SYSTEMS AND METHODS FOR SECURING COMMAND AND DATA INTERFACES TO SENSORS AND DEVICES THROUGH THE USE OF A PROTECTED SECURITY ZONE

US 20170111373A1
Filed: 10/16/2015
Published: 04/20/2017
Est. Priority Date: 10/16/2015
Status: Active Grant

First Claim

Patent Images

1. A security module to provide a security service to a network of interoperable devices, the security module comprising:

a security policy that is stored in a memory device, the security policy sets forth one or more tests for validating an input from a device; and

a processor-enabled validator that receives the input via a command controller that is coupled to a network interface, performs a security analysis of the input according to the security policy, and, responsive to the security analysis, outputs a validation signal to authorize or reject further processing of the input.

View all claims

19 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Various embodiments of the invention increase security of a network of interoperable devices. In certain embodiments, this is accomplished by a security module that is uses a user-definable security policy that sets forth one or more tests for validating input data or commands received from an IoT device. A validator receives the command via a command controller and performs a security analysis of the command according to the security policy. Responsive to the security analysis, the validator generated a validation signal in order to authorize or reject further processing of the command.

22 Citations

View as Search Results

20 Claims

1. A security module to provide a security service to a network of interoperable devices, the security module comprising:
- a security policy that is stored in a memory device, the security policy sets forth one or more tests for validating an input from a device; and
  
  a processor-enabled validator that receives the input via a command controller that is coupled to a network interface, performs a security analysis of the input according to the security policy, and, responsive to the security analysis, outputs a validation signal to authorize or reject further processing of the input.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The security module according to claim 1, wherein the security policy is based at least on a user-definable security criterion.
  - 3. The security module according to claim 1, wherein the input comprises at least one of a command and information related to at least one Internet of Things (IoT) device.
  - 4. The security module according to claim 3, wherein the analysis of the input comprises a comparison between the input and a characteristic data pattern received from at least one IoT device.
  - 5. The security module according to claim 3, wherein the analysis of the input comprises a comparison between the input and metadata that comprises information from one or more independent sources.
  - 6. The security module according to claim 3, wherein the analysis of the input comprises a comparison between the input and crowd-sourced data that is gathered from the at least one IoT device, the crowd-sourced data being used to define a risk factor associated with the input.
  - 7. The security module according to claim 1, wherein the security module is implemented in a gateway.
  - 8. The security module according to claim 1, wherein the input is received via a gateway device.

9. A gateway for providing security to a network of interoperable devices, the gateway comprising:
- a network interface that receives an input from a device;
  
  a command controller communicatively coupled to the network interface to direct the input to a security module that comprises a second interface to receive the input, the security module operates a security zone service to perform a security analysis of the input according to a security policy, the security policy is stored in a memory device and sets forth one or more tests for validating the input; and
  
  a validator communicatively coupled to the second interface to receive the input, responsive to the security analysis using the security policy, the validator outputs a validation signal to authorize or reject further processing of the input.
- View Dependent Claims (10, 11, 12, 13)
- - 10. The gateway according to claim 9, wherein the analysis of the input comprises comparing the input to at least one of a characteristic pattern, metadata, and crowd-sourced data.
  - 11. The gateway according to claim 10, wherein the crowd-sourced data is derived from at least one IoT device and establishes a measurable standard.
  - 12. The gateway according to claim 9, wherein the command controller receives the input from a third party gateway device.
  - 13. The gateway according to claim 9, wherein the input comprises a command destined for an Internet of Things (IoT) device.

14. A method to provide security to a network of interoperable devices, the method comprising:
- receiving input from a network interface;
  
  directing the input to a security zone service that performs an analysis of the input to validate the input according to a user-definable security policy that is based on at least one user-definable security criterion; and
  
  in response to the security zone service validating the input, sending a confirmation to a command controller to enable an action.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
- - 15. The method according to claim 14, wherein the analysis of the input comprises comparing the input with at least one of a characteristic pattern, metadata, and crowd-sourced data to define a risk factor associated with the input.
  - 16. The method according to claim 15, wherein comparing the input comprises correlating data related to a first IoT device to detect a variation in a first condition.
  - 17. The method according to claim 16, wherein the first condition is derived from information acquired via machine learning.
  - 18. The method according to claim 16, wherein the first condition is related to a second condition that is associated with a second IoT device.
  - 19. The method according to claim 16, further comprising determining a relationship between the first IoT device and other IoT devices.
  - 20. The method according to claim 19, wherein relationship comprises information related to a location of at least the first IoT device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Boomi, Inc. (Boomi TopCo, LP)
Original Assignee
Dell Products LP (Dell Technologies Inc.)
Inventors
Morton, Michael John, Blackwell, Aaron Kenneth, Backhouse, Richard A.

Granted Patent

US 10,050,978 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 17/00   Digital computing or data p...

G08B 25/016   Personal emergency signalli...

G08B 25/018   Sensor coding by detecting ...

H04L 41/0893   Assignment of logical group...

H04L 63/0209   Architectural arrangements,...

H04L 63/0281   Proxies

H04L 63/126   the source of the received ...

H04L 63/20   for managing network securi...

H04L 67/10   in which an application is ...

H04L 67/12   specially adapted for propr...

H04L 67/306   User profiles

H04L 9/40   Network security protocols

H04W 8/005   Discovery of network device...

SYSTEMS AND METHODS FOR SECURING COMMAND AND DATA INTERFACES TO SENSORS AND DEVICES THROUGH THE USE OF A PROTECTED SECURITY ZONE

First Claim

19 Assignments

0 Petitions

Accused Products

Abstract

22 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

SYSTEMS AND METHODS FOR SECURING COMMAND AND DATA INTERFACES TO SENSORS AND DEVICES THROUGH THE USE OF A PROTECTED SECURITY ZONE

First Claim

19 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

22 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others