastructure manager (“
      
      VIM”
      
      ) that is communicatively coupled to the NID, each of the one or more first user devices with each of one or more second user devices of the plurality of user devices associated with at least one of the customer premises or the user who is associated with the customer premises, and with each resource node of a plurality of resource nodes in communication with the NID, based at least in part on first user input received via at least one third user device of the plurality of user devices.
  - 24. The method of claim 23, wherein the plurality of resource nodes comprises at least one of one or more internal resource nodes or one or more external resource nodes, each resource node comprising at least one of compute resources, memory resources, data storage resources, network communication resources, security resources, or hardware resources.
  - 25. The method of claim 24, wherein the one or more internal resource nodes each comprises one of the plurality of user devices associated with at least one of the customer premises or a user who is associated with the customer premises.
  - 26. The method of claim 24, wherein the one or more external resource nodes each comprises one of a cloud computing resource or a service provider network resource, wherein the cloud computing resource and the service provider network resource each comprises at least one of a network-based hardware resource, a network-based compute resource, a network-based memory resource, a network-based data storage resource, a network-based network communication resource, a network-based security resource, a network-based VNF as a service (“
    - VNFaaS”
      
      ) resource, or a network-based application resource.
  - 27. The method of claim 23, further comprising:
    - determining, with the VIM, the type and amount of resources required by each of the one or more first user devices to each perform one or more functions;
      
      determining, with the VIM, which of the resource nodes of the plurality of resource nodes in communication with the NID possess desired types and amount of resources that are determined to be required; and
      
      allocating, with the VIM, resources to each of the one or more first user devices based at least in part on the determined type and amount of resources required by each of the one or more first user devices to each perform the one or more functions, based at least in part on the determined resource nodes having the desired types and amount of resources determined to be required, and based at least in part on the mapping of each of the one or more first user devices with each of the one or more second user devices and with each resource node.
  - 28. The method of claim 27, wherein allocating resources to each of the one or more first user devices is further based on second user input received via the at least one third user device of the plurality of user devices.
  - 29. The method of claim 28, wherein the second user input indicates at least one of access permissions for one or more of the plurality of user devices associated with at least one of the customer premises or the user who is associated with the customer premises, or resource usage permissions for the one or more of the plurality of user devices associated with at least one of the customer premises or the user who is associated with the customer premises.
  - 30. The method of claim 23, wherein the VIM is one of located in the LAN, located in the service provider network, or split between the LAN and the service provider network.
  - 31. The method of claim 23, further comprising:
    - bridging the NID with one or more second NIDs that are communicatively coupled to the service provider network; and
      
      mapping, with the VIM, each of the one or more first user devices with each of the one or more second user devices of the plurality of user devices associated with at least one of the customer premises or the user who is associated with the customer premises, with each resource node of a plurality of resource nodes in communication with the NID, with each of one or more fifth user devices associated with at least one second customer premises that is separate from the customer premises, and with each resource node of a plurality of second resource nodes in communication with at least one second NID of the one or more second NIDs.

32. A system, comprising:
- a network interface device (“
  
  NID”
  
  ) serving as a demarcation point between a local area network (“
  
  LAN”
  
  ) at a customer premises and a service provider network, the NID comprising;
  
  at least one first processor;
  
  a first non-transitory computer readable medium in communication with the at least one first processor, the first non-transitory computer readable medium having encoded thereon computer software comprising a first set of instructions that, when executed by the at least one first processor, causes the NID to perform one or more operations, the first set of instructions comprising;
  
  instructions for providing connectivity between the NID and each of one or more first user devices of a plurality of user devices associated with at least one of the customer premises or a user who is associated with the customer premises; and
  
  instructions for, in response to determining that user selections that are received, via a user interface that is provided to a customer to select privacy settings for Internet of Things (“
  
  IoT”
  
  )-connected devices in a network, comprise a selection to restrict access to information regarding at least one portion of at least one of one or more first user devices connected to the network or one or more applications running on one or more first user devices connected to the network, restricting access by a third party to the information regarding the at least one portion of the at least one of one or more first user devices connected to the network or one or more applications running on one or more first user devices connected to the network.
- View Dependent Claims (33)
- - 33. The system of claim 32, wherein the first set of instructions further comprises:
    - instructions for sending at least one virtual network function (“
      
      VNF”
      
      ) to each of the one or more first user devices via the LAN, the at least one VNF comprising a device identifier and a LAN device interconnection VNF;
      
      wherein the instructions for restricting access by a third party to the information regarding the at least one portion of the at least one of one or more first user devices connected to the network or one or more applications running on one or more first user devices connected to the network comprise instructions for restricting, using the at least one VNF sent to each of the one or more first user devices, access by a third party to the information regarding the at least one portion of the at least one of one or more first user devices connected to the network or one or more applications running on one or more first user devices connected to the network.

34. A network interface device (“
- NID”
  
  ) serving as a demarcation point between a local area network (“
  
  LAN”
  
  ) at a customer premises and a service provider network, the NID comprising;
  
  at least one processor;
  
  a non-transitory computer readable medium in communication with the at least one processor, the computer readable medium having encoded thereon computer software comprising a set of instructions that, when executed by the at least one processor, causes the NID to perform one or more operations, the set of instructions comprising;
  
  instructions for providing connectivity between the NID and each of one or more first user devices of a plurality of user devices associated with at least one of the customer premises or a user who is associated with the customer premises; and
  
  instructions for, in response to determining that user selections that are received, via a user interface that is provided to a customer to select privacy settings for Internet of Things (“
  
  IoT”
  
  )-connected devices in a network, comprise a selection to restrict access to information regarding at least one portion of at least one of one or more first user devices connected to the network or one or more applications running on one or more first user devices connected to the network, restricting access by a third party to the information regarding the at least one portion of the at least one of one or more first user devices connected to the network or one or more applications running on one or more first user devices connected to the network.
- View Dependent Claims (35)
- - 35. The NID of claim 34, wherein the first set of instructions further comprises:
    - instructions for sending at least one virtual network function (“
      
      VNF”
      
      ) to each of the one or more first user devices via the LAN, the at least one VNF comprising a device identifier and a LAN device interconnection VNF;
      
      wherein the instructions for restricting access by a third party to the information regarding the at least one portion of the at least one of one or more first user devices connected to the network or one or more applications running on one or more first user devices connected to the network comprise instructions for restricting, using the at least one VNF sent to each of the one or more first user devices, access by a third party to the information regarding the at least one portion of the at least one of one or more first user devices connected to the network or one or more applications running on one or more first user devices connected to the network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CenturyLink Intellectual Property LLC (Lumen Technologies, Inc.)
Original Assignee
CenturyLink Intellectual Property LLC (Lumen Technologies, Inc.)
Inventors
Bugenhagen, Michael K., Cook, Charles I.

Granted Patent

US 10,375,172 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 63/10   for controlling access to d...

H04L 67/12   specially adapted for propr...

H04L 67/562   Brokering proxy services

Customer Based Internet of Things (IOT) - Transparent Privacy Functionality

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

35 Claims

Specification

Solutions

Use Cases

Quick Links

Customer Based Internet of Things (IOT) - Transparent Privacy Functionality

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

35 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links