method of temporarily registering a second device with a first device, collecting device, and comput

专利摘要:
TEMPORARY REGISTRATION OF DEVICES. In a method of temporarily registering a second device with a first device, in which the first device includes a temporary registration mode, the temporary registration mode on the first device is enabled, a temporary registration operation on the first device is initiated from the second device, a determination of whether the second device is authorized to register with the first device is made, and the second device is temporarily registered with the first device in response to a determination that the second device is authorized to register with the first device, where temporary registration requires at least one of the second device and the first device to delete the information necessary for temporary registration following at least one of a determination of a network connection between the first device and the second device and a shutdown of at least one m from the first device and the second device.
公开号:BR112012016080B1
申请号:R112012016080-0
申请日:2010-12-17
公开日:2021-04-20
发明作者:Jiang Zhang；Alexander Medvinsky；Paul Moroney；Petr Peterka
申请人:General Instrument Corporation；
IPC主号:

专利说明:

RELATED ORDERS
The present application is related to US Patent Application No. 12/345,010 (Attorney Document No. BCS05287), entitled "Generation of a Personal Identification Number (PIN) between two devices in a network", and filed on December 29, 2008 by Paul Moroney and Zhang Jiang; US Patent Application No. 12/344,994 (Attorney Document No. BCS05333) entitled "Method of Intended Discovery of Devices in a Network", and filed December 29, 2008 by Jiang Zhang and Peterka Petr; Patent Application No. US 12/344,997 (Attorney Document No. BCS05335) entitled "Secure and Efficient Domain Key Distribution for Device Registration", and filed December 29, 2008 by Jiang Zhang and Medvinsky Sasha and Application for US Patent No. 12/345,002 (Attorney Document No. BCS05338), entitled "Multi-Mode Device Registration", and filed December 29, 2008 by Jiang Zhang and Petr Peterka, the disclosures of which are incorporated by reference in their totality. FUNDAMENTALS
HOME WIRELESS DIGITAL INTERFACE (WHDI) is a wireless standard proposed for a wireless multimedia network device, which can be used in home, office or other short-range wireless network environments. WHDI allows wireless broadband channels to send content between devices, which can support uncompressed High Definition (HD) content. For example, a DVD player can connect to Multiple HDTVs wirelessly and send uncompressed content to the HDTVs using WHDI technology. WHDI eliminates the need for cabling such as High Definition Multimedia Interface (HDMI) cables, component cables, etc., used to transmit uncompressed content between devices. Conventional wireless technologies like 802.11, BLUETOOTH, etc do not have the bandwidth or interface to transmit uncompressed multimedia content between devices.
WHDI devices are characterized as two types.
One type is a source device and the other type is a collector device. A WHDI device can be a source device, a collector device, or both, depending on its functionality. A source device transmits data streams over a WHDI network to a collector device, and a collector device receives data streams over the source device's WHDI network. Examples of source devices are set-top box, personal computer (PC), notebook PC, desktop PC, DVD player, MP3 player, video camera, audio/video receiver, game console, etc. Examples of collector devices are TVs, computers, projectors, etc.
Currently, WHDI specifies three registration modes (Device Only Mode, Source-Domain Mode, and Collector-Domain Mode). Typically, the collector device has a user interface for the user to manage registration, such as to select which source device should be registered with the collector device, and as such, the three registration modes are designed to always start from collector device. However, in cases where the collecting device is a projector mounted on the ceiling or a wall in a room, for example, the collecting device may not be easily accessible. In other environments, such as conference rooms, remote controls for collecting devices may not be available. Furthermore, security and use by many different devices at different times can be of greater concern in the conference room environment than at home. The current WHDI registration protocol may thus be insufficient to meet all requirements for registration in relatively public places, such as conference rooms. ABSTRACT
Disclosed herein is a method of temporarily registering a second device with a first device, wherein the first device includes a temporary registration mode. In the method, temporary registration mode on the first device is enabled. In addition, a temporary registration operation on the first device is initiated from the second device and a determination as to whether the second device is authorized to register with the first device is made. In addition, the second device is temporarily registered with the first device in response to a determination that the second device is authorized to register with the first device, where temporary registration requires at least one of the second device and the first device to delete the information necessary for temporary registration following at least one of a termination of a network connection between the first device and the second device and a shutdown of at least one of the first device and the second device.
