Sharing security keys with headless devices
First Claim
Patent Images
1. A method for sharing security keys with headless devices, the method comprising:
- detecting a headless device within a wireless communication range;
executing instructions stored in memory, wherein execution of the instructions by a processor;
determines that the detected headless device is authenticated for access to a secured wireless network,identifies that the detected headless device is not yet associated with any pre-shared keys, andassigns a pre-shared key to the detected headless device, wherein the assigned pre-shared key is unique to the detected headless device;
transferring the assigned pre-shared key to the detected headless device, wherein the pre-shared key is used to encrypt wireless communications between the detected headless device and an access point in the secured wireless network;
binding the assigned pre-shared key to the detected device at the access point by associating the assigned pre-shared key to a MAC address of the detected headless device;
in response to one or more communications, identifying one or more other characteristics of the detected headless device and generating a fingerprint of the detected headless device comprising at least the MAC address and the one or more other characteristics of the headless device; and
dynamically updating the binding to associate the assigned pre-shared key with the fingerprint of the detected headless device.
9 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for provisioned configuration of wireless devices to allow access to restricted wireless networks are provided. Using an open wireless or wired network, a user of a wireless device may be authenticated. A configuration application, which includes the parameters and policies of the provisioned configuration, is generated, transferred to, and executed on the wireless device. Following configuration by the application, the wireless device is allowed to access the restricted wireless network within the parameters and policies of the provisioned configuration.
291 Citations
11 Claims
-
1. A method for sharing security keys with headless devices, the method comprising:
-
detecting a headless device within a wireless communication range; executing instructions stored in memory, wherein execution of the instructions by a processor; determines that the detected headless device is authenticated for access to a secured wireless network, identifies that the detected headless device is not yet associated with any pre-shared keys, and assigns a pre-shared key to the detected headless device, wherein the assigned pre-shared key is unique to the detected headless device; transferring the assigned pre-shared key to the detected headless device, wherein the pre-shared key is used to encrypt wireless communications between the detected headless device and an access point in the secured wireless network; binding the assigned pre-shared key to the detected device at the access point by associating the assigned pre-shared key to a MAC address of the detected headless device; in response to one or more communications, identifying one or more other characteristics of the detected headless device and generating a fingerprint of the detected headless device comprising at least the MAC address and the one or more other characteristics of the headless device; and dynamically updating the binding to associate the assigned pre-shared key with the fingerprint of the detected headless device. - View Dependent Claims (2, 3, 4, 5)
-
-
6. An apparatus for sharing security keys with headless devices, the apparatus comprising:
-
a communication interface that detects a headless device within a wireless communication range; a processor that executes instructions stored in memory, wherein execution of the instructions by a processor; determines that the detected headless device is authenticated for access to a secured wireless network, identifies that the detected headless device is not yet associated with any pre-shared keys, and assigns a pre-shared key to the detected headless device, wherein the assigned pre-shared key is unique to the detected headless device; wherein the communication interface transfers the assigned pre-shared key to the detected headless device, wherein the pre-shared key is used to encrypt wireless communications between the detected headless device and an access point in the secured wireless network; in response to which, further execution of the instructions by the processor; binds the assigned pre-shared key to the detected device at the access point by associating the assigned pre-shared key to a MAC address of the detected headless device; in response to one or more communications, identifies one or more other characteristics of the detected headless device and generates a fingerprint of the detected headless device comprising at least the MAC address and the one or more other characteristics of the headless device; and dynamically updates the binding to associate the assigned pre-shared key with the fingerprint of the detected headless device. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A non-transitory computer-readable storage medium, having embodied thereon a program executable by a processor to perform a method for sharing security keys with headless devices, the method comprising:
-
detecting a headless device within a wireless communication range; determining that the detected headless device is authenticated for access to a secured wireless network; identifying that the detected headless device is not yet associated with any pre-shared keys; assigning a pre-shared key to the detected headless device, wherein the assigned pre-shared key is unique to the detected headless device; transferring the assigned pre-shared key to the detected headless device, wherein the pre-shared key is used to encrypt wireless communications between the detected headless device and an access point in the secured wireless network; binding the assigned pre-shared key to the detected device at the access point by associating the assigned pre-shared key to a MAC address of the detected headless device; in response to one or more communications, identifying one or more other characteristics of the detected headless device and generating a fingerprint of the detected headless device comprising at least the MAC address and the one or more other characteristics of the headless device; and dynamically updating the binding to associate the assigned pre-shared key with the fingerprint of the detected headless device.
-
Specification