US20110265151A1 - Method of adding a client device or service to a wireless network - Google Patents

Method of adding a client device or service to a wireless network Download PDF

Info

Publication number
US20110265151A1
US20110265151A1 US13/092,082 US201113092082A US2011265151A1 US 20110265151 A1 US20110265151 A1 US 20110265151A1 US 201113092082 A US201113092082 A US 201113092082A US 2011265151 A1 US2011265151 A1 US 2011265151A1
Authority
US
United States
Prior art keywords
service
client device
device
network
smart network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US13/092,082
Inventor
John Furlan
Siddhartha Dattagupta
Chris BAINER
Insung Kim
Ariel Braunstein
Jonathan Kaplan
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Belkin International Inc
Original Assignee
Cisco Technology Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to US32707210P priority Critical
Application filed by Cisco Technology Inc filed Critical Cisco Technology Inc
Priority to US13/092,082 priority patent/US20110265151A1/en
Assigned to CISCO TECHNOLOGY, INC. reassignment CISCO TECHNOLOGY, INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: KIM, INSUNG, BAINER, CHRIS, BRAUNSTEIN, ARIEL, DATTAGUPTA, SIDDHARTHA, FURLAN, JOHN
Publication of US20110265151A1 publication Critical patent/US20110265151A1/en
Assigned to CISCO CONSUMER PRODUCTS LLC reassignment CISCO CONSUMER PRODUCTS LLC ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: CISCO TECHNOLOGY, INC.
Assigned to LINKSYS LLC reassignment LINKSYS LLC CHANGE OF NAME (SEE DOCUMENT FOR DETAILS). Assignors: CISCO CONSUMER PRODUCTS LLC
Assigned to WELLS FARGO BANK, NATIONAL ASSOCIATION, AS AGENT reassignment WELLS FARGO BANK, NATIONAL ASSOCIATION, AS AGENT PATENT SECURITY AGREEMENT Assignors: CISCO CONSUMER PRODUCTS LLC
Assigned to BELKIN INTERNATIONAL, INC. reassignment BELKIN INTERNATIONAL, INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: LINKSYS, LLC
Application status is Abandoned legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. local area networks [LAN], wide area networks [WAN]
    • H04L12/2803Home automation networks
    • H04L12/2807Exchanging configuration information on appliance services in a home automation network
    • H04L12/2809Exchanging configuration information on appliance services in a home automation network indicating that an appliance service is present in a home automation network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/20Selecting an access point
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements, e.g. access security or fraud detection; Authentication, e.g. verifying user identity or authorisation; Protecting privacy or anonymity ; Protecting confidentiality; Key management; Integrity; Mobile application security; Using identity modules; Secure pairing of devices; Context aware security; Lawful interception
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/08Access restriction or access information delivery, e.g. discovery data delivery
    • H04W48/14Access restriction or access information delivery, e.g. discovery data delivery using user query or user detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/26Network addressing or numbering for mobility support
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/08Access point devices

Abstract

A smart network host device automatically registers a device or service with a wireless network using identification information and an authorization credential associated with the device or service. The smart network host device obtains the requisite identification information and authorization credential from a network association apparatus associated with the specific device or service to be registered with the wireless network. The smart network host device performs the registration automatically once the smart network host device confirms that the device or service has been associated with the wireless network and a secure password authentication protocol is successfully performed by the smart network host device and the device or service. The network association apparatus may comprise an RFID tag.

