WO2020026271A1 - Système et procédé de connexion et d'authentification automatiques de noeuds dans un environnement iot - Google Patents

Système et procédé de connexion et d'authentification automatiques de noeuds dans un environnement iot Download PDF

Info

Publication number
WO2020026271A1
WO2020026271A1 PCT/IN2019/050563 IN2019050563W WO2020026271A1 WO 2020026271 A1 WO2020026271 A1 WO 2020026271A1 IN 2019050563 W IN2019050563 W IN 2019050563W WO 2020026271 A1 WO2020026271 A1 WO 2020026271A1
Authority
WO
WIPO (PCT)
Prior art keywords
gateway
node
credentials
nodes
server
Prior art date
Application number
PCT/IN2019/050563
Other languages
English (en)
Inventor
Janardhana Swamy
Original Assignee
Janardhana Swamy
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Janardhana Swamy filed Critical Janardhana Swamy
Publication of WO2020026271A1 publication Critical patent/WO2020026271A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2129Authenticate client device independently of the user
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/009Security arrangements; Authentication; Protecting privacy or anonymity specially adapted for networks, e.g. wireless sensor networks, ad-hoc networks, RFID networks or cloud networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/70Services for machine-to-machine communication [M2M] or machine type communication [MTC]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/18Self-organising networks, e.g. ad-hoc networks or sensor networks

