Securing a wireless mesh network via a chain of trust
First Claim
1. A computer-implemented method for securing a wireless mesh network of beacon devices, comprising:
- receiving, by a master beacon device and from a plurality of servant beacon devices in a mesh network, survey data comprising, for each of the servant beacon devices, a beacon device identifier and path loss information of proximate servant beacon devices detected by each servant beacon device;
transmitting, by the master beacon device and to each of the plurality of servant beacon devices, enrollment data comprising beacon device identifiers and corresponding path loss values of proximate beacon devices to servant beacon devices determined from the received survey data, wherein the enrollment data may be retransmitted by servant beacon devices within the mesh network to reach other recipient servant beacon devices;
receiving, by the master beacon device, authentication data from a plurality of servant beacon devices, the authentication data comprising beacon device identifiers for servant beacon devices and path loss information detected by servant beacon devices of proximate servant beacon devices;
comparing, by the master beacon device, the received survey data to the received authentication data; and
determining, by the master beacon device, that the mesh network is insecure based on identified differences between the path loss data from the received survey data and the path loss data from the received authentication data.
2 Assignments
0 Petitions
Accused Products
Abstract
A master beacon device emits a data packet that is received and retransmitted by servant beacon devices in a wireless mesh network that enables the beacon devices to detect the received signal strength indicator (“RSSI”) of beacon devices in proximity. Each servant beacon device transmits survey data packets comprising the RSSIs and hardware identifiers of proximate beacon devices to the master beacon device, which constructs a first virtual map of the mesh network. At a later time, each servant beacon device transmits authentication data packets, which are retransmitted, each retransmitting beacon inserting an RSSI and hardware identifier of the beacon device from which the authentication data packet was received, until they reach the master beacon device, which constructs a second virtual map of the mesh network. The master beacon device compares the first virtual map to the second virtual map to determine if the network is secure.
-
Citations
20 Claims
-
1. A computer-implemented method for securing a wireless mesh network of beacon devices, comprising:
-
receiving, by a master beacon device and from a plurality of servant beacon devices in a mesh network, survey data comprising, for each of the servant beacon devices, a beacon device identifier and path loss information of proximate servant beacon devices detected by each servant beacon device; transmitting, by the master beacon device and to each of the plurality of servant beacon devices, enrollment data comprising beacon device identifiers and corresponding path loss values of proximate beacon devices to servant beacon devices determined from the received survey data, wherein the enrollment data may be retransmitted by servant beacon devices within the mesh network to reach other recipient servant beacon devices; receiving, by the master beacon device, authentication data from a plurality of servant beacon devices, the authentication data comprising beacon device identifiers for servant beacon devices and path loss information detected by servant beacon devices of proximate servant beacon devices; comparing, by the master beacon device, the received survey data to the received authentication data; and determining, by the master beacon device, that the mesh network is insecure based on identified differences between the path loss data from the received survey data and the path loss data from the received authentication data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer program product, comprising:
a non-transitory computer-readable medium having computer-readable program instructions embodied thereon that when executed by a computer cause the computer to secure a wireless mesh network of beacon devices, the computer readable instructions comprising; computer-readable program instructions to receive, from a plurality of servant beacon devices in a mesh network, survey data comprising, for each of the servant beacon devices, a beacon device identifier and path loss information of proximate servant beacon devices detected by each servant beacon device; computer-readable program instructions to transmit, to each of a plurality of servant beacon devices, enrollment data comprising beacon device identifiers and corresponding received signal strength indicator values of proximate beacon devices to servant beacon devices, wherein the enrollment data is based on the received survey data, wherein the enrollment data may be retransmitted by servant beacon devices within the mesh network to reach other recipient servant beacon devices, the enrollment data comprising a list of beacon devices in the mesh network identified by the beacon device identifiers and path loss information detected, for each servant beacon device, of beacon devices in proximity to the servant beacon device; computer-readable program instructions for receiving authentication data from a plurality of servant beacon devices, the authentication data comprising beacon device identifiers for servant beacon devices and received signal strength indicator values detected by servant beacon devices of proximate servant beacon devices; computer-readable program instructions for comparing the received survey data to the received authentication data to identify differences between the received survey data and the received authentication data; computer-readable program instructions for determining that the mesh network is insecure based on identified differences between the received survey data and the received authentication data. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
17. A system for securing a wireless mesh network of beacon devices, comprising:
-
a storage device; and a processor communicatively coupled to the storage device, wherein the processor executes application code instructions that are stored in the storage device to cause the system to; receive, from a plurality of servant beacon devices in a mesh network, survey data comprising, for each of the servant beacon devices, a beacon device identifier and received signal strength indicator (“
RSSI”
) of proximate servant beacon devices detected by each servant beacon device;transmit, to each of the plurality of servant beacon devices, enrollment data comprising beacon device identifiers and corresponding RSSI values of proximate beacon devices to servant beacon devices, wherein the enrollment data is based on the received survey data and wherein the enrollment data may be retransmitted by servant beacon devices within the mesh network to reach other recipient servant beacon devices; receive authentication data from a plurality of servant beacon devices in a mesh network, the authentication data comprising beacon device identifiers for servant beacon devices and RSSI values detected by servant beacon devices of proximate servant beacon devices; compare RSSI data from the received survey data packets to the RSSI data from the received authentication data packets; determine that the mesh network is insecure based on identified differences between the RSSI data from the received survey data packets and the RSSI data from the received authentication data packets. - View Dependent Claims (18, 19, 20)
-
Specification