Description

    CROSS-REFERENCE TO RELATED APPLICATIONS
  • This application claims benefit of U.S. provisional patent application Ser. No. 61/327,072 (Attorney Docket No. CPOL970592), filed Apr. 22, 2010, which is herein incorporated by reference in its entirety.
  • BACKGROUND
  • 1. Technical Field
  • The present disclosure relates generally to wireless networks and, more specifically, to a method of adding a client device or service to a wireless network.
  • 2. Description of the Related Art
  • Home networks, in which multiple computing and/or peripheral devices are communicatively linked together in a consumer's home, are becoming increasingly ubiquitous. A home environment may include one or more computers, a wireless router, a DSL modem, and one or more other client devices capable of connecting to the home network. Conventionally, each device in the home network must be individually configured to connect to the network and, once configured, may then communicate with each of the other devices attached to the home network.
  • In practice, procedures for associating client devices and provisioning services on a home network are typically too involved for the majority of home network users to implement reliably. For example, a network user may need to manually reconfigure the home network router, determine a network IP address and/or hostname for each client device, establish network credentials, register the various services for each device, and manually track which network IP address is associated with which client device or service in order to configure client devices to communicate on the home network.
  • The involved configuration procedures described above make it a challenge for unsophisticated users to reliably setup a home network and associate client devices or services on the home network. Accordingly, there is a need in the art for systems and methods that enable the user of a home network to conveniently and securely connect one or more devices or services to the home network.
  • BRIEF DESCRIPTION OF THE DRAWINGS
  • So that the manner in which the above recited features of the present invention can be understood in detail, a more particular description of the invention may be had by reference to example embodiments, some of which are illustrated in the appended drawings. It is to be noted, however, that the appended drawings illustrate only example embodiments of this invention and are therefore not to be considered limiting of its scope, for the invention may admit to other equally effective embodiments.
  • FIG. 1A is an exemplary illustration of an overarching network system configured to implement one or more aspects of the present invention.
  • FIG. 1B illustrates the smart home network of FIG. 1A, according to one example embodiment of the present invention.
  • FIG. 1C illustrates the smart home network of FIG. 1A, according to another example embodiment of the present invention.
  • FIG. 1D illustrates the smart home network of FIG. 1A, according to yet another example embodiment of the present invention.
  • FIG. 1E is a more detailed illustration of the smart network host device of FIG. 1A, according to one example embodiment of the present invention.
  • FIG. 1F illustrates a system software architecture for the smart network host device of FIG. 1E, according to one example embodiment of the present invention.
  • FIG. 2 illustrates a configuration of the ID device of FIG. 1B, according to an example embodiment of the present invention.
  • FIG. 3 is a flowchart of method steps for automatically associating a client device or service with a smart network, according to one example embodiment of the present invention.
  • FIG. 4 is a flowchart of method steps for automatically registering a client device or service with a wireless network, according to an example embodiment of the present invention.
  • For clarity, identical reference numbers have been used, where applicable, to designate identical elements that are common between figures. It is contemplated that features of one example embodiment may be incorporated in other example embodiments without further recitation.
  • DESCRIPTION OF EXAMPLE EMBODIMENTS
  • In the following description, numerous specific details are set forth to provide a more thorough understanding of various example embodiments of the invention. However, it will be apparent to one of skill in the art that certain embodiments of the invention may be practiced without one or more of these specific details. In other instances, well-known features have not been described in order to avoid obscuring the invention.
  • Overview
  • One example embodiment of the present invention sets forth a method that comprises obtaining identification information and an authorization credential associated with a client device or service, receiving a registration request from the client device or service that includes the identification information, wherein the registration request is for registering the client device or service with a wireless home network, in response, determining that the client device or service is currently associated with the wireless home network, initiating a secure password authentication protocol with the client device or service, and, after completing the secure password authentication protocol, registering the client device or service with the wireless home network.
  • Another example embodiment of the present invention sets forth a computer-readable medium including instructions that, when executed by a processing unit, cause the processing unit to perform the steps of obtaining identification information and an authorization credential associated with a client device or service, receiving a registration request from the client device or service that includes the identification information, wherein the registration request is for registering the client device or service with a wireless home network, in response, determining that the client device or service is currently associated with the wireless home network, initiating a secure password authentication protocol with the client device or service, and, after completing the secure password authentication protocol, registering the client device or service with the wireless home network.
  • Yet another example embodiment of the present invention sets forth a system comprising a smart network host device located within a wireless home network that is configured to obtain identification information and an authorization credential associated with a client device or service, receive a registration request from the client device or service that includes the identification information, wherein the registration request is for registering the client device or service with the wireless home network, in response, determine that the client device or service is currently associated with the wireless home network, initiate a secure password authentication protocol with the client device or service, and, after completing the secure password authentication protocol, register the client device or service with the wireless home network.
  • DETAILED DESCRIPTION OF THE FIGURES
  • FIG. 1A is an exemplary illustration of an overarching network system 100 configured to implement one or more aspects of the present invention. The network system 100 comprises a smart network 102, an external network 110, and an applet store 116. The external network 110 may comprise the well-known Internet or any other data network system. The smart network 102 includes a smart network host device 120 configured to transmit network data packets between the external network 110 and connected devices within the smart network 102, such as computer 170 and client devices 130. Any technically feasible wireless or wired physical transport technology may be implemented to transmit the network data packets. The smart network host device 120 maintains a network state model 178 that represents the different entities and related services operating within the smart network 102. For example, if client device 130(0) implements a printer with an integrated scanner and flash memory reader, then the network state model 178 would include an entry for client device 130(0), and related attributes for a printer service, scanner service, and file (or block device) service. New devices register with the smart network host device 120, which then updates the network state model 178 to include the new device.
  • A portal application 172, residing within the computer 170, is configured to access the network state model 178 to determine which client devices 130 are available within the smart network 102, which services the client devices 130 provide, and to access and use the services. The portal application 172 may include one or more applets 174, configured to extend functionality of the portal application 172. A given applet 174 may be associated with a specific client device 130 and may facilitate specific usage models for the client device 130 via the extended functionality. When a new client device 130 registers with the smart network 102, a most recent version of a corresponding applet 174 may not be available within the portal application 172. However, the portal application 172 may retrieve the corresponding applet 174 or version of the corresponding applet 174 from the applet store 116.
  • The applet store 116 is configured to facilitate access to applets 174 by the portal application 172. The applet store 116 provides storage for applets 174 corresponding to client devices 130 and makes the applets 174 available for download to the portal application 172 via the external network 110. In one embodiment, the applet store 116 occupies a well-known location, such as a universal resource locator (URL) associated with the external network 110. Any technically feasible technique may be used to identify a particular applet 174 as corresponding to a particular client device 130. Furthermore, any technically feasible technique may be used to download the particular applet 174 an incorporate the functionality of the applet 174 to the portal 172.
  • FIG. 1B illustrates the smart home network 102 of FIG. 1A, according to one example embodiment of the present invention. As shown, the smart network 102 comprises a smart network host device 120, one or more client devices 130, and a wide area network (WAN) interface device 112, coupled to the external network 110 of FIG. 1A. The WAN interface device 112 may implement a cable modem, digital subscriber line (DSL) modem, fiber to the home interface, or any other technically feasible device that provides digital network connectivity to the external network 110. The WAN interface device 112 is coupled to the smart network host device 120 via a network interface 118. In one embodiment, the network interface 118 implements the well-known Ethernet standard.
  • The smart network host device 120 implements a wireless network interface coupled to antenna 122, which is configured to convert electrical signals to electromagnetic signals for transmitting data packets, and electromagnetic signals to electrical signals for receiving data packets. The antenna 122 may comprise plural independent radiator structures, each having a separate radiation pattern for implementing spatial multiplexing. In one embodiment, the wireless network interface implements one or more well-known standards, such as the Institute of Electrical and Electronics Engineers (IEEE) standard 802.11, which defines a system for wireless local area networking. The antenna 122 is configured establish wireless client links 134 to antennas 132 coupled to corresponding client devices 130. The smart network host device 120 implements layer 2 forwarding (bridging) for wireless data packets forwarded among client devices 130 as well as Internet protocol (IP) layer 3 routing between an IP domain associated with the smart network 102 and the external network 110. In this configuration, the smart network host device 120 provides related services and protocols, such as dynamic host configuration protocol (DHCP), network address translation (NAT), and the like.
  • The smart network host device 120 acts as a central authentication authority for the smart network 102 and implements authentication services for devices registering with the smart network 102. In one embodiment, authentication is implemented via Identification (ID) devices 136 that are uniquely paired with corresponding client devices 130. For example, client device 130(0) may be uniquely paired with ID device 136(0) by a manufacturer of the client device 130(0). An ID device 136(0) is physically presented to the smart network host device 120 as an authentication credential to allow a client device 130(0) paired to the ID device 136(0) to join the smart network 102. Furthermore, the client device 130(0) is able to authenticate the smart network 102 as a trusted network by accessing credentials for the corresponding ID device 136(0) specifically via the smart network 102. In one embodiment, the ID devices 136 are implemented as near field radio frequency identification (RFID) tags. Each one of the RFID tags is configured to retain authentication credentials necessary to uniquely associate the one RFID tag with one instance of the client device 130. In this way, an RFID tag may be paired with a given client device 130. Persons skilled in the art will recognize that any technique may be implemented to generate and represent authentication credentials without departing the scope and spirit of the present invention. For example, in another embodiment, the ID devices 136 could be implemented as a physical token that includes a printed bar code on a face of the token. The bar code may encode authentication credentials for a corresponding client device 130. In such an embodiment, the smart network host device 120 may include an optical scanner capable of reading the printed bar code from the physical token. In alternative embodiments, other forms of ID devices 136 may implement storage of the authentication credentials. For example, a universal serial bus (USB) storage device may be used to present authentication credentials to the smart network host device 120 for authenticating a related device, such as the computer 170. In other alternative embodiments, a user may manually authenticate a client device 130 with the smart network host device 120. For example, the user may log onto a management web page generated by the smart network host device 120 and manually enter authentication credentials, such as a printed code associated with the client device 130.
  • In one usage scenario involving ID device 136, the user wishes to add a new device, such as a smart network-enabled printer to the smart network 102. The printer includes an ID device 136 implemented as an RFID tag that is paired to the printer. The user places the ID device 136 in close physical proximity to the smart network host device 120, which is the able to read the ID device 136 and authenticate the printer. The printer registers with the smart network host device 120 and is then available for use by devices connected within the smart network 102. Upon successfully reading the ID device 136, the smart network host device 120 may indicate success to the user by flashing a light-emitting diode (LED), or by generating any technically feasible indication.
  • FIG. 1C illustrates the smart home network 102 of FIG. 1A, according to another example embodiment of the present invention. Here, the smart network 102 comprises a smart network host device 120, a smart network extender device 140, one or more client devices 130, and a wide area network (WAN) interface device 112, coupled to the external network 110 of FIG. 1A. The WAN interface device 112, smart network host device 120, and one or more client devices 130 are configured to operate as previously described in FIG. 1B.
