Method and cloud server for managing device
US-2016156604-A1 · Jun 2, 2016 · US
Service authorization for IoT devices operating locally
US11184366B1 · US · B1
| Field | Value |
|---|---|
| Publication number | US-11184366-B1 |
| Application number | US-202016787094-A |
| Country | US |
| Kind code | B1 |
| Filing date | Feb 11, 2020 |
| Priority date | Dec 29, 2016 |
| Publication date | Nov 23, 2021 |
| Grant date | Nov 23, 2021 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Systems, devices, and techniques for service authorization are described. A described device includes a transceiver to communicate with an authorization server, and a processor. The processor can set an authorization timer for a first time period based on obtaining an authorization from the authorization server, and activate device features for a duration of the first time period. The processor can receive from the authorization server an authorization message that includes an authorization key hash based on a shared secret key and a server timestamp, determine a local key hash based on the shared secret key and a local timestamp, set the authorization timer for a second time period based on the authorization key hash matching the local key hash, and maintain an activation of the features for a duration of the second time period.
First claim
Opening claim text (preview).
What is claimed is: 1. An apparatus comprising: a transceiver configured to communicate with an authorization server; and a processor coupled with the transceiver, wherein the processor is configured to obtain an authorization from the authorization server, and activate one or more features of the apparatus for a duration of a first predetermined time period in response to the authorization, wherein the processor is configured to receive an authorization message from the authorization server, the authorization message comprising an authorization key hash that is based on a shared secret key and a server timestamp, determine a local key hash based on a shared secret key and a local timestamp, maintain an activation of the one or more features of the apparatus for a duration of a second predetermined time period based on the authorization key hash matching the local key hash, wherein the processor is configured to place the apparatus in a degraded functionality mode based on not receiving the authorization message during the duration of the first predetermined time period, wherein the processor is configured to set an authorization timer for the first predetermined time period, and wherein the processor is configured to determine whether the authorization timer has expired and to place the one or more features of the apparatus in the degraded functionality mode based on an expiration of the authorization timer. 2. The apparatus of claim 1 , wherein the processor is configured to send an authorization request to the authorization server to renew the authorization before an end of the first predetermined time period, and wherein the authorization message is sent in response to the authorization request. 3. The apparatus of claim 1 , wherein the processor is configured to not renew the authorization based on a determination that the authorization key hash does not match the local key hash. 4. The apparatus of claim 1 , wherein the processor is configured to deactivate one or more features of the apparatus based on the expiration of the authorization timer. 5. An apparatus comprising: a transceiver configured to communicate with an authorization server; and a processor coupled with the transceiver, wherein the processor is configured to obtain an authorization from the authorization server, and activate one or more features of the apparatus for a duration of a first predetermined time period in response to the authorization, wherein the processor is configured to receive an authorization message from the authorization server, the authorization message comprising an authorization key hash that is based on a shared secret key and a server timestamp, determine a local key hash based on a shared secret key and a local timestamp, maintain an activation of the one or more features of the apparatus for a duration of a second predetermined time period based on the authorization key hash matching the local key hash, wherein the processor is configured to place the apparatus in a degraded functionality mode based on not receiving the authorization message during the duration of the first predetermined time period, wherein the processor is configured to use the transceiver to establish a short-range connection with an intermediary device, and receive the authorization message from the authorization server via the intermediary device over the short-range connection. 6. The apparatus of claim 1 , wherein the processor is configured to use the transceiver to establish a short-range connection with an intermediary device, wherein the processor is configured to send an authorization request to the authorization server via the intermediary device to renew the authorization before an end of the first predetermined time period, and wherein the authorization message is sent in response to the authorization request. 7. A system comprising: a network interface configured to communicate with a device, wherein the device is configured to set an authorization timer, and wherein the device is configured to determine whether the authorization timer has expired and to place the one or more features of the device in a degraded functionality mode based on an expiration of the authorization timer; and a processor coupled with the network interface, wherein the processor is configured to perform a first authorization process with the device, the first authorization process comprising receiving an authorization request from the device, determining whether the device is authorized to operate under a service plan, and sending a first authorization message that comprises a first authorization key hash based on the device being authorized to operate under the service plan, the first authorization key hash being based on a shared secret key and a first server timestamp, the shared secret key being established between the device and the system, wherein the processor is configured to perform a second authorization process with the device before the expiration of the authorization timer in response to a determination that an expected de-authorization time is within a predetermined time period from a current time and a determination that the device remains authorized to operate under the service plan, the second authorization process comprising determining a second authorization key hash that is based on the shared secret key and a second server timestamp, and sending a second authorization message that comprises the second authorization key hash. 8. The system of claim 7 , wherein the processor is configured to receive an authorization status message from the device, and update the expected de-authorization time for the device in response to the authorization status message. 9. A system comprising: a network interface configured to communicate with a remote device; and a processor coupled with the network interface, wherein the processor is configured to perform a first authorization process with the remote device, the first authorization process comprising receiving an authorization request from the remote device, determining whether the device is authorized to operate under a service plan, and sending a first authorization message that comprises a first authorization key hash based on the device being authorized to operate under the service plan, the first authorization key hash being based on a shared secret key and a first server timestamp, the shared secret key being established between the remote device and the system, wherein the processor is configured to perform a second authorization process with the remote device in response to a determination that an expected de-authorization time is within a predetermined time period from a current time and a determination that the device remains authorized to operate under the service plan, the second authorization process comprising determining a second authorization key hash that is based on the shared secret key and a second server timestamp, and sending a second authorization message that comprises the second authorization key hash, wherein the processor is configured to determine whether there is an intermediary device associated with the remote device, and wherein the processor is configured to send one or more messages to the intermediary device for forwarding to the remote device. 10. The system of claim 9 , wherein the processor is configured to send a push notification to the intermediary device if the expected de-authorization time is within the predetermined time period from the current time, and wherein the push notification is configured to cause the intermediary device to display a notification stating that the intermediary device is required to establish a connection with the remote device to re-author
Assignees
Inventors
Classifications
Location-dependent; Proximity-dependent · CPC title
involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC · CPC title
using time-dependent keys, e.g. periodically changing keys (cryptographic mechanisms or cryptographic arrangements for controlling usage of secret information H04L9/088) · CPC title
for key exchange, e.g. in peer-to-peer networks (cryptographic mechanisms or cryptographic arrangements for key agreement H04L9/0838) · CPC title
Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11184366B1 cover?
- Systems, devices, and techniques for service authorization are described. A described device includes a transceiver to communicate with an authorization server, and a processor. The processor can set an authorization timer for a first time period based on obtaining an authorization from the authorization server, and activate device features for a duration of the first time period. The processor…
- Who is the assignee on this patent?
- Alarm Com Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/108. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Nov 23 2021 00:00:00 GMT+0000 (Coordinated Universal Time) (B1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).