On-boarding a device to a secure local network

US 9,699,659 B2
Filed: 07/20/2015
Issued: 07/04/2017
Est. Priority Date: 07/31/2014
Status: Active Grant

First Claim

Patent Images

1. A method of operating a control device that is configured to selectively on-board a target device to a secure local network, comprising:

discovering a set of devices over a bootstrapping interface;

establishing a bootstrap connection to at least one device from the set of devices in response to the discovery without authorizing the at least one device to access the secure local network;

instructing the at least one device via the bootstrap connection to activate an observable function that is configured to be observable to one or more observation entities that are separate from the control device and are in proximity to the at least one device;

determining whether an operator of the control device verifies that the observable function has been successfully detected as performed by the target device; and

selectively authorizing the at least one device to access the secure local network based on the determination,wherein the one or more observation entities include the operator of the control device, one or more machines configured to assist the operator of the control device to detect the observable function or a combination thereof, andwherein the observable function includes emission of a human-detectable indicator that is configured to be detectable to the operator of the control device, a machine-detectable indicator that is configured to be detectable by the one or more machines while not being directly detectable to the operator of the control device, or a combination thereof.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In an embodiment, a control device that is configured to onboard a target device to a secure local network by discovering a set of devices over a bootstrapping interface, establishing a bootstrap connection to at least one device from the set of devices in response to the discovery without authorizing the at least one device to access the secure local network, instructing the at least one device via the bootstrap connection to activate an observable function that is configured to be observable to one or more observation entities that are separate from the control device and are in proximity to the at least one device, determining whether an operator of the control device verifies that the observable function has been successfully detected as performed by the target device and selectively authorizing the at least one device to access the secure local network based on the determination.

Citations

24 Claims

1. A method of operating a control device that is configured to selectively on-board a target device to a secure local network, comprising:
- discovering a set of devices over a bootstrapping interface;
  
  establishing a bootstrap connection to at least one device from the set of devices in response to the discovery without authorizing the at least one device to access the secure local network;
  
  instructing the at least one device via the bootstrap connection to activate an observable function that is configured to be observable to one or more observation entities that are separate from the control device and are in proximity to the at least one device;
  
  determining whether an operator of the control device verifies that the observable function has been successfully detected as performed by the target device; and
  
  selectively authorizing the at least one device to access the secure local network based on the determination,wherein the one or more observation entities include the operator of the control device, one or more machines configured to assist the operator of the control device to detect the observable function or a combination thereof, andwherein the observable function includes emission of a human-detectable indicator that is configured to be detectable to the operator of the control device, a machine-detectable indicator that is configured to be detectable by the one or more machines while not being directly detectable to the operator of the control device, or a combination thereof.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1,wherein the bootstrapping interface comprises WiFi, Bluetooth, or infrared (IR), andwherein the secure local network is a WiFi network.
  - 3. The method of claim 1, wherein the observable function outputs one or more of a visible indicator, an audible indicator, an ultrasound, a short range wireless signal, a non-visible indicator, an infrared indicator, an ultraviolet indicator, a thermal indicator or mechanical indicator, a vibration, a movement or any combination thereof.
  - 4. The method of claim 1,wherein the operator of the control device verifies that the observable function has been successfully detected as performed by the target device, andwherein the selectively authorizing authorizes the at least one device to access the secure local network in response to the determination.
  - 5. The method of claim 4, further comprising:
    - transmitting a set of network credentials to the at least one device that is configured to be used by the at least one device for accessing the secure local network.
  - 6. The method of claim 1,wherein the operator of the control device does not verify that the observable function has been successfully detected as performed by the target device, andwherein the selectively authorizing does not authorize the at least one device to access the secure local network in response to the determination.
  - 7. The method of claim 1,wherein the secure local network is an Internet of Things (IoT) network, andwherein the target device is an IoT device.
  - 8. The method of claim 1, wherein the one or more observation entities include the operator of the control device.
  - 9. The method of claim 8, wherein the observable function includes emission of the human-detectable indicator that is configured to be detectable to the operator of the control device.

10. A method of attempting to on-board a device to a secure local network, comprising:
- establishing a bootstrap connection to a control device of the secure local network without obtaining authorization to access the secure local network;
  
  receiving an instruction via the bootstrap connection to activate an observable function that is configured to be observable to one or more observation entities in proximity to the device;
  
  activating the observable function in response to the instruction; and
  
  selectively obtaining authorization to access the secure local network based on whether an operator of the control device successfully detects the observable function performed by the device and verifies the observable function as being performed by a target device for which on-boarding is desired,wherein the one or more observation entities include the operator of the control device, one or more machines configured to assist the operator of the control device to detect the observable function or a combination thereof, andwherein the observable function includes emission of a human-detectable indicator that is configured to be detectable to the operator of the control device, a machine-detectable indicator that is configured to be detectable by the one or more machines while not being directly detectable to the operator of the control device, or a combination thereof.
- View Dependent Claims (11, 12, 13, 14, 15)
- - 11. The method of claim 10,wherein the bootstrap connection comprises over a bootstrapping interface that is WiFi, Bluetooth, or infrared (IR), andwherein the secure local network is a WiFi network.
  - 12. The method of claim 10, further comprising:
    - if the selectively obtaining authorization obtains the authorization to access the secure local network, receiving a set of network credentials from the control device that is configured to be used by the device for accessing the secure local network.
  - 13. The method of claim 10,wherein the secure local network is an Internet of Things (IoT) network, andwherein the target device is an IoT device.
  - 14. The method of claim 10, wherein the one or more observation entities include the operator of the control device.
  - 15. The method of claim 10, wherein the observable function includes emission of the human-detectable indicator that is configured to be detectable to the operator of the control device.