Also described herein is a method of temporarily registering a second device with a first device, in which the first device comprises at least one of a projector and a screen and the second device comprises an electronic device capable of wirelessly communicating data to the first. device. In the method, the first device automatically generates a registration PIN or a press string of input devices that maps to the registration PIN at least one of over-emergency from one of a standby mode and a power off and reception state. a request for temporary registration of the second device. In addition, the first device presents the generated registration PIN or the press string of input devices in the second device which maps to the registration PIN. In addition, an indication from the second device whether the generated registration PIN has been entered is received, a determination of whether the generated registration PIN is valid is made, and the second device is temporarily registered with the first device in response to a determination whether the generated registration PIN is valid, where the temporary registration requires at least one of the second device and the first device to delete the information necessary for the temporary registration following at least one of a termination of a network connection between the first device and the second device and a shutdown of at least one of the first device and the second device.
Also disclosed herein is a collector device that includes one or more modules configured to activate a temporary registration mode, receive a request to initiate a temporary registration operation from a source device, determine whether the source device is authorized to register with the collector device, and temporarily register the source device with the collector device in response to a determination that the second device is authorized to register with the first device, where the temporary registration requires that at least one of the second device and first device delete the information necessary for temporary registration following at least one of a termination of a network connection between the first device and the second device and a shutdown of at least one of the first device and the second device. The collector device also includes a processor configured to implement one or more modules.
Further described is a computer-readable storage medium in which one or more computer programs are embedded. The one or more computer programs implement a method of temporarily registering a second device with a first device, in which the first device includes a temporary registration mode. The one or more computer programs include a set of instructions to activate the temporary registration mode on the first device, initiate a temporary registration operation on the first device from the second device, determine if the second device is authorized to register with the first device. device, and temporarily register the second device with the first device in response to a determination that the second device is authorized to register with the first device, in which the temporary registration requires that at least one of the second device and the first device delete the information necessary for temporary registration following at least one of a termination of a network connection between the first device and the second device and a shutdown of at least one of the first device and the second device.
By applying the method and collecting device disclosed herein, the collecting device can be temporarily registered with a source device without requiring a user to access the collecting device to start the registration, for example, allowing the registration to be started on the device. origin. A user can thus initiate registration without having to manually access the collecting device, which can be positioned in a location that is relatively difficult to access, such as a bedroom ceiling. In addition, the collecting device and method provide different measures to prevent unauthorized registration and use of the collecting device, such as requiring the collecting device and the source device to delete information, such as a registration key, which is required. for temporary registration after a network connection between the source device and the collector device is terminated or after one or both of the first device and the second device have been powered off. BRIEF DESCRIPTION OF THE DRAWINGS
Features of the present invention will become apparent to those skilled in the art from the following description with reference to the figures, in which:
Figure 1 illustrates a simplified block diagram of a network, in accordance with an embodiment of the present invention;
Figure 2 illustrates a simplified block diagram of a network containing multiple collector devices and source devices, in accordance with an embodiment of the present invention;
Figure 3 illustrates a block diagram of a collector device shown in Figures 1 and 2, in accordance with an embodiment of the present invention;
Figures 4 and 8, respectively, illustrate flow diagrams of methods for temporarily registering a second device with a first device, in accordance with two embodiments of the present invention; and
Figures 5 to 7, 9 and 10, respectively, illustrate protocol diagrams that describe the operations performed on a collecting device and a source device during temporary recording operations, according to embodiments of the invention. DETAILED DESCRIPTION
For simplicity and illustrative purposes, the present invention is described with reference to exemplary embodiments primarily. In the following description, numerous specific details are set out to provide a complete understanding of the modalities. However, it will be apparent to one skilled in the art that the present invention can be practiced without limitation to these specific details. In other cases, well-known methods and structures have not been described in detail, to avoid unnecessarily obscuring the description of modalities.
