Systems and methods for data mobility with a cloud architecture
US-10511475-B2 · Dec 17, 2019 · US
Authentication method and apparatus
US12075240B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12075240-B2 |
| Application number | US-201917609134-A |
| Country | US |
| Kind code | B2 |
| Filing date | May 6, 2019 |
| Priority date | May 6, 2019 |
| Publication date | Aug 27, 2024 |
| Grant date | Aug 27, 2024 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
An authentication method and apparatus are provided. In an embodiment, the authentication method includes: receiving, by a first network node, an enrollment request from a second network node; obtaining, by the first network node, position information of the second network node; and authenticating, by the first network node, the second network node according to the obtained position information of the second network node. A flexible simple authentication solution is provided, having low deployment costs.
First claim
Opening claim text (preview).
What is claimed is: 1. An authentication method, comprising: receiving, by a first network node, an enrollment request from a second network node; obtaining a public key of the second network node from the enrollment request after the receiving, by the first network node, of the enrollment request from the second network node; obtaining, by the first network node, position information of the second network node, wherein the obtaining, by the first network node, of the position information includes sending, by the first network node, public key information of the second network node to a fourth network node, and receiving the position information of the second network node sent by the fourth network node after the fourth network node determines the second network node corresponding to the public key information; and authenticating, by the first network node, the second network node according to the position information obtained, of the second network node, wherein the public key information of the second network node is the public key of the second network node or an operation value uniquely corresponding to the second network node and calculated according to the public key of the second network node. 2. The authentication method of claim 1 , wherein the authenticating, by the first network node, of the second network node according to the position information obtained, of the second network node further comprises: determining, by the first network node, whether the position information is within a trustable region; and responding by the first network node, upon the position information being within the trustable region, to the enrollment request; or forbidding by the first network node, upon the position information not being within the trustable region, the enrollment request. 3. The authentication method of claim 1 , wherein the first network node is an Enrollment over Secure Transport (EST) server, the second network node is an EST client, and the fourth network node is a positioning server. 4. An authentication apparatus at side of a first network node, the authentication apparatus comprising: at least one memory, configured to store machine readable instructions; and at least one processor, configured to execute the machine readable instructions, to cause the authentication apparatus to receive an enrollment request from a second network node, obtain, after the enrollment request is received from the second network node, a public key of the second network node from the enrollment request, obtain position information of the second network node by sending public key information of the second network node to a fourth network node, and receiving the position information of the second network node sent by the fourth network node after the fourth network node determines the second network node corresponding to the public key information, wherein the public key information of the second network node is the public key of the second network node or is an operation value uniquely corresponding to the second network node and calculated according to the public key of the second network node, and authenticate the second network node according to the position information obtained, of the second network node. 5. The authentication apparatus of claim 4 , wherein when authenticating the second network node according to the position information obtained of the second network node, the at least one processor is further configured to execute the machine readable instructions to cause the authentication apparatus to: determine whether the position information is within a trustable region; and respond to the enrollment request upon the position information being within the trustable region; or forbidding the enrollment request upon the position information not being within the trustable region. 6. The authentication apparatus of claim 4 , wherein the first network node is an Enrollment over Secure Transport (EST) server, the second network node is an EST client, and the fourth network node is a positioning server. 7. The authentication apparatus of claim 4 , wherein when authenticating the second network node according to the position information obtained of the second network node, the at least one processor is further configured to execute the machine readable instructions to cause the authentication apparatus to determine whether the position information is within a trustable region; and respond to the enrollment request upon the position information being within the trustable region; or forbidding the enrollment request upon the position information not being within the trustable region. 8. An authentication method, comprising: receiving, by a fourth network node, public key information from a first network node; determining a second network node corresponding to public key information, the public key information of the second network node being a public key of the second network node or being an operation value uniquely corresponding to the second network node and calculated according to the public key of the second network node; determining, by the fourth network node, position information of the second network node after receiving the public key information and determining the second network node corresponding to the public key; and sending, by the fourth network node, the position information of the second network node to the first network node, wherein the position information is usable by the first network node to authenticate the second network node. 9. An authentication method, comprising: determining, by a fourth network node, position information of a second network node by receiving wireless information sent by at least one third network node, the wireless information sent by each respective third network node of the at least one third network node, including transmitted-signal strength information of the second network node, received-signal strength information of a signal transmitted by the second network node and received by the respective third network node, and space position information of the respective third network node, and determining the position information of the second network node according to the wireless information sent by the at least one third network node; and sending, by the fourth network node, the position information of the second network node to a first network node, wherein the position information is usable by the first network node to authenticate the second network node. 10. The authentication method of claim 9 , wherein the fourth network node determines the position information of the second network node according to respective wireless information from respective third network nodes deployed in at least three different positions. 11. The authentication method of claim 9 , wherein the first network node is an Enrollment over Secure Transport (EST) server, the second network node is an EST client, the third network node is a Bluetooth low energy receiver, and the fourth network node is a positioning server. 12. An authentication apparatus of a fourth network node, the authentication apparatus comprising: at least one memory, configured to store machine readable instructions; and at least one processor, configured to execute the machine readable instructions, to cause the authentication apparatus to receive public key information from a first network node, determining a second network node corresponding to the public key information, wherein the public key information of the second network node is a public key of the second network node or is an operation value uniquely corresponding to the second network node
Assignees
Inventors
Classifications
- H04W4/021Primary
Services related to particular areas, e.g. point of interest [POI] services, venue services or geofences · CPC title
Location-dependent; Proximity-dependent · CPC title
specially adapted for the location of the user terminal · CPC title
Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication · CPC title
specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12075240B2 cover?
- An authentication method and apparatus are provided. In an embodiment, the authentication method includes: receiving, by a first network node, an enrollment request from a second network node; obtaining, by the first network node, position information of the second network node; and authenticating, by the first network node, the second network node according to the obtained position information…
- Who is the assignee on this patent?
- Siemens Ag
- What technology area does this patent fall under?
- Primary CPC classification H04W4/021. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Aug 27 2024 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).