Remote grant of access to locked data storage device
US-11469885-B2 · Oct 11, 2022 · US
Method and apparatus for providing secure short-lived downloadable debugging tools
US11818110B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11818110-B2 |
| Application number | US-202217973722-A |
| Country | US |
| Kind code | B2 |
| Filing date | Oct 26, 2022 |
| Priority date | Mar 27, 2020 |
| Publication date | Nov 14, 2023 |
| Grant date | Nov 14, 2023 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A system and method for providing remote access to a device is disclosed. The method comprises receiving an automatically expiring authentication token having encrypted authentication token data including a session key from the device, transmitting the authentication token to secure facility, receiving the decrypted authentication token data from the secure facility, signing a tool package with a package verification key derived at least in part from the session key, the tool package comprising processor instructions providing remote access to the device when executed by the processor, providing the signed tool package to the device. The device verifies the signed tool package using the package verification key and executes the tool package only if the signature of the tool package is verified.
First claim
Opening claim text (preview).
What is claimed is: 1. A method for a modem to set one or more indicated interfaces, comprising: receiving encrypted enabler/disabler token, wherein the enabler/disabler token comprises configuration data and a media access control (MAC) address; recovering the configuration data and MAC address by using a session key to decrypt the encrypted enabler/disabler token, wherein the configuration data is expressed in a set of binary values of an enabled interface bitmap (EIB); and setting an enabler/disabler setting of one or more indicated interfaces according to the configuration data. 2. The method of claim 1 , wherein the configuration data and MAC address are encrypted with the lower sixteen bytes of the session key, and wherein decrypting the encrypted enabler/disabler token comprises using a lower sixteen bytes of the session to decrypt the encrypted enabler/disabler token wherein the configuration data and the MAC address are encrypted with lower sixteen bytes of the session key. 3. The method of claim 1 , wherein setting the one or more indicated interfaces comprises enabling or disabling the one or more indicated interfaces. 4. The method of claim 1 , further comprising: storing the enabler/disabler setting of the one or more indicated interfaces. 5. The method of claim 1 , wherein the encrypted enabler/disabler token is received from a multiple systems operator (MSO). 6. The method of claim 1 , further comprising publishing the EIB. 7. The method of claim 1 , wherein the encrypted enabler/disabler token comprises a version number (VN), an authentication token identifier (AID), a media access control (MAC) address, and an enabler/disabler bitmap. 8. A modem for setting one or more indicated interfaces, comprising: a memory storing one or more computer-readable instructions; a processor configured to the one or more computer-readable instructions stored on the memory to cause the modem to: receive encrypted enabler/disabler token, wherein the enabler/disabler token comprises configuration data and a media access control (MAC) address; recover the configuration data and MAC address by using a session key to decrypt the encrypted enabler/disabler token, wherein the configuration data is expressed in a set of binary values of an enabled interface bitmap (EIB); and set an enabler/disabler setting of one or more indicated interfaces according to the configuration data. 9. The modem of claim 8 , wherein the configuration data and MAC address are encrypted with the lower sixteen bytes of the session key, and wherein decrypting the encrypted enabler/disabler token comprises using a lower sixteen bytes of the session to decrypt the encrypted enabler/disabler token wherein the configuration data and the MAC address are encrypted with lower sixteen bytes of the session key. 10. The modem of claim 8 , wherein setting the one or more indicated interfaces comprises enabling or disabling the one or more indicated interfaces. 11. The modem of claim 8 , wherein the processor is further configured to execute the one or more computer-readable instructions to cause the modem to: store the enabler/disabler setting of the one or more indicated interfaces. 12. The modem of claim 8 , wherein the encrypted enabler/disabler token is received from a multiple systems operator (MSO). 13. The modem of claim 8 , wherein the processor is further configured to execute the one or more computer-readable instructions to cause the modem to publish the EIB. 14. The modem of claim 8 , wherein the encrypted enabler/disabler token comprises a version number (VN), an authentication token identifier (AID), a media access control (MAC) address, and an enabler/disabler bitmap. 15. A non-transitory, computer-readable medium storing one or more computer-readable instructions for a modem for setting one or more indicated interfaces, that when executed by a processor, cause the processor to perform one or more operations comprising: receiving encrypted enabler/disabler token, wherein the enabler/disabler token comprises configuration data and a media access control (MAC) address; recovering the configuration data and MAC address by using a session key to decrypt the encrypted enabler/disabler token, wherein the configuration data is expressed in a set of binary values of an enabled interface bitmap (EIB); and setting an enabler/disabler setting of one or more indicated interfaces according to the configuration data. 16. The non-transitory, computer-readable medium of claim 15 , wherein the configuration data and MAC address are encrypted with the lower sixteen bytes of the session key, and wherein decrypting the encrypted enabler/disabler token comprises using a lower sixteen bytes of the session to decrypt the encrypted enabler/disabler token wherein the configuration data and the MAC address are encrypted with lower sixteen bytes of the session key. 17. The non-transitory, computer-readable medium of claim 15 , wherein setting the one or more indicated interfaces comprises enabling or disabling the one or more indicated interfaces. 18. The non-transitory, computer-readable medium of claim 15 , wherein the one or more computer-readable instructions when executed by the processor, further cause the processor to perform the one or more operations further comprising: storing the enabler/disabler setting of the one or more indicated interfaces. 19. The non-transitory, computer-readable medium of claim 15 , wherein at least one of: the encrypted enabler/disabler token is received from a multiple systems operator (MSO), the encrypted enabler/disabler token comprises a version number (VN), an authentication token identifier (AID), a media access control (MAC) address, and an enabler/disabler bitmap. 20. The non-transitory, computer-readable medium of claim 15 wherein the one or more computer-readable instructions when executed by the processor, further cause the processor to perform the one or more operations further comprising publishing the EIB.
Assignees
Inventors
Classifications
- H04L63/068Primary
using time-dependent keys, e.g. periodically changing keys (cryptographic mechanisms or cryptographic arrangements for controlling usage of secret information H04L9/088) · CPC title
Hash functions, e.g. MD5, SHA, HMAC or f9 MAC · CPC title
involving random numbers or seeds · CPC title
involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements (network architectures or network communication protocols for supporting authentication of entities using certificates in a packet data network H04L63/0823) · CPC title
wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption (cryptographic mechanisms or cryptographic arrangements for symmetric key encryption H04L9/06) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11818110B2 cover?
- A system and method for providing remote access to a device is disclosed. The method comprises receiving an automatically expiring authentication token having encrypted authentication token data including a session key from the device, transmitting the authentication token to secure facility, receiving the decrypted authentication token data from the secure facility, signing a tool package with…
- Who is the assignee on this patent?
- Arris Entpr Llc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/068. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Nov 14 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 6 related publications on this page (citations in our corpus or others sharing the same primary CPC).