Figure 1 illustrates a simplified block diagram of a network 100 in accordance with an embodiment of the present invention. The network 100 of Figure 1 shows a collector device 110 and a source device 120. The network 100 may be a wireless network, for example, a WIRELESS DIGITAL HOME INTERFACE (WHDI), 802.11, BLUETOOTH, etc. network. By way of example, the collector device 110 comprises an image or video projector, a television set, etc., and the source device 120 comprises an electronic device such as a personal computer, a laptop computer, a reader a digital video disc, a compact disc player, a cell phone, a personal digital assistant, a set-top box, a digital video recorder, a personal media player, etc.
Generally, when source device 120 is registered with collector device 110, source device 120 is configured to communicate the content in the form of data signals to collector device 110 to be transmitted through collector device 110 More particularly, for example, the data signals may comprise the video and/or audio signals to be transmitted through a screen and/or speakers of the collector device 110. As a particular example, the collector device 110 comprises a mounted projector on a ceiling of a room and the source device 120 comprises a laptop computer and a user implements these devices to make information from the laptop computer be displayed by the projector.
In order to prevent unauthorized access and use of the projector, as well as unauthorized interception of signals transmitted between the source device 120 and the collector device 110, and in accordance with an embodiment of the invention, the collector device 110 and the source device 120 implement a temporary registration operation with respect to each other before allowing such communications. Temporary logging mode comprises an additional logging mode to the current WHDI logging modes (Device Only Mode, Source-Domain Mode and Collector Only Mode). Current WHDI registration modes are discussed in the related requests recited above.
According to an embodiment, the collecting device 110 is positioned in a temporary recording mode and the source device 120 starts the recording operation. According to another embodiment, the collector device 110 is placed in temporary recording mode and starts the recording operation automatically upon emergence of a standby or off state. In both of these modalities, and in contrast to conventional registration operations, the registration operation need not be initiated manually by a user on the collecting device 110. In one aspect, therefore, the registration operation can be readily performed even in cases where that collector device 110 may not be easily accessible by a user, such as when collector device 110 is mounted on the ceiling of a room or is otherwise inaccessible.
In temporary registration mode, collector device 110 is configured to temporarily register source device 120 such that one or both of collector device 110 and source device 120 are needed to delete information such as registration keys. , for temporary recording following termination of a network connection between collector device 110 and source device 120 or after one or both of collector device 110 and source device 120 have been turned off. As such, the source device 120 is required to go through another registration operation to become temporarily registered with the collector device 110 following termination of the network connection or by turning off one or both of the collector device 110 and the collector device. origin 120. More particularly, for example, the collector device 110 and the origin device 120 are required to go through a registration process, which includes registration PIN verification and certificate and registration key exchange, however, the registration key. exchanged record is not saved and reused for next association. In this regard, unauthorized access and use of collector device 110 by source device 120 may be substantially limited following termination of a network connection between collector device 110 and source device 120 or following disconnecting one or both of the collector device. 110 and source device 120. In addition, collector device 110 may further limit unauthorized access and use of collector device 110 by preventing registration with another source device 120 from occurring once collector device 110 it is temporarily registered with a source device 120. Various ways in which the source device 120 can be temporarily registered with the collector device 110 are discussed in more detail hereafter.
Although Figure 1 shows a single collector device 110 and a single source device 120, it should be apparent to one skilled in the art that the network 100 may include additional collector devices and/or additional source devices. An example of a network 200 containing multiple collector devices 112, 114 and multiple source devices 120-124 is shown in Figure 2.
As shown here, one or more of a plurality of source devices 120-124 may be configured to communicate with one or more of collector devices 112, 114 and/or a repeater 210. In addition, collector devices 112, 114 are configured to communicate with the repeater 210, which comprises components of a source device and a collector device, and is thus capable of receiving and transmitting data. In this regard, each of the source devices 120-124 does not need to register with all the collector devices 112-114, but instead can register with the repeater 210. In this example, the repeater 210 can be configured to receive data signals from one or more of the source devices 120-124 and communicate the data signals to the other collector devices 112 and 114. In another example, one of the collector devices 112, 114 may operate in a mode A temporary collector domain registration or one of the source devices 120-124 can be operated in a temporary source domain registration mode when there are multiple collector devices 112, 114 and/or source devices 120-124. In any aspect, for example, data signals received from one or more of the source devices 120-124 can be transmitted through all of the collector devices 112, 114 by applying any of the examples discussed above.
