FI20120110A - Secure remote access license procedure - Google Patents

Secure remote access license procedure Download PDF

Info

Publication number
FI20120110A
FI20120110A FI20120110A FI20120110A FI20120110A FI 20120110 A FI20120110 A FI 20120110A FI 20120110 A FI20120110 A FI 20120110A FI 20120110 A FI20120110 A FI 20120110A FI 20120110 A FI20120110 A FI 20120110A
Authority
FI
Finland
Prior art keywords
trusted relationship
established
remote access
locking
key
Prior art date
Application number
FI20120110A
Other languages
Finnish (fi)
Swedish (sv)
Other versions
FI124237B (en
Inventor
Veikko Ylimartimo
Mikko Korkala
Juho Juopperi
Original Assignee
Tosibox Oy
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to FI20120110A priority Critical patent/FI124237B/en
Application filed by Tosibox Oy filed Critical Tosibox Oy
Priority to CN201380018278.5A priority patent/CN104365056B/en
Priority to PCT/FI2013/050362 priority patent/WO2013150186A1/en
Priority to JP2015503907A priority patent/JP5795696B2/en
Priority to ES13772027.2T priority patent/ES2635556T3/en
Priority to US14/390,153 priority patent/US9385870B2/en
Priority to DK13772027.2T priority patent/DK2834938T3/en
Priority to EP13772027.2A priority patent/EP2834938B1/en
Priority to CA2869110A priority patent/CA2869110C/en
Priority to AU2013244872A priority patent/AU2013244872B2/en
Priority to MX2014012002A priority patent/MX352041B/en
Priority to IN9022DEN2014 priority patent/IN2014DN09022A/en
Priority to KR1020147031032A priority patent/KR101524659B1/en
Priority to PL13772027T priority patent/PL2834938T3/en
Priority to BR112014024934A priority patent/BR112014024934A2/en
Publication of FI20120110A publication Critical patent/FI20120110A/en
Application granted granted Critical
Publication of FI124237B publication Critical patent/FI124237B/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3268Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/2803Home automation networks
    • H04L12/2816Controlling appliance services of a home automation network by calling their functionalities
    • H04L12/2818Controlling appliance services of a home automation network by calling their functionalities from a device located outside both the home and the home network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0272Virtual private networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal

Abstract

In the method and system of establishing a trusted relationship, first a virtual private network is established between a key device and at least one locking device. Thereafter, in order to establish a trusted relationship the key device sends a message encrypted with its private cryptographic key to at least one locking device. The message comprises the certificate of the trusted key device and the certificate of some other device, with which the locking device that received the message shall establish a new trusted relationship. By using the established trusted relationship either a trusted relationship between the locking device and a new key device or a trusted relationship between two or more locking devices is established, whereby a virtual private network can be established between the locking devices.
FI20120110A 2012-04-05 2012-04-05 Data-safe procedure for granting the right of operation carried out via remote connection FI124237B (en)

Priority Applications (15)

Application Number Priority Date Filing Date Title
FI20120110A FI124237B (en) 2012-04-05 2012-04-05 Data-safe procedure for granting the right of operation carried out via remote connection
MX2014012002A MX352041B (en) 2012-04-05 2013-04-03 Secure method for remote grant of operating rights.
JP2015503907A JP5795696B2 (en) 2012-04-05 2013-04-03 A secure way to grant operational rights remotely
ES13772027.2T ES2635556T3 (en) 2012-04-05 2013-04-03 Safe method for remote granting of operating rights
US14/390,153 US9385870B2 (en) 2012-04-05 2013-04-03 Secure method for remote grant of operating rights
DK13772027.2T DK2834938T3 (en) 2012-04-05 2013-04-03 Safe procedure for remote allocation of operating rights
CN201380018278.5A CN104365056B (en) 2012-04-05 2013-04-03 The safety method remotely authorized and equipment for operating rights
CA2869110A CA2869110C (en) 2012-04-05 2013-04-03 Secure method for remote grant of operating rights
AU2013244872A AU2013244872B2 (en) 2012-04-05 2013-04-03 Secure method for remote grant of operating rights
PCT/FI2013/050362 WO2013150186A1 (en) 2012-04-05 2013-04-03 Secure method for remote grant of operating rights
IN9022DEN2014 IN2014DN09022A (en) 2012-04-05 2013-04-03
KR1020147031032A KR101524659B1 (en) 2012-04-05 2013-04-03 Secure method for remote grant of operating rights
PL13772027T PL2834938T3 (en) 2012-04-05 2013-04-03 Secure method for remote grant of operating rights
BR112014024934A BR112014024934A2 (en) 2012-04-05 2013-04-03 secure method for remote granting of operating rights
EP13772027.2A EP2834938B1 (en) 2012-04-05 2013-04-03 Secure method for remote grant of operating rights