  • In addition to previously described functionality, the smart network host device 120 is also configured to detect one or more smart network extender devices 140 and to establish a bridge link 128 to each of the one or more smart network extender devices 140. Each smart network extender device 140 is configured to act as a network bridge between a client device 130 and the smart network host device 120. For example, client devices 130(1) through 130(N) may be physically located such that they are able to connect to the smart network extender device 140, but not to the smart network host device 120. Furthermore, the smart network extender device 140 is able to connect to the smart network host device 120 via bridge link 128. Data packets transmitted by client devices 130(1) through 130(N) and destined to the external network 110 are received by the smart network extender device 140 and retransmitted by the smart network extender device 140 via bridge link 128 to the smart network host device 120, which then forwards the data packets to the external network 110. Similarly, data packets from the external network 110 that are destined to any of the client devices 130(1) through 130(N) are transmitted via bridge link 128 to the smart network extender device 140, which retransmits the data packets via wireless client links 134(1)-134(N). Persons skilled in the art will understand that wireless client links 134(1)-134(N) may each be configured to operate on a separate channel or band, or a common channel or band. Furthermore, bridge link 128 may operate on a separate channel or band with respect to the wireless client links 134.
  • In one embodiment, each smart network extender device 140 is paired to an ID device 136, which is presented as an authentication credential to the smart network host device 120 to enable the smart network extender device 140 to participate within the smart network 102.
  • FIG. 1D illustrates the smart home network 102 of FIG. 1A, according to yet another example embodiment of the present invention. Here, the smart network 102 comprises a smart network host device 120, a smart network extender device 140, one or more client devices 130, a smart network connector device 150, and a wide area network (WAN) interface device 112, coupled to the external network 110 of FIG. 1A. The WAN interface device 112, smart network extender device 140, and one or more client devices 130 are configured to operate as previously described in FIGS. 1B and 1C.
  • In this embodiment, the smart network host device 120 is configured to operate similarly with respect to FIGS. 1B and 1C. However, upon detecting the smart network connector device 150, the smart network host device 120 is configured to operate as a bridge rather than a router, and the smart network connector device 150 is configured to operate as a router. A backhaul link 158 is established between the smart network host device 120 and the smart network connector device 150.
  • Network data traffic between client device 130(N) and the external network 110 traverses wireless client link 134(N), bridge link 128, and backhaul link 158. This network data traffic is also forwarded by smart network extender device 140, smart network host device 120, and smart network connector device 150. A client device 130 may connect directly to any one of the network extender device 140, smart network host device 120, or smart network connector device 150. As shown, client device 130(0) is connected to smart network connector device 150 via wireless client link 134(0), client device 130(1) is connected to smart network host device 120 via wireless client link 134(1), and client device 130(N) is connected to smart network extender device 140 via wireless client link 134(N).
  • In one embodiment, the smart network connector device 150 is paired to an ID device 136, which is presented as an authentication credential to the smart network host device 120 to enable the smart network connector device 150 to participate within the smart network 102. In an alternative embodiment, the smart network connector device 150 and the smart network host device 120 are paired during a manufacturing step, eliminating the need for a separate ID device 136.
  • FIG. 1E is a more detailed illustration of the smart network host device 120 of FIG. 1A, according to one example embodiment of the present invention. As shown, the smart network host device 120 comprises a processor complex, 160, a wireless network interface 162, an ID device reader 164, and a wired network interface 166. An interconnect 165 is configured to transmit data among the processor complex 160, wireless network interface 162, ID device reader 164, and wired network interface 166. The wired network interface 166 is configured transmit data packets via network interface 118, based on data received via the interconnect 165. The wired network interface 166 is also configured to receive data packets from the network interface 118 and transmit contents of the received data packets to the processor complex 160 via the interconnect 165. The wireless network interface 162 is configured to transmit data packets, based on data received via the interconnect 165, to one or more network devices within range. The wireless network interface 162 is also configured to receive data packets from the one or more network devices and then transmit contents of the received packets to the processor complex 160. The wireless network interface 162 is coupled to an antenna 122.
  • The processor complex 160 comprises a central processing unit (CPU), non-volatile memory for storing persistent programs, program state, and configuration information, random access memory (RAM) for storing temporary or volatile data, and an interface to the interconnect 165. In one embodiment, the processor complex 160 is configured to execute an operating system and applications that provide routing services. The routing services may include, for example, data packet forwarding between the network interface 118 and the wireless network interface 162. The packet forwarding services may include, without limitation, bridging among the one or more network devices via the wireless network interface 162.
  • The ID device reader 164 is configured to read data from an associated ID device 136. In one embodiment, the ID device reader 164 is configured to read data from RFID tags comprising the ID device 136. The ID device reader 164 may also include a USB reader. In another embodiment, the ID device reader 164 may be implemented as an optical scanner for reading ID devices 136 that encode data via a printed bar code. In yet other embodiments, the ID device reader 164 may be configured to read data from other types of interfaces, such as other types of flash memories like an SD flash card.
  • In certain embodiments, the smart network host device 120 comprises one or more integrated circuits that implement respective functions of the smart network host device 120. For example, the processor complex 160, wired network interface 166, and wireless network interface 162 may be integrated into a single integrated circuit.
  • Persons skilled in the art will recognize that the smart network extender device 140 may be implemented using the basic architecture of the smart network host device 120, with the exception that the ID device reader 164 and wired network interface 166 are not required for the smart network extender device 140. Similarly, the smart network connector device 150 may be implemented using the basic architecture of the smart network host device 120, with the exception that the ID device reader 164 is not required for the smart network connector device 150.
  • FIG. 1F illustrates a system software architecture for the smart network host device 120 of FIG. 1E, according to one example embodiment of the present invention. As shown, the software architecture 104 includes several software modules within the smart network host device 120. Programming instructions stored within the processor complex 160 implement a portion of the system software architecture 104 that includes a runtime server 180, a product solution space 190, and a network solution space 196. The product solution space 190 comprises an object model 192 and one or more solution applications 194. The object model 192 provides a standard, consistent abstraction of different network elements and related services within the smart network 102. Exemplary network elements include devices coupled to the smart network 102, such as printers, cameras, and display devices. Exemplary services include device and service discovery, event tracking and generation, and state presentation for the different elements. In one embodiment, the object model 192 includes a network interface based on the well-known extensible markup language (XML). One or more solution applications 194 provide specific functionality, such as a specific view of a storage system, or a specific technique for presenting certain data. The network solution space 196 includes software modules configured to provide management of network elements and network services, including device services, local area network services within the smart network 102, and wide area network services related to connectivity management of the external network 110.
  • The runtime server 180 comprises a network provisioning module 182, a service and discovery provisioning (SDP) module 184, an event module 186, and a network configuration module 188. The event module 186 tracks different network events, such as a network device advertising presence or updating status within the smart network 102. The SDP module 184 maintains a persistent view of different network devices and related services, based on data from the event module 186 and on data from the network devices. The network provisioning module 182 provides authentication and authorization for network devices within the smart network 102. Authentication credentials may be presented via a given ID device 136. The network provisioning module 182 may also facilitate certain network services, such as DHCP leases. The network configuration module 188 includes hardware platform-specific implementation methods for network configuration and management. The persistent view comprises the network state model 178 of FIG. 1A.
  • Persons skilled in the art will recognize that the smart network connector device 150 and smart network extender device 140 may be implemented using an appropriate subset of the system software architecture 104 described above in conjunction with FIG. 1F.
  • Embodiments of the invention provide systems and methods for automatically registering a device or service with a wireless network, such as the smart network 102. Specifically, a host device obtains identification information and an authorization credential associated with a specific device or service that can be registered with a wireless network. When the host device receives a registration request from the device or service, registration is performed automatically once the host device confirms the device or service has been associated with the wireless network and the secure password authentication protocol is successfully performed by the host device and the device or service. The secure password authentication protocol is based on the authorization credential obtained by the host device prior to the registration request.
  • The host device obtains the identification information and authorization credential from a network association apparatus that is associated with the specific device or service to be registered with the wireless network. The network association apparatus is configured to automatically provide the identification information and the authorization credential in a secure fashion to the host device of the wireless network when brought into close proximity to or physically connected with the host device. In some example embodiments, the network association apparatus comprises one or more of ID devices 136(1)-136(N) described above in conjunction with FIG. 1B, and the host device comprises the smart network host device 120, described above in conjunction with FIGS. 1A-1F.
  • FIG. 2 illustrates the ID device 136(N) of FIG. 1B configured to provide identification information and an authorization credential in a secure fashion to the smart network host device 120, according to an example embodiment of the present invention. The ID device 136(N) is a portable apparatus that enables the smart network host device 120 to automatically associate a client device 130(N) or service with the smart network 102. When configured to provision the smart network 102 with identification information and authentication credentials for a client device 130(N) or service, the ID device 136(N) may have any of the configurations for the ID devices 130(0)-130(N) described above in conjunction with FIG. 1B. More generally, the ID device 136(N) may be any portable information-provisioning device that includes a data storage medium configured with a protected data storage region that retains the requisite identification information and authentication credentials for a specific client device 130(0)-130(N) or service. Suitable information-provisioning devices include USB drives that are manufactured with write-protected encrypted bits, writable RFID tags, optical disks with manufactured keys, secure digital (SD) memory cards with digital rights management (DRM) features, and the like. In some embodiments, ID device 136(N) may be configured without a storage medium, and includes a bar code, such as a two-dimensional quick response (QR) code. In such an embodiment, identification information and authentication credentials for a client device 130(N) or service are encoded in the bar code.
  • In the example embodiment illustrated in FIG. 2, the ID device 136(N) includes a controller 210, an I/O interface 220, a universally unique identifier (UUID) 230, and an authorization credential 240. The controller 210 is configured to execute the requisite functions for the operation of the ID device 136(N), and the I/O interface 220 is configured to enable communication between the ID device 136(N) and the smart network host device 120. In example embodiments in which the ID device 136(N) comprises a near-field RFID tag, the controller 210 includes an integrated circuit for storing and processing information, modulating and demodulating a radio-frequency (RF) signal, and performing other specialized functions associated with the operation of the RFID tag. In such embodiments, the I/O interface 220 includes an antenna for receiving and transmitting the RF signal, and the UUID 230 and the authorization credential 240 may reside in the integrated circuit included in the controller 210. Alternatively, the UUID 230 and the authorization credential 240 may be stored in a memory that is part of the ID device 136(N). In other example embodiments, in which the ID device 136(N) does not comprise an RFID tag, the I/O interface 220 may include a USB port or other technically feasible interface for physically connecting the ID device 136(N) to the smart network host device 120.
  • The UUID 230 includes a unique reference number used as an identifier for the client device 130(N) that enables the smart network host device 120 to differentiate the client device 130(N) from other devices and services found in the network system 100. In some example embodiments, the UUID 230 is similar in format to globally unique identifiers (GUIDs), however, other formats known in the art suitable for the UUID 230 may be utilized without departing from the scope of the invention. For example, the UUID 230 may include the media access control address (MAC address) of the client device 130(N), in order to uniquely identify the client device 130(N). The MAC address of the client device 130(N) is a unique identifier that has no risk of name conflicts with any other devices in the smart network 102 or the network system 100. Thus, the ID device 136(N) can be permanently associated with the client device 130(N) via the UUID 230. In alternative embodiments, the ID device 136(N) may be configured such that UUID 230 may be written to the ID device 136(N) by the smart network host device 120 or other device, and therefore can be associated with a different client device 130(N) at a later time as desired by the user. For example, a UUID associated with the smart network 102 may be written to the ID device 136(N), and the ID device 136(N) may then be used to associate the smart network 102 with other smart networks on the network system 100.
  • The authorization credential 240, when obtained from the ID device 136(N) by the smart network host device 120, provides a layer of security to the smart network 102 when the smart network host device 120 sets up a secure connection between the smart network 102 and the client device 130(N). The authorization credential 240 may be an encrypted key for device-to-device authentication, in this case between the smart network host device 120 and the client device 130(N), and may be stored in or permanently written to the ID device 136(N) when the ID device 136(N) is manufactured. Thus, in some embodiments, the authorization credential 240 is stored in a write-protected storage medium, such as the write-protected encrypted bits of a USB drive or RFID tag, the manufactured key of an optical disk or SD memory card, or the like. The data included in the authorization credential 240 may be stored in any format known in the art suitable for authorization credentials without departing from the scope of the invention. In one example embodiment, the authorization credential 240 includes at least a portion of the MAC address of the client device 130(N). In some embodiments, the authorization credential 240 is a high-entropy key, such as a 128-bit key.
