System, apparatus and method for group key distribution for a network
US-2016365975-A1 · Dec 15, 2016 · US
Security architecture and solution for handling internet of things devices in a fifth generation system
US10219152B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10219152-B2 |
| Application number | US-201615263588-A |
| Country | US |
| Kind code | B2 |
| Filing date | Sep 13, 2016 |
| Priority date | Sep 14, 2015 |
| Publication date | Feb 26, 2019 |
| Grant date | Feb 26, 2019 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A method of establishing a group trust relationship in an Internet of Things (IoT) system using a first IoT device within a group of IoT devices is provided. The method includes generating, by the first IoT device, a first set of keys corresponding to the first IoT device, deriving, by the first IoT device, a group set of keys corresponding the group of IoT devices, and discarding the first set of keys and storing the group set of keys after the first IoT device transmits data toward a base station and goes idle, wherein the group set of keys is used by each IoT device within the group of IoT devices for subsequent transmissions of data to the base station.
First claim
Opening claim text (preview).
What is claimed is: 1. A method of establishing a group trust relationship in an Internet of Things (IoT) system using a first IoT device within a group of IoT devices, comprising: generating, by the first IoT device, a first set of keys corresponding to the first IoT device; transmitting, by the first IoT device, initial data toward a base station using the first set of keys; discarding, by the first IoT device, the first set of keys following transmission of the initial data toward the base station using the first set of keys; deriving, by the first IoT device, a group set of keys corresponding to the group of IoT devices after the first set of keys has been discarded; and storing, by each of the IoT devices, the group set of keys to establish an always on connection between each of the IoT devices and the base station, the always on connection maintained while each of the IoT devices is idle; and transmitting, by one of the IoT devices, subsequent data using the group set of keys and the always on connection upon waking up. 2. The method of claim 1 , wherein the group set of keys includes at least one of a group base station key, a group encryption key, or a group integrity key corresponding to the group of IoT devices. 3. The method of claim 1 , wherein the group set of keys is based on a group access security mobility entity key derived by the first IoT device. 4. The method of claim 3 , wherein the group access security mobility entity key is based on a group cyphering key and a group integrity protection key derived by the first IoT device. 5. The method of claim 4 , wherein the group cyphering key and the group integrity protection key are based on a group secret key obtained from the first IoT device. 6. The method of claim 5 , wherein the group secret key used to generate the group set of keys is pre-configured on a card of the first IoT device. 7. The method of claim 5 , wherein the group secret key used to generate the group set of keys is received by the first IoT device over a per-device secure channel. 8. The method of claim 1 , wherein the first IoT device serves as an IoT gateway for each of the other IoT devices in the group of IoT devices. 9. A method of establishing a group trust relationship in an Internet of Things (IoT) system using a base controller, comprising: receiving, from a management entity, a first set of keys corresponding to a first IoT device within a group of IoT devices; receiving, from the management entity, a group key corresponding to the group of IoT devices after the first IoT device has transmitted initial data using the first set of keys; generating a group set of keys corresponding to the group key; discarding the first set of keys and storing the group set of keys to establish an always on connection between each of the IoT devices and the base controller, the always on connection maintained while each of the IoT devices is idle; and receiving, from a second IoT device within the IoT group, subsequent data using the group set of keys and the always on connection. 10. The method of claim 9 , wherein the group set of keys includes at least one of a group base station key, a group encryption key, or a group integrity key corresponding to the group of IoT devices. 11. The method of claim 9 , wherein the group set of keys is based on a group access security mobility entity key derived by the management entity. 12. The method of claim 11 , wherein the group access security mobility entity key is based on a group cyphering key and a group integrity protection key derived by the management entity, and wherein the group cyphering key and the group integrity protection key are based on a group secret key obtained from a subscriber identification module card of the management entity. 13. The method of claim 11 , wherein the first IoT device and each other IoT device in the group of IoT devices share the group secret key. 14. The method of claim 13 , wherein the first IoT device and each other IoT device in the group of IoT devices share the group cyphering key and the group integrity protection key. 15. The method of claim 9 , further comprising sending, to at least one of the IoT devices in the group of IoT devices, a challenge requesting the at least of the IoT devices to reestablish the group trust relationship. 16. A management entity configured to establish a group trust relationship in an Internet of Things (IoT) system, comprising: a non-transitory memory storage comprising instructions; and one or more processors in communication with the memory, wherein the one or more processors execute the instructions to: obtain, from a subscriber identification module card, a secret key corresponding to a first IoT device from a group of IoT devices; derive a cyphering key and an integrity protection key based on the secret key; derive an access security mobility entity key based on the cyphering key and an integrity protection key; derive a first set of keys corresponding to the first IoT device based on the access security mobility entity key, the first set of keys configured to be used by the first IoT device to transmit initial data and then discarded; and encrypt and transmit a group secret key to the first IoT device over a secure communications channel, wherein the group secret key permits the first IoT device to generate a group set of keys, the group set of keys configured to be stored to establish an always on connection, the always on connection maintained while the first IoT device is idle and used by the first IoT device to transmit subsequent data. 17. The management entity of claim 16 , wherein the group set of keys is utilized by all of the IoT devices in the group of IoT devices for subsequent transmissions of data. 18. The management entity of claim 16 , wherein the group set of keys includes at least one of a group base station key, a group encryption key, or a group integrity key. 19. The management entity of claim 16 , wherein the group secret key is encrypted and transmitted individually to each IoT device in the group of IoT devices. 20. The management entity of claim 16 , wherein the management entity resides in a serving cellular network, and wherein the management entity is in communication with the IoT device by way of at least one base station.
Assignees
Inventors
Classifications
Wireless · CPC title
applying further key derivation, e.g. deriving traffic keys from a pair-wise master key · CPC title
involving conference or group key (network architectures or network communication protocols for key management in group communication in a packet data network H04L63/065) · CPC title
involving distinctive intermediate devices or communication paths (network architectures or network communication protocols using different networks H04L63/18) · CPC title
for group communications (cryptographic mechanisms or cryptographic arrangements for key management involving conference or group key H04L9/0833) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10219152B2 cover?
- A method of establishing a group trust relationship in an Internet of Things (IoT) system using a first IoT device within a group of IoT devices is provided. The method includes generating, by the first IoT device, a first set of keys corresponding to the first IoT device, deriving, by the first IoT device, a group set of keys corresponding the group of IoT devices, and discarding the first set…
- Who is the assignee on this patent?
- Futurewei Technologies Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L9/0822. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Feb 26 2019 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).