Establishing secure peer networking in trust webs on open networks using shared secret device key
First Claim
Patent Images
1. A process of introducing a networked computing device to a trust web of peer devices on an open networking medium, such that the device can securely operate on the trust web via a peer networking connectivity protocol without requiring complex configuration, but can be re-deployed to a new trust web by anyone with possession of the device, the process comprising:
- deploying the networked computing device on an open networking medium of an end user'"'"'s network, wherein the device has previously been assigned a device-specific symmetric encryption key unique to the networked computing device prior to deployment on the open networking medium, such that the device is configured to accept communications in a peer networking connectivity protocol when the communications are encrypted with the device-specific symmetric encryption key, the peer networking connectivity protocol having a re-keying command operative to configure the networked computing device with a new symmetric encryption key so as to accept communication in the peer networking connectivity protocol when encrypted with the new symmetric encryption key;
after deployment of the networked computing device on the open networking medium, entering the previously-assigned device-specific symmetric encryption key into a user control point device running a management utility, thereby allowing the user control point device to communicate with the networked computing device;
causing the user control point device to transmit the re-keying command of the peer networking connectivity protocol encrypted with the device-symmetric encryption key to the networked computing device, the transmitted re-keying command specifying a group symmetric encryption key of the trust web of peer devices as the new symmetric encryption key, whereby the networked computing device is now configured to interoperate with the peer devices in the trust web on the end user'"'"'s network via the peer networking connectivity protocol when encrypted with the group symmetric encryption key; and
on activation of a reset function physically-located on the networked computing device, configuring the networked computing device with its original device-specific symmetric encryption key, whereby the device can be re-deployed to a new trust web.
2 Assignments
0 Petitions
Accused Products
Abstract
A trust web keying process provides secure peer networking of computing devices on an open network. A device is initially keyed at distribution to an end user or installer with a device-specific cryptographic key, and programmed to respond only to peer networking communication secured using the device'"'"'s key. The device-specific key is manually entered into a keying device that transmits a re-keying command secured with the device-specific key to the device for re-keying the device with a group cryptographic key. The device then securely peer networks with other devices also keyed with the group cryptographic key, forming a trust web. Guest devices can be securely peer networked with the trust web devices via a trust web gateway.
124 Citations
4 Claims
-
1. A process of introducing a networked computing device to a trust web of peer devices on an open networking medium, such that the device can securely operate on the trust web via a peer networking connectivity protocol without requiring complex configuration, but can be re-deployed to a new trust web by anyone with possession of the device, the process comprising:
-
deploying the networked computing device on an open networking medium of an end user'"'"'s network, wherein the device has previously been assigned a device-specific symmetric encryption key unique to the networked computing device prior to deployment on the open networking medium, such that the device is configured to accept communications in a peer networking connectivity protocol when the communications are encrypted with the device-specific symmetric encryption key, the peer networking connectivity protocol having a re-keying command operative to configure the networked computing device with a new symmetric encryption key so as to accept communication in the peer networking connectivity protocol when encrypted with the new symmetric encryption key; after deployment of the networked computing device on the open networking medium, entering the previously-assigned device-specific symmetric encryption key into a user control point device running a management utility, thereby allowing the user control point device to communicate with the networked computing device; causing the user control point device to transmit the re-keying command of the peer networking connectivity protocol encrypted with the device-symmetric encryption key to the networked computing device, the transmitted re-keying command specifying a group symmetric encryption key of the trust web of peer devices as the new symmetric encryption key, whereby the networked computing device is now configured to interoperate with the peer devices in the trust web on the end user'"'"'s network via the peer networking connectivity protocol when encrypted with the group symmetric encryption key; and on activation of a reset function physically-located on the networked computing device, configuring the networked computing device with its original device-specific symmetric encryption key, whereby the device can be re-deployed to a new trust web. - View Dependent Claims (2, 3)
-
-
4. A networked computing device for configuring to securely operate in a trust web of peer devices on an open networking medium without requiring complex configuration, and such that the device can be configured to securely operate on a new trust web by a person with physical possession of the device, the peer devices communicating via an encrypted peer networking connectivity protocol using a group symmetric encryption key, the networked computing device comprising:
-
a peer networking connectivity protocol layer operating to transmit and receive communications per the peer networking connectivity protocol with peer devices; an encryption layer operating to encrypt and decrypt the communications with peer devices; a symmetric key configuration of the encryption layer initially configured before communication with other devices with an initial symmetric key specific to the networked computing device; and a re-keying command interface operative in response to a re-keying command encrypted with the symmetric key configured in the symmetric key configuration to configure the symmetric key configuration with a new symmetric key; whereby the networked computing device is configurable upon deployment on the open networking medium to operate in the trust web of peer devices by receiving the re-keying command specifying the group symmetric encryption key as the new symmetric key to the networked computing device; and whereby the networked computing device further comprises; a reset key activator feature physically located on the device; and programming operative responsive to user activation of the key reset activator for restoring the symmetric key configuration to the initial symmetric key.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeMicrosoft Technology Licensing LLC (Microsoft Corporation)
-
Original AssigneeMicrosoft Corporation
-
InventorsAboba, Bernard D., Nixon, Toby L.
-
Primary Examiner(s)Louis-Jacques, Jacques H.
-
Assistant Examiner(s)Simitoski, Michael J.
-
Application NumberUS09/948,475Publication NumberTime in Patent Office1,783 DaysField of Search380/273, 380/278, 713/154, 713/163, 709/201, 709/229, 709/221, 709/248US Class Current380/273CPC Class CodesH04L 63/04 for providing a confidentia...