  • How the ID device 136(N) provides the UUID 230 and the authorization credential 240 to the smart network host device 120 depends on the configuration of the ID device 136(N). For example, when the ID device 136(N) comprises a USB drive with write-protected encrypted bits, the ID device 136(N) is detected by the smart network host device 120 when the ID device 136(N) is inserted into an appropriate USB port of the smart network host device 120, and the smart network host device 120 can obtain the UUID 230 and the authorization credential 240 using any technically feasible protocol. When the ID device 136(N) includes a bar code, the ID device 136(N) is scanned across a suitable bar code reader coupled to the smart network host device 120. When the ID device 136(N) comprises an RFID tag, connection to the smart network host device 120 can be as straight-forward as physically presenting the ID device 136(N) to the smart network host device 120. Thus, as soon as the ID device 136(N) is within a working radius of ID device reader 164 disposed in the smart network host device 120, e.g., within about 10 cm, the smart network host device 120 detects the ID device 136(N) and reads the UUID 230 and the authorization credential 240 from the ID device 136(N). Alternatively, the RFID reader in the smart network host device 120 may be configured to read information only from an RFID tag that is within the working radius of the RFID reader and also has a prescribed orientation with respect to the smart network host device 120, or is physically mounted in a specific location on the smart network host device 120. In such an example embodiment, faking of an RFID tag output signal is difficult to simulate, thereby preventing unwanted devices and/or services from being registered on the smart network 102 by the smart network host deice 120. Whether the ID device 136(N) comprises an RFID tag, a device that is physically connected to the smart network host device 120, or a bar code that is scanned in to the smart network host device 120, once the connection is made between the ID device 136(N) and the smart network host device 120, user involvement is no longer required for the client device 130(N) to be associated with the smart network 102 by the smart network host device 120.
  • In some example embodiments of the invention, the ID device 136(N) includes a visual identifier 250 that is disposed on an outer surface of the ID device 136(N). The visual identifier 250 provide symbolic and/or numeric markings which indicate to the user the specific client device 130 or service that is associated with the ID device 136(N). The visual identifier 250 may include a logo of a company associated with the client device 130(N) or service associated with the ID device 136(N), an icon that represents the client device 130(N) or service, a serial number associated with the client device 130(N) or service, and/or a bar code that uniquely identifies the client device 130(N) or service. Thus, a user can quickly determine from multiple ID devices 136, which ID device 136(N) is associated with a specific client device 130. In order to conveniently differentiate between the ID devices 136 associated with similar client devices (e.g., multiple digital cameras), the visual identifier 250 may include both an iconic and a numeric component.
  • In operation, ID device 136(N) enables the smart network host device 120 to associate a specific client device 130(N) with the smart network 102. The ID device 136(N) is a physical representation of the client device 130(N) that greatly simplifies the role of a user of the smart network 102 when adding the client device 130(N) or a service to the smart network 102, since the UUID 230 and the authorization credential 240 are automatically obtained by the smart network host device 120. Further, an additional layer of security is provided to the smart network 102 since the UUID 230 and the authorization credential 240 can only be obtained by the smart network host device 120 when a suitable ID device 136(N) is positioned in close proximity to or physically connected to the smart network host device 120. In this way, the smart network host device 120 obtains the UUID 230 and the authorization credential 240 in a convenient and secure fashion, and can automatically associate the client device 130(N) that is paired to the ID device 136(N) with the smart network 102 with little risk of the authorization credential 240 being spoofed, or an unauthorized UUID being accepted by the smart network host device 120. In some example embodiments, as an added layer of security, the smart network host device 120 is configured to automatically disassociate the client device 130(N) or service associated with the ID device 136(N) and the smart network 102 when the ID device 136(N) is detected to be no longer in close proximity to or physically connected to the smart network host device 120.
  • FIG. 3 is a flowchart of method steps for automatically associating a client device or service with a smart network, according to one example embodiment of the present invention. Although the method steps are described in conjunction with the smart network 102 of FIG. 1 and the configuration of the ID device 136(N) illustrated in FIG. 2, persons skilled in the art will understand that any wireless network and ID device configured to perform the method steps, in any order, is within the scope of the invention.
  • As shown, the method 300 begins at step 301, where the smart network host device 120 detects the presence of the ID device 136(N), which is associated with the client device 130(N) or a service that can be connected to smart network 102. In one embodiment, the ID device 136(N) may be detected when mounted in a prescribed fashion on a surface of the smart network host device 120 and ID device reader 164 in the smart network host device 120 detects the presence of an RFID tag included in the ID device 136(N) once the ID device 136(N) is within the near field of the reader. In another example embodiment, the ID device 136(N) may be swiped near the ID device reader 164. In yet another example embodiment, a bar code included in the ID device 136(N) is read by an optical scanner coupled to the smart network host device 120.
  • In step 302, the smart network host device 120 automatically obtains from the ID device 136(N) the UUID 230 and the authorization credential 240 for the client device 130(N) or service associated with the ID device 136(N). The UUID 230 and the authorization credential 240 may be obtained placing the ID device 136(N) near the smart network host device 120, or by physically connecting the ID device 136(N) to the smart network host device 120 via a USB port or other technically feasible connection mechanism. In an alternative embodiment, the UUID 230 and the authorization credential 240 may be encoded in a printable medium, such as a bar code, and read by swiping the bar code under an optical scanner included in the smart network host device 120.
  • In step 303, the smart network host device 120 updates the network state model 178 to include the new device or service for which the smart network host device 120 has obtained the UUID 230 and the authorization credential 240, thereby associating the client device 130(N) or service with the smart network 102.
  • FIG. 4 is a flowchart of method steps for automatically registering a client device or service with a wireless network, according to an example embodiment of the present invention. Although the method steps are described in conjunction with the smart network 102 of FIG. 1 and the configuration of the ID device 136(N) illustrated in FIG. 2, persons skilled in the art will understand that any wireless network and ID device configured to perform the method steps, in any order, is within the scope of the invention. Prior to the first step of method 400, the smart network host device 120 obtains the UUID 230 and the authorization credential 240 from the ID device 136(N) via method 300.
  • As shown, the method 400 begins at step 401, where the smart network host device 120 receives a registration request from the client device 130(N) or a service associated with the ID device 136(N). Such a registration request may take place when the client device 130(N) is first powered up, rebooted, etc. within the operational radius of the antenna 122 of the smart network host device 120. The registration request includes the UUID 230 associated with the client device 130(N). In an alternative embodiment, the registration request from the client device 130(N) may be received by any access point of the smart network 102, including the smart network extender device 140 and the smart network connector device 150. In such an embodiment, the smart network extender device 140 communicates the registration request to the smart network host device 120 via the bridge link 128, and the smart network connector device 150 communicates the registration request to the smart network host device 120 via the backhaul link 158.
  • In step 402, the smart network host device 120 determines whether the client device 130(N) or service requesting registration with the smart network 102 has been previously associated with the smart network 102. The smart network host device 120 performs the determination of step 402 by confirming that the UUID 230 received from the client device 136(N) in step 401 matches an entry in the network state model 178. The presence of the UUID 230 in the network state model 178 confirms that a user has previously presented the ID device 136(N) to the smart network host device 120, and the smart network host device 120 proceeds to step 403 of method 400. If the UUID 230 is not present in the network state model 178, the smart network host device 120 knows that the client device 130(N) has not been previously associated with the smart network 102 via a suitable ID device 136(N) and therefore cannot be an authorized client device on the smart network 102. Consequently, the smart network host device 120 will not respond to the client device 130(N) or service making the registration request, and the client device 130(N) or service will neither be aware of nor have the ability to connect to the smart network 102. In an alternative example embodiment, the smart network host device 120 also checks for the presence of the ID device 136(N) connected to or in the proximity of the smart network host device 120 before proceeding to step 403 of method 400. The presence of the ID device 136(N) disposed on or near the smart network host device 120 provides an additional layer of security for the smart network 102 that prevents unauthorized devices from even attempting to access or register with the smart network 102.
  • In step 403, based on the determination that the client device 130(N) or service making the registration request has been previously associated with the smart network 102 via the ID device 136(N), the smart network host device 120 initiates a secure password authentication protocol with the client device 130(N) or service. The secure password authentication protocol is a protocol handshake between the client device 130(N) and the smart network host device 120, and is used to set up a secure connection between the smart network host device 120 and the client device 136(N). Such a protocol includes a dual challenge mechanism, in which the authorization credential 240 is never broadcast between the client device 130(N) and the smart network host device 120. Instead, using encryption algorithms known in the art, the client device 130(N) proves to the smart network host device 120 that the client device 130(N) has the authorization credential 240 and the smart network host device 120 proves to the client device 130(N) that the smart network host device 120 also has the authorization credential 240. If either device fails to provide the correct information during such a protocol handshake, the other device terminates the session and no network connection will be established therebetween. Upon successful completion of the secure password authentication protocol, method 400 proceeds to step 404.
  • In step 404, the smart network host device 120 registers the client device 130(N) or service with the smart network 102. Upon registration of the client device 130(N), the smart network host device 120 and the client device 130(N) each create a session key based on the authorization credential 240, which is known to both. Since an identical authorization credential 240 is used by both the smart network host device 120 and the client device 130(N), the session key created by each is identical to the other. Thus, all subsequent messages between the smart network host device 120 and the client device 130(N) can be encrypted based on this session key, so that a secure connection is maintained between the smart network host device 120 and the client device 130(N). Specifically, for the duration of the session, both the smart network host device 120 and the client device 130(N) only accept messages correctly encrypted with this session key. It is noted that the session key created in step 404 is not broadcast or otherwise transmitted between the smart network host device 120 and the registered client device 130(N) or service, and is only used as an encryption key for encrypting and decrypting messages between the smart network host device 120 and the registered client device 130(N) or service.
  • In some example embodiments, an additional step 405 is performed when a user has removed the ID device 136(N) from close proximity to the smart network host device 120 and/or physically disconnected the ID device 136(N) from the smart network host device 120. In step 405, the smart network host device 120 detects that the ID device 136(N) is no longer present, and, in response, automatically terminates the association of the client device 130(N) with the smart network 102. Thus, in such example embodiments, a user may disconnect a client device or service by simply removing the associated ID device 136(N) from the smart network host device 120. In other example embodiments, the smart network host device 120 does not terminate the association of the client device 130(N) with the smart network 102 upon detecting the removal or disconnection of the ID device 136(N) from the smart network host device 120.
  • In sum, example embodiments of the invention provide systems and methods for automatically registering a client device or service with a smart network. A network association apparatus automatically provides identification information and an authorization credential that are associated with the client device or service to be connected to a wireless network. The network association apparatus advantageously enables the host device of the wireless network to automatically associate the client device or service to the wireless network with little or no user involvement required, while providing an additional layer of security to the process of accessing the wireless network. The added security layer stems from the required possession of the network association apparatus and its proximity to the smart network host device in order to associate a client device or service to the smart network.
  • One embodiment of the invention may be implemented as a program product for use with a computer system. The program(s) of the program product define functions of the embodiments (including the methods described herein) and can be contained on a variety of computer-readable storage media. Illustrative computer-readable storage media include, but are not limited to: (i) non-writable storage media (e.g., read-only memory devices within a computer such as CD-ROM disks readable by a CD-ROM drive, flash memory, ROM chips or any type of solid-state non-volatile semiconductor memory) on which information is permanently stored; and (ii) writable storage media (e.g., floppy disks within a diskette drive or hard-disk drive or any type of solid-state random-access semiconductor memory) on which alterable information is stored.
  • While the foregoing is directed to certain example embodiments of the present invention, other and further embodiments of the invention may be devised without departing from the basic scope thereof. Therefore, the scope of the present invention is determined by the claims that follow.

