INCREASED COMMUNICATION SECURITY

US 20150281195A1
Filed: 03/31/2014
Published: 10/01/2015
Est. Priority Date: 03/31/2014
Status: Active Grant

First Claim

Patent Images

1. A method of increasing communication security, said method comprising:

generating authentication data;

generating a Constrained Application Protocol (CoAP) message including said authentication data; and

communicating said CoAP message from a first computer system to a second computer system.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Authentication data may be generated and included in a Constrained Application Protocol (CoAP) message communicated from a first computer system to a second computer system. The authentication data may allow the second computer system to perform message validation for verifying the authenticity of the first computer system and/or the integrity of the CoAP message. And in one embodiment, where the CoAP message includes a nonce, security can be improved by allowing the second computer system to advantageously detect and/or act on a replay attack.

Citations

20 Claims

1. A method of increasing communication security, said method comprising:
- generating authentication data;
  
  generating a Constrained Application Protocol (CoAP) message including said authentication data; and
  
  communicating said CoAP message from a first computer system to a second computer system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein said CoAP message includes a unique identifier associated with said first computer system.
  - 3. The method of claim 1, wherein said generating said authentication data further comprises generating said authentication data using an authentication mechanism, and wherein said CoAP message includes an authentication mechanism identifier associated with said authentication mechanism.
  - 4. The method of claim 3, wherein said authentication mechanism is selected from a group consisting of hash-based message authentication code (HMAC) utilizing a MD5 hash function, HMAC utilizing a SHA-1 hash function, HMAC utilizing a SHA256 hash function, HMAC utilizing a SHA512 hash function, OAuth, OAuth 2.0, and OpenID.
  - 5. The method of claim 1, wherein said generating authentication data comprises:
    - accessing a key associated with said first computer system; and
      
      generating said authentication data using said key.
  - 6. The method of claim 1, wherein said CoAP message includes a nonce, and wherein said nonce is selected from a group consisting of a random number, a pseudorandom number, and an incremental number, and a timestamp.
  - 7. The method of claim 1, wherein said CoAP message includes a header, and wherein said header is separate from at least one other portion of said CoAP message including said authentication data.
  - 8. The method of claim 1, wherein said communicating comprises communicating said CoAP message using Datagram Transport Layer Security (DTLS).

9. A computer-readable medium having computer-readable program code embodied therein for causing a computer system to perform a method of increasing communication security, said method comprising:
- generating authentication data;
  
  generating a Constrained Application Protocol (CoAP) message including said authentication data; and
  
  communicating said CoAP message from a first computer system to a second computer system.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The computer-readable medium of claim 9, wherein said CoAP message includes a unique identifier associated with said first computer system.
  - 11. The computer-readable medium of claim 9, wherein said generating said authentication data further comprises generating said authentication data using an authentication mechanism, and wherein said CoAP message includes an authentication mechanism identifier associated with said authentication mechanism.
  - 12. The computer-readable medium of claim 11, wherein said authentication mechanism is selected from a group consisting of hash-based message authentication code (HMAC) utilizing a MD5 hash function, HMAC utilizing a SHA-1 hash function, HMAC utilizing a SHA256 hash function, HMAC utilizing a SHA512 hash function, OAuth, OAuth 2.0, and OpenID.
  - 13. The computer-readable medium of claim 9, wherein said generating authentication data comprises:
    - accessing a key associated with said first computer system; and
      
      generating said authentication data using said key.
  - 14. The computer-readable medium of claim 9, wherein said CoAP message includes a nonce, and wherein said nonce is selected from a group consisting of a random number, a pseudorandom number, and an incremental number, and a timestamp.
  - 15. The computer-readable medium of claim 9, wherein said CoAP message includes a header, and wherein said header is separate from at least one other portion of said CoAP message including said authentication data.
  - 16. The computer-readable medium of claim 9, wherein said communicating comprises communicating said CoAP message using Datagram Transport Layer Security (DTLS).

17. A system comprising a processor and a memory, wherein said memory comprises instructions for causing said processor to implement a method of increasing communication security, said method comprising:
- generating authentication data;
  
  generating a Constrained Application Protocol (CoAP) message including said authentication data; and
  
  communicating said CoAP message from a first computer system to a second computer system.
- View Dependent Claims (18, 19, 20)
- - 18. The system of claim 17, wherein said CoAP message includes a unique identifier associated with said first computer system.
  - 19. The system of claim 17, wherein said generating said authentication data further comprises generating said authentication data using an authentication mechanism, and wherein said CoAP message includes an authentication mechanism identifier associated with said authentication mechanism.
  - 20. The system of claim 17, wherein said generating authentication data comprises:
    - accessing a key associated with said first computer system; and
      
      generating said authentication data using said key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Idaax Technologies Private Limited
Original Assignee
EXILANT Technologies Private Limited
Inventors
Sharma, Vishnu

Granted Patent

US 9,426,135 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 51/00   User-to-user messaging in p...

H04L 63/08   for authentication of entit...

H04L 63/168   above the transport layer

H04L 9/3242   involving keyed hash functi...

INCREASED COMMUNICATION SECURITY

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

INCREASED COMMUNICATION SECURITY

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links