Systems and methods for signaling an attack on contactless cards
US-12081582-B2 · Sep 3, 2024 · US
Securing internet of things (IoT) based entrance/exit with multi-factor authentication
US9589397B1 · US · B1
| Field | Value |
|---|---|
| Publication number | US-9589397-B1 |
| Application number | US-201615174307-A |
| Country | US |
| Kind code | B1 |
| Filing date | Jun 6, 2016 |
| Priority date | Jun 6, 2016 |
| Publication date | Mar 7, 2017 |
| Grant date | Mar 7, 2017 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Certain aspects direct to systems and methods for securing an internet of things (IoT) based entrance for a designated area with multi-factor authentication. The system includes an IoT based entrance having an IoT device, which stores a secret key for generating a time-based password. An authenticated identification device may also have the same secret key. When the IoT device receives a request from an identification device to establish a secured connection, the IoT device first verifies the wireless address of the identification device. Once the wireless address is verified, the IoT device establishes the secured connection with the identification device through the wireless network. Then the IoT device uses the secret key and a current access time to generate the time-based password, and receive a second time-based password from the identification device through the secured connection. If both time-based passwords match each other, the identification device is authenticated.
First claim
Opening claim text (preview).
What is claimed is: 1. A system, comprising: at least one internet of things (IoT) based entrance for a designated area, each of the at least one IoT based entrance comprising an IoT device, the IoT device comprising a processor and a storage device storing computer executable code and a secret key for generating a first time-based password, wherein the computer executable code, when executed at the processor, is configured to: receive, from an identification device through a wireless network, a request to establish a secured connection, wherein the request comprises a wireless address of the identification device; verify the wireless address of the identification device; when the wireless address of the identification device is verified, establish the secured connection with the identification device through the wireless network; receive, from the identification device through the secured connection, a second time-based password generated by the identification device; generate the first time-based password based on an access time and the secret key; determine whether the second time-based password received from the identification device matches the first time-based password generated by the IoT device; and when the second time-based password received from the identification device matches the first time-based password, control the IoT based entrance to grant access to a user of the identification device. 2. The system as claimed in claim 1 , wherein the identification device is a mobile device storing a copy of the secret key, wherein the mobile device is configured to obtain permission for the user of the identification device by: generating the request with the wireless address of the mobile device, and sending the request to the IoT device through the wireless network to establish the secured connection with the IoT device through the wireless network; receiving, from the IoT device, a notification to establish the secured connection; in response to the notification, generating the second time-based password based on the access time and the secret key; and sending the password to the IoT device through the secured connection to obtain permission for the user of the identification device. 3. The system as claimed in claim 2 , wherein the mobile device is further configured to: obtain the copy of the secret key from a remote computing device through a network, wherein the network is independent and separate from the wireless network. 4. The system as claimed in claim 3 , wherein the remote computing device comprises a random secret key generator to generate the secret key. 5. The system as claimed in claim 1 , wherein the wireless network is a Bluetooth network. 6. The system as claimed in claim 1 , wherein each of the at least one IoT based entrance comprises a door controlled by the IoT device, and the IoT device is configured to control the IoT based entrance to grant access to the user of the identification device by opening or unlocking the door. 7. The system as claimed in claim 1 , wherein the computer executable code is further configured to, when the second time-based password received from the identification device does not match the first time-based password, control the IoT based entrance to deny access to the user of the identification device. 8. The system as claimed in claim 1 , wherein the computer executable code comprises: a data store storing a plurality of authenticated wireless addresses and the secret key; a wireless connection module configured to: receive the request to establish the secured connection; establish the secured connection with the identification device through the wireless network; and receive the second time-based password through the secured connection; an address filtering module configured to: retrieve the wireless address of the identification device from the request, compare the wireless address of the identification device with the authenticated wireless addresses stored in the data store, and determine that the wireless address of the identification device is verified when the wireless address of the identification device matches with one of the authenticated wireless addresses stored in the data store; a password verification module configured to: obtain a current time as the access time of the identification device, retrieve the secret key from the data store, generate the time-based one time password based on the access time and the secret key, and determine whether the password received from the identification device matches the time-based one time password generated by the IoT device; and an entrance control module configured to, when the password received from the identification device matches the time-based one time password, control the IoT based entrance to grant access to the user of the identification device. 9. The system as claimed in claim 8 , wherein the data store stores a plurality of secret keys, and the password verification module is configured to retrieve the secret key by selecting, from the plurality of secret keys, one of the secret keys corresponding to the identification device based on the wireless address of the identification device. 10. A method for securing an internet of things (IoT) based entrance for a designated area with multi-factor authentication, the method comprising: receiving, at an IoT device of the IoT based entrance, a request to establish a secured connection from an identification device through a wireless network, wherein the IoT device is configured to store a secret key for generating a first time-based password, and the request comprises a wireless address of the identification device; verifying, by the IoT device, the wireless address of the identification device; when the wireless address of the identification device is verified, establishing, by the IoT device, the secured connection with the identification device through the wireless network; receiving, by the IoT device, a second time-based password generated by the identification device from the identification device through the secured connection; generating, by the IoT device, the first time-based password based on an access time and the secret key; determining, by the IoT device, whether the second time-based password received from the identification device matches the first time-based password generated by the IoT device; and when the second time-based password received from the identification device matches the first time-based password, controlling, by the IoT device, the IoT based entrance to grant access to a user of the identification device. 11. The method as claimed in claim 10 , wherein the identification device is a mobile device storing a copy of the secret key, wherein the mobile device is configured to obtain permission for the user of the identification device by: generating the request with the wireless address of the mobile device, and sending the request to the IoT device through the wireless network to establish the secured connection with the IoT device through the wireless network; receiving, from the IoT device, a notification to establish the secured connection; in response to the notification, generating the second time-based password based on the access time and the secret key; and sending the password to the IoT device through the secured connection to obtain permission for the user of the identification device. 12. The method as claimed in claim 11 , wherein the mobile device is further configured to: obtain the copy of the secret key from a remote computing device through a network, wherein the network is independent and separate from the wi
Assignees
Inventors
Classifications
- H04L63/0846Primary
using time-dependent-passwords, e.g. periodically changing passwords · CPC title
- G07C9/20Primary
involving the use of a pass · CPC title
dynamically · CPC title
One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key · CPC title
Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9589397B1 cover?
- Certain aspects direct to systems and methods for securing an internet of things (IoT) based entrance for a designated area with multi-factor authentication. The system includes an IoT based entrance having an IoT device, which stores a secret key for generating a time-based password. An authenticated identification device may also have the same secret key. When the IoT device receives a reques…
- Who is the assignee on this patent?
- American Megatrends Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/0846. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Mar 07 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).