Claims (20)

1. A method, comprising:
obtaining identification information and an authorization credential associated with a client device or service;
receiving a registration request from the client device or service that includes the identification information, wherein the registration request is for registering the client device or service with a wireless home network;
in response, determining that the client device or service is currently associated with the wireless home network;
initiating a secure password authentication protocol with the client device or service; and
after completing the secure password authentication protocol, registering the client device or service with the wireless home network.
2. The method of claim 1, wherein obtaining the identification information and the authorization credential comprises:
detecting the presence of an apparatus associated with the client device or service; and
obtaining the identification information and the authorization credential from the apparatus.
3. The method of claim 2, further comprising:
detecting that the apparatus associated with the client device or service is no longer present; and
in response, terminating the registration of the client device or service with the wireless home network.
4. The method of claim 2, wherein the apparatus comprises a near field radio frequency identification (RFID) tag, a universal serial bus (USB) drive manufactured with write-protected encrypted bits, an optical disk with manufactured keys, or a secure digital (SD) memory card with digital rights management (DRM) features.
5. The method of claim 1, wherein the identification information comprises a media access control (MAC) address associated with the client device.
6. The method of claim 1, wherein determining that the client device or service is currently associated with the wireless home network comprises confirming the identification information received in the registration request matches the obtained identification information.
7. The method of claim 1, wherein the authorization credential acts as an encryption key when initiating the secure password authentication protocol.
8. The method of claim 1, wherein registering the client device or service with the wireless home network comprises creating a session key based on the authorization credential.
9. The method of claim 1, wherein receiving the registration request from the client device or service comprises receiving the registration request via a network extender device or a network connector device.
10. A computer-readable medium including instructions that, when executed by a processing unit, cause the processing unit to perform the steps of:
obtaining identification information and an authorization credential associated with a client device or service;
receiving a registration request from the client device or service that includes the identification information, wherein the registration request is for registering the client device or service with a wireless home network;
in response, determining that the client device or service is currently associated with the wireless home network;
initiating a secure password authentication protocol with the client device or service; and
after completing the secure password authentication protocol, registering the client device or service with the wireless home network.
11. The computer-readable medium of claim 10, wherein obtaining the identification information and the authorization credential comprises:
detecting the presence of an apparatus associated with the client device or service; and
obtaining the identification information and the authorization credential from the apparatus.
12. The computer-readable medium of claim 11, the steps further comprising:
detecting that the apparatus associated with the client device or service is no longer present; and
in response, terminating the registration of the client device or service with the wireless home network.
13. The computer-readable medium of claim 11, wherein the apparatus comprises a near field radio frequency identification (RFID) tag, a universal serial bus (USB) drive manufactured with write-protected encrypted bits, an optical disk with manufactured keys, or a secure digital (SD) memory card with digital rights management (DRM) features.
14. The computer-readable medium of claim 10, wherein the identification information comprises a media access control (MAC) address associated with the client device.
15. The computer-readable medium of claim 10, wherein determining that the client device or service is currently associated with the wireless home network comprises confirming the identification information received in the registration request matches the obtained identification information.
16. The computer-readable medium of claim 10, wherein the authorization credential acts as an encryption key when initiating the secure password authentication protocol.
17. The computer-readable medium of claim 10, wherein registering the client device or service with the wireless home network comprises creating a session key based on the authorization credential.
18. The computer-readable medium of claim 10, wherein receiving the registration request from the client device or service comprises receiving the registration request via a network extender device or a network connector device.
19. A system, comprising a smart network host device located within a wireless home network that is configured to:
obtain identification information and an authorization credential associated with a client device or service;
receive a registration request from the client device or service that includes the identification information, wherein the registration request is for registering the client device or service with the wireless home network;
in response, determine that the client device or service is currently associated with the wireless home network;
initiate a secure password authentication protocol with the client device or service; and
after completing the secure password authentication protocol, register the client device or service with the wireless home network.
20. The system of claim 10, wherein the smart network host device includes an RFID reader configured to read information from an apparatus associated with the client device or service.
US13/092,082 2010-04-22 2011-04-21 Method of adding a client device or service to a wireless network Abandoned US20110265151A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
US32707210P true 2010-04-22 2010-04-22
US13/092,082 US20110265151A1 (en) 2010-04-22 2011-04-21 Method of adding a client device or service to a wireless network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US13/092,082 US20110265151A1 (en) 2010-04-22 2011-04-21 Method of adding a client device or service to a wireless network

Publications (1)

Publication Number Publication Date
US20110265151A1 true US20110265151A1 (en) 2011-10-27

Family

ID=44816711

Family Applications (4)

Application Number Title Priority Date Filing Date
US13/092,079 Active 2031-08-10 US8627420B2 (en) 2010-04-22 2011-04-21 Apparatus for associating a client device or service with a wireless network
US13/092,082 Abandoned US20110265151A1 (en) 2010-04-22 2011-04-21 Method of adding a client device or service to a wireless network
US13/092,054 Active 2032-04-18 US8650311B2 (en) 2010-04-22 2011-04-21 Client device configured to connect with a home network
US13/092,049 Active 2032-07-04 US8626921B2 (en) 2010-04-22 2011-04-21 Device and service management based on layer 2 through layer 7 device attributes

