Authentication for licensing in an embedded system
First Claim
Patent Images
1. An industrial automation system, comprising:
- one or more processors communicatively coupled to one or more memory, the one or more memory having stored therein computer-executable instructions to implement the system, including;
at least one client license component granted by a license generating component (LGC) to permit access to a portion of an industrial control component; and
at least one client component configured to employ a protocol that is based in part on an asymmetric key exchange to facilitate authentication and access by the client to the portion of the industrial control component, wherein the protocol comprises;
the at least one client component is further configured to transmit the at least one client license component to the industrial control component;
the at least one client component is further configured to receive a device license component from the industrial control component;
the at least one client component is further configured to authenticate the device license component, and to transmit a client challenge to the industrial control component;
the at least one client component is further configured to receive a device challenge and a response to the client challenge from the industrial control component;
the at least one client component is further configured to authenticate the response to the client challenge, decode the device challenge, and transmit a response for the device challenge to the industrial control component; and
the at least one client component is further configured to receive a session response from the industrial control component indicating whether a session has been established between the at least one client device and the industrial control component.
1 Assignment
0 Petitions
Accused Products
Abstract
An industrial automation system is provided. This includes at least one license component that is granted by a third party to permit access to a portion of an industrial control component. At least one protocol component that is based in part on a private key exchange facilitates authentication and access to the portion of the industrial control component.
22 Citations
28 Claims
-
1. An industrial automation system, comprising:
one or more processors communicatively coupled to one or more memory, the one or more memory having stored therein computer-executable instructions to implement the system, including; at least one client license component granted by a license generating component (LGC) to permit access to a portion of an industrial control component; and at least one client component configured to employ a protocol that is based in part on an asymmetric key exchange to facilitate authentication and access by the client to the portion of the industrial control component, wherein the protocol comprises; the at least one client component is further configured to transmit the at least one client license component to the industrial control component; the at least one client component is further configured to receive a device license component from the industrial control component; the at least one client component is further configured to authenticate the device license component, and to transmit a client challenge to the industrial control component; the at least one client component is further configured to receive a device challenge and a response to the client challenge from the industrial control component; the at least one client component is further configured to authenticate the response to the client challenge, decode the device challenge, and transmit a response for the device challenge to the industrial control component; and the at least one client component is further configured to receive a session response from the industrial control component indicating whether a session has been established between the at least one client device and the industrial control component. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
16. A non-transitory computer readable medium having computer executable instructions stored thereon to facilitate licensing in an industrial automation environment, comprising instructions for:
-
obtaining a client certificate from at least one third party component, wherein the client certificate is associated with a client component; sending the client certificate to an industrial control component; receiving a device license component from the industrial control component; authenticating the device license component and transmitting a client challenge to the industrial control component; receiving a device challenge and a response to the client challenge from the industrial control component; authenticating the response to the client challenge, decoding the device challenge and transmitting a response for the device challenge to the industrial control component; and receiving a session response from the industrial control component indicating whether a session has been established with the industrial control component. - View Dependent Claims (17, 18, 19, 20)
-
-
21. A licensing method for industrial control components, comprising:
-
obtaining a client certificate from at least one third party component, wherein the client certificate is associated with a client component; sending the client certificate to an industrial control component; receiving a device license component from the industrial control component; authenticating the device license component and transmitting a client challenge to the industrial control component; receiving a device challenge and a response to the client challenge from the industrial control component; authenticating the response to the client challenge, decoding the device challenge, and transmitting a response for the device challenge to the industrial control component; and receiving a session response from the industrial control component indicating whether a session has been established with the industrial control component. - View Dependent Claims (22, 23, 24, 25, 26, 27)
-
-
28. A licensing system for an industrial control environment, comprising:
-
means for issuing a client certificate, wherein the client certificate is associated with a client component; means for sending the client certificate to an industrial control component; means for receiving a device license component from the industrial control component; means for authenticating the device license component and transmitting a client challenge to the industrial control component; means for receiving a device challenge and a response to the client challenge from the industrial control component; means for authenticating the response to the client challenge, decoding the device challenge, and transmitting a response for the device challenge to the industrial control component; and means for receiving a session response from the industrial control component indicating whether a session has been established with the industrial control component.
-
Specification