Key fob security copy to a mobile phone
US-2015379790-A1 · Dec 31, 2015 · US
Authorized control of an embedded system using end-to-end secure element communication
US10686776B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10686776-B2 |
| Application number | US-201715584892-A |
| Country | US |
| Kind code | B2 |
| Filing date | May 2, 2017 |
| Priority date | Jul 22, 2016 |
| Publication date | Jun 16, 2020 |
| Grant date | Jun 16, 2020 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A connected device includes an application processor, a secure element, and a control module. The application processor is configured to receive a control command from an electronic device. The secure element is connected between the application processor and a control module and is configured to authenticate the control command. The control module is configured to receive the control command when the control command is authenticated by the secure element, execute the control command to activate at least one function of the connected device, and transmit a response to the electronic device.
First claim
Opening claim text (preview).
What is claimed is: 1. A connected device comprising: an application processor configured to receive a control command from an electronic device and transmit the control command to a secure element; the secure element connected between the application processor and a control module, the secure element configured to: authenticate the control command; and authorize the control command based on an authorization policy, wherein the authorization policy includes commands based on a role of the electronic device; and the control module is configured to: receive the control command, from the secure element when the control command is authenticated and authorized by the secure element; execute the control command to activate at least one function of the connected device; and transmit an authentication response to the electronic device. 2. The connected device of claim 1 , further comprising a split bus having a first bus and a second bus, the first bus is configured to electrically couple the application processor to the secure element and the second bus is configured to electrically couple the control module to the secure element. 3. The connected device of claim 1 , wherein the connected device is paired with the electronic device over a wireless communication channel. 4. The connected device of claim 3 , wherein the secure element of the connected device is configured to execute an authenticated key exchange with a secure element of the electronic device. 5. The connected device of claim 4 , wherein the authenticated key exchange generates a session key used to encrypt or decrypt the control command. 6. The connected device of claim 1 , wherein the connected device is configured to communicate with the electronic device through a trusted server. 7. The connected device of claim 6 , wherein the secure element transmits a public key to the trusted server. 8. The connected device of claim 6 , wherein the secure element receives a public key of the electronic device from the trusted server. 9. The connected device of claim 1 , wherein the connected device is an automobile and the at least one function includes at least one of controlling door locks, starting the automobile, or controlling lights. 10. The connected device of claim 1 , wherein the connected device is a dongle configured to connect to an automobile. 11. A method for controlling a connected device with an electronic device, the method comprising: receiving a first public key from a secure element of the electronic device; transmitting a second public key from a secure element of the connected device to the electronic device; connecting to the electronic device based on the first public key and the second public key; receiving, by an application processor of the connected device, a control command from the electronic device; authenticating, by the secure element of the connected device, the control command transmitted from the electronic device via the application processor of the connected device, the secure element of the connected device being connected between the application processor of the connected device and a control module of the connected device; authorizing, by the secure element of the connected device, the control command from the electronic device based on an authorization policy, wherein the authorization policy includes commands based on a role of the electronic device; receiving, by the control module of the connected device, the control command when the control command is authenticated and authorized by the secure element of the connected device; executing, by the control module of the connected device, the control command; and transmitting, by the control module of the connected device, an authentication response to the electronic device. 12. The method of claim 11 , wherein pairing of the electronic device and the connected device is performed through a trusted server. 13. The method of claim 11 , wherein pairing of the electronic device and the connected device is performed over a wireless communication channel. 14. The method of claim 11 , further comprising executing an authenticated key exchange to generate a session key. 15. The method of claim 14 , wherein the session key is used to encrypt or decrypt the control command. 16. A non-transitory computer readable medium including a plurality of instructions that, when executed by a processor, are configured to cause the processor to: receive a first public key from a secure element of an electronic device; transmit a second public key from a secure element of a connected device to the electronic device; connect to the electronic device based on the first public key and the second public key; receive, by an application processor of the connected device, a control command from the electronic device; authenticate, by the secure element of the connected device, the control command transmitted from the electronic device via the application processor of the connected device, the secure element of the connected device being connected between the application processor of the connected device and a control module of the connected device; authorize, by the secure element of the connected device, the control command from the electronic device based on an authorization policy, wherein the authorization policy includes commands based on a role of the electronic device; receive, by the control module of the connected device, the control command when the control command is authenticated and authorized by the secure element of the connected device; execute, by the control module of the connected device, the control command; and transmit, by the control module of the connected device, an authentication response to the electronic device. 17. The non-transitory computer readable medium of claim 16 , wherein pairing of the electronic device and the connected device is performed through a trusted server. 18. The non-transitory computer readable medium of claim 16 , wherein pairing of the electronic device and the connected device is performed over a wireless communication channel. 19. The non-transitory computer readable medium of claim 16 , wherein the plurality of instructions is further configured to cause the processor to execute an authenticated key exchange to generate a session key. 20. The non-transitory computer readable medium of claim 19 , wherein the session key is used to encrypt or decrypt the control command.
Assignees
Inventors
Classifications
- H04L63/0435Primary
wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption (cryptographic mechanisms or cryptographic arrangements for symmetric key encryption H04L9/06) · CPC title
Secure pairing of devices · CPC title
without using a trusted network node as an anchor · CPC title
using a trusted network node as an anchor · CPC title
wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption (cryptographic mechanisms or cryptographic arrangements using a plurality of keys or algorithms H04L9/14) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10686776B2 cover?
- A connected device includes an application processor, a secure element, and a control module. The application processor is configured to receive a control command from an electronic device. The secure element is connected between the application processor and a control module and is configured to authenticate the control command. The control module is configured to receive the control command w…
- Who is the assignee on this patent?
- Samsung Electronics Co Ltd
- What technology area does this patent fall under?
- Primary CPC classification H04L63/0435. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Jun 16 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).