Family Applications Before (1)

Application Number Title Priority Date Filing Date
US13/092,079 Active 2031-08-10 US8627420B2 (en) 2010-04-22 2011-04-21 Apparatus for associating a client device or service with a wireless network

Family Applications After (2)

Application Number Title Priority Date Filing Date
US13/092,054 Active 2032-04-18 US8650311B2 (en) 2010-04-22 2011-04-21 Client device configured to connect with a home network
US13/092,049 Active 2032-07-04 US8626921B2 (en) 2010-04-22 2011-04-21 Device and service management based on layer 2 through layer 7 device attributes

Country Status (1)

Country Link
US (4) US8627420B2 (en)

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120162538A1 (en) * 2010-12-28 2012-06-28 Comcast Interactive Media, Llc Communication, Monitoring and Control Architecture and Method
US20130219471A1 (en) * 2012-02-20 2013-08-22 Michael Stephen Brown Establishing connectivity between an enterprise security perimeter of a device and an enterprise
US20130241697A1 (en) * 2012-03-14 2013-09-19 Digi International Inc. Spatially aware smart device provisioning
US20130276076A1 (en) * 2010-09-15 2013-10-17 Vivek Gupta Mobile device and method for secure on-line sign-up and provisioning for wi-fi hotspots using soap-xml techniques
WO2014130920A1 (en) * 2013-02-25 2014-08-28 Actividentity, Inc. Secure access to secure access module-enable machine using personal security device
US8857704B2 (en) 2012-01-13 2014-10-14 Logic PD, Inc. Methods for embedding device-specific data to enable remote access to real time device data
US8857705B2 (en) 2012-01-13 2014-10-14 Logic PD, Inc. Methods for embedding device-specific data to enable remote identification and provisioning of specific devices
US20150288670A1 (en) * 2012-09-28 2015-10-08 Hewlett-Packard Development Company, L.P. Qr code utilization in self-registration in a network
US9160693B2 (en) 2010-09-27 2015-10-13 Blackberry Limited Method, apparatus and system for accessing applications and content across a plurality of computers
US9253081B2 (en) 2012-11-15 2016-02-02 Cisco Technology, Inc. Trigger message routing according to a service class
US9258295B1 (en) 2012-08-31 2016-02-09 Cisco Technology, Inc. Secure over-the-air provisioning for handheld and desktop devices and services
US9313099B2 (en) 2012-01-13 2016-04-12 Logic PD, Inc. Systems, devices and methods for provisioning, pairing and activating a newly manufactured device for automatic joining of customer's network
US20160117124A1 (en) * 2013-12-31 2016-04-28 Yong-Gu KWON Storage System Having Security Storage Device and Management System Therefor
WO2016173977A1 (en) 2015-04-30 2016-11-03 Deutsche Telekom Ag Actuating home automation functions
US9628990B2 (en) 2011-09-09 2017-04-18 Intel Corporation Mobile device and method for secure on-line sign-up and provisioning for Wi-Fi hotspots using SOAP-XML techniques

Families Citing this family (37)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110274029A1 (en) * 2010-05-10 2011-11-10 Comcast Cable Communications, Llc Wireless Range Extender
US8868694B2 (en) * 2011-06-08 2014-10-21 Cisco Technology, Inc. Configuring multiple network devices in a setup flow
US9198038B2 (en) * 2011-06-13 2015-11-24 Qualcomm Incorporated Apparatus and methods of identity management in a multi-network system
US8838764B1 (en) 2011-09-13 2014-09-16 Amazon Technologies, Inc. Hosted network management
KR20130069047A (en) * 2011-12-16 2013-06-26 삼성전자주식회사 Communication apparatus and method
CN106879047A (en) * 2012-05-02 2017-06-20 阿里巴巴集团控股有限公司 Method for near-field information transmission, information transmitting client, information receiving client and information system
US9565622B2 (en) * 2012-07-05 2017-02-07 Qualcomm Incorporated Detecting services provided by a wireless node before device discovery and connection establishment
CN102843278B (en) * 2012-08-31 2015-11-25 鸿富锦精密工业(深圳)有限公司 Smart home network system and registered with the home appliance control device registration method
US9112844B2 (en) 2012-12-06 2015-08-18 Audible, Inc. Device credentialing for network access
CN103906068B (en) * 2012-12-26 2017-07-21 华为技术有限公司 Method and apparatus to create a virtual base station
US9535681B2 (en) * 2013-03-15 2017-01-03 Qualcomm Incorporated Validating availability of firmware updates for client devices
US9781192B2 (en) 2013-01-25 2017-10-03 Qualcomm Incorporated Device management service
US9264905B2 (en) * 2013-02-21 2016-02-16 Digi International Inc. Establishing secure connection between mobile computing device and wireless hub using security credentials obtained from remote security credential server
CN104079543B (en) * 2013-03-29 2017-06-06 珠海格力电器股份有限公司 Acquisition method, apparatus and system for smart home system monitoring authority
KR20150009807A (en) * 2013-07-17 2015-01-27 삼성전자주식회사 Method and apparatus for communication using smart module in home network system
WO2015012749A1 (en) * 2013-07-26 2015-01-29 Telefonaktiebolaget L M Ericsson (Publ) Method, alert control device, street light, computer program and computer program product for alerting traffic
US9451381B2 (en) * 2013-08-06 2016-09-20 Time Warner Cable Enterprises Llc Automated provisioning of managed services in a Wi-Fi capable client device
CN103501501B (en) * 2013-10-09 2017-03-01 中磊电子(苏州)有限公司 Wireless LAN systems, remote control network system, and a method of setting a wireless network detection
WO2015063146A1 (en) * 2013-11-01 2015-05-07 Thomson Licensing Methods for a link recovery of a wireless network and respective devices
CN103607446B (en) * 2013-11-15 2017-06-27 四川长虹电器股份有限公司 Cloud intelligent home control system
US9584631B2 (en) * 2013-12-03 2017-02-28 Verizon Patent And Licensing Inc. Providing out-of-band control and backup via a cellular connection
US9075773B1 (en) 2014-05-07 2015-07-07 Igneous Systems, Inc. Prioritized repair of data storage failures
US9201735B1 (en) 2014-06-25 2015-12-01 Igneous Systems, Inc. Distributed storage data repair air via partial data rebuild within an execution path
US9503965B2 (en) * 2014-07-14 2016-11-22 Verizon Patent And Licensing Inc. Set-top box setup via near field communication
CN105451296A (en) * 2014-08-25 2016-03-30 宇龙计算机通信科技(深圳)有限公司 Network channel selection method and mobile terminal
US9985799B2 (en) * 2014-09-05 2018-05-29 Alcatel-Lucent Usa Inc. Collaborative software-defined networking (SDN) based virtual private network (VPN)
US10104132B2 (en) * 2014-10-08 2018-10-16 Google Llc Network-assisted fabric pairing
US9590976B2 (en) 2014-10-08 2017-03-07 Google Inc. Network-assisted fabric pairing
US9098451B1 (en) 2014-11-21 2015-08-04 Igneous Systems, Inc. Shingled repair set for writing data
CN105744594A (en) * 2014-12-12 2016-07-06 青岛海尔科技有限公司 Method and device for accessing network and input device
CN104540184B (en) * 2014-12-15 2018-09-25 小米科技有限责任公司 Method and apparatus for network equipment
US9276900B1 (en) * 2015-03-19 2016-03-01 Igneous Systems, Inc. Network bootstrapping for a distributed storage system
US9572034B1 (en) * 2015-09-10 2017-02-14 Symantec Corporation Systems and methods for securing wireless networks
CN105392138A (en) * 2015-10-20 2016-03-09 广东欧珀移动通信有限公司 Method and system for joining intelligent terminal to network system, and control terminal
CN105591812A (en) * 2015-10-29 2016-05-18 杭州华三通信技术有限公司 Smart home configuration method and device
US10334438B2 (en) 2016-06-21 2019-06-25 ANI Technologies Private Limited System and method for creating and managing wireless networks
US10169567B1 (en) * 2017-11-21 2019-01-01 Lockheed Martin Corporation Behavioral authentication of universal serial bus (USB) devices

