System and method for securely connecting network devices
First Claim
1. A system comprising:
- a hardware Internet of Things (IoT) hub comprising a network interface to couple the IoT hub to an IoT service over a wide area network (WAN), andprogramming logic of the IoT hub to program an identification device with one or more encryption keys usable to establish encrypted communication with an IoT device; and
the IoT device interfacing with the identification device following the programming of the identification device by the IoT hub;
wherein once the identification device is programmed and interfaced with the IoT device, the IoT device uses the one or more keys to establish a secure communication channel with the IoT hub and the IoT service;
wherein the programming of the identification device by the IoT hub comprises generating a public/private key pair and storing at least the private key of the public/private key pair on the identification device;
wherein the programming of the identification device further comprises storing at least the public key in a secure storage on the IoT hub;
the IoT hub securely forwarding the public key with a corresponding signature to the IoT service over the network interface and further securely forwarding an IoT hub public key with a corresponding signature associated with the IoT hub and corresponding to an IoT hub private key; and
wherein to securely transmit a command or data to the IoT device, the IoT service encrypts the command or data and generates a first signature using the public key to generate an IoT device packet and then encrypts the IoT device packet and generates a second signature using the IoT hub public key to generate an IoT hub packet.
3 Assignments
0 Petitions
Accused Products
Abstract
A platform, apparatus and method for Internet of Things Implementations. For example, one embodiment of a system comprises: an Internet of Things (IoT) hub comprising a network interface to couple the IoT hub to an IoT service over a wide area network (WAN), and programming logic to program an identification device with one or more encryption keys usable to establish encrypted communication with an IoT device; and at least one IoT device interfacing with the identification device following programming of the identification device by the IoT hub; wherein once the identification device is programmed and interfaced with the IoT device, the IoT device uses the one or more keys to establish a secure communication channel with the IoT hub and/or the IoT service.
130 Citations
15 Claims
-
1. A system comprising:
-
a hardware Internet of Things (IoT) hub comprising a network interface to couple the IoT hub to an IoT service over a wide area network (WAN), and programming logic of the IoT hub to program an identification device with one or more encryption keys usable to establish encrypted communication with an IoT device; and the IoT device interfacing with the identification device following the programming of the identification device by the IoT hub; wherein once the identification device is programmed and interfaced with the IoT device, the IoT device uses the one or more keys to establish a secure communication channel with the IoT hub and the IoT service; wherein the programming of the identification device by the IoT hub comprises generating a public/private key pair and storing at least the private key of the public/private key pair on the identification device; wherein the programming of the identification device further comprises storing at least the public key in a secure storage on the IoT hub; the IoT hub securely forwarding the public key with a corresponding signature to the IoT service over the network interface and further securely forwarding an IoT hub public key with a corresponding signature associated with the IoT hub and corresponding to an IoT hub private key; and wherein to securely transmit a command or data to the IoT device, the IoT service encrypts the command or data and generates a first signature using the public key to generate an IoT device packet and then encrypts the IoT device packet and generates a second signature using the IoT hub public key to generate an IoT hub packet. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A system comprising:
-
a hardware Internet of Things (IoT) hub comprising a network interface to couple the IoT hub to an IoT service over a wide area network (WAN), and a local interface on the IoT hub to receive one or more encryption keys usable to establish a secure communication channel with an IoT device; wherein once the IoT hub has received the one or more encryption keys, the IoT hub and the IoT service use the one or more encryption keys to establish the secure communication channel with the IoT device; and wherein a first public/private key pair is associated with the IoT device and wherein the IoT hub receives at least the public key of the first public/private key pair and forwards the public key to the IoT service; wherein a second public/private key pair is associated with the IoT hub, and wherein the IoT hub provides at least the public key of the second public/private key pair to the IoT device and the IoT service; wherein the IoT device uses the public key of the second public/private key pair to encrypt communications directed to the IoT hub and wherein the IoT hub and the IoT service use the public key of the first public/private key pair to encrypt communications directed to the IoT device; and wherein to securely transmit a command or data to the IoT device, the IoT service encrypts the command or data and generates a first signature using the public key to generate an IoT device packet and then encrypts the IoT device packet and generates a second signature using the IoT hub public key to generate an IoT hub packet. - View Dependent Claims (7, 8, 9, 10, 11, 12)
-
-
13. A method comprising:
-
providing an Internet of Things (IoT) hub comprising a network interface to couple the IoT hub to an IoT service over a wide area network (WAN), and programming an identification device by the IoT hub to include one or more encryption keys usable to establish encrypted communication with an IoT device; and interfacing the IoT device with the identification device following the programming of the identification device by the IoT hub; wherein once the identification device is programmed and interfaced with the IoT device, the IoT device uses the one or more keys to establish a secure communication channel with the IoT hub and the IoT service; wherein the programming of the identification device by the IoT hub comprises generating a public/private key pair and storing at least the private key of the public/private key pair on the identification device; wherein the programming of the identification device further comprises storing at least the public key in a secure storage on the IoT hub; the IoT hub securely forwarding the public key with a corresponding signature to the IoT service over the network interface and further securely forwarding an IoT hub public key with a corresponding signature associated with the IoT hub and corresponding to an IoT hub private key; and wherein to securely transmit a command or data to the IoT device, the IoT service encrypts the command or data and generates a first signature using the public key to generate an IoT device packet and then encrypts the IoT device packet and generates a second signature using the IoT hub public key to generate an IoT hub packet. - View Dependent Claims (14, 15)
-
Specification