Cryptographic key management via a computer server
First Claim
1. A computer server comprising:
- a processor configured to;
add a security system associated with a user account;
provision a NFC-enabled communication device associated with the security system comprising an electronic lock, wherein the NFC-enabled communication device is a mobile user device remotely powering the electronic lock to actuate a locking member;
configure a cryptographic key to associate the NFC-enabled communication device, from amongst a plurality of NFC-enabled communication devices, with the security system;
configure an access control file that is cryptographically signed by the computer server and encrypted with the cryptographic key associated with the security system, wherein the access control file contains permissions of the NFC-enabled communication device to the security system; and
send a data payload including the access control file to the NFC-enabled communication device, and, in response to determining that the NFC-enabled communication device is not previously associated with the security system, the security system receiving the access control file from the NFC-enabled communication device, to establish a new relationship between the NFC-enabled communication device and the security system, the security system validating the access control file.
3 Assignments
0 Petitions
Accused Products
Abstract
Some embodiments include a computer server. The computer server can be configured to: add a security system associated with a user account; provision one or more communication devices associated with the security system; configure a cryptographic key to associate at least a communication device amongst the communication devices with the security system; configure an access control file that is cryptographically signed by the computer server and encrypted with the cryptographic key associated with the security system, wherein the access control file contains permissions of the communication devices to the security system; and provide a data payload including the access control file to a first communication device of the communication devices.
-
Citations
17 Claims
-
1. A computer server comprising:
-
a processor configured to; add a security system associated with a user account; provision a NFC-enabled communication device associated with the security system comprising an electronic lock, wherein the NFC-enabled communication device is a mobile user device remotely powering the electronic lock to actuate a locking member; configure a cryptographic key to associate the NFC-enabled communication device, from amongst a plurality of NFC-enabled communication devices, with the security system; configure an access control file that is cryptographically signed by the computer server and encrypted with the cryptographic key associated with the security system, wherein the access control file contains permissions of the NFC-enabled communication device to the security system; and send a data payload including the access control file to the NFC-enabled communication device, and, in response to determining that the NFC-enabled communication device is not previously associated with the security system, the security system receiving the access control file from the NFC-enabled communication device, to establish a new relationship between the NFC-enabled communication device and the security system, the security system validating the access control file. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A processor-implemented method of operating a computing device to implement a security system, comprising:
-
provisioning the computing device with an authentication certificate capable of uniquely identifying the computing device and capable of being updated, wherein the authentication certificate is a mutual public key infrastructure (PKI) authentication certificate; sending identifying information, based on the authentication certificate, associated with the computing device to a NFC-enabled customer communication device to validate the security system implemented by the computing device, wherein the NFC-enabled customer communication device is a mobile user device remotely powering an electronic lock to actuate a locking member; receiving, in response to determining that the NFC-enabled customer communication device is not previously associated with the computing device, an access control list from the NFC-enabled customer communication device, to establish a new relationship between the NFC-enabled customer communication device and the computing device; validating the access control list against the authentication certificate; receiving an access request and a customer signature from the NFC-enabled customer communication device in response to the NFC-enabled customer communication device validating the computing device; and validating the access request based on the authentication certificate in response to receiving the customer signature. - View Dependent Claims (12, 13, 14, 15, 16, 17)
-
Specification