Method and apparatus for providing machine-to-machine service

US 9,202,055 B2
Filed: 04/16/2012
Issued: 12/01/2015
Est. Priority Date: 04/15/2011
Status: Active Grant

First Claim

Patent Images

1. A method of providing service for a machine-to-machine (M2M) device, the method comprising:

transmitting, a request for service to a network entity providing a security capability;

performing an authentication with an M2M authentication server (MAS) via the network entity;

generating, if the authentication is successful, a service key based on a master session key (MSK), a first constant string, and an identification associated with the M2M device;

transmitting a message indicating registration result acknowledgement to the network entity, comprising a value for a lifetime requested for the registration; and

generating an application key based on the service key, a second constant string, and an application identification (ID).

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and an apparatus for providing Machine-to-Machine (M2M) service are provided. A method of providing service by an M2M device includes transmitting a request for service to a Network Security Capability (NSEC), the request for service comprising a identifier of a Device Service Capability Layer (DSCL) of the M2M device, performing an Extensible Authentication Protocol (EAP) authentication with an M2M Authentication Server (MAS) via the NSEC, and generating, if the EAP authentication is successful, a service key using a Master Session Key (MSK), a first constant string, and the identifier of the DSCL.

30 Citations

View as Search Results

28 Claims

1. A method of providing service for a machine-to-machine (M2M) device, the method comprising:
- transmitting, a request for service to a network entity providing a security capability;
  
  performing an authentication with an M2M authentication server (MAS) via the network entity;
  
  generating, if the authentication is successful, a service key based on a master session key (MSK), a first constant string, and an identification associated with the M2M device;
  
  transmitting a message indicating registration result acknowledgement to the network entity, comprising a value for a lifetime requested for the registration; and
  
  generating an application key based on the service key, a second constant string, and an application identification (ID).
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the performing of the authentication comprises communicating, for the authentication with the network entity, by using a protocol for carrying authentication for network access (PANA).
  - 3. The method of claim 1, wherein the request for service is a PANA-Client-Initiation (PCI) packet.
  - 4. The method of claim 1, wherein the request for service comprises information for identifying at least one component of the M2M device.
  - 5. The method of claim 4, wherein the at least one component comprises a device security capability layer (DSCL).
  - 6. The method of claim 1, wherein the request for service comprises an identification of a device security capability layer (DSCL).
  - 7. The method of claim 1, further comprising receiving an identification for service from one of the network entity and the MAS.
  - 8. The method of claim 7, wherein the service key is generated based on further the identification for service.

9. A machine-to-machine (M2M) device, the M2M device comprising:
- a transceiver configured to transmit a request for service to a network entity providing a security capability; and
  
  a controller configured;
  
  to control performing an authentication with an M2M authentication server (MAS) via the network entity,to generate, if the authentication is successful, a service key based on a master session key (MSK), a first constant string, and an identification associated with the M2M device,to transmit a message indicating registration result acknowledgement to the network entity, comprising a value for a lifetime requested for the registration, andto generate an application key based on the service key, a second constant string, and an application identification (ID).
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The M2M device of claim 9, wherein the transceiver is further configured to communicate with the network entity, during the authentication with the network entity, by using a protocol for carrying authentication for network access (PANA).
  - 11. The M2M device of claim 9, wherein the request for service is a PANA-Client-Initiation (PCI) packet.
  - 12. The M2M device of claim 9, wherein the request for service comprises information for identifying at least one component of the M2M device.
  - 13. The M2M device of claim 12, wherein the at least one component comprises a device security capability layer (DSCL).
  - 14. The M2M device of claim 9, wherein the request for service comprises an identification of a device security capability layer (DSCL).
  - 15. The M2M device of claim 9, further comprising a transceiver configured to receive an identification for service from one of the network entity and the MAS.
  - 16. The M2M device of claim 15, wherein the service key is generated based on further the identification for service.

17. A method of providing service by a network entity providing a security capability in a network system, the method comprising:
- receiving a request for service from a machine-to-machine (M2M) device;
  
  performing an authentication with the M2M device and an M2M authentication server (MAS);
  
  generating, if the authentication is successful, a service key based on a master session key (MSK), a first constant string, and an identification associated with the M2M device;
  
  transmitting a message indicating registration result acknowledgement to the MAS, comprising a value for a lifetime requested for the registration; and
  
  generating an application key based on the service key, a second constant string, and an application identification (ID).
- View Dependent Claims (18, 19, 20, 21, 22)
- - 18. The method of claim 17, wherein the performing of the authentication comprises communicating, for the authentication with the M2M device, by using a protocol for carrying authentication for network access (PANA);
    - andcommunicating, for the authentication with the MAS, by using an authentication, authorization and accounting (AAA) protocol.
  - 19. The method of claim 17, wherein the request for service is a PANA-Client-Initiation (PCI) packet.
  - 20. The method of claim 17, wherein the request for service comprises information for identifying at least one component of the M2M device.
  - 21. The method of claim 20, wherein the at least one component comprises a device security capability layer (DSCL).
  - 22. The method of claim 17, wherein the request for service comprises an identification of a device security capability layer (DSCL).

23. A network entity for providing service in a Machine-to-Machine (M2M) system, the network entity comprising:
- a transceiver configured to receive a request for service from a M2M device; and
  
  a controller configured;
  
  to control performing an authentication with the M2M device and an M2M authentication server (MAS),to generate, if the authentication is successful, a service key based on a master session key (MSK), a first constant string, and an identification associated with the M2M device,to transmit a message indicating registration result acknowledgement to the MAS, comprising a value for a lifetime requested for the registration, andto generate an application key based on the service key, a second constant string, and an application identification (ID).
- View Dependent Claims (24, 25, 26, 27, 28)
- - 24. The network entity of claim 23, wherein the transceiver is further configured to communicate during the authentication with the M2M device, by using a protocol for carrying authentication for network access (PANA), and to communicate, during the authentication with the MAS, by using an authentication, authorization and accounting (AAA) protocol.
  - 25. The network entity of claim 23, wherein the request for service is a PANA-Client-Initiation (PCI) packet.
  - 26. The network entity of claim 23, wherein the request for service comprises information for identifying at least one component of the M2M device.
  - 27. The network entity of claim 26, wherein the at least one component comprises a device security capability layer (DSCL).
  - 28. The network entity of claim 23, wherein the request for service comprises the identification of a device security capability layer (DSCL).

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Samsung Electronics Co. Ltd.
Original Assignee
Samsung Electronics Co. Ltd.
Inventors
Baek, Youngkyo, Yegin, Alper
Primary Examiner(s)
ABEDIN, SHANTO

Application Number

US13/447,571
Publication Number

US 20120265983A1
Time in Patent Office

1,324 Days
Field of Search

713/152, 713/155, 713/168, 713/175, 713/170, 713/171, 709/229, 709223-225, 705/50, 726/21, 726/1, 726/10, 726 4- 7, 455/411, 455/435.1, 455/435.3
US Class Current

1/1
CPC Class Codes

G06F 21/57   Certifying or maintaining t...

G06F 2221/2143   Clearing memory, e.g. to pr...

G06F 9/4401   Bootstrapping security arra...

H04L 2463/061   applying further key deriva...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/126   the source of the received ...

H04L 63/162   at the data link layer

H04W 12/069   using certificates or pre-s...

H04W 4/50   Service provisioning or rec...

H04W 4/70   Services for machine-to-mac...

Method and apparatus for providing machine-to-machine service

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

30 Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for providing machine-to-machine service

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

30 Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links