System and method for secure machine-to-machine communications

US 9,077,687 B2
Filed: 12/21/2012
Issued: 07/07/2015
Est. Priority Date: 05/10/2012
Status: Active Grant

First Claim

Patent Images

1. A machine to machine (M2M) secure domain name system (DNS) comprising:

a machine DNS registry server located in an Internet service provider (ISP) network;

a global DNS registry database server that includes policies for machine to machine communications, wherein the global DNS registry database server is configured to push the policies for machine to machine communications to the machine DNS registry server located in the ISP network over a secure connection between the global DNS registry database server and the machine DNS registry server located in the ISP network, wherein the global DNS registry database server stores machine parameters associated with individual machines, the machine parameters comprising a device identifier, a device network address, a control signaling gateway IP address associated with the device, communication protocol filters, and bandwidth allotment for communication; and

a control signaling gateway located in the ISP network and in communication with the machine DNS registry server located in the ISP network, the control signaling gateway configured to utilize the policies for machine to machine communications to allow only registered controllers associated with a machine to communicate with the machine.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the present invention include a method for providing a secure domain name system (DNS) for machine to machine communications. In one embodiment, the method includes storing policy information for machine to machine communications in a global DNS registry database server. The method further includes communicating the policy information for machine to machine communications from the global DNS registry database server to a machine DNS registry server located in an Internet service provider (ISP) network, wherein a control signaling gateway located in the ISP network is configured to utilize the policy information for machine to machine communications to allow only registered controllers associated with a machine to communicate with the machine.

15 Citations

View as Search Results

19 Claims

1. A machine to machine (M2M) secure domain name system (DNS) comprising:
- a machine DNS registry server located in an Internet service provider (ISP) network;
  
  a global DNS registry database server that includes policies for machine to machine communications, wherein the global DNS registry database server is configured to push the policies for machine to machine communications to the machine DNS registry server located in the ISP network over a secure connection between the global DNS registry database server and the machine DNS registry server located in the ISP network, wherein the global DNS registry database server stores machine parameters associated with individual machines, the machine parameters comprising a device identifier, a device network address, a control signaling gateway IP address associated with the device, communication protocol filters, and bandwidth allotment for communication; and
  
  a control signaling gateway located in the ISP network and in communication with the machine DNS registry server located in the ISP network, the control signaling gateway configured to utilize the policies for machine to machine communications to allow only registered controllers associated with a machine to communicate with the machine.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The system of claim 1, wherein the global DNS registry database server is configured to push the policies for M2M communications to all machine DNS registry servers associated with subscribing ISP networks.
  - 3. The system of claim 1, wherein the global DNS registry database server is maintained and controlled by a single third party authority.
  - 4. The system of claim 1, wherein the machine DNS registry server located in the ISP network is configured to enable only the global DNS registry database server to push updates to the machine DNS registry server.
  - 5. The system of claim 1, wherein the policies include a machine domain, a list of machines associated with the machine domain, and an indicator of whether a machine is active.
  - 6. The system of claim 1, wherein the global DNS registry database server stores controller parameters associated with the registered controllers, wherein the controller parameters include a machine owner unique identifier, a list of DNS addresses for controllers associated with the machine owner unique identifier, and a subclass associated with the machine DNS registry server located in the ISP network.

7. A method for providing a secure domain name system (DNS) for machine to machine communications, the method comprising:
- storing policy information for machine to machine communications in a global DNS registry database server, wherein the global DNS registry database server stores machine parameters associated with individual machines, the machine parameters comprising a device identifier, a device network address, a control signaling gateway IP address associated with the device, communication protocol filters, and bandwidth allotment for communication; and
  