Citations (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040073797A1 (en) * 2002-10-08 2004-04-15 Fascenda Anthony C. Localized network authentication and security using tamper-resistant keys
US7178034B2 (en) * 2002-12-31 2007-02-13 Intel Corporation Method and apparatus for strong authentication and proximity-based access retention
US20070109103A1 (en) * 2005-09-07 2007-05-17 California Institute Of Technology Commercial product activation and monitoring using radio frequency identification (RFID) technology
US20070152058A1 (en) * 2006-01-05 2007-07-05 Yeakley Daniel D Data collection system having reconfigurable data collection terminal
US7328045B2 (en) * 2003-12-24 2008-02-05 Robert Bosch Gmbh Secure and intuitive method for wireless network set-up and associated device and system
US7360087B2 (en) * 2003-05-02 2008-04-15 Giritech A/S Pervasive, user-centric network security enabled by dynamic datagram switch and an on-demand authentication and encryption scheme through mobile intelligent data carriers
US20080123557A1 (en) * 2005-06-09 2008-05-29 Whirlpool Corporation Appliance network for a networked appliance with a network binder accessory
US20090016568A1 (en) * 2007-07-13 2009-01-15 International Business Machines Corporation Apparatus for observing and capturing latent images on objects, and method for using same
US20090100153A1 (en) * 2005-06-09 2009-04-16 Whirlpool Corporation Method of self servicing an appliance
US7634802B2 (en) * 2005-01-26 2009-12-15 Microsoft Corporation Secure method and system for creating a plug and play network
US20100063887A1 (en) * 2008-09-10 2010-03-11 MEK Enterprises, LLC Method of reusing shipping and packing materials
US20100101661A1 (en) * 2008-10-28 2010-04-29 Eco Rebox Llc Reusable shipping and packing materials and method of use
US20100153220A1 (en) * 2008-09-10 2010-06-17 Eco Rebox Llc Method of reusing shipping and packing materials
US20100274859A1 (en) * 2007-05-24 2010-10-28 Asim Bucuk Method And System For The Creation, Management And Authentication Of Links Between Entities
US7860254B2 (en) * 2003-03-13 2010-12-28 Hamdy Soliman Computer system security via dynamic encryption
US7890634B2 (en) * 2005-03-18 2011-02-15 Microsoft Corporation Scalable session management
US20110072700A1 (en) * 2009-09-30 2011-03-31 Dominick Theresa Color Coded Marking System for all formats of USB Flash Drives and SD Memory Cards
US20110231659A1 (en) * 2010-03-19 2011-09-22 Alok Kumar Sinha Out-of-Band Session Key Information Exchange
US8290146B2 (en) * 2007-01-19 2012-10-16 Mitsubishi Electric Corporation Ciphertext generating apparatus, cryptographic communication system, and group parameter generating apparatus
US8392702B2 (en) * 2007-07-27 2013-03-05 General Instrument Corporation Token-based management system for PKI personalization process

Family Cites Families (39)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1717679B1 (en) * 1998-01-26 2016-09-21 Apple Inc. Method for integrating manual input
US6604140B1 (en) * 1999-03-31 2003-08-05 International Business Machines Corporation Service framework for computing devices
CA2305249A1 (en) * 2000-04-14 2001-10-14 Branko Sarcanin Virtual safe
KR101015341B1 (en) * 2000-04-24 2011-02-16 비자 인터내셔날 써비스 어쏘시에이션 Online payment authentication services
US8131870B1 (en) * 2001-05-24 2012-03-06 Cisco Technology, Inc. Method and apparatus for registering a mobile object on a foreign network
US8616984B2 (en) * 2002-06-12 2013-12-31 Igt Intelligent player tracking card and wagering token tracking techniques
US7499983B2 (en) * 2002-05-06 2009-03-03 Micron Technology, Inc. Web dispatch service
US8037202B2 (en) * 2002-10-31 2011-10-11 Oracle America, Inc. Presence detection using mobile agents in peer-to-peer networks
KR100456636B1 (en) * 2002-11-25 2004-11-10 한국전자통신연구원 Architecture of look-up service in jini-based home network supporting ieee 1394 and tcp/ip and method thereof
US7633909B1 (en) * 2002-12-20 2009-12-15 Sprint Spectrum L.P. Method and system for providing multiple connections from a common wireless access point
US7756928B1 (en) * 2002-12-30 2010-07-13 Aol Inc. Interoperability using a local proxy server
US7533141B2 (en) * 2003-01-24 2009-05-12 Sun Microsystems, Inc. System and method for unique naming of resources in networked environments
US20050276229A1 (en) * 2003-03-31 2005-12-15 Mohammad Torabi Service discovery method in a network
US7930214B2 (en) * 2003-05-05 2011-04-19 Intel Corporation Management and arbitration of mobile service discovery
EP1763766A4 (en) * 2004-05-04 2009-04-01 Robert M Price System and method for communicating with electronic devices
WO2006063118A2 (en) * 2004-12-07 2006-06-15 Pure Networks, Inc. Network management
US7535880B1 (en) * 2005-01-13 2009-05-19 2Wire, Inc. Method and apparatus for controlling wireless access to a network
US7647048B2 (en) * 2005-03-31 2010-01-12 Alcatel-Lucent Usa Inc. Selecting a hidden network to connect a user to a wireless local area network
US8116287B2 (en) * 2005-07-29 2012-02-14 Microsoft Corporation Transmitting a communication from a wireless access point indicating hidden networks
US7583684B2 (en) * 2005-08-24 2009-09-01 The Boeing Corporation Automatic commandable SSID switching
US20070159997A1 (en) * 2006-01-10 2007-07-12 Hsiu-Ping Tsai Wireless Security Setup between Station and AP Supporting MSSID
WO2007096884A2 (en) * 2006-02-22 2007-08-30 Elad Barkan Wireless internet system and method
US20070205275A1 (en) * 2006-03-06 2007-09-06 First Data Corporation Portable point of sale systems and methods
US8165101B2 (en) * 2006-09-29 2012-04-24 Microsoft Corporation Automatic detection of hidden networks
US7924793B2 (en) * 2006-11-20 2011-04-12 At&T Intellectual Property I, L.P. Methods and apparatus to manage bandwidth in a wireless network
CN101262670B (en) * 2007-03-09 2012-01-25 鸿富锦精密工业(深圳)有限公司 Mobile device, communication system and connection establishment method
US8898128B2 (en) * 2007-05-07 2014-11-25 Nokia Corporation Content storing device query
US8239479B2 (en) * 2007-06-22 2012-08-07 Microsoft Corporation Server-assisted and peer-to-peer synchronization
JP4887431B2 (en) * 2007-12-28 2012-02-29 パナソニック株式会社 Communication device
JP4506856B2 (en) * 2008-03-10 2010-07-21 ソニー株式会社 Communication apparatus, and communication method
US7996394B2 (en) * 2008-07-17 2011-08-09 International Business Machines Corporation System and method for performing advanced search in service registry system
US8977673B2 (en) * 2008-08-29 2015-03-10 Red Hat, Inc. Information on availability of services provided by publish-subscribe service
US8116749B2 (en) * 2008-09-08 2012-02-14 Proctor Jr James Arthur Protocol for anonymous wireless communication
JP5419895B2 (en) * 2008-12-26 2014-02-19 パナソニック株式会社 Communication device
AU2010271246A1 (en) * 2009-07-09 2012-03-01 Cubic Corporation ID application for NFC-enabled mobile device
US8396489B2 (en) * 2009-12-17 2013-03-12 Pokos Communications Corp Method and system for transmitting and receiving messages
KR20120099782A (en) * 2009-12-22 2012-09-11 준코 스기나카 User authentication method, user authentication system, and portable communications terminal
US9220054B2 (en) * 2009-12-22 2015-12-22 Intel Corporation Enhanced service discovery mechanism in wireless communication system
US8380177B2 (en) * 2010-04-09 2013-02-19 Paydiant, Inc. Mobile phone payment processing methods and systems

