Communication between machine-to-machine service layers and transport network
US-2015373124-A1 · Dec 24, 2015 · US
End-to-end authentication at the service layer using public keying mechanisms
US10880294B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10880294-B2 |
| Application number | US-201816138312-A |
| Country | US |
| Kind code | B2 |
| Filing date | Sep 21, 2018 |
| Priority date | Mar 16, 2015 |
| Publication date | Dec 29, 2020 |
| Grant date | Dec 29, 2020 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
In a machine-to-machine/Internet-of-things environment, end-to-end authentication of devices separated by multiple hops is achieved via direct or delegated/intermediated negotiations using pre-provisioned hop-by-hop credentials, uniquely generated hop-by-hop credentials, and-or public key certificates, whereby remote resources and services may be discovered via single-hop communications, and then secure communications with the remote resources may be established using secure protocols appropriate to the resources and services and capabilities of end devices, and communication thereafter conducted directly without the overhead or risks engendered hop-by-hop translation.
First claim
Opening claim text (preview).
We claim: 1. An apparatus comprising a processor, a memory, and communication circuitry, the apparatus being connected to a communications network via its communication circuitry, the apparatus further comprising computer-executable instructions stored in the memory of the apparatus which, when executed by the processor of the apparatus, cause the apparatus to: receive, from a message originator, a message, the message being intended for a recipient and comprising an authentication tag, wherein the originator and the recipient are separate from the apparatus; send, to a credential registry, a request, the request comprising an identifier of the originator; receive, from the credential registry, a response, the response comprising a public key credential of the originator, the response further comprising an indication of types of messages that are to be authenticated by the apparatus using the public key credential of the originator; if, in accordance with the response, the message is of a type that is to be authenticated by the apparatus, verify the authentication tag using the public key credential of the originator; and responsive to the authentication tag being verified, send, to the recipient, the message and a flag, the flag signifying authentication of the message on behalf of the recipient. 2. The apparatus of claim 1 , wherein the response further comprises one or more security parameters selected from a list comprising hop-by-hop signing encryption, end-to-end encryption, and end-to-end signing, and wherein the apparatus utilizes the one or more parameters to authenticate the message. 3. The apparatus of claim 1 , wherein the computer-executable instructions further cause the apparatus to receive, from the credential registry, an advertisement of credential registry services. 4. The apparatus of claim 1 , wherein the computer-executable instructions further cause the apparatus to conduct mutual authentication with the credential registry. 5. The apparatus of claim 1 , wherein the public key credential of the originator comprises a certificate.
Assignees
Inventors
Classifications
using hop-by-hop encryption, i.e. wherein an intermediate entity decrypts the information and re-encrypts it before forwarding it · CPC title
using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates · CPC title
for supporting key management in a packet data network (cryptographic mechanisms or cryptographic arrangements for key management H04L9/08) · CPC title
- H04L63/0823Primary
using certificates (cryptographic mechanisms or cryptographic arrangements for entity authentication involving certificates H04L9/3263) · CPC title
Third party · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10880294B2 cover?
- In a machine-to-machine/Internet-of-things environment, end-to-end authentication of devices separated by multiple hops is achieved via direct or delegated/intermediated negotiations using pre-provisioned hop-by-hop credentials, uniquely generated hop-by-hop credentials, and-or public key certificates, whereby remote resources and services may be discovered via single-hop communications, and th…
- Who is the assignee on this patent?
- Convida Wireless LLC
- What technology area does this patent fall under?
- Primary CPC classification H04L63/0823. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Dec 29 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).