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FI20120110 2012-04-05
FI20120110A FI124237B (en) 2012-04-05 2012-04-05 Data-safe procedure for granting the right of operation carried out via remote connection

Publications (2)

Publication Number Publication Date
FI20120110A true FI20120110A (en) 2013-10-06
FI124237B FI124237B (en) 2014-05-15

Family

ID=49300050

Family Applications (1)

Application Number Title Priority Date Filing Date
FI20120110A FI124237B (en) 2012-04-05 2012-04-05 Data-safe procedure for granting the right of operation carried out via remote connection

Country Status (15)

Country Link
US (1) US9385870B2 (en)
EP (1) EP2834938B1 (en)
JP (1) JP5795696B2 (en)
KR (1) KR101524659B1 (en)
CN (1) CN104365056B (en)
AU (1) AU2013244872B2 (en)
BR (1) BR112014024934A2 (en)
CA (1) CA2869110C (en)
DK (1) DK2834938T3 (en)
ES (1) ES2635556T3 (en)
FI (1) FI124237B (en)
IN (1) IN2014DN09022A (en)
MX (1) MX352041B (en)
PL (1) PL2834938T3 (en)
WO (1) WO2013150186A1 (en)

Families Citing this family (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9124434B2 (en) * 2013-02-01 2015-09-01 Microsoft Technology Licensing, Llc Securing a computing device accessory
JPWO2016031414A1 (en) * 2014-08-25 2017-06-08 株式会社リコー Electronic devices and connection methods
JP6424340B2 (en) * 2014-09-19 2018-11-21 パナソニックIpマネジメント株式会社 Connection method, connection system, portable terminal, and program
CN108353280B (en) * 2015-10-27 2022-04-15 索尼公司 Information processing apparatus, information processing method, and computer program
CN105931331A (en) * 2016-04-20 2016-09-07 上海斐讯数据通信技术有限公司 Intelligent lock based on optical communication and unlocking method
CN108667780B (en) * 2017-03-31 2021-05-14 华为技术有限公司 Identity authentication method, system, server and terminal
JP7157146B2 (en) * 2017-09-27 2022-10-19 ユービキティ インコーポレイテッド System for automatically secured remote access to local networks
US10796029B2 (en) 2017-11-30 2020-10-06 International Business Machines Corporation Software controlled port locking mechanisms
CN109949461B (en) * 2019-03-15 2021-01-01 北京深思数盾科技股份有限公司 Unlocking method and device
CN113347168B (en) * 2021-05-26 2022-10-11 北京威努特技术有限公司 Protection method and system based on zero trust model

Family Cites Families (27)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
NO314530B1 (en) * 2000-02-25 2003-03-31 Ericsson Telefon Ab L M Wireless reservation, check-in, access control, check-out and payment
JP4389366B2 (en) * 2000-08-11 2009-12-24 株式会社デンソー Electronic control unit
CA2324679A1 (en) * 2000-10-26 2002-04-26 Lochisle Inc. Method and system for physical access control using wireless connection to a network
US6854010B1 (en) * 2001-04-05 2005-02-08 Bluecube Software, Inc. Multi-location management system
US7389530B2 (en) * 2003-09-12 2008-06-17 International Business Machines Corporation Portable electronic door opener device and method for secure door opening
JP2005123996A (en) 2003-10-17 2005-05-12 National Institute Of Information & Communication Technology Information processing method for transferring authentication-use information between devices, and information processing system therefor
US20050120204A1 (en) * 2003-12-01 2005-06-02 Gary Kiwimagi Secure network connection
JP4648148B2 (en) 2005-09-30 2011-03-09 富士通株式会社 Connection support device
US20080048826A1 (en) * 2006-08-10 2008-02-28 Kavita Agrawal System and method for controlling, configuring, and disabling devices in a healthcare system
US20080103813A1 (en) * 2006-10-12 2008-05-01 Kavita Agrawal System and method for portable safeguard context in a patient's room
US8387124B2 (en) 2007-03-15 2013-02-26 Palo Alto Research Center Incorporated Wormhole devices for usable secure access to remote resource
US7391298B1 (en) 2007-05-09 2008-06-24 Gewa, Llc Wireless system for monitoring and reacting to events at a remote location
US20090030718A1 (en) * 2007-09-28 2009-01-29 Rick Robert Bengson System and method for automatic acquisition and distribution of information in a real estate context
EP2235886B1 (en) 2007-12-31 2012-09-26 Schlage Lock Company Method and system for remotely controlling access to an access point
JP2010086175A (en) * 2008-09-30 2010-04-15 Dainippon Printing Co Ltd Remote access management system and method
US20100125894A1 (en) * 2008-11-19 2010-05-20 At&T Intellectual Property I, L.P. Systems, methods and computer program products that facilitate remote access of devices in a subscriber network
JP2010134749A (en) * 2008-12-05 2010-06-17 Mitsubishi Electric Corp Access control system and access control method
GB2466071B (en) * 2008-12-15 2013-11-13 Hewlett Packard Development Co Associating a signing key with a software component of a computing platform
US8120460B1 (en) * 2009-01-05 2012-02-21 Sprint Communications Company L.P. Electronic key provisioning
US11042816B2 (en) 2009-10-30 2021-06-22 Getaround, Inc. Vehicle access control services and platform
EP2393266A1 (en) * 2010-06-02 2011-12-07 Deutsche Telekom AG Method and system for providing a user equipment with acces control to a remotely controllable device
CA2804974A1 (en) * 2010-06-16 2011-12-22 Delphian Systems, LLC Wireless device enabled locking system
US8670752B2 (en) * 2010-09-24 2014-03-11 At&T Intellectual Property I, L.P. Providing integrated service-entity premium communication services
US8972746B2 (en) * 2010-12-17 2015-03-03 Intel Corporation Technique for supporting multiple secure enclaves
CN102255730A (en) * 2011-07-11 2011-11-23 吴沙林 Digital certificate safety lock device and digital certificate authentication system and method
US8947200B2 (en) * 2011-11-17 2015-02-03 Utc Fire & Security Corporation Method of distributing stand-alone locks
US9710982B2 (en) * 2011-12-23 2017-07-18 Microsoft Technology Licensing, Llc Hub key service

