System and method for securely connecting network devices using optical labels

US 9,894,473 B2
Filed: 03/29/2017
Issued: 02/13/2018
Est. Priority Date: 12/18/2014
Status: Active Grant

First Claim

Patent Images

1. A system for establishing a secure communication channel between an Internet of Things (IoT) device and an IoT cloud service comprising:

an Internet of Things (IoT) device having a machine-readable optical label associated therewith and including a first wireless communication interface;

an IoT cloud service to manage user accounts, each user account having one or more IoT devices associated therewith, the IoT cloud service to transmit commands to control the IoT devices and to receive data from the IoT devices related to functions performed by the IoT devices, the IoT cloud service to provide access to the data by a plurality of users, each user associated with at least one of the user accounts; and

an IoT service app to be installed on a mobile user device to cause the mobile user device to establish a secure communication channel with the IoT cloud service and to capture identification data from the optical label associated with the IoT device, the IoT service app to cause the mobile user device to transmit the identification data to the IoT cloud service over the secure communication channel,the IoT cloud service to use the identification data to determine an encryption key associated with the IoT device or to use the identification data as an encryption key,the IoT cloud service to then use the encryption key to encrypt commands and data to be sent to the IoT device and/or to decrypt data received from the IoT device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A platform, apparatus and method are described for pairing devices. For example, one embodiment of a system for pairing devices comprises: a first data processing device having a machine-readable optical label associated therewith and including a first wireless communication interface; a second data processing device having a second wireless communication interface and an optical reader for reading identification data from the optical label associated with the first data processing device, the second wireless communication interface including pairing logic to use the identification data to pair with the first data processing device by establishing a secure communication channel between the first and second wireless communication interfaces.

140 Citations

21 Claims

1. A system for establishing a secure communication channel between an Internet of Things (IoT) device and an IoT cloud service comprising:
- an Internet of Things (IoT) device having a machine-readable optical label associated therewith and including a first wireless communication interface;
  
  an IoT cloud service to manage user accounts, each user account having one or more IoT devices associated therewith, the IoT cloud service to transmit commands to control the IoT devices and to receive data from the IoT devices related to functions performed by the IoT devices, the IoT cloud service to provide access to the data by a plurality of users, each user associated with at least one of the user accounts; and
  
  an IoT service app to be installed on a mobile user device to cause the mobile user device to establish a secure communication channel with the IoT cloud service and to capture identification data from the optical label associated with the IoT device, the IoT service app to cause the mobile user device to transmit the identification data to the IoT cloud service over the secure communication channel,the IoT cloud service to use the identification data to determine an encryption key associated with the IoT device or to use the identification data as an encryption key,the IoT cloud service to then use the encryption key to encrypt commands and data to be sent to the IoT device and/or to decrypt data received from the IoT device.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The system as in claim 1 wherein the encryption key comprises a public key of the IoT device, the IoT cloud service to use the public key to encrypt commands and data transmitted to the IoT device,the IoT device having a private key to decrypt the commands and data received from the IoT cloud service.
  - 3. The system as in claim 1 further comprising:
    - an IoT hub having a first wireless communication interface to establish a local wireless communication connection with a second wireless communication interface of the IoT device, the IoT hub to connect the IoT device to the IoT cloud service, wherein the encrypted commands and data are to be transmitted through the IoT hub.
  - 4. The system as in claim 3 wherein the IoT hub further comprises a third wireless communication interface to connect with the IoT cloud service over the Internet.
  - 5. The system as in claim 1 wherein the secure communication channel comprises a secure sockets layer (SSL) communication channel.
  - 6. The system as in claim 1 wherein the IoT service or the mobile user device is to share the encryption key with the IoT hub.
  - 7. The system as in claim 4 wherein the first and second wireless communication interfaces comprise Bluetooth Low Energy (BTLE) interfaces and wherein the third wireless communication interface comprises a WiFi interface.

8. A method comprising:
- associating a machine-readable optical label with an Internet of Things (IoT);
  
  managing user accounts on an IoT cloud service, each user account having one or more IoT devices associated therewith, the IoT cloud service to transmit commands to control the IoT devices and to receive data from the IoT devices related to functions performed by the IoT devices, the IoT cloud service to provide access to the data by a plurality of users, each user associated with at least one of the user accounts; and
  
  reading identification data from the machine-readable optical label with an IoT service app installed on a mobile user device, the IoT service app to cause the mobile user device to establish a secure communication channel with the IoT cloud service and to transmit the identification data to the IoT cloud service over the secure communication channel;
  
  using the identification data on the IoT cloud service to determine an encryption key associated with the IoT device or to use the identification data as an encryption key; and
  