  communicating the policy information for machine to machine communications from the global DNS registry database server to a machine DNS registry server located in an Internet service provider (ISP) network, wherein a control signaling gateway located in the ISP network is configured to utilize the policy information for machine to machine communications to allow only registered controllers associated with a machine to communicate with the machine.
- View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 8. The method of claim 7, further comprising communicating the policy information for machine to machine communications from the global DNS registry database server to all machine DNS registry servers associated with subscribing ISP networks.
  - 9. The method of claim 7, wherein the global DNS registry database server is maintained and controlled by a single third party authority.
  - 10. The method of claim 7, further comprising configuring the machine DNS registry server located in the ISP network to enable only the global DNS registry database server to push updates to the machine DNS registry server.
  - 11. The method of claim 7, further comprising:
    - assigning a requested DNS domain to a machine system owner; and
      
      associating a list of controllers with the assigned DNS domain.
  - 12. The method of claim 7, further comprising:
    - registering the machine with the machine DNS registry server located in the ISP network in response to a determination that the machine is connected to the ISP network;
      
      retrieving a policy of a machine system owner associated with the machine; and
      
      pushing the policy associated with machine system owner from the machine DNS registry server located in the ISP network to the control signaling gateway located in the ISP network.
  - 13. The method of claim 7, further comprising monitoring for an IP address change associated with either the machine or a registered controller, and performing a DNS update on the machine DNS registry server located in the ISP network with the IP address change.
  - 14. The method of claim 13, further comprising pushing updated policy information associated with the machine from the machine DNS registry server located in the ISP network to the control signaling gateway located in the ISP network in response to performing the DNS update.
  - 15. The method of claim 7, wherein the policy information includes rerouting information for rerouting communications of the machine to another controller in the event that communications to the controller is down.
  - 16. The method of claim 7, wherein the policy information includes notification information related to third-party device, wherein the controller is configured to automatically notify the third-party device in response to a determination that data received from the machine indicates that a particular parameter exceeds a predetermined threshold.

17. A computer program product comprising computer executable instructions embodied in a non-transitory, tangible computer-readable medium, the computer executable instructions comprising instructions to:
- store policy information for machine to machine communications in a global DNS registry database server, wherein the global DNS registry database server stores machine parameters associated with individual machines, the machine parameters comprising a device identifier, a device network address, a control signaling gateway IP address associated with the device, communication protocol filters, and bandwidth allotment for communication; and
  
  communicate the policy information for machine to machine communications from the global DNS registry database server to a machine DNS registry server located in an Internet service provider (ISP) network, wherein a control signaling gateway located in the ISP network is configured to utilize the policy information for machine to machine communications to allow only registered controllers associated with a machine to communicate with the machine.
- View Dependent Claims (18, 19)
- - 18. The computer program product of claim 17, wherein the computer executable instructions further comprises instructions to:
    - assign a requested DNS domain to a machine system owner; and
      
      associate a list of controllers with the assigned DNS domain.
  - 19. The computer program product of claim 17, wherein the computer executable instructions further comprises instructions to:
    - register the machine with the machine DNS registry server located in the ISP network in response to a determination that the machine is connected to the ISP network;
      
      retrieve a policy of a machine system owner associated with the machine; and
      
      push the policy associated with machine system owner from the machine DNS registry server located in the ISP network to the control signaling gateway located in the ISP network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CenturyLink Intellectual Property LLC (Lumen Technologies, Inc.)
Original Assignee
CenturyLink Intellectual Property LLC (Lumen Technologies, Inc.)
Inventors
Bugenhagen, Michael K.
Primary Examiner(s)
Darrow, Justin T
Assistant Examiner(s)
SONG, HEE K

Application Number

US13/723,627
Publication Number

US 20130305345A1
Time in Patent Office

928 Days
Field of Search

726/12
US Class Current

1/1
CPC Class Codes

H04L 61/4511   using domain name system [DNS]

H04L 61/4552   Lookup mechanisms between a...

H04L 63/0281   Proxies

H04L 63/10   for controlling access to d...

H04L 63/101   Access control lists [ACL]

H04L 63/20   for managing network securi...

H04L 67/10   in which an application is ...

H04L 67/12   specially adapted for propr...

H04W 4/70   Services for machine-to-mac...

System and method for secure machine-to-machine communications

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

15 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for secure machine-to-machine communications

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

15 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links