Also Published As

Publication number Publication date
PL2834938T3 (en) 2017-11-30
JP5795696B2 (en) 2015-10-14
IN2014DN09022A (en) 2015-05-22
BR112014024934A2 (en) 2017-07-11
KR101524659B1 (en) 2015-06-01
ES2635556T3 (en) 2017-10-04
US9385870B2 (en) 2016-07-05
US20150341177A1 (en) 2015-11-26
WO2013150186A1 (en) 2013-10-10
CA2869110C (en) 2015-11-03
EP2834938B1 (en) 2017-05-31
CN104365056B (en) 2017-11-24
AU2013244872B2 (en) 2014-12-11
KR20140138351A (en) 2014-12-03
EP2834938A1 (en) 2015-02-11
CA2869110A1 (en) 2013-10-10
CN104365056A (en) 2015-02-18
AU2013244872A1 (en) 2014-10-23
EP2834938A4 (en) 2015-12-02
DK2834938T3 (en) 2017-08-28
JP2015518316A (en) 2015-06-25
FI124237B (en) 2014-05-15
MX2014012002A (en) 2014-12-05
MX352041B (en) 2017-11-07

Similar Documents

Publication Publication Date Title
FI20120110A (en) Secure remote access license procedure
SG10201901366WA (en) Key exchange through partially trusted third party
BR112017003018A2 (en) secure provision of an authentication credential
GB2533727A (en) Registry apparatus, agent device, application providing apparatus and corresponding methods
WO2014182727A3 (en) Selectively performing man in the middle decryption
MX2016002262A (en) Secure installation of encryption enabling software onto electronic devices.
WO2015157693A3 (en) System and method for an efficient authentication and key exchange protocol
WO2014116956A3 (en) System and method for differential encryption
WO2014191768A3 (en) Multi-factor zero-knowledge authentication using pairings
GB2534801A (en) A set of servers for "Machine-to-Machine" communications using public key infrastructure
GB2512249A (en) Secure peer discovery and authentication using a shared secret
BR112017020122A2 (en) establishment of a secure nan data link
NZ740305A (en) Enabling emergency access to secure wireless communications networks
WO2015179849A3 (en) Network authentication system with dynamic key generation
TR201911098T4 (en) Secure communication for computing devices using proximity services.
GB201221433D0 (en) A method and system of providing authentication of user access to a computer resource on a mobile device
MX2014011953A (en) Detecting network intrusion using a decoy cryptographic key.
IN2014DN09465A (en)
GB2524198A (en) Method and device for secure network access
WO2015008158A3 (en) Securing method for lawful interception
PH12014501499A1 (en) Secure data communications with network back end devices
MY171259A (en) System and method for identity-based entity authentication for client-server communications
WO2012087692A3 (en) System and method for secure communications in a communication system
BR112014024484A8 (en) reliable service interaction
BR112017008214A2 (en) methods and systems for authentication interoperability

Legal Events

Date Code Title Description
FG Patent granted

Ref document number: 124237

Country of ref document: FI

Kind code of ref document: B