Secure data management techniques
First Claim
1. A method comprising:
- receiving, by a server, a request from a first device to register the first device and a second device as paired devices, wherein the first device has a first identifier and the second device has a second identifier, wherein the first identifier comprises a unique hash value of the first device and wherein the second identifier comprises a unique hash value of the second device;
storing the first identifier and the second identifier as a valid pair;
receiving an original request from the first device, wherein the original request includes the first identifier associated with the first device;
receiving a chasing request from the second device, wherein the chasing request includes the second identifier associated with the second device;
determining whether the first device and the second device are the valid pair based on the first identifier in the original request and the second identifier in the chasing request;
determining whether a portion of information in the original request matches a portion of information in the chasing request; and
granting the original request upon determining that the first device and the second device are the valid pair, and upon determining that the portion of the original request matches the portion of the chasing request; and
denying the original request upon determining either that the first device and the second device are not a valid pair, or that the portion of the original request does not match the portion of the chasing request.
2 Assignments
0 Petitions
Accused Products
Abstract
The present disclosure relates generally to secure data management techniques. Techniques are described for pairing devices and using the pairing information for granting or denying requests (e.g., data exchange requests) from the devices, for example, in a cloud environment, including Internet of Things (IoT) cloud. Devices can be paired with each other according to their identification information. Subsequently, when an original request is received from a first device, and a chasing request received from a second device, the pre-registered pairing information is used to determine whether the first and second devices form a valid pair and the original request is granted or denied based upon that determination. For example, the request may be granted only if it is determined that the first device and the second device have been previously paired. In certain embodiments, in addition to the pairing check, additional checks may be performed to determine whether to grant or deny the original request from the first device.
-
Citations
20 Claims
-
1. A method comprising:
-
receiving, by a server, a request from a first device to register the first device and a second device as paired devices, wherein the first device has a first identifier and the second device has a second identifier, wherein the first identifier comprises a unique hash value of the first device and wherein the second identifier comprises a unique hash value of the second device; storing the first identifier and the second identifier as a valid pair; receiving an original request from the first device, wherein the original request includes the first identifier associated with the first device; receiving a chasing request from the second device, wherein the chasing request includes the second identifier associated with the second device; determining whether the first device and the second device are the valid pair based on the first identifier in the original request and the second identifier in the chasing request; determining whether a portion of information in the original request matches a portion of information in the chasing request; and granting the original request upon determining that the first device and the second device are the valid pair, and upon determining that the portion of the original request matches the portion of the chasing request; and denying the original request upon determining either that the first device and the second device are not a valid pair, or that the portion of the original request does not match the portion of the chasing request. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system comprising:
-
a memory; and one or more processors coupled to the memory and configured to; receive a request from a first device to register the first device and a second device as paired devices, wherein the first device has a first identifier and first additional information and the second device has a second identifier and second additional information, wherein the first additional information comprises encryption information of the first device and wherein the second additional information comprises encryption information of the second device, and wherein the encryption information of the first device comprises one of a digital signature signed by a private key of the first device and a public key of the first device, and wherein the encryption information of the second device comprises one of a digital signature signed by a private key of the second device and a public key of the second device; store the first identifier and the first additional information of the first device with the second identifier and the second additional information of the second device as a valid set; receive an original request from the first device, wherein the original request includes the first identifier and the first additional information associated with the first device; receive a chasing request from the second device, wherein the chasing request includes the second identifier and the second additional information associated with the second device; determine whether the first device and the second device are the valid set based on the first identifier and first additional information in the original request and the second identifier and second additional information in the chasing request; and in response to determining that the first device and the second device are the valid set respond to the original request from the first device. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A method comprising:
-
receiving, by a server, a request from a first device to register the first device and a second device as paired devices, the first device having a first identifier and first additional information and the second device having a second identifier and second additional information, wherein the first additional information comprises encryption information of the first device and wherein the second additional information comprises encryption information of the second device, and wherein the encryption information of the first device comprises one of a digital signature signed by a private key of the first device and a public key of the first device, and wherein the encryption information of the second device comprises one of a digital signature signed by a private key of the second device and a public key of the second device; storing the first identifier and first additional information and the second identifier and second additional information as a valid set; receiving an original request and a chasing request from the second device, wherein the original request includes the first identifier and first additional information associated with the first device, and wherein the chasing request includes the second identifier and second additional information associated with the second device; determining whether the first device and the second device are the valid set based on the first identifier and first additional information in the original request and the second identifier and second additional information in the chasing request; and in response to determining that the first device and the second device are the valid set, responding to the original request. - View Dependent Claims (16, 17)
-
-
18. A non-transitory computer-readable storage medium storing instructions which, when executed by one or more processors of a computing device, cause the one or more processors to perform a method comprising:
-
receiving, by a server, a request from a first device to register the first device and a second device as paired devices, the first device having a first identifier and first additional information and the second device having a second identifier and second additional information, wherein the first additional information comprises encryption information of the first device and wherein the second additional information comprises encryption information of the second device, and wherein the encryption information of the first device comprises one of a digital signature signed by a private key of the first device and a public key of the first device, and wherein the encryption information of the second device comprises one of a digital signature signed by a private key of the second device and a public key of the second device; storing the first identifier and first additional information and the second identifier and second additional information as a valid set; receiving an original request and a chasing request from the second device, wherein the original request includes the first identifier and first additional information associated with the first device, and wherein the chasing request includes the second identifier and second additional information associated with the second device; determining whether the first device and the second device are the valid set based on the first identifier and first additional information in the original request and the second identifier and second additional information in the chasing request; and in response to determining that the first device and the second device are the valid set, responding to the original request.
-
-
19. A system comprising:
-
a memory; and one or more processors coupled to the memory and configured to; receiving, by a server, a request from a first device to register the first device and a second device as paired devices, wherein the first device has a first identifier and the second device has a second identifier, wherein the first identifier comprises a unique hash value of the first device and wherein the second identifier comprises a unique hash value of the second device; storing the first identifier and the second identifier as a valid pair; receiving an original request from the first device, wherein the original request includes the first identifier associated with the first device; receiving a chasing request from the second device, wherein the chasing request includes the second identifier associated with the second device; determining whether the first device and the second device are the valid pair based on the first identifier in the original request and the second identifier in the chasing request; determining whether a portion of information in the original request matches a portion of information in the chasing request; and granting the original request upon determining that the first device and the second device are the valid pair, and upon determining that the portion of the original request matches the portion of the chasing request; and denying the original request upon determining either that the first device and the second device are not a valid pair, or that the portion of the original request does not match the portion of the chasing request.
-
-
20. A non-transitory computer-readable storage medium storing instructions which, when executed by one or more processors of a computing device, cause the one or more processors to perform a method comprising:
-
receiving, by a server, a request from a first device to register the first device and a second device as paired devices, wherein the first device has a first identifier and the second device has a second identifier, wherein the first identifier comprises a unique hash value of the first device and wherein the second identifier comprises a unique hash value of the second device; storing the first identifier and the second identifier as a valid pair; receiving an original request from the first device, wherein the original request includes the first identifier associated with the first device; receiving a chasing request from the second device, wherein the chasing request includes the second identifier associated with the second device; determining whether the first device and the second device are the valid pair based on the first identifier in the original request and the second identifier in the chasing request; determining whether a portion of information in the original request matches a portion of information in the chasing request; and granting the original request upon determining that the first device and the second device are the valid pair, and upon determining that the portion of the original request matches the portion of the chasing request; and denying the original request upon determining either that the first device and the second device are not a valid pair, or that the portion of the original request does not match the portion of the chasing request.
-
Specification