Definitions

  • the invention generally relates to a field of Internet of Things (IoT), and more specifically, the invention relates to a system and a method for connection and authentication of IoT devices on an IoT network.
  • IoT Internet of Things
  • IoT Internet of Things
  • provisioning any station or node, together referred as node, to an access point or gateway, together referred as gateway, such as a Wi-Fi access point.
  • IoT devices or devices During manufacturing and shipping of the nodes or gateways, together referred as IoT devices or devices, or groups of IoT devices, it is necessary for all the devices in the to-be connected network to know credentials of each other, in order to establish a connection, authentication, and exchange information securely.
  • this method of deciding the group during manufacturing process allows no flexibility at the user end for using the devices according to the user requirement as all the devices are preconfigured to be used in a particular configuration only.
  • Reconfiguring a device after manufacturing requires a firmware change or a change in a portion of a non-volatile memory of the device with necessary credential, thus becoming an added burden during installation of such devices in the field.
  • reconfiguration of devices would, in many applications, require an application to be downloaded on a smartphone or a similar software application on a local computer to configure such individual devices. While this adds additional work and complexity of field deployment, the user needs to be in the proximity with such devices that need to be configured.
  • the principal object of the invention is to provide a system and method for communication and authentication of the IoT devices.
  • Another object of the invention is to provide an easier and secure method for communication and authentication of the IoT devices.
  • Yet another object of the invention is to enable manufacturing of IoT devices without pre-configuring them to know each other’s credentials.
  • Yet another object of the invention is to provide a simpler method of configuring of the IoT devices at the user end.
  • Yet another object of the invention is to provide a remote configuration of the IoT devices in a network.
  • Yet another object of the invention is to provide a centralized configuring of the IoT devices in a network.
  • Yet another object of the invention is to eliminate the need for downloading any application or software for configuring the IT device in a network.
  • Yet another object of the invention is to eliminate the need for the user to be in the proximity of the IoT devices while configuring the IoT device to work.
  • Yet another object of the invention is to provide the flexibility to change or reconfigure the IoT device any time after their configuration.
  • Yet another object of the invention is to eliminate the need for locally changing firmware or non-volatile memory.
  • the present invention discloses a system and method of automatically authenticating and connecting one or more devices in an IoT environment. In this method, all the devices to be connected in an IoT network need not know credentials of other devices for communication purposes.
  • an electronic device called node
  • each node has a unique identifier assigned to it.
  • This unique identifier can be a combination of a SSID and a password.
  • a gateway is present in the system, and one or many nodes in the system are connected to one gateway. There can be multiple gateways in the IoT network.
  • the gateway is a common device between the nodes and a server.
  • the server comprises information about all the nodes that will be connected to one gateway.
  • the gateway receives information from the server, wherein the information comprises the credentials of the nodes that are to be connected to the gateway.
  • the gateway reconfigures itself by changing its credentials (e.g. SSID and password) to that of the node to be connected. After the reconfiguration, the node is able to recognize the credentials of the gateway and send a connection request as the credentials of the node and the gateway match.
  • the node When the node is powered on, the node looks for a gateway that has the same credentials such as SSID that the node received in its factory settings. Once such a gateway is found the node requests connection with the gateway and the credentials (including SSID and password) of the node are sent to the gateway. The gateway then compares the credentials received (e.g. password) from the server with the credentials received from the node. If the two sets of credentials match each other, the node is connected to the gateway. Thereafter, the gateway adds the node to a list of allowed nodes that can connect to the gateway. Once the node is added to a list of allowed nodes, the node receives a new set of SSID and password (group credentials) as provided by the server or created by the gateway.
  • the gateway reconfigures its credentials to the group credentials and therefore, the gateway and all the allowed nodes have the same new SSID and password (authentication information) thereby forming a group of nodes connected to a gateway.
  • the allowed nodes can connect simultaneously to the gateway whenever they are in range.
  • gateway can also send credentials of the node attempting to connect to the gateway to the server, and the server can further compare the received credentials with the credentials pre-stored in the server to allow a node to connect to the gateway.
  • FIG. 1 depicts/illustrates details of a system that shows interactions between nodes, a gateway and a server in the IoT environment, in accordance with an embodiment of the invention.
  • the present invention discloses, by way of an illustrative embodiment, an IoT device connected to other devices in an IoT environment.
  • IoT i.e. the Internet of Things, further referred to as an IoT network
  • IoT network is understood as a comprehensive network of multiple devices in communication with each other.
  • an IoT device refers to any device or a station capable of being connected to the internet and capable of sending and receiving data.
  • nodes may be a smart thermostat, security systems, home automation systems, smartwatches, sensors, smart devices and the like.
  • a node may also be an individual device such as, but not limited to, a mobile phone, a computer, a laptop and an electronic tablet.
  • a server is a device comprising and regulating information and further comprising credentials of the nodes to be connected in the network.
  • Said server present in the system may be a designated server which may be any server including a cloud-based server, etc. In other embodiments of the invention, there may be more than one designated server.
  • a gateway can be understood as a hardware device that acts as a gate between the server and the nodes.
  • the gateway may be a router, a firewall, access point or any device enabling the flow of traffic in and out of the network.
  • Fig. 1 illustrates/depicts details of a system 100 that shows data interactions between nodes 110, a gateway 112 and a designated server 114 via internet 116.
  • the nodes 110 are manufactured in a way that the credentials of the individual nodes are unknown to each other or to any gateway.
  • the credentials may comprise one or more of a combination of a Service Set Identifier (SSID) and a password unique to individual nodes 110 or any other identifier or a combination of identifiers unique to the individual nodes 110, in a particular group of such nodes 110.
  • SSID Service Set Identifier
  • a particular gateway in an IoT environment may be configured to communicate only with a group of nodes 110 which are allowed to be authenticated by the gateway 112.
  • the gateway may further be configured to reject any communication or authentication process involving nodes 110 which are not present in the authorized group of nodes 110.
  • the nodes 110 Before the nodes 110 are set-up in a network, the nodes 110 may only be capable of powering on or off, without connecting to the internet. In a preferred embodiment, there may be more than two nodes 110 present in the IoT network.
  • the gateway 112 is configured to allow connectivity to the nodes 110 via an authentication process. Said authentication process takes place through the server 114.
  • a designated server 114 or multiple such designated servers 114 may be identified by an IP address or domain name.
  • the designated server 114 comprises credentials (e.g. SSID and password) of the nodes 110 to be connected to the gateway 112.
  • the IoT node 110 will not be accessible to an end-user unless the node has been set-up on the IoT network.
  • the server 114 comprises the credentials of the group of nodes 110 to be set up on a particular IoT network.
  • Each of the groups of nodes 110 comprise a gateway (access point) 112 connected to internet 116.
  • the wireless connectivity between the nodes 110 and the gateway 112 may be established in line with the IEEE 802.11 standards.
  • internet 116 may also be a wired connection such as, but not limited to, LAN, WAN, and the like, or may also be a wireless connection such as Wi-Fi, etc.
  • the credentials of the individual nodes 110 may be stored in the nodes and the gateway on a non-volatile memory disposed on-chip within respective components.
  • an off-chip memory secured with encryption algorithms may be utilized to prevent the data from being compromised.
  • the server 114 connected to the internet 116 is configured to communicate wirelessly with the gateway 112.
  • the credentials of the nodes to be set up on the network are stored in the server 114.
  • the server 114 can only communicate with the gateway 112.
  • the gateway 112 is further utilized to authenticate the nodes 110.
  • the gateway 112 continuously tries to detect and connect with authorized nodes.
  • the nodes may continuously look for an appropriate gateway in accordance with this invention.
  • the server 114 shares the credentials of the one or more node(s) 110 that is to be set up on the network with the gateway 112.
  • the gateway 112 re-configures itself to accommodate the node 110 by changing its credentials similar to the credentials of the node as shared by the server 114.
  • the gateway 112 is configured to wait for a predetermined amount of time in order to recognize the node 110.
  • the node is required to be powered on within a particular range of the gateway 112.
  • the node looks for a gateway that has the same credentials such as SSID that the node received in its factory settings. Once such a gateway 112 is found the node requests connection with the gateway and the credentials (including SSID and password) of the node are sent to the gateway.
  • the gateway compares the credentials received (e.g. password) from the server with the credentials received from the node. If the two sets of credentials match each other, the node is connected to the gateway.
  • the gateway adds the node to a list of allowed nodes that can connect to the gateway.
  • the node receives a new set of SSID and password (group credentials) as provided by the server or created by the gateway.
  • the connection between the node 110 and the gateway 112 is established when the credentials i.e. the unique SSID and the password of the node 110 match the credentials shared by the server 114.
  • more than one node 110 may be connected on the IoT network via the gateway 112.
  • a user purchasing node(s) 110 and gateway 112 may be required to intimate a unique number associated with each node 110 and the gateway 112 to the server 114 as a confirmation of the particular gateway 112 or node 110 being associated with the user. For example, if a user purchases a smart plug, the user may receive a unique number associated with the smart plug that the user may enter into a user interface. This results in the server 114 receiving particulars of the smart plug associated with the user. The server 114 may permit only specific nodes 110 associated with a user to be connected to a gateway associated with the same user. Further, alternatively, the user may be allowed to control which node 110 connects to a gateway 112.
  • the gateway 112 shares a new SSID and a password with the node 110 that can be used to connect to a further network.
  • the process of sharing a new and a common SSID and password with all the connected nodes 110 is implemented in order to have common authentication credentials for all the verified nodes 110 in the network.
  • the presumption on which the aforementioned authentication procedure works is that the manufactured IoT nodes 110 are not configured to know the credentials of the other nodes 110, where the server 114 is the only device comprising the credentials of all the nodes 110 in the particular group.
  • the process of verification and authentication of a node 110, and sharing of the common SSID and password is carried out for every new node 110 that is set-up on the network.
  • IoT nodes 110 there may be multiple IoT nodes 110, gateways 112 and servers 114 on an IoT network. Similarly, multiple users at the user end may have access to the nodes 110 present in the IoT network.
  • the gateway 112 is configured to set up a new SSID and password.
  • the newly computed data is then shared with all the nodes 110 on the network except the node 110 or the group of nodes 110 that are to be isolated from the network.
  • the gateway before disconnecting the node that is to be isolated, informs the node that it is being disconnected. In such a case, the node disconnected will never look for the new credentials it has for the gateway but will only wait for another gateway that has the same credentials as the isolated node’s factory set SSID / credentials.
  • the gateway 112 may be configured to only change the SSID or the password, and may not share the changed credentials with the server 114 to prevent the vulnerability of sensitive information.
  • the process of isolating a node 110 from a network is initiated by an end-user on the server 114.
  • the particular node 110 will not receive updated credentials and will be, hence, unable to communicate with the gateway 112.
  • the end-user may use the abovementioned procedure to re-authenticate the node 110 on the network again.
  • the server sets a common SSID and password for the group of nodes 110 on the network.
  • the gateway only authenticates the nodes 110. This provision is advantageous for simplifying the authentication of new devices that may be connected to the same network.
  • Another advantageous benefit of this process is that it makes the process of disconnecting a node 110 from a gateway 112 easier. Since there is a common credential that is shared with all the nodes 110 except one node, the process of disconnection is simpler and faster. The process also remains secure since the information of the credentials is only shared with the required nodes and within a particular network only.
  • one of the nodes 110 that is to be set-up on the network may act as an access point.
  • the credentials of this node may be shared by the server 114 with the gateway 112. After the establishment of the connection between the node 110 and the gateway 112, the gateway 112 may share the new SSID and the password with the node 110 and the other nodes 110 can utilize this node 110 to connect to the gateway 112.
  • the node after a node is authenticated and connected to the gateway, the node will still continue to search for other gateways based on its factory set credentials. If such a gateway is found, the node may try to connect to such new gateway in the same manner as described above. If no new gateway is found it will continue to stay connected to the gateway that it has been provisioned with. This priority in connecting to a gateway based on factory set SSID even when a node is provisioned with another gateway is helpful to make sure that if the gateway is non functional or not reachable the node is able to connect to another gateway.
  • the gateway will continue to allow the node to reconnect when it comes in wireless range later, unless it has been told by the server not to allow the said node.
  • the node may first look for a gateway based on factory set SSID and password. In case no such gateway is found, it may look for previously paired gateway.
  • the server may inform the gateway with the credentials of the new node.
  • the gateway connects with the new node in the same manner as described above.
  • the new node has the same group credentials and the gateway also reconfigures itself to the same group credentials.
  • the isolation and reconnection mechanism as described herein may be utilized.
  • Fig. 2a illustrates the details of the components and the working of the gateway 112.
  • the gateway comprises of a processor 202 configured to enable the working of the gateway.
  • the gateway is configured with a non volatile memory 206 that holds the factory set authentication details (such as SSID and password) for the gateway and may hold any updated / reconfigured authentication and details in accordance with this invention.
  • the gateway is further configured with an Authentication module 208 that has a credentials verification module 210.
  • the credentials verification module is able to compare the credentials of the nodes with the credentials received from the server in accordance with this invention.
  • the gateway may also comprise of a database 212 that stores credentials of nodes to be authenticated and connected based on the information supplied to it by the server.
  • the database 212 may also store information regarding nodes that have to be isolated.
  • the gateway 112 may comprise a communication module 204 that enables the gateway 112 to communicate with the nodes and the server.
  • Fig 2b illustrates the details of the components and the working of the designated server 114, as depicted.
  • the server 114 comprises a processor 214 configured to enable the working of the server 114.
  • the processor 214 may enable a faster computing of data received and transmitted from the server 114.
  • the designated server 114 may be configured to utilize a communication module 216 to have a communication interface with the end-user and the gateway or the nodes in the IoT network.
  • the server 114 may utilize said communication module 216 to communicate with the gateway 112 (not shown in the figure), and in certain cases, communicate with the nodes 110 (refer Fig. 1).
  • An authentication module 220 is present in the server, further comprising a credentials verification module 222 and a credentials database 224.
  • the credentials database 224 may store the list of nodes that may be permitted to connect to a specific gateway.
  • the information in the database 224 may comprise of the specific node, its factory set SSID, password and any reconfigured credentials (SSID and password), any isolated node and specific restrictions such as number of nodes permitted to connect to a gateway etc.
  • the authentication module is present in the gateway 112.
  • the node When the node is powered on, the node looks for a gateway that has the same credentials such as SSID that the node received in its factory settings. Once such a gateway 112 is found the node requests connection with the gateway and the credentials (including SSID and password) of the node are sent to the gateway. The gateway then compares the credentials received (e.g. password) from the server 114 with the credentials received from the node. If the two sets of credentials match each other, the node is connected to the gateway. Thereafter, the gateway adds the node to a list of allowed nodes that can connect to the gateway. Once the node is added to a list of allowed nodes, the node receives a new set of SSID and password (group credentials) as provided by the server or created by the gateway.
  • SSID SSID
  • password group credentials
  • the connection between the node 110 and the gateway 112 is established when the credentials i.e. the unique SSID and the password of the node 110 match the credentials shared by the server 114.
  • more than one node 110 may be connected on the IoT network via the gateway 112.
  • the credentials database 224 comprises the credentials of all the nodes 110 (refer Fig. 1) that are connected to a gateway 112.
  • the comparison of the credentials of the nodes 110 that are to be connected to a gateway 112 may be carried out within the server 114 via the credentials verification module 222.
  • the gateway 112 may communicate the credentials of the nodes 110 attempting to connect to the gateway 112 to the server 114. Since the credentials database 212 has pre-stored credentials, the credentials verification database 210 may compare the credentials and allow connection of the nodes 110 to the gateway 112 in case the credentials match.
  • the process of verifying the credentials of the nodes 110 takes place at the server 114 end, said process may not take place in the gateway 112. Once the credentials of the nodes 110 sent by the gateway 112 are compared and verified by the authentication module 208, the nodes 110 are connected to the gateway 112 wirelessly.
  • the credentials verification module 210 may be utilized to verify and authenticate new nodes 110 or existing nodes 110 every time they connect to the network.
  • Fig. 3 illustrates in detail the method of verifying and authenticating an IoT node on an IoT network, as depicted at 300.
  • nodes are manufactured in a way such that credentials of each node in the group of manufactured nodes is unknown to the other nodes in the same group and is unknown to the gateway. This detail is only known to the server or may informed to the server at the time of purchase of a node by the user. Further, the manufactured nodes are shipped as required.
  • a gateway is present in the system.
  • the gateway may be manufactured with the nodes, and in other embodiments, the gateway may be manufactured separately.
  • a server present in the system comprises credentials of all the nodes. Communication is established between the server and the gateway, as depicted at step 304.
  • the node When the node is powered on, the node looks for a gateway that has the same credentials such as SSID that the node received in its factory settings. Once such a gateway 112 is found the node requests connection with the gateway and the credentials (including SSID and password) of the node are sent to the gateway. The gateway then compares the credentials received (e.g. password) from the server with the credentials received from the node. If the two sets of credentials match each other, the node is connected to the gateway. Thereafter, the gateway adds the node to a list of allowed nodes that can connect to the gateway. Once the node is added to a list of allowed nodes, the node receives a new set of SSID and password (group credentials) as provided by the server or created by the gateway.
  • the connection between the node 110 and the gateway 112 is established when the credentials i.e. the unique SSID and the password of the node 110 match the credentials shared by the server 114.
  • more than one node 110 may be connected on the IoT network via the gateway 112. Once communication has been established between the server and the gateway, the gateway receives the credentials of the nodes from the server at step 306.
  • the gateway receives credentials from the node.
  • the gateway compares the credentials received from the server and the credentials received from the node. In case the credentials match each other, the node is connected to the gateway.
  • the gateway updates the connected nodes with a common credential, as shown at step 310.
  • the gateway shares another common credential with all connected nodes except for the selected node(s) which are to be disconnected from the gateway. Since the remaining nodes receive the updated credentials, the nodes stay connected to the gateway, except for the selected node(s) that do not receive the new credentials. Thus, the node can be disconnected from the gateway, as shown at step 312.
  • the credentials unique to the nodes are stored in a non-volatile memory disposed within the node.
  • the gateway issues new credentials, the old credentials are over-written with the new credentials, i.e., the gateway updates the credentials as required, as shown at step 314.
  • the IoT nodes will not be required to know the credentials of the other nodes that are to be configured on the same network. This saves the burden on the field support since with the existing methods, configuring a node after production requires the firmware of the node to be changed completely.
  • This method also allows for remote monitoring of the IoT nodes by the end-user as, in a preferred embodiment, important details such as SSID and password are shared between the nodes and the gateway only.
  • the advantages of the disclosed system and method include providing a centralized configuration with utmost security, convenience and flexibility. Additionally, it requires lesser operational overhead, less burden of installation and maintenance. Further, the system and method is easy to manage addition, removal and moving of nodes. Quicker, faster, without additional hardware to be carried, such as phones and laptops. Additionally, no further software is required, and no training needs to be provided to people for managing this system.
  • the foregoing description of the specific embodiments will so fully reveal the general nature of the embodiments herein that others can, by applying current knowledge, readily modify and/or adapt for various applications such specific embodiments without departing from the generic concept, and, therefore, such adaptations and modifications should and are intended to be comprehended within the meaning and range of equivalents of the disclosed embodiments. It is to be understood that the phraseology or terminology employed herein is for the purpose of description and not of limitation. Therefore, while the embodiments herein have been described in embodiments herein can be practiced with modification within the scope of the embodiments as described herein.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • Telephonic Communication Services (AREA)

Abstract

L'invention concerne un système et un procédé d'authentification et de connexion de dispositifs IoT (110) dans un environnement IoT. Le procédé de l'invention consiste à partager l'authentifiant du dispositif (110) par un serveur désigné (114) présent dans un réseau vers une passerelle (112); à reconfigurer la passerelle (112) pour permettre l'accès au dispositif (110) avec l'authentifiant partagé par le serveur désigné (114); et à authentifier le dispositif (110) pour lui permettre d'accéder au réseau. Lorsqu'un dispositif (110) tente de se connecter à une passerelle (112), l'authentifiant du dispositif (110) est comparé à l'authentifiant partagé par le serveur désigné (114). Le dispositif (110) est connecté à la passerelle (112) si les authentifiants comparés concordent l'un avec l'autre. L'invention concerne des procédés d'établissement de connexions sécurisées entre le réseau et les dispositifs (110) aux fins de partager des informations, entre autres.
PCT/IN2019/050563 2018-07-30 2019-07-30 Système et procédé de connexion et d'authentification automatiques de noeuds dans un environnement iot WO2020026271A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
IN201841028645 2018-07-30
IN201841028645 2018-07-30

Publications (1)

Publication Number Publication Date
WO2020026271A1 true WO2020026271A1 (fr) 2020-02-06

Family

ID=69230942

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IN2019/050563 WO2020026271A1 (fr) 2018-07-30 2019-07-30 Système et procédé de connexion et d'authentification automatiques de noeuds dans un environnement iot

Country Status (1)

Country Link
WO (1) WO2020026271A1 (fr)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150026779A1 (en) * 2013-07-16 2015-01-22 Qualcomm Connected Experiences, Inc. Performing remote wi-fi network configuration when a network security protocol is unknown
US20160143028A1 (en) * 2014-11-13 2016-05-19 Verizon Patent And Licensing Inc. Remotely configurable mobile wireless access point device

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150026779A1 (en) * 2013-07-16 2015-01-22 Qualcomm Connected Experiences, Inc. Performing remote wi-fi network configuration when a network security protocol is unknown
US20160143028A1 (en) * 2014-11-13 2016-05-19 Verizon Patent And Licensing Inc. Remotely configurable mobile wireless access point device

Similar Documents

Publication Publication Date Title
US10178095B2 (en) Relayed network access control systems and methods
US10892965B2 (en) Data network management
US11888834B2 (en) Methods and systems for onboarding network equipment
US10826889B2 (en) Techniques for onboarding devices based on multifactor authentication
US12095770B2 (en) Connecting internet of thing (IoT) devices to a wireless network
US10637847B2 (en) Collection of sensor data from sensor devices
US20170339566A1 (en) Wireless terminal
US10212163B1 (en) Method and apparatus for simplified and secured hotspot device connectivity
EP3729310B1 (fr) Authentification de dispositif
WO2017198729A1 (fr) Système pour approvisionner des réseaux iot flexibles sécurisés
US20160088666A1 (en) Method and device for managing the connectivity of a terminal by means of a mobile server in a telecommunications network
US20230107045A1 (en) Method and system for self-onboarding of iot devices
WO2020026271A1 (fr) Système et procédé de connexion et d'authentification automatiques de noeuds dans un environnement iot
US20230078765A1 (en) Method and system for automated secure device registration and provisioning over cellular or wireless network
EP3206423A1 (fr) Dispositif et procédé pour dispositifs de connexion à un réseau
CN110024443B (zh) 用于与网关配对的方法
WO2022026862A1 (fr) Réseau de dispositifs de sécurité automatique
CN112311587A (zh) 用于状态性设备的自动重新配置的机制
US10587432B2 (en) Hardware component and method for a remote terminal to access a local network, corresponding service gateway, access authorization method and computer program
GB2569804A (en) Device authentication
WO2023054935A1 (fr) Procédé et système d'auto-intégration de dispositifs ido
US12041049B1 (en) Internet of things (IoT) systems and methods
GB2618402A (en) Metaverse application gateway connection mechanism for use in a private communication architecture
CN117014177A (zh) 一种用于私有通信架构的元宇宙应用程序网关链接机制
TW201711496A (zh) 配置安全無線網路

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19844492

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19844492

Country of ref document: EP

Kind code of ref document: A1