Patent Citations (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040073797A1 (en) * 2002-10-08 2004-04-15 Fascenda Anthony C. Localized network authentication and security using tamper-resistant keys
US7178034B2 (en) * 2002-12-31 2007-02-13 Intel Corporation Method and apparatus for strong authentication and proximity-based access retention
US7860254B2 (en) * 2003-03-13 2010-12-28 Hamdy Soliman Computer system security via dynamic encryption
US7360087B2 (en) * 2003-05-02 2008-04-15 Giritech A/S Pervasive, user-centric network security enabled by dynamic datagram switch and an on-demand authentication and encryption scheme through mobile intelligent data carriers
US7328045B2 (en) * 2003-12-24 2008-02-05 Robert Bosch Gmbh Secure and intuitive method for wireless network set-up and associated device and system
US7634802B2 (en) * 2005-01-26 2009-12-15 Microsoft Corporation Secure method and system for creating a plug and play network
US7890634B2 (en) * 2005-03-18 2011-02-15 Microsoft Corporation Scalable session management
US20090100153A1 (en) * 2005-06-09 2009-04-16 Whirlpool Corporation Method of self servicing an appliance
US20080123557A1 (en) * 2005-06-09 2008-05-29 Whirlpool Corporation Appliance network for a networked appliance with a network binder accessory
US20070109103A1 (en) * 2005-09-07 2007-05-17 California Institute Of Technology Commercial product activation and monitoring using radio frequency identification (RFID) technology
US20070152058A1 (en) * 2006-01-05 2007-07-05 Yeakley Daniel D Data collection system having reconfigurable data collection terminal
US8290146B2 (en) * 2007-01-19 2012-10-16 Mitsubishi Electric Corporation Ciphertext generating apparatus, cryptographic communication system, and group parameter generating apparatus
US20100274859A1 (en) * 2007-05-24 2010-10-28 Asim Bucuk Method And System For The Creation, Management And Authentication Of Links Between Entities
US20090016568A1 (en) * 2007-07-13 2009-01-15 International Business Machines Corporation Apparatus for observing and capturing latent images on objects, and method for using same
US8392702B2 (en) * 2007-07-27 2013-03-05 General Instrument Corporation Token-based management system for PKI personalization process
US20100153220A1 (en) * 2008-09-10 2010-06-17 Eco Rebox Llc Method of reusing shipping and packing materials
US20100063887A1 (en) * 2008-09-10 2010-03-11 MEK Enterprises, LLC Method of reusing shipping and packing materials
US20100101661A1 (en) * 2008-10-28 2010-04-29 Eco Rebox Llc Reusable shipping and packing materials and method of use
US20110072700A1 (en) * 2009-09-30 2011-03-31 Dominick Theresa Color Coded Marking System for all formats of USB Flash Drives and SD Memory Cards
US20110231659A1 (en) * 2010-03-19 2011-09-22 Alok Kumar Sinha Out-of-Band Session Key Information Exchange

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
"USB-IF Logo Trademark License Agreement and Usage Guidelines" published by USB.org retrieved from http://web.archive.org using URL www.usb.org/developers/logo_license archived on Feb 8, 2009 *

Cited By (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9258706B2 (en) * 2010-09-15 2016-02-09 Intel Corporation Mobile device and method for secure on-line sign-up and provisioning for wi-fi hotspots using SOAP-XML techniques
US20130276076A1 (en) * 2010-09-15 2013-10-17 Vivek Gupta Mobile device and method for secure on-line sign-up and provisioning for wi-fi hotspots using soap-xml techniques
US9160693B2 (en) 2010-09-27 2015-10-13 Blackberry Limited Method, apparatus and system for accessing applications and content across a plurality of computers
US20120162538A1 (en) * 2010-12-28 2012-06-28 Comcast Interactive Media, Llc Communication, Monitoring and Control Architecture and Method
US9628990B2 (en) 2011-09-09 2017-04-18 Intel Corporation Mobile device and method for secure on-line sign-up and provisioning for Wi-Fi hotspots using SOAP-XML techniques
US8857704B2 (en) 2012-01-13 2014-10-14 Logic PD, Inc. Methods for embedding device-specific data to enable remote access to real time device data
US8857705B2 (en) 2012-01-13 2014-10-14 Logic PD, Inc. Methods for embedding device-specific data to enable remote identification and provisioning of specific devices
US9313099B2 (en) 2012-01-13 2016-04-12 Logic PD, Inc. Systems, devices and methods for provisioning, pairing and activating a newly manufactured device for automatic joining of customer's network
US9015809B2 (en) * 2012-02-20 2015-04-21 Blackberry Limited Establishing connectivity between an enterprise security perimeter of a device and an enterprise
US20130219471A1 (en) * 2012-02-20 2013-08-22 Michael Stephen Brown Establishing connectivity between an enterprise security perimeter of a device and an enterprise
US20160269851A1 (en) * 2012-03-14 2016-09-15 Digi International Inc. Spatially aware smart device provisioning
US20130241697A1 (en) * 2012-03-14 2013-09-19 Digi International Inc. Spatially aware smart device provisioning
US9351094B2 (en) * 2012-03-14 2016-05-24 Digi International Inc. Spatially aware smart device provisioning
US9894459B2 (en) * 2012-03-14 2018-02-13 Digi International Inc. Spatially aware smart device provisioning
US9450951B2 (en) 2012-08-31 2016-09-20 Cisco Technology, Inc. Secure over-the-air provisioning solution for handheld and desktop devices and services
US9258295B1 (en) 2012-08-31 2016-02-09 Cisco Technology, Inc. Secure over-the-air provisioning for handheld and desktop devices and services
US20150288670A1 (en) * 2012-09-28 2015-10-08 Hewlett-Packard Development Company, L.P. Qr code utilization in self-registration in a network
US9253081B2 (en) 2012-11-15 2016-02-02 Cisco Technology, Inc. Trigger message routing according to a service class
WO2014130920A1 (en) * 2013-02-25 2014-08-28 Actividentity, Inc. Secure access to secure access module-enable machine using personal security device
US9722999B2 (en) 2013-02-25 2017-08-01 Assa Abloy Ab Secure access to secure access module-enabled machine using personal security device
US20160117124A1 (en) * 2013-12-31 2016-04-28 Yong-Gu KWON Storage System Having Security Storage Device and Management System Therefor
US9619161B2 (en) * 2013-12-31 2017-04-11 Sung Gon Cho Storage system having security storage device and management system therefor
WO2016173977A1 (en) 2015-04-30 2016-11-03 Deutsche Telekom Ag Actuating home automation functions
DE102015106742A1 (en) 2015-04-30 2016-11-03 Deutsche Telekom Ag Controlling functions of home automation

Also Published As

Publication number Publication date
US8627420B2 (en) 2014-01-07
US20110265154A1 (en) 2011-10-27
US20110264730A1 (en) 2011-10-27
US8626921B2 (en) 2014-01-07
US8650311B2 (en) 2014-02-11
US20110282936A1 (en) 2011-11-17

Similar Documents

Publication Publication Date Title
CN101953192B (en) Method and apparatus for managing subscription credentials in a wireless communication device
US9602471B2 (en) Device introduction and access control framework
CN101442527B (en) Remote provisioning utilizing device identifier
CN101534505B (en) Communication apparatus and communication method
US7406323B2 (en) Communication system and method, information processing terminal and method, and information processing apparatus and method
US7511848B2 (en) Method and system for configuring an electronic device
JP4701172B2 (en) System and method for controlling access to a network using a redirect
US9132790B2 (en) In-vehicle network system
US8626921B2 (en) Device and service management based on layer 2 through layer 7 device attributes
EP3023899A1 (en) Proximity authentication system
US6792474B1 (en) Apparatus and methods for allocating addresses in a network
EP1655922A1 (en) Authentication method and system, and information processing method and apparatus
JP4545197B2 (en) Wireless network system and a communication method using the same
US8924716B2 (en) Communication device and communication method
EP1898592B1 (en) Peer-to-peer communication method for near field communication
US20050246770A1 (en) Establishing computing trust with a staging area
JP4290529B2 (en) Access point, terminal, the encryption key setting system, the encryption key setting method, and a program
EP1553746B1 (en) Configuring network settings of thin client devices using portable storage media
US7325134B2 (en) Localized network authentication and security using tamper-resistant keys
US7986642B2 (en) Wireless network system, and wireless device included in the system
US7562385B2 (en) Systems and methods for dynamic authentication using physical keys
US20030028808A1 (en) Network system, authentication method and computer program product for authentication
JP4509446B2 (en) How to register device in a wireless network
US7934005B2 (en) Subnet box
US7840688B2 (en) Information processing device, server client system, method, and computer program

Legal Events

Date Code Title Description
AS Assignment

Owner name: CISCO TECHNOLOGY, INC., CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:FURLAN, JOHN;DATTAGUPTA, SIDDHARTHA;BAINER, CHRIS;AND OTHERS;SIGNING DATES FROM 20110421 TO 20110617;REEL/FRAME:026657/0314

AS Assignment

Owner name: CISCO CONSUMER PRODUCTS LLC, CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:CISCO TECHNOLOGY, INC.;REEL/FRAME:030008/0057

Effective date: 20130314

AS Assignment

Owner name: LINKSYS LLC, CALIFORNIA

Free format text: CHANGE OF NAME;ASSIGNOR:CISCO CONSUMER PRODUCTS LLC;REEL/FRAME:030091/0889

Effective date: 20130320

AS Assignment

Owner name: WELLS FARGO BANK, NATIONAL ASSOCIATION, AS AGENT,

Free format text: PATENT SECURITY AGREEMENT;ASSIGNOR:CISCO CONSUMER PRODUCTS LLC;REEL/FRAME:030106/0791

Effective date: 20130315

AS Assignment

Owner name: BELKIN INTERNATIONAL, INC., CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:LINKSYS, LLC;REEL/FRAME:032246/0925

Effective date: 20140115

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION