On-boarding a device to a secure local network
First Claim
1. A method of operating a control device that is configured to selectively on-board a target device to a secure local network, comprising:
- discovering a set of devices over a bootstrapping interface;
establishing a bootstrap connection to at least one device from the set of devices in response to the discovery without authorizing the at least one device to access the secure local network;
instructing the at least one device via the bootstrap connection to activate an observable function that is configured to be observable to one or more observation entities that are separate from the control device and are in proximity to the at least one device;
determining whether an operator of the control device verifies that the observable function has been successfully detected as performed by the target device; and
selectively authorizing the at least one device to access the secure local network based on the determination,wherein the one or more observation entities include the operator of the control device, one or more machines configured to assist the operator of the control device to detect the observable function or a combination thereof, andwherein the observable function includes emission of a human-detectable indicator that is configured to be detectable to the operator of the control device, a machine-detectable indicator that is configured to be detectable by the one or more machines while not being directly detectable to the operator of the control device, or a combination thereof.
1 Assignment
0 Petitions
Accused Products
Abstract
In an embodiment, a control device that is configured to onboard a target device to a secure local network by discovering a set of devices over a bootstrapping interface, establishing a bootstrap connection to at least one device from the set of devices in response to the discovery without authorizing the at least one device to access the secure local network, instructing the at least one device via the bootstrap connection to activate an observable function that is configured to be observable to one or more observation entities that are separate from the control device and are in proximity to the at least one device, determining whether an operator of the control device verifies that the observable function has been successfully detected as performed by the target device and selectively authorizing the at least one device to access the secure local network based on the determination.
-
Citations
24 Claims
-
1. A method of operating a control device that is configured to selectively on-board a target device to a secure local network, comprising:
-
discovering a set of devices over a bootstrapping interface; establishing a bootstrap connection to at least one device from the set of devices in response to the discovery without authorizing the at least one device to access the secure local network; instructing the at least one device via the bootstrap connection to activate an observable function that is configured to be observable to one or more observation entities that are separate from the control device and are in proximity to the at least one device; determining whether an operator of the control device verifies that the observable function has been successfully detected as performed by the target device; and selectively authorizing the at least one device to access the secure local network based on the determination, wherein the one or more observation entities include the operator of the control device, one or more machines configured to assist the operator of the control device to detect the observable function or a combination thereof, and wherein the observable function includes emission of a human-detectable indicator that is configured to be detectable to the operator of the control device, a machine-detectable indicator that is configured to be detectable by the one or more machines while not being directly detectable to the operator of the control device, or a combination thereof. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method of attempting to on-board a device to a secure local network, comprising:
-
establishing a bootstrap connection to a control device of the secure local network without obtaining authorization to access the secure local network; receiving an instruction via the bootstrap connection to activate an observable function that is configured to be observable to one or more observation entities in proximity to the device; activating the observable function in response to the instruction; and selectively obtaining authorization to access the secure local network based on whether an operator of the control device successfully detects the observable function performed by the device and verifies the observable function as being performed by a target device for which on-boarding is desired, wherein the one or more observation entities include the operator of the control device, one or more machines configured to assist the operator of the control device to detect the observable function or a combination thereof, and wherein the observable function includes emission of a human-detectable indicator that is configured to be detectable to the operator of the control device, a machine-detectable indicator that is configured to be detectable by the one or more machines while not being directly detectable to the operator of the control device, or a combination thereof. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A control device that is configured to selectively on-board a target device to a secure local network, comprising:
-
a hardware processor coupled to a transceiver and configured to; discover a set of devices over a bootstrapping interface; establish a bootstrap connection to at least one device from the set of devices in response to the discovery without authorizing the at least one device to access the secure local network; instruct the at least one device via the bootstrap connection to activate an observable function that is configured to be observable to one or more observation entities that are separate from the control device and are in proximity to the at least one device; determine whether an operator of the control device verifies that the observable function has been successfully detected as performed by the target device; and selectively authorize the at least one device to access the secure local network based on the determination, wherein the one or more observation entities include the operator of the control device, one or more machines configured to assist the operator of the control device to detect the observable function or a combination thereof, and wherein the observable function includes emission of a human-detectable indicator that is configured to be detectable to the operator of the control device, a machine-detectable indicator that is configured to be detectable by the one or more machines while not being directly detectable to the operator of the control device, or a combination thereof. - View Dependent Claims (17, 18, 19, 20, 21)
-
-
22. A device configured to attempt to on-board onto a secure local network, comprising:
-
a hardware processor coupled to a transceiver and configured to; establish a bootstrap connection to a control device of the secure local network without obtaining authorization to access the secure local network; receive an instruction via the bootstrap connection to activate an observable function that is configured to be observable to one or more observation entities in proximity to the device; activate the observable function in response to the instruction; and selectively obtain authorization to access the secure local network based on whether an operator of the control device successfully detects the observable function performed by the device and verifies the observable function as being performed by a target device for which on-boarding is desired, wherein the one or more observation entities include the operator of the control device, one or more machines configured to assist the operator of the control device to detect the observable function or a combination thereof, and wherein the observable function includes emission of a human-detectable indicator that is configured to be detectable to the operator of the control device, a machine-detectable indicator that is configured to be detectable by the one or more machines while not being directly detectable to the operator of the control device, or a combination thereof. - View Dependent Claims (23, 24)
-
Specification