  using the encryption key on the IoT cloud service to encrypt commands and data to be sent to the IoT device and/or to decrypt data received from the IoT device.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The method as in claim 8 wherein the encryption key comprises a public key of the IoT device, the IoT cloud service to use the public key to encrypt commands and data transmitted to the IoT device, the IoT device having a private key to decrypt the commands and data received from the IoT cloud service.
  - 10. The method as in claim 8 further comprising:
    - establishing communication between the IoT device and IoT cloud service through an IoT hub, the IoT hub having a first wireless communication interface to establish a local wireless communication connection with a second wireless communication interface of the IoT device.
  - 11. The method as in claim 10 wherein the IoT hub further comprises a third wireless communication interface to connect with the IoT cloud service over the Internet.
  - 12. The method as in claim 8 wherein the secure communication channel comprises a secure sockets layer (SSL) communication channel.
  - 13. The method as in claim 8 wherein the IoT service or the mobile user device is to share the encryption key with the IoT hub.
  - 14. The method as in claim 11 wherein the first and second wireless communication interfaces comprise Bluetooth Low Energy (BTLE) interfaces and wherein the third wireless communication interface comprises a WiFi interface.

15. A non-transitory machine-readable medium having program code stored thereon which, when executed by one or more machines causes the one or more machines to perform the operations of:
- associating a machine-readable optical label with an Internet of Things (loT) device;
  
  managing user accounts on an IoT cloud service, each user account having one or more IoT devices associated therewith, the IoT cloud service to transmit commands to control the IoT devices and to receive data from the IoT devices related to functions performed by the IoT devices, the IoT cloud service to provide access to the data by a plurality of users, each user associated with at least one of the user accounts; and
  
  reading identification data from the machine-readable optical label with an IoT service app installed on a mobile user device, the IoT service app to cause the mobile user device to establish a secure communication channel with the IoT cloud service and to transmit the identification data to the IoT cloud service over the secure communication channel;
  
  using the identification data on the IoT cloud service to determine an encryption key associated with the IoT device or to use the identification data as an encryption key; and
  
  using the encryption key on the IoT cloud service to encrypt commands and data to be sent to the IoT device and/or to decrypt data received from the IoT device.
- View Dependent Claims (16, 19, 20, 21)
- - 16. The machine-readable medium as in claim 15 wherein the encryption key comprises a public key of the IoT device, the IoT cloud service to use the public key to encrypt commands and data transmitted to the IoT device, the IoT device having a private key to decrypt the commands and data received from the IoT cloud service.
  - 19. The machine-readable medium as in claim 15 wherein the secure communication channel comprises a secure sockets layer (SSL) communication channel.
  - 20. The machine-readable medium as in claim 15 wherein the IoT service or the mobile user device is to share the encryption key with the IoT hub.
  - 21. The machine-readable medium as in claim 20 wherein 18 wherein the first and second wireless communication interfaces comprise Bluetooth Low Energy (BTLE) interfaces and wherein the third wireless communication interface comprises a WiFi interface.

17. The machine-readable medium as in 8 further comprising program code to cause the machines to perform the operations of:
- establishing communication between the IoT device and IoT cloud service through an IoT hub, the IoT hub having a first wireless communication interface to establish a local wireless communication connection with a second wireless communication interface of the IoT device.
- View Dependent Claims (18)
- - 18. The machine-readable medium as in claim 17 wherein the IoT hub further comprises a third wireless communication interface to connect with the IoT cloud service over the Internet.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Afero, Inc.
Original Assignee
Afero, Inc.
Inventors
Britt, Joe, Matsumura, Shin, Forood, Houman, Zimmerman, Scott, Myles, Phillip, Zawicki, Sean, Kutami, Daisuke, Holland, Shannon, Lee, Justin
Primary Examiner(s)
Poltorak, Peter

Application Number

US15/473,423
Publication Number

US 20170208432A1
Time in Patent Office

321 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 21/36   by graphic or iconic repres...

G06F 21/44   Program or device authentic...

H04B 1/3816   Mechanical arrangements for...

H04L 63/06   for supporting key manageme...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/0853   using an additional device,...

H04L 67/10   in which an application is ...

H04L 67/306   User profiles

H04W 12/35   Protecting application or s...

H04W 12/50   Secure pairing of devices

H04W 12/77   Graphical identity

H04W 4/70   Services for machine-to-mac...

H04W 4/80   Services using short range ...

H04W 84/12   WLAN [Wireless Local Area N...

System and method for securely connecting network devices using optical labels

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

140 Citations

21 Claims

Specification

Use Cases

Quick Links

Others

System and method for securely connecting network devices using optical labels

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

140 Citations

21 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others