Delegating wifi network discovery and traffic monitoring
US-2016100369-A1 · Apr 7, 2016 · US
Uniform communication protocols for communication between controllers and accessories
US9979625B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9979625-B2 |
| Application number | US-201514614914-A |
| Country | US |
| Kind code | B2 |
| Filing date | Feb 5, 2015 |
| Priority date | Feb 5, 2014 |
| Publication date | May 22, 2018 |
| Grant date | May 22, 2018 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A uniform protocol can facilitate secure, authenticated communication between a controller device and an accessory device that is controlled by the controller. An accessory and a controller can establish a pairing, the existence of which can be verified at a later time and used to create a secure communication session. The accessory can provide an accessory definition record that defines the accessory as a collection of services, each service having one or more characteristics. Within a secure communication session, the controller can interrogate the characteristics to determine accessory state and/or modify the characteristics to instruct the accessory to change its state.
First claim
Opening claim text (preview).
What is claimed is: 1. A method comprising: detecting, by a controller, an accessory that is available for pairing; performing, by the controller, a pair setup operation to establish a pairing with the accessory, the pair setup operation including: establishing a shared secret using an out-of-band information item exchanged between the accessory and the controller; using the shared secret to securely exchange a long-term public key of the accessory and a long-term public key of the controller; and securely and persistently storing, by the controller, the long-term public key of the accessory in association with an identifier of the accessory; obtaining, by the controller, an accessory definition record from the paired accessory device, the accessory definition record identifying a set of services for performing operations of the paired accessory device, each service of the set of services having a set of operation characteristics, each operation characteristic of the set of operation characteristics representing an aspect of accessory state with respect to an operation of the operations of the paired accessory device; receiving, at a user interface of the controller, an input that identifies a requested function of the paired accessory device to be performed; determining, based at least in part on the input, an operation characteristic of the paired accessory device to modify that will instruct the paired accessory device to perform the operation of the paired accessory device that corresponds to the requested function; performing a pair verify operation including generating a session key, wherein the session key is used to encrypt a request to modify the operation characteristic specified in the accessory definition record that corresponds to the requested function; and communicating, by the controller, a request to the paired accessory to modify the operation characteristic specified in the accessory definition record that corresponds to the requested function, the communicated request being interpretable by the paired accessory device as an instruction to invoke the operation of the paired accessory device. 2. The method of claim 1 further comprising, prior to invoking the operation of the accessory: performing, by the controller, the pair verify operation with the paired accessory, the pair verify operation including: sending, to the paired accessory, a proof that the controller has the long-term public key of the paired accessory and a long-term secret key corresponding to the long-term public key of the controller; and receiving, from the paired accessory, a proof that the paired accessory has the long-term public key of the controller and a long-term secret key corresponding to the long-term public key of the paired accessory, wherein the controller invokes the operation of the paired accessory only if the pair verify operation succeeds. 3. The method of claim 1 further comprising: sending, by the controller, a request to the paired accessory to subscribe to notifications of a change in a particular operation characteristic from the set of operation characteristics defined in the accessory definition record, wherein the request to subscribe specifies the particular operation characteristic and further specifies a notification mode. 4. The method of claim 3 wherein the specified notification mode is an event-message notification mode, the method further comprising: subsequently to sending the request to subscribe, receiving, by the controller an unsolicited response message from the accessory, the unsolicited response message including a notification of a change in the operation characteristic specified by the controller. 5. The method of claim 1 wherein the out-of-band information item comprises digital certificate verification information obtained by the controller from a source other than the accessory, the digital certificate verification information usable to verify a digital certificate and signature received by the controller from the accessory. 6. The method of claim 1 further comprising: performing, by the controller, a pair add operation with the paired accessory on behalf of another controller, wherein the pair add operation includes providing to the accessory, by the controller, one or both of a long-term public key of the other controller or a certificate usable by the accessory to verify the other controller. 7. A controller comprising: a communication interface to communicate with one or more accessories; a secure storage element to securely store pairing records for one or more paired accessories; a data storage element configured to store accessory definition records for one or more paired accessories; and a processing subsystem coupled to the communication interface, the secure storage element, and the data storage element, the processing subsystem configured to: detect an accessory that is available for pairing; perform a pair setup operation to establish a pairing with one or more accessories, wherein establishing the pairing with an accessory of the one or more accessories includes: establishing a shared secret using an out-of-band information item exchanged between the accessory and the controller; securely obtaining, from the accessory, a long-term public key of the accessory and a proof that the accessory has the out-of-band information item; securely providing a long-term public key of the controller to the accessory; and creating and persistently storing a pairing record for the accessory in the secure storage element, the pairing record including the long-term public key of the accessory; obtain, after establishing the pairing with the accessory, an accessory definition record from the paired accessory, the accessory definition record identifying a set of services for performing operations of the paired accessory, each service of the set of services having a set of operation characteristics, each operation characteristic of the set of operation characteristics representing an aspect of accessory state with respect to an operation of the operations of the paired accessory device; receive, at a user interface of the controller, an input that identifies a requested function of the paired accessory to be performed; determine, based at least in part on the input, an operation characteristic of the paired accessory to modify that will instruct the paired accessory to perform the operation of the paired accessory that corresponds to the requested function; perform a pair verify operation including generating a session key, wherein the session key is used to encrypt a request to modify the operation characteristic specified in the accessory definition record that corresponds to the requested function; and invoke the operation of the paired accessory by communicating to the paired accessory a request to modify operation characteristic specified in the accessory definition record that corresponds to the requested function. 8. The controller of claim 7 wherein the communication interface includes at least two different transport protocol stacks and wherein the communication interface selects one of the transport protocol stacks to be used for communicating with a particular accessory. 9. The controller of claim 8 wherein the at least two different transport protocol stacks include a Bluetooth LE protocol stack and an HTTP/IP protocol stack. 10. The controller of claim 7 wherein the processing subsystem is further configured to establish a pair-verified session with the paired accessory, wherein establishing the pair verified session includes: sending, to the paired accessory, a proof that the controller has the long-term public key of the paired a
Assignees
Inventors
Classifications
Monitoring arrangements for monitoring the configuration of the computing system or of the computing system component, e.g. monitoring the presence of processing resources, peripherals, I/O links, software programs (verification or detection of system hardware configuration G06F11/2247) · CPC title
Authentication · CPC title
involving Diffie-Hellman or related key agreement protocols · CPC title
wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption (cryptographic mechanisms or cryptographic arrangements for symmetric key encryption H04L9/06) · CPC title
Generation of secret information including derivation or calculation of cryptographic keys or passwords · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9979625B2 cover?
- A uniform protocol can facilitate secure, authenticated communication between a controller device and an accessory device that is controlled by the controller. An accessory and a controller can establish a pairing, the existence of which can be verified at a later time and used to create a secure communication session. The accessory can provide an accessory definition record that defines the ac…
- Who is the assignee on this patent?
- Apple Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L67/303. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue May 22 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 4 related publications on this page (citations in our corpus or others sharing the same primary CPC).