SYSTEMS AND METHODS FOR SECURING COMMAND AND DATA INTERFACES TO SENSORS AND DEVICES THROUGH THE USE OF A PROTECTED SECURITY ZONE
First Claim
1. A security module to provide a security service to a network of interoperable devices, the security module comprising:
- a security policy that is stored in a memory device, the security policy sets forth one or more tests for validating an input from a device; and
a processor-enabled validator that receives the input via a command controller that is coupled to a network interface, performs a security analysis of the input according to the security policy, and, responsive to the security analysis, outputs a validation signal to authorize or reject further processing of the input.
19 Assignments
0 Petitions
Accused Products
Abstract
Various embodiments of the invention increase security of a network of interoperable devices. In certain embodiments, this is accomplished by a security module that is uses a user-definable security policy that sets forth one or more tests for validating input data or commands received from an IoT device. A validator receives the command via a command controller and performs a security analysis of the command according to the security policy. Responsive to the security analysis, the validator generated a validation signal in order to authorize or reject further processing of the command.
22 Citations
20 Claims
-
1. A security module to provide a security service to a network of interoperable devices, the security module comprising:
-
a security policy that is stored in a memory device, the security policy sets forth one or more tests for validating an input from a device; and a processor-enabled validator that receives the input via a command controller that is coupled to a network interface, performs a security analysis of the input according to the security policy, and, responsive to the security analysis, outputs a validation signal to authorize or reject further processing of the input. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A gateway for providing security to a network of interoperable devices, the gateway comprising:
-
a network interface that receives an input from a device; a command controller communicatively coupled to the network interface to direct the input to a security module that comprises a second interface to receive the input, the security module operates a security zone service to perform a security analysis of the input according to a security policy, the security policy is stored in a memory device and sets forth one or more tests for validating the input; and a validator communicatively coupled to the second interface to receive the input, responsive to the security analysis using the security policy, the validator outputs a validation signal to authorize or reject further processing of the input. - View Dependent Claims (10, 11, 12, 13)
-
-
14. A method to provide security to a network of interoperable devices, the method comprising:
-
receiving input from a network interface; directing the input to a security zone service that performs an analysis of the input to validate the input according to a user-definable security policy that is based on at least one user-definable security criterion; and in response to the security zone service validating the input, sending a confirmation to a command controller to enable an action. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification