SECURE ASSOCIATION
1 Assignment
0 Petitions
Accused Products
Abstract
To enable formation of secure associations between IP-enabled devices when they have not previously connected, a method is proposed where a declaration of ownership of a target device is made by the subscriber of a originating device and that subscriber giving that declaration is authenticated by means of a SIM card, say. The originating device establishes secure connection to a first server. The target device establishes a secure connection to a second server. Provided the first and second servers can establish a conventional IP-type SA (e.g. using IPSec or TLS), there is a chain of secure associations between the two devices. This chain is then used to build a new secure association between originating device and target Device. The first and second servers thus act as proxies for two devices respectively and negotiate the secure association on their behalf. They then transfer the new secure association information securely to the devices using the existing chain of secure associations.
25 Citations
12 Claims
-
1-3. -3. (canceled)
-
4. A method for forming secure associations between IP-enabled devices, the method comprising:
-
establishing a first association between a first one of said devices and a first network server, receiving, from a subscriber known to the network using an authentication storage means, a declaration of ownership to the network of a second one of said devices, assigning a network realm identity to the second device, receiving authentication information in response to authentication of the subscriber giving the declaration; transferring the authentication information to the second device, facilitating a second association between the second device and a second network server in accordance with the transferred authentication information, establishing a secure connection between the first and second network servers, said secure connection having corresponding secure association information, and transferring said corresponding secure association information to both first and second devices using the first and second associations respectively, thereby providing the necessary association between the first and second IP-enabled devices. - View Dependent Claims (5, 6)
-
-
9. A system for forming secure associations between IP-enabled devices, the system comprising:
-
a first network server and a second network server, the first network server and a second network server being operable to establish a secure IP-type association therebetween, said secure association having corresponding secure association information, wherein the first network server includes means for establishing a first association with a first one of said devices, means for receiving, from a subscriber known to the network using an authentication storage means, a declaration of ownership of a second one of said devices, means for assigning a network realm identity to the second device, means for receiving authentication information in response to authentication of the subscriber giving the declaration, and means for transferring the authentication information to the second device; the second network server having means for establishing a second association with the second device in accordance with the transferred authentication information, wherein the first network server transfers said corresponding secure association information to the first device using the first association and the second network server transfers said corresponding secure association information to the second device using the second association, thereby providing the necessary association between the first and second IP-enabled devices. - View Dependent Claims (10, 11, 12)
-
Specification