Multi-tiered authentication methods for facilitating communications amongst smart home devices and cloud-based servers
First Claim
1. A method for authenticating a client device to communicate with a remote server, comprising:
- establishing, by the client device, a connection with a first remote server using first device credentials, the first device credentials being unique to and stored at the client device and authenticating the client device to communicate with the first remote server;
acquiring, at the client device, second device credentials from the first remote server, the second device credentials authenticating the client device to communicate with a second remote server;
establishing, by the client device, a connection with the second remote server using the second device credentials; and
when the connection with the second remote server fails;
re-establishing, by the client device, the connection with the first remote server using the first device credentials;
re-acquiring, at the client device, the second device credentials from the first remote server; and
re-establishing, by the client device, the connection with the second remote server using the second device credentials.
3 Assignments
0 Petitions
Accused Products
Abstract
Apparatus, systems, methods, and related computer program products for synchronizing distributed states amongst a plurality of entities and authenticating devices to access information and/or services provided by a remote server. Synchronization techniques include client devices and remote servers storing buckets of information. The client device sends a subscription request to the remote serve identifying a bucket of information and, when that bucket changes, the remote server sends the change to the client device. Authentication techniques include client devices including unique default credentials that, when presented to a remote server, provide limited access to the server. The client device may obtain assigned credentials that, when presented to the remote server, provide less limited access to the server.
-
Citations
25 Claims
-
1. A method for authenticating a client device to communicate with a remote server, comprising:
-
establishing, by the client device, a connection with a first remote server using first device credentials, the first device credentials being unique to and stored at the client device and authenticating the client device to communicate with the first remote server; acquiring, at the client device, second device credentials from the first remote server, the second device credentials authenticating the client device to communicate with a second remote server; establishing, by the client device, a connection with the second remote server using the second device credentials; and when the connection with the second remote server fails; re-establishing, by the client device, the connection with the first remote server using the first device credentials; re-acquiring, at the client device, the second device credentials from the first remote server; and re-establishing, by the client device, the connection with the second remote server using the second device credentials. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A client device, comprising:
-
a storage device for storing first device credentials unique to the client device and operable to authenticate the client device to communicate with a first remote server; and an authentication module coupled to the storage device, the authentication module operable to; establish a connection with the first remote server using the first device credentials; acquire second device credentials from the first remote server, the second device credentials authenticating the client device to communicate with a second remote server; establish a connection with the second remote server using the second device credentials; and when the connection with the second remote server fails; re-establish the connection with the first remote server using the first device credentials; re-acquire the second device credentials from the first remote server; and re-establish the connection with the second remote server using the second device credentials. - View Dependent Claims (11, 12, 13)
-
-
14. A method of authenticating a client device, comprising:
-
receiving, at a remote server, first device credentials from the client device, the first device credentials including a secret generated by a third party that is unique to the client device; determining whether the first device credentials are valid; when it is determined that the first device credentials are valid; generating, at the remote server, second device credentials, the second device credentials operable to authenticate the client device to communicate with one or more components of the remote server; and communicating the second device credentials to the client device; receiving the second device credentials from the client device at the remote server; determining whether the second device credentials are valid, wherein determining whether the second device credentials are valid includes one or more operations including; comparing the received second device credentials with recently generated second device credentials; and comparing the received second device credentials with previously generated second device credentials that were generated prior to the recently generated second device credentials; and when it is determined that the second device credentials are valid, granting the client device access to secured resources at the remote server. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21)
-
-
22. A computer system, comprising:
-
a storage device for storing device credentials for client devices; and a registration server coupled to the storage device and operable to; receive first device credentials from a client device, the first device credentials including a secret generated by a third party that is unique to the client device; determine whether the first device credentials are valid; and when it is determined that the first device credentials are valid; generate second device credentials, the second device credentials operable to authenticate the client device to communicate with one or more components of the computer system; and communicate the second device credentials to the client device; wherein the registration server is further operable to; determine whether contact from the client device is an initial contact or a subsequent contact; when it is determined that the contact is a subsequent contact, determine whether the client device is paired with a user account; and when it is determined that the client device is paired with a user account, unpair the client device from the user account. - View Dependent Claims (23, 24, 25)
-
Specification