Systems, methods, and computing platforms for executing credential-less network-based communication exchanges
US-12184638-B2 · Dec 31, 2024 · US
Carrier network security interface for fielded devices
US9900303B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9900303-B2 |
| Application number | US-201715429157-A |
| Country | US |
| Kind code | B2 |
| Filing date | Feb 9, 2017 |
| Priority date | May 11, 2011 |
| Publication date | Feb 20, 2018 |
| Grant date | Feb 20, 2018 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Carrier-side security services for fielded devices is disclosed. In contrast to conventional authentication systems for fielded devices, wherein an end-to-end communications pathway is typically established for authentication of a fielded device by a back-end service provider, authentication and security services can be moved into devices associated with a carrier network. A device associated with the carrier network can authenticate field components to service components without first establishing a communications pathway to a back-end service provider. Further, the device can provide for secured communications with an authenticated field component and are not readable by carrier devices. In an aspect, this can allow for centralization of security elements from the periphery of back-end service providers into a device associated with the carrier network. In a further aspect, the device can host a security services platform for back-end service providers.
First claim
Opening claim text (preview).
What is claimed is: 1. A device, comprising: a processor; and a memory that stores executable instructions that, when executed by the processor, facilitate performance of operations, comprising: in response to determining a communication link has been successfully established between a field device, that is authenticated in accord with a network security protocol to a network device associated with a network operator identity, and the network device, receiving a service security protocol from a data store remotely located from the network device to enable communication between the field device and a service device without further authentication of the field device to the service device, wherein the device is associated with the network operator identity, and wherein the service device is not associated with the network operator identity; and facilitating encrypting data into encrypted data for transmission via a communication path between the field device and the service device to convey the encrypted data in accord with the service security protocol, wherein the communication path comprises the communication link, wherein the encrypted data is unable to be decrypted by network devices associated with the network operator identity, and wherein the encrypted data is able to be decrypted by the field device and the service device. 2. The device of claim 1 , wherein the service security protocol is updateable via programming input to the service device. 3. The device of claim 1 , wherein the service security protocol is updateable via programming input associated with a service operator identity related to the service device. 4. The device of claim 1 , wherein the service device is associated with a municipal service. 5. The device of claim 1 , wherein the field device is a metering device. 6. The device of claim 1 , wherein communications with the field device are via a wireless communications link. 7. The device of claim 1 , wherein a radio access network device comprises the device. 8. The device of claim 1 , wherein an access point device comprises the device. 9. A method, comprising: in response to determining, by a device comprising a processor and associated with a network operator identity, that a communication link has been established between a field device and a network device associated with the network operator identity, accessing a service security protocol from a data store remotely located from the network device to enable communication between the field device and a service device without further authentication of the field device to the service device, wherein the service device is not associated with the network operator identity, and wherein the field device is authenticated to the network device in accord with a network security protocol; and initiating, by the device, encryption of data into encrypted data for transmission via a communication path between the field device and the service device to convey the encrypted data in accord with the service security protocol, wherein the communication path comprises the communication link, wherein the encrypted data is not decryptable by network devices associated with the network operator identity, and wherein the encrypted data is decryptable by the field device and the service device. 10. The method of claim 9 , wherein the data store is remotely located from the field device. 11. The method of claim 9 , wherein the field device comprises the data store. 12. The method of claim 9 , wherein the service device comprises the data store. 13. A field device, comprising: a processor; and a memory that stores executable instructions that, when executed by the processor, facilitate performance of operations, comprising: in response to authenticating, based on a network security protocol, the field device to a network device associated with a network operator identity, receiving a service security protocol that enables communication between the field device and a service device without further authentication of the field device to the service device, wherein the service device is not associated with the network operator identity, and wherein the service security protocol is received from a data store located remotely from the network device; and communicating encrypted data between the field device and the service device, wherein the communicating the encrypted data is based on the service security protocol, wherein a communication path between the field device and the service device comprises the communication link, and wherein the encrypted data is decryptable by the field device and the service device but not decryptable by network devices associated with the network operator identity. 14. The field device of claim 13 , wherein the data store is remotely located from the field device. 15. The field device of claim 13 , wherein the the data store is remotely located from the service device. 16. The field device of claim 13 , wherein the service device comprises the data store. 17. The device of claim 1 , wherein the data store is located remotely from the field device. 18. The device of claim 1 , wherein the field device comprises the data store. 19. The device of claim 1 , wherein the data store is located remotely from the service device. 20. The device of claim 1 , wherein the service device comprises the data store.
Assignees
Inventors
Classifications
Multiple levels of security · CPC title
Charging, metering or billing arrangements specially adapted for data communications, e.g. authentication, authorisation and accounting [AAA] framework · CPC title
for key distribution, e.g. centrally by trusted party (cryptographic mechanisms or cryptographic arrangements for key distribution involving a central third party H04L9/0819) · CPC title
wherein the data content is protected, e.g. by encrypting or encapsulating the payload · CPC title
- H04L63/08Primary
for authentication of entities (cryptographic mechanisms or cryptographic arrangements for entity authentication H04L9/32) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9900303B2 cover?
- Carrier-side security services for fielded devices is disclosed. In contrast to conventional authentication systems for fielded devices, wherein an end-to-end communications pathway is typically established for authentication of a fielded device by a back-end service provider, authentication and security services can be moved into devices associated with a carrier network. A device associated w…
- Who is the assignee on this patent?
- At & T Mobility Ii Llc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/08. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Feb 20 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).