16. A control device that is configured to selectively on-board a target device to a secure local network, comprising:
- a hardware processor coupled to a transceiver and configured to;
  
  discover a set of devices over a bootstrapping interface;
  
  establish a bootstrap connection to at least one device from the set of devices in response to the discovery without authorizing the at least one device to access the secure local network;
  
  instruct the at least one device via the bootstrap connection to activate an observable function that is configured to be observable to one or more observation entities that are separate from the control device and are in proximity to the at least one device;
  
  determine whether an operator of the control device verifies that the observable function has been successfully detected as performed by the target device; and
  
  selectively authorize the at least one device to access the secure local network based on the determination,wherein the one or more observation entities include the operator of the control device, one or more machines configured to assist the operator of the control device to detect the observable function or a combination thereof, andwherein the observable function includes emission of a human-detectable indicator that is configured to be detectable to the operator of the control device, a machine-detectable indicator that is configured to be detectable by the one or more machines while not being directly detectable to the operator of the control device, or a combination thereof.
- View Dependent Claims (17, 18, 19, 20, 21)
- - 17. The control device of claim 16,wherein the bootstrapping interface is WiFi, Bluetooth, or infrared (IR), andwherein the secure local network is a WiFi network.
  - 18. The control device of claim 16, wherein the observable function outputs one or more of a visible indicator, an audible indicator, an ultrasound, a short range wireless signal, a non-visible indicator, an infrared indicator, an ultraviolet indicator, a thermal indicator or mechanical indicator, a vibration, a movement or any combination thereof.
  - 19. The control device of claim 16,wherein the operator of the control device verifies that the observable function has been successfully detected as performed by the target device, andwherein the selectively authorizing authorizes the at least one device to access the secure local network in response to the determination.
  - 20. The control device of claim 16, wherein the hardware processor is further configured to:
    - transmit a set of network credentials to the at least one device that is configured to be used by the at least one device for accessing the secure local network.
  - 21. The control device of claim 16,wherein the operator of the control device does not verify that the observable function has been successfully detected as performed by the target device, andwherein the selectively authorizing does not authorize the at least one device to access the secure local network in response to the determination.

22. A device configured to attempt to on-board onto a secure local network, comprising:
- a hardware processor coupled to a transceiver and configured to;
  
  establish a bootstrap connection to a control device of the secure local network without obtaining authorization to access the secure local network;
  
  receive an instruction via the bootstrap connection to activate an observable function that is configured to be observable to one or more observation entities in proximity to the device;
  
  activate the observable function in response to the instruction; and
  
  selectively obtain authorization to access the secure local network based on whether an operator of the control device successfully detects the observable function performed by the device and verifies the observable function as being performed by a target device for which on-boarding is desired,wherein the one or more observation entities include the operator of the control device, one or more machines configured to assist the operator of the control device to detect the observable function or a combination thereof, andwherein the observable function includes emission of a human-detectable indicator that is configured to be detectable to the operator of the control device, a machine-detectable indicator that is configured to be detectable by the one or more machines while not being directly detectable to the operator of the control device, or a combination thereof.
- View Dependent Claims (23, 24)
- - 23. The device of claim 22,wherein the bootstrap connection is established over a bootstrapping interface that is WiFi, Bluetooth, or infrared (IR), andwherein the secure local network is a WiFi network.
  - 24. The device of claim 22, wherein the hardware processor is further configured to:
    - if the selectively obtaining authorization obtains the authorization to access the secure local network, receive a set of network credentials from the control device that is configured to be used by the device for accessing the secure local network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Qualcomm, Inc.
Original Assignee
Qualcomm, Inc.
Inventors
Amarilio, Lior, Shusterman, Zeev, Zehavi, Doron
Primary Examiner(s)
Lemma, Samson

Application Number

US14/803,461
Publication Number

US 20160036819A1
Time in Patent Office

715 Days
Field of Search

726 4
US Class Current
CPC Class Codes

G06F 9/4411   Configuring for operating w...

H04L 67/12   specially adapted for propr...

H04W 12/06   Authentication

H04W 12/08   Access security

H04W 12/50   Secure pairing of devices

H04W 12/63   Location-dependent; Proximi...

H04W 12/65   Environment-dependent, e.g....

H04W 4/70   Services for machine-to-mac...

H04W 48/04   based on user or terminal l...

H04W 48/08   Access restriction or acces...

H04W 8/005   Discovery of network device...

On-boarding a device to a secure local network

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

On-boarding a device to a secure local network

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links