Security model for industrial devices
First Claim
Patent Images
1. An apparatus, comprising:
- a processor;
a memory communicatively coupled to processor, the memory having stored therein computer-executable instructions, comprising;
a protocol buffer component configured to;
receive a first series of bytes representing a token request having credential information from a requestor;
de-serialize the first series of bytes into a token request protocol message object retaining the credential information, wherein the token request protocol message object is formatted according to a Protocol Buffer definition;
convert the token request protocol message object into a second token request protocol message object having a first format associated with an external entity; and
a security token service configured to;
send the second token request protocol message object to the external entity;
receive a first protocol buffer security token, having a representation not formatted according to the Protocol Buffer definition, from the external entity;
convert the first protocol buffer security token into a second protocol buffer security token structured in accordance with the Protocol Buffer definition;
serialize the second protocol buffer security token into a second series of bytes; and
communicate the second series of bytes as a response to the token request.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and/or methods are described relating to a security model that provides interoperability with foreign security domains while remaining scalable to small embedded devices. A security token service is provided, which is configured to issue, renew, and/or validate security tokens in response to a token request. A communication protocol, corresponding message structures, and the security tokens are defined in accordance with protocol buffer definitions.
-
Citations
20 Claims
-
1. An apparatus, comprising:
-
a processor; a memory communicatively coupled to processor, the memory having stored therein computer-executable instructions, comprising; a protocol buffer component configured to; receive a first series of bytes representing a token request having credential information from a requestor; de-serialize the first series of bytes into a token request protocol message object retaining the credential information, wherein the token request protocol message object is formatted according to a Protocol Buffer definition; convert the token request protocol message object into a second token request protocol message object having a first format associated with an external entity; and a security token service configured to; send the second token request protocol message object to the external entity; receive a first protocol buffer security token, having a representation not formatted according to the Protocol Buffer definition, from the external entity; convert the first protocol buffer security token into a second protocol buffer security token structured in accordance with the Protocol Buffer definition; serialize the second protocol buffer security token into a second series of bytes; and communicate the second series of bytes as a response to the token request. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method, comprising:
-
obtaining, by a device including a processor, a token request, as a series of bytes, that includes credential information to be authenticated; de-serializing, by the device, the series of bytes to obtain the token request as an object structured in accordance with a Protocol Buffer definition; converting, by the device, the token request, structured in accordance with the Protocol Buffer definition, into a second token request having a format associated with an external entity; sending, by the device, the second token request to the external entity; receiving, by the device, a first security token, having a representation not formatted according to the Protocol Buffer definition, from the external entity; converting, by the device, the first security token into a second security token structured in accordance with the Protocol Buffer definition; serializing, by the device, the second security token into a byte stream; and communicating, by the device, the byte stream as a response to the token request. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A non-transitory computer-readable medium having instructions stored thereon that, in response to execution, cause at least one device including a processor to perform operations comprising:
-
receiving a token request, as first byte stream, that includes credential information to be authenticated; de-serializing the first byte stream to obtain the credential information as a first object structured in accordance with a Protocol Buffer definition; converting the first object into a second object, having a format associated with an external entity; sending the second object to the external entity; receiving a first security token, having a representation not formatted according to the Protocol Buffer definition, from the external entity; converting the first security token into a second security token structured in accordance with the Protocol Buffer definition; serializing the second security token into a second byte stream; and sending the second byte stream as a response to the token request. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification