WO2023096539A1 - Procédé et moyen de confirmation de l'identité de dispositifs - Google Patents

Procédé et moyen de confirmation de l'identité de dispositifs Download PDF

Info

Publication number
WO2023096539A1
WO2023096539A1 PCT/SE2021/051169 SE2021051169W WO2023096539A1 WO 2023096539 A1 WO2023096539 A1 WO 2023096539A1 SE 2021051169 W SE2021051169 W SE 2021051169W WO 2023096539 A1 WO2023096539 A1 WO 2023096539A1
Authority
WO
WIPO (PCT)
Prior art keywords
identity
component
evaluator
identification
evaluee
Prior art date
Application number
PCT/SE2021/051169
Other languages
English (en)
Inventor
Niklas LINDSKOG
Tommy Arngren
Henrik NORMANN
Daniel BERGSTRÖM
Peter ÖKVIST
Patrik Salmela
Bernard Smeets
Original Assignee
Telefonaktiebolaget Lm Ericsson (Publ)
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Telefonaktiebolaget Lm Ericsson (Publ) filed Critical Telefonaktiebolaget Lm Ericsson (Publ)
Priority to PCT/SE2021/051169 priority Critical patent/WO2023096539A1/fr
Publication of WO2023096539A1 publication Critical patent/WO2023096539A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/70Services for machine-to-machine communication [M2M] or machine type communication [MTC]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2129Authenticate client device independently of the user
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2149Restricted operating environment

Definitions

  • the technology disclosed herein relates generally to the field of device integrity, and a method and means are provided for confirming identity of one or more devices.
  • Integrity and security of devices are becoming increasingly important in various environments.
  • home automation also called smart homes
  • new gadgets and devices are introduced in search for making the homes smarter and more efficient in various ways.
  • Internet-connected devices such as smart TVs, security cameras, smart locks, gaming consoles, smart thermostats, may create value but may also pose a risk. Therefore, monitoring and securing a home network, to which such devices are connected, is becoming increasingly important during the whole life cycle of each such device.
  • An objective of the present disclosure is to address and improve various aspects for integrity of devices.
  • a particular objective is to enable a life-long trust of a device in, for instance, a smart home.
  • Another particular objective is to facilitate handling of a home network controlling a smart home.
  • the method comprises creating an identity token based on the identification of the at least one component and on a set of error correcting codes applied on the identification.
  • the method comprises confirming the identity of the evaluee when a comparison between the identity token and an expected identity results in number of deviations being below a set threshold.
  • an evaluator for confirming identity of one or more devices.
  • the one or more devices constitute an evaluee.
  • the evaluator is configured to obtain, from the evaluee, an identification of at least one component in at least one device of the evaluee.
  • the evaluator is configured to create an identity token based on the identification of the at least one component and on a set of error correcting codes applied on the identification.
  • the evaluator is configured to confirm the identity of the evaluee when a comparison between the identity token and an expected identity results in number of deviations being below a set threshold.
  • a computer program for identity confirmation.
  • the computer program comprises computer code which, when run on processing circuitry of an evaluator, causes the evaluator to perform the method according to the first aspect.
  • a computer program product comprises a computer program according to the third aspect, and a computer readable storage medium on which the computer program is stored.
  • Figure 1 is a schematic diagram illustrating embodiments in an exemplary environment.
  • Figure 2 is a flowchart of a method according to embodiments.
  • Figure 3 is a flowchart exemplifying the described method.
  • Figures 4 - 8 illustrate and exemplify various steps of a method.
  • Fig. 9 is a schematic diagram showing functional units of an evaluator according to an embodiment.
  • Fig. 10 is a schematic diagram showing functional modules of an evaluator according to an embodiment.
  • Fig. 11 shows one example of a computer program product comprising computer readable means according to an embodiment.
  • Figure 1 is a schematic diagram illustrating embodiments in an exemplary environment.
  • the various embodiments disclosed herein may be implemented in a number of different environments and for various devices.
  • Embodiments of a method provided herein may, for instance, be performed in a network automation environment.
  • a home automation network 1 is illustrated, but the teachings herein are not limited to this environment, and may be implemented in various other contexts, such as in a mobile network, as a device-to-device connection, as a means of communication with components within a device, or any combination thereof.
  • the home automation network 1 for a home (often denoted smart home) illustrated in figure 1 comprises a home gateway 2.
  • the home gateway 2 may be connected to a number of devices such as, e.g., lighting system, climate controller, alarm system, and various appliances such as e.g., washing machine, television, watches, keys.
  • the home gateway 2 is able to communicate with the devices and appliances.
  • a user may control such devices using, for instance, a laptop, a wireless device (e.g., a mobile phone) or a web interface.
  • two device groups 4b, 4b are illustrated, each device group 4a, 4b comprising a number of components 61, 62,..., 6x.
  • One device group may comprise one or more devices, and each device may comprise one or several components.
  • the evaluee 5 may be embodied as a single device or a group of devices 4a, 4b, as illustrated in figure 1.
  • the components 61, 62,..., 6x within the respective device groups 4a, 4b may, for instance, be hardware components or firmware, or the components 61, 62,..., 6x may be at least one hardware component, at least one software component or any combination thereof.
  • the home automation network 1 may further comprise an evaluator 3 according to the present teachings.
  • the evaluator 3 may, for instance, be a part of, or implemented in the home gateway 2.
  • teachings are described in relation to a few examples, in particular in relation to a home network and in a telecommunication system. However, it is noted that the teachings are not limited to these specific environments but may be implemented in various other environments and devices.
  • the various aspects of the teachings may be embodied e.g., within a device comprising both the evaluator and evaluee; as a wired connection between an evaluator and an evaluee; a wired or wireless network for home, company or public usage wherein an evalutator may be a remote service, e.g., embodied as a cloud-based application.
  • the evaluee may additionally comprise any device or appliance comprising measurable components such as, for instance, mobile phone, tablets, computers, Extended Reality (XR) devices (e.g., hand controllers, headmounted displays (HMD)), industrial equipment, network equipment, manned or unmanned vehicles and cellular base stations.
  • XR Extended Reality
  • HMD headmounted displays
  • the evaluee may also be a group comprising several such devices and/or appliances.
  • Figure 2 is a flowchart of a method io according to embodiments.
  • the method io is performed in an evaluator 3 for confirming identity of one or more devices 4a, 4b.
  • the one or more devices 4a, 4b constitutes the evaluee 5, i.e., the subject for which the identity is to be confirmed.
  • the method 10 comprises obtaining 12, from the evaluee 5, an identification of at least one component 61, 62,..., 6x in the (at least one) device 4a, 4b of the evaluee 5.
  • the identification may be an identity of one or more components 61, 62,..., 6x in one or more of the devices 4a, 4b or of the evaluee 5. In other embodiments the identification maybe an action of one or more components 61, 62,..., 6 X .
  • the identification may be one or more of: an identifying string, a response to a challenge, a list of active processes in the component 61, 62,..., 6 X , power consumption, in- or outgoing traffic from the component 61, 62,..., 6x, electromagnetic emissions from the components 61, 62,..., 6 X , a visual representation (e.g., a 3D model) of the component 61, 62,..., 6 X , and sensor data (such as e.g., temperature, Global Positioning System (GPS) reading or tamper detection) from the component 61, 62,..., 6x.
  • GPS Global Positioning System
  • the method 10 comprises creating 13 an identity token based on the identification of the at least one component 61, 62,..., 6 X and on a set of error correcting codes applied on the identification.
  • the creating 13 may be implemented in a number of different ways.
  • the creating 13 comprises transforming the identification into the identity token by supplying the identification into a one-way function, providing as output the identity token.
  • the creating the set of error correcting codes comprises dividing the expected identity into one or more blocks and deciding a number of errors to be corrected in each block.
  • the one-way function is a fuzzy extractor.
  • a fuzzy extractor is a type of one-way function which produces a hard-to-predict output for a given input. What differs the fuzzy extractor from a regular one-way function is that it allows a certain number of errors in the input. This can be used to implement the setting of a threshold, i.e., for allowable deviations between the identity token and the expected identity.
  • the method comprises applying a set of error correcting codes to the identification.
  • the error correcting codes then corrects input error to the threshold that has been set.
  • the method 10 comprises confirming 14 the identity of the evaluee 5 when a comparison between the identity token and an expected identity results in number of deviations being below a set threshold. It is noted that if a one-way function has been used in the previous step, i.e., in the step of creating 13 the identity token, no deviations between the identity token and the expected identity is allowed.
  • the identification may comprise an identification of at least one component 61, 62,..., 6x in at least one device 4a, 4b or the evaluee and/or an action of the at least one component 61, 62,..., 6x.
  • the identification may an identifying string, a response to a challenge, a list of active processes in the component 61, 62,..., 6 X , power consumption, in- or outgoing traffic from the component 61, 62,..., 6 X , electromagnetic emissions from the components 61, 62,..., 6x, a visual representation (e.g., a 3D model) of the component 61, 62,..., 6x, and sensor data (such as e.g., temperature, Global Positioning System (GPS) reading or tamper detection) from the component 61, 62,..., 6 X ..
  • GPS Global Positioning System
  • the method 10 comprises an initial step of establishing 11 an expected identity of the evaluee 5. This may be done in different ways, for instance, by requesting the expected identity from a trusted party. In other embodiments the expected identity of the evaluee 5 is established by obtaining the error correcting code and a reference token, e.g., from a trusted party, and use them to create the identity token.
  • An evaluator 3 is also provided in various embodiments, configured to perform the herein described embodiments of the method 10. The evaluator 3 may be operative in, for instance, a device, gateway, cloud server or any combination thereof. The evaluator 3 may comprise an algorithm for executing the steps of the method 10, and a secure interface/protocol between the evaluee 5 and the evaluator 3.
  • the evaluator 3 for confirming identity of one or more devices 4a, 4b wherein the one or more devices 4a, 4b constitute an evaluee 5, is configured to obtain, from the evaluee 5, an identification of at least one component 61, 62,..., 6x in at least one device 4a, 4b of the evaluee 5.
  • the evaluator 3 is further configured to create an identity token based on the identification of the at least one component 61, 62,..., 6x and on a set of error correcting codes applied on the identification.
  • the evaluator 3 is also configured to confirm the identity of the evaluee 5 when a comparison between the identity token and an expected identity results in number of deviations being below a set threshold.
  • the evaluator 3 is configured to create by transforming the identification into the identity token by supplying the identification into a one-way function, providing as output the identity token.
  • the one-way function is a fuzzy extractor.
  • the evaluator 3 is configured to apply a set of error correcting codes to the identification, the error correcting codes correcting input errors up to the set threshold.
  • the evaluator 3 may be configured in still other ways, for instance configured to, as an initial step, establish an expected identity of the evaluee 5.
  • the evaluator 3 may, for instance, be configured to establish by requesting the expected identity from a trusted party, or by obtaining an error correcting code and a reference token from a trusted party for use in creating the identity token.
  • Error correcting codes may best be described as additional information which can be used to correct incorrect bits in a block or stream of information.
  • a very simple example is a (3,i)-repetition code, where each bit is accompanied by two additional bits of the same kind. That is, a 1 is sent as a 111-block and a o as a ooo-block. If both o and 1 exists in a block after sending, a majority decision is taken. This allows a one- bit error without losing the information, i.e., no is still interpreted as 1.
  • error correcting codes are Bose- Chaudhuri-Hocquenghem (BCH) codes, where the code is constructed using polynomials over Galois fields.
  • BCH codes When BCH codes are used, the payload (information to be corrected) is divided into different blocks. Depending on how the code is designed, it can correct an arbitrary number of errors per block.
  • Further examples of error correction codes which can be utilized in the methods described herein comprise, but are not limited to, Reed-Solomon codes, Hamming codes and Reed- Muller codes. These error correction codes may also be used in a layered approach where several different or equal layers of error correcting codes are used. The error correcting codes may also be combined with error correction facilitating codes such as, for instance, Gray codes.
  • the fuzzy extractor is one type of one-way function which produces a hard-to-predict output for a given input.
  • what differs it from a regular oneway function is that it allows a certain number of errors in the input.
  • An OWF requires that the input is exactly equal in order to produce the same result. In the input changes just a little bit, i.e., e, the output will differ (B and C, respectively).
  • a Fuzzy Extractor on the other hand can handle errors (changes) up to a certain threshold and still produce the same output (B in the illustrated case).
  • the fuzzy extractor requires error correcting codes.
  • the error correcting codes may be supplied together with the input.
  • the fuzzy extractor maybe implemented using two different components: error correction and a one-way function, as is done in various embodiments of the described method 10.
  • Another implementation is a combination; to use error correcting block codes, such as BCH codes, and a hash function, e.g., a secure hash function (SHA) such as SHA256 or SHA3.
  • SHA secure hash function
  • the error correcting functionality receives the input, removes errors up to a certain threshold and supplies it to the hash function.
  • the output from the fuzzy extractor may be used for the same purposes as that of a hash function but where it may be advantageous to allow a small number of errors in the input.
  • a method in which the identity of a device, or a group of devices, is determined based on components within the device.
  • the method 10 involves two parties: the evaluee 5 and an evaluator 3.
  • the evaluee 5 may be embodied by a device or a group of devices and the components within the device(s) may, for instance, be hardware components and/or firmware and/or software.
  • the evaluator 3 may, for instance, be embodied by an application, a gateway, a cloud service, another device or any combination thereof.
  • One function of the evaluator 3 is to establish if the evaluee 5, e.g., a device, comprises a known set of components 61, 62,..., 6x while also having a certain threshold for missing or replaced components.
  • the evaluator 3 may utilize an algorithm which has error correcting properties, in particular the fuzzy extractor.
  • the described method 10 may be divided into two phases: identity establishment and evaluation.
  • identity establishment phase the evaluator establishes the expected identity of the device (evaluee 5). The identity is used to produce error correcting codes and a reference token.
  • evaluation phase the evaluator requests the identity of the components in the device, produces an identity token and evaluates this against the aforementioned reference token.
  • the evaluator 3 establishes the expected identity of the device.
  • the expected identity comprises at least one component present in the evaluee 5, e.g., a smart device. This identity is used for producing a set of error correcting codes and a reference token.
  • the identity is already, as has been described earlier, established elsewhere, e.g., by a trusted third party, and only the set of error correcting codes and reference token is supplied to the evaluator.
  • the set of error correcting codes may be created by dividing the identity into at least one block and deciding the number of errors which can be corrected in each block.
  • the reference token may be created by supplying the identity (without error correction) to the fuzzy extractor.
  • the purpose of the error correcting codes is to allow one or a few components to differ and still interpreting the device to have the same identity.
  • the reference token is the expected output of the fuzzy extractor and an efficient way to compare if the device can be considered to have same identity.
  • the evaluator may, in some embodiments, request an expected identity from a trusted party, which may be a trusted external party.
  • the identity may include identifications of components, operation patterns, etc.
  • the evaluator 3 utilizes the expected identity to create error correction codes and create a reference token.
  • the trusted party only supplies error correcting codes and a reference token. In such a scenario, the evaluator 3 does not need to know the exact expected identity.
  • the expected identity may be updated over time. Such updates may be performed by the evaluator or by a trusted external party. After a component within the device has been updated and/or changed, its new state may, possibly after a functionality test and/or waiting period, be considered to be the expected identity. This leads to updated error correcting codes and possibly a new reference token.
  • the evaluator 3 wants to know if the identity of an evaluee 5 (e.g., a device) equals the expected identity. Initially, the method requires that the device supplies an identity of the at least one component that it comprises to the evaluator 3.
  • an evaluee 5 e.g., a device
  • the evaluator 3 requests the identity of the components in the device and evaluates the produced identity token against a reference token stored during the identity establishment phase.
  • the evaluator 3 utilizes a fuzzy extractor, i.e., an error correction algorithm and a one-way function, to transform the component identities into a token.
  • the fuzzy extractor applies a set of error correcting codes to the input which corrects input errors up to a certain threshold.
  • the output from the fuzzy extractor, i.e., the identity token is compared to the reference token. If the token is as expected, the evaluator 3 accepts the identity and may increase the trust level of the evaluee 5 or give certain privileges to the evaluee 5. Otherwise, the identification has failed, and the evaluator 3 does not accept the identity of the evaluee. In this case, the capabilities and/or privileges of the device may be reduced, and a user may be informed that user interaction is necessary.
  • FIG. 3 is a flowchart exemplifying the described method.
  • a base station in a cellular network is considered to comprise four different components ⁇ A,B,C,D ⁇ .
  • the base station thus corresponds to the evaluee 5, which has certain capabilities, functions and/or services.
  • one component is updated or changed in some other way, i.e., component A becomes component A’.
  • the flow then continues to box 110.
  • an evaluation event is triggered by the update/change, and in box 115, the evaluee 5 sends an evaluation request to the evaluator 3.
  • This evaluation request may, for instance, be sent via a secure interface or protocol or handshake. It is noted that such evaluations may be initiated by an evaluation service, which at regular (or irregular) intervals performs the evaluation. The flow then continues to box 120.
  • the evaluator 3 receives the request, and may also store it.
  • the request comprises, in this example: [A’_ID, B_ID, C_ID, D_ID, time_stamp]; i.e., the component identifications for the components of the base station.
  • the flow then continues to box 125.
  • box 125 the error correction algorithm applies stored error correction codes on the data received in the request. The flow then continues to box 130.
  • the one-way function generates the output data, in particular the identity token.
  • the flow then continues to box 135.
  • an evaluation is performed, in which the identity token generated in box 130 is compared to a reference identity. The flow then continues to box 140.
  • box 140 a decision is made. For instance, if the evaluation of box 135 results in that the generated token is indeed correct flow continues to box 145. If the generated token is instead evaluated to be invalid, flow continues to boxes 150 and 155.
  • the token is deemed to be incorrect, and in box 155 the generated token is compared to stored tokens.
  • Different actions are then possible, as determined by, for instance, the owner of the device(s).
  • the device may be kept running, but with reduced capabilities, reduced or otherwise altered functionality, reduced access rights in a network, the device may further be disconnected from a network, be prohibited from (e.g., by means of firewall setting or port-block) interacting from certain devices in a network, or be instructed to power down.
  • box 160 in which the evaluator sends a response to the evaluee.
  • the response may, for instance, include a signed instruction, e.g., instructing the device to run with reduced capabilities or run as before etc.
  • box 165 Flow the continues to box 165.
  • the response from the evaluation may trigger a user action. For instance, the user may need to replace or update a component for the component to be compliant with the originally intended capabilities and/or functions.
  • Figures 4 to 8 illustrate and exemplify the various steps of a method performed in the evaluator 3.
  • the evaluator 3 may comprise an error correcting code database 210, or, in other embodiments, it has access to such database 210.
  • the evaluator 3 further comprises a set of error correcting codes 220.
  • the same example as in the described example of a base station is shown: ⁇ AID, BID, CID, DID ⁇ , i.e., identities of the base station components A, B, C, D (box 280).
  • the evaluator 3 comprises a fuzzy extractor 230, which takes as input the error correcting codes 220 and applies is to the component identities ⁇ AID, BID, CID, DID ⁇ .
  • the fuzzy extractor 230 outputs a token X (shown in box 240).
  • a decision is made in the evaluator 3 ( box 250).
  • the evaluator 3 may comprise, or have access to, a token database 260.
  • the token is indeed as expected, and the evaluator 3 may send an indication to, for instance, the evaluee 5 confirming authenticity of the evaluee 5. That is, the device group is unchanged, and the user may trust it.
  • the identity of the evaluee comprises one component which is not a part of the expected identity.
  • only component A has changed to A’.
  • the change may, as noted earlier, be due to an update of the component, some malfunctioning or due to some malicious intent.
  • the error correcting codes in this example allows correction of one component and therefore the correct identity token can be created.
  • Figure 5 thus illustrates a case in which the evaluator 3 still considers the base station to be a legitimate base station, as the threshold for error correction is one component. The user may still trust the base station to function properly.
  • Figure 6 illustrates a case in which too many components differ, e.g., if two of the components have changed: ⁇ A’, B’, C, D ⁇ .
  • Components A and B have changed to A’ and B’, and the identity of the evaluee 5 comprises two components which are not a part of the expected identity. Since the error correcting codes only allow correction of one component, the token Y is incorrect. The evaluator 3 does not consider this to be a valid base station, too many changes has been made to the components over a too short period of time. The user cannot longer trust the base station to function properly.
  • Figure 7 illustrates a case wherein the expected identity is updated. Such updating can be made e.g., during the identity establishment phase.
  • the component A’ is accepted and error correcting codes of the error correcting code database 210 and token database 260 are updated (token updated to Token Z).
  • the component A’ is then considered to be a part of the expected identity.
  • the base station is now considered to comprise a new set of components: ⁇ A’,B,C,D ⁇ .
  • Figure 8 illustrates, as a continuation of figure 7, if another component is updated e.g., component B changes to B’: B->B’, the evaluator 3 now accepts ⁇ A’,B’,C,D ⁇ as a valid base station as it does not exceed the threshold of the error correcting codes. That is, the identity of the evaluee 5, now again comprises only one component which is not a part of the expected identity, can also be updated over time by repeating the identity establishment phase. A new expected identity may be established and thereby create new error correcting codes and a new token.
  • a further example is a Home Network which typically comprises several devices, e.g., Internet-of-Things, loT, devices. If the composition of the home network changes too rapidly, e.g., by removal of devices or by introduction of new loT devices, the identity and thereby the trust level of the home network is changed.
  • a home network is considered to comprise of device(s), groups of devices and a gateway as illustrated in figure below.
  • a component when altered (embodied e.g., by a configuration in a device, a device removed or a new device entering the group) it may be evaluated by one of the devices or be evaluated by the gateway or by a cloud server.
  • the trust and privileges and certain device group is given depends on its ability to supply the correct input to the evaluator in order to correct the correct identity token.
  • Fig. 9 is a schematic diagram showing functional units of an evaluator 3 according to an embodiment.
  • Processing circuitry 510 is provided using any combination of one or more of a suitable central processing unit (CPU), multiprocessor, microcontroller, digital signal processor (DSP), etc., capable of executing software instructions stored in a computer program product 730 (as in Fig. 11), e.g., in the form of a storage medium 530.
  • the processing circuitry 510 may further be provided as at least one application specific integrated circuit (ASIC), or field programmable gate array (FPGA).
  • ASIC application specific integrated circuit
  • FPGA field programmable gate array
  • the processing circuitry 510 is configured to cause the evaluator 3 to perform a set of operations, or actions, as disclosed above.
  • the storage medium 530 may store the set of operations
  • the processing circuitry 510 may be configured to retrieve the set of operations from the storage medium 530 to cause the evaluator 3 to perform the set of operations.
  • the set of operations may be provided as a set of executable instructions.
  • the processing circuitry 510 is thereby arranged to execute methods as disclosed herein.
  • the storage medium 530 may also comprise persistent storage, which, for example, can be any single one or combination of magnetic memory, optical memory, solid state memory or even remotely mounted memory.
  • the evaluator 3 may further comprise a communications interface 520 for communications with other entities, functions, nodes, and devices, over interfaces.
  • the communications interface 520 may comprise one or more transmitters and receivers, comprising analogue and digital components.
  • the processing circuitry 510 controls the general operation of the evaluator 3 e.g., by sending data and control signals to the communications interface 520 and the storage medium 530, by receiving data and reports from the communications interface 520, and by retrieving data and instructions from the storage medium 530.
  • Other components, as well as the related functionality, of the evaluator 3 are omitted in order not to obscure the concepts presented herein.
  • Fig. 10 is a schematic diagram showing functional modules of an evaluator 3 according to an embodiment.
  • the evaluator 3 of Fig. 10 comprises a number of functional modules; an obtain module 610 configured to perform step 12, a create module 620 configured to perform step 13, and a confirm module 630 configured to perform step 14.
  • the evaluator 3 of Fig. 10 may further comprise a number of optional functional modules, such as an establish module 640 configured to perform step 11.
  • each functional module 610, 620, 630, 640 may be implemented in hardware or in software.
  • one or more or all functional modules 610, 620, 630, 640 may be implemented by the processing circuitry 510, possibly in cooperation with the communications interface 520 and the storage medium 530.
  • the processing circuitry 510 may thus be arranged to from the storage medium 530 fetch instructions as provided by a functional module 610, 620, 630, 640 and to execute these instructions, thereby performing any actions of the evaluator 3 as disclosed herein.
  • Fig. 11 shows one example of a computer program product 730 comprising computer readable means 740 according to an embodiment.
  • a computer program 720 can be stored, which computer program 720 can cause the processing circuitry 510 and thereto operatively coupled entities and devices, such as the communications interface 520 and the storage medium 530, to execute methods according to embodiments described herein.
  • the computer program 720 and/or computer program product 730 may thus provide means for performing any actions of the evaluator 3 as disclosed herein.
  • the computer program product 730 is illustrated as an optical disc, such as a CD (compact disc) or a DVD (digital versatile disc) or a Blu-Ray disc.
  • the computer program product 730 could also be embodied as a memory, such as a random access memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM), or an electrically erasable programmable read-only memory (EEPROM) and more particularly as a non-volatile storage medium of a device in an external memory such as a USB (Universal Serial Bus) memory or a Flash memory, such as a compact Flash memory.
  • RAM random access memory
  • ROM read-only memory
  • EPROM erasable programmable read-only memory
  • EEPROM electrically erasable programmable read-only memory
  • EEPROM electrically erasable programmable read-only memory

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

Un procédé est divulgué, mis en œuvre dans un évaluateur, permettant de confirmer l'identité d'un ou plusieurs dispositifs. Le ou les dispositifs constituent une entité évaluée. Le procédé consiste : à obtenir, à partir de l'entité évaluée, une identification d'au moins un composant dans au moins un dispositif de l'entité évaluée ; à créer un jeton d'identité sur la base de l'identification dudit composant et d'un ensemble de codes de correction d'erreur appliqués à l'identification ; et à confirmer l'identité de l'entité évaluée lorsqu'une comparaison entre le jeton d'identité et une identité attendue résulte en un nombre d'écarts inférieurs à un seuil défini.
PCT/SE2021/051169 2021-11-23 2021-11-23 Procédé et moyen de confirmation de l'identité de dispositifs WO2023096539A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/SE2021/051169 WO2023096539A1 (fr) 2021-11-23 2021-11-23 Procédé et moyen de confirmation de l'identité de dispositifs

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/SE2021/051169 WO2023096539A1 (fr) 2021-11-23 2021-11-23 Procédé et moyen de confirmation de l'identité de dispositifs

Publications (1)

Publication Number Publication Date
WO2023096539A1 true WO2023096539A1 (fr) 2023-06-01

Family

ID=86540246

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/SE2021/051169 WO2023096539A1 (fr) 2021-11-23 2021-11-23 Procédé et moyen de confirmation de l'identité de dispositifs

Country Status (1)

Country Link
WO (1) WO2023096539A1 (fr)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130028411A1 (en) * 2011-07-25 2013-01-31 Telefonaktiebolaget L M Ericsson (Publ) Simple Group Security for Machine-to-Machine Networking (SGSM2M)
US20190065734A1 (en) * 2017-08-28 2019-02-28 Nxp B.V. Error correction circuit for physical unclonable function (puf) circuit
WO2019212849A1 (fr) * 2018-05-01 2019-11-07 Analog Devices, Inc. Authentification de dispositif basée sur des caractéristiques analogiques sans correction d'erreur
EP3627796A1 (fr) * 2018-09-20 2020-03-25 Visa International Service Association Prise d'empreintes digitales de sécurité dynamique et privée

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130028411A1 (en) * 2011-07-25 2013-01-31 Telefonaktiebolaget L M Ericsson (Publ) Simple Group Security for Machine-to-Machine Networking (SGSM2M)
US20190065734A1 (en) * 2017-08-28 2019-02-28 Nxp B.V. Error correction circuit for physical unclonable function (puf) circuit
WO2019212849A1 (fr) * 2018-05-01 2019-11-07 Analog Devices, Inc. Authentification de dispositif basée sur des caractéristiques analogiques sans correction d'erreur
EP3627796A1 (fr) * 2018-09-20 2020-03-25 Visa International Service Association Prise d'empreintes digitales de sécurité dynamique et privée

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
HERDER CHARLES; YU MENG-DAY; KOUSHANFAR FARINAZ; DEVADAS SRINIVAS: "Physical Unclonable Functions and Applications: A Tutorial", PROCEEDINGS OF THE IEEE, vol. 102, no. 8, 1 August 2014 (2014-08-01), US , pages 1126 - 1141, XP011553689, ISSN: 0018-9219, DOI: 10.1109/JPROC.2014.2320516 *
MENG-DAY YU ; S. DEVADAS: "Secure and Robust Error Correction for Physical Unclonable Functions", IEEE DESIGN & TEST OF COMPUTERS, vol. 26, no. 1, 1 January 2010 (2010-01-01), US , pages 48 - 65, XP011288580, ISSN: 0740-7475 *

Similar Documents

Publication Publication Date Title
EP3512155A1 (fr) Procédé et système pour fournir un accès sécurisé à des artéfacts dans un environnement informatique en nuage
US20230236825A1 (en) End-point configuration and hardening for iot devices
JP2019036251A (ja) 更新制御装置、ソフトウェア更新システムおよび更新制御方法
CN107077574A (zh) 用于客户端设备的信任服务
US9054863B2 (en) Industrial protocol system authentication and firewall
EP3582439A1 (fr) Procédé permettant de fournir une mise a jour par voie hertzienne (ota) aux dispositifs d'une plate-forme d'internet des objets (ido)
US20170293481A1 (en) Updating Software Packets in Water Installation Controlling Apparatus
US20230006821A1 (en) Cryptographic feature licensing
US11871471B1 (en) Process for managing reconnections of devices in a network
JP6887108B2 (ja) 不正検知電子制御ユニット、電子制御ユニット、車載ネットワークシステム、不正検知方法およびコンピュータプログラム
CN111131144B (zh) IoT设备管理方法、装置、服务器及存储介质
KR20130018397A (ko) 원격 소스로부터의 명령을 수행하는 시스템 및 방법
KR20190069234A (ko) 홈 IoT 환경에서의 보안성 제공 장치 및 방법
WO2023096539A1 (fr) Procédé et moyen de confirmation de l'identité de dispositifs
KR100772877B1 (ko) 디바이스 상호간 계층적 연결 장치 및 방법
CN110968841B (zh) 可编程逻辑控制器的激活方法、装置和系统
US20200007394A1 (en) System for provisioning racks autonomously in data centers
US11489725B1 (en) Optimized updating of a client application
JP2017169147A (ja) 検証装置、電子機器、プログラムおよび検証システム
WO2019239191A1 (fr) Procédés, modules sans fil, dispositifs électroniques et dispositifs serveurs
CN111353150B (zh) 一种可信启动方法、装置、电子设备及可读存储介质
KR101885146B1 (ko) 애플리케이션 보호 장치 및 방법
US20200044849A1 (en) Dual-token authentication for electronic devices
KR20210069494A (ko) IoT 디바이스를 인증하며 IoT 디바이스의 무결성을 검증하는 방법 및 이를 이용한 컨트롤 디바이스
CN115348177B (zh) 一种工控系统网络拓扑安全重构方法、装置及存储介质

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21965811

Country of ref document: EP

Kind code of ref document: A1