Secure wireless device area network of a cellular system

US 8,868,034 B2
Filed: 12/25/2010
Issued: 10/21/2014
Est. Priority Date: 12/25/2010
Status: Expired due to Fees

First Claim

Patent Images

1. A method for secure device area network on premises via a gateway, the method comprising:

interacting, by a services distribution frame via the gateway, with a cellular network to establish communication with a cellular network core;

communicating, by the services distribution frame, with an application service provider via the cellular network core to authenticate the application service provider to verify that the application service provider is authorized to provide services to the premises, wherein the services distribution frame is on the premises;

authorizing, by the services distribution frame, the application service provider to access one or more premises access network resources associated with the application service provider; and

authorizing, by the services distribution frame, the application service provider to access a wide area network resource via the gateway.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments may comprise logic such as hardware and/or code to provide a secure device area network. Many embodiments comprise a gateway node or enterprise enhanced node with a services distribution frame installed on a customer'"'"'s premises. The gateway node or enterprise enhanced node may interconnect the secure wireless device area network at the customer'"'"'s premises with a cellular network. In many embodiments, the cellular network core may provision authentication credentials and security keys, and manage access polies to facilitate access by Application Service Providers to devices on premises including smart devices via a security and policy enforcement function of a services distribution frame of the gateway node or enterprise enhanced node, Authorized members of the secure wireless device area network may connect to the Wide Area Network (WAN) through the gateway node and the cellular network core.

17 Citations

View as Search Results

20 Claims

1. A method for secure device area network on premises via a gateway, the method comprising:
- interacting, by a services distribution frame via the gateway, with a cellular network to establish communication with a cellular network core;
  
  communicating, by the services distribution frame, with an application service provider via the cellular network core to authenticate the application service provider to verify that the application service provider is authorized to provide services to the premises, wherein the services distribution frame is on the premises;
  
  authorizing, by the services distribution frame, the application service provider to access one or more premises access network resources associated with the application service provider; and
  
  authorizing, by the services distribution frame, the application service provider to access a wide area network resource via the gateway.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, further comprising detecting the presence of a smart device within the premises access network in response to installation of the smart device and communicating with the smart device to identify the smart device.
  - 3. The method of claim 2, wherein communicating with the smart device comprises establishing communication with the device and receiving a device identification for the smart device that uniquely identifies the smart device.
  - 4. The method of claim 1, further comprising authenticating a smart device and establishing communications with the smart device via a security and policy enforcement function.
  - 5. The method of claim 4, further comprising remotely performing an operation on the smart device via a security and policy enforcement function, wherein performing the operation on the smart device comprises activating the smart device, deactivating the smart device, or updating a firmware of the smart device.
  - 6. The method of claim 4, wherein establishing communications with the smart device via the security and policy enforcement function comprises establishing a secure channel for data transfer between the smart sensor and a remote server via the cellular network core.
  - 7. The method of claim 1, further comprising establishing a secure channel, by the services distribution frame, allocated to the application service provider for access to one or more premises access network resources associated with the application service provider.
  - 8. The method of claim 1, wherein interacting, by the services distribution frame via the gateway, with a cellular network to establish communication with a cellular network core comprises authenticating the gateway with the services distribution frame to the cellular network core to verify the gateway is authorized to receive services from application service providers through the cellular network core.
  - 9. The method of claim 1, wherein communicating, by the services distribution frame, with the application service provider via the cellular network core to authenticate the application service provider to verify that the application service provider is authorized to provide services to the premises comprises establishing communication with the application service provider via a service authentication key.
  - 10. The method of claim 1, wherein authorizing, by the services distribution frame, the application service provider to access the wide area network resource via the gateway comprises allocating to the application services provider by the services distribution frame, a circuit switched or packet switched channel to the wide area network coupled with the gateway.

11. An apparatus to create a secure device area network for premises, the apparatus comprising:
- a services distribution frame to coordinate services provided by multiple application service providers; and
  
  a security and policy enforcement function to authenticate an application service provider to provide services to the premises, to encrypt a channel allocated to the application service provider while the application service provider is provisioned to provide services to the premises through a premises access network, and to authorize allocation of and allocate a channel to a wide area network associated with the apparatus.
- View Dependent Claims (12, 13, 14, 15, 16)
- - 12. The apparatus of claim 11, further comprising a cellular network communications interface to establish communications with a cellular network core through a cellular network.
  - 13. The apparatus of claim 12, wherein the services distribution frame further comprises code to establish communication with the cellular network core, wherein establishing communication with the cellular network core comprises authenticating the apparatus with the services distribution frame to the cellular network core to verify the apparatus is authorized to receive services from application service providers through the cellular network core.
  - 14. The apparatus of claim 11, further comprising a smart device coupled with the apparatus, the smart device comprising a device identification that uniquely identifies the smart device from other smart devices on the premises, the smart device comprising:
    - a device processor;
      
      a device memory comprising code to respond to instructions; and
      
      a communications interface to facilitate communication between the processor and to communicate with the services distribution frame and to receive the instructions.
  - 15. The apparatus of claim 11, wherein the services distribution frame further comprises code to detect the presence of a smart device within the premises access network in response to installation of the smart device and to communicate with the smart device to identify the smart device.
  - 16. The apparatus of claim 11, further comprising memory comprising code to authenticate a smart device and establish communications with the smart device through a security and policy enforcement function.

17. A computer program product for secure device area network on premises via a gateway, wherein the computer program product does not comprise a transitory signal, the computer program product comprising:
- a computer useable medium having a computer useable program code embodied therewith, the computer useable program code comprising;
  
  computer useable program code configured to perform operations, the operations comprising;
  
  interacting, by a services distribution frame via the gateway, with a cellular network to establish communication with a cellular network core;
  
  communicating, by the services distribution frame, with an application service provider via the cellular network core to authenticate the application service provider to verify that the application service provider is authorized to provide services to the premises, wherein the services distribution frame is on the premises;
  
  authorizing, by the services distribution frame, the application service provider to access one or more premises access network resources associated with the application service provider; and
  
  authorizing, by the services distribution frame, the application service provider to access a wide area network resource via the gateway.
- View Dependent Claims (18, 19, 20)
- - 18. The computer program product of claim 17, wherein the operations further comprise detecting the presence of a smart device within the premises access network in response to installation of the smart device and communicating with the smart device to identify the smart device.
  - 19. The computer program product of claim 17, wherein the operations further comprise forming a closed subscriber group within the premises.
  - 20. The computer program product of claim 17, wherein the operations further comprise encrypting a channel, by the services distribution frame, allocated to the application service provider for access to one or more premises access network resources associated with the application service provider.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Dodeja, Rakesh, Rajan, Ashok Sunder, Johnson, Kevin D., Mcdonnell, Martin, Tiso, William J., Keaffaber, Todd A., Burns, Adam P.
Primary Examiner(s)
CAI, WAYNE HUU

Application Number

US12/978,562
Publication Number

US 20120164975A1
Time in Patent Office

1,396 Days
Field of Search

455/410, 455/411, 726/7, 726/12, 726 21- 30
US Class Current

455/410
CPC Class Codes

H04W 12/069 using certificates or pre-s...

H04W 12/08 Access security

Secure wireless device area network of a cellular system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

17 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Secure wireless device area network of a cellular system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

17 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links