According to a particular example, repeater 210 receives data signals from one of the source devices 120-124 at any given time. In this example, repeater 210 is configured to be temporarily registered with a single source device 120-124 at any given time. In another particular example, repeater 210 concurrently receives data signals from a plurality of source devices 120124.
Referring to Figure 3, there is shown a block diagram 300 of a collector device 110 shown in Figures 1 and 2, according to an embodiment. It should be apparent to those of ordinary skill in the art that block diagram 300 of collector device 110 represents a generalized illustration and that other components can be added or existing components can be removed, modified or rearranged without departing from a scope of collector device 110 .
As shown in Figure 3, collector device 110 includes a processor 302, a user interface 304, a communication interface module 306, a memory 308, an output apparatus 310, a mode selector module 312, a generation module. of registration personal identification number (PIN) 314, registration PIN output module 316, a registration PIN validation module 318, and a temporary registration module 320. Modules 312-320 may include software modules, hardware modules, or a combination of software and hardware modules. Thus, in one embodiment, one or more of the modules 312-320 comprise circuit components. In another embodiment, one or more of the modules 312-320 comprise software code stored on a computer-readable storage medium that is executable by the processor 302. In a further embodiment, the modules 312-320 may comprise a combination of hardware and software. In any respect, the functionalities of one or more of the 312320 modules can be combined into a smaller number of 312320 modules or separated into additional modules without departing from the scope of the invention.
User interface 304 may comprise a set of keys, buttons, switches, audio receiver, and the like, on collector device 110 through which a user can input inputs to collector device 110. Communication interface 306 may include hardware and / or suitable software to enable wireless communications with source device 120, user interface 304, other collector devices 110, etc. Output apparatus 310 may comprise an apparatus configured to output one or more of a visual image and an audible sound, such as a projector configured to cause an image to be displayed on a surface or outside the collector device 110, a screen. on the collector device 110 for displaying an image, a speaker, etc.
As discussed in greater detail here below, processor 302 is configured to implement or invoke modules 312-320 to become temporarily registered with source device 120 when source device 120 is authorized to do so. In one aspect, processor 302 is configured to cause a registry key to be temporarily stored in random access memory (RAM) (not shown). Processor 302 may also match other information that permits temporary recording of source device 120 either in RAM or memory 308, which may comprise persistent memory. In addition, processor 302 is configured to delete the registry key for source device 120 from RAM or from memory 308 upon termination of a network connection between collector device 110 and source device 120.
Various ways in which the components of collector device 110 can be implemented are described in more detail with respect to Figures 4-10, which depict respective flow diagrams of methods 400 and 800 and protocol diagrams 500-700, 900, and 1000 for temporarily registering a source device 120 with a collector device 110, in accordance with embodiments of the invention. It should be apparent to those of ordinary skill in the art that methods 400 and 800 and protocol diagrams 500-700, 900, 1000 and represent generalized illustrations and that other steps can be added or existing steps can be removed, modified or rearranged without away from the scope of the 400 and 800 methods and the 500-700, 900, and 1000 protocol diagrams.
The descriptions of methods 400 and 800 and protocol diagrams 500-700, 900, and 1000 are made with particular reference to the collector device 110 and source device 120 depicted in Figures 1-3 and thus make particular reference to the elements contained therein. in collector device 110 and source device 120. It should, however, be understood that methods 400 and 800 and protocol diagrams 500-700, 900, and 1000 can be implemented in apparatus that differ from collector device 110 and the source device 120 without departing from the scope of the 400 and 800 methods and the 500-700, 900, and 1000 protocol diagrams.
Referring first to Figure 4, at step 402, the collector device 120 is placed in temporary recording mode. Thus, for example, a user implements user interface 304 to cause mode selector module 312 to activate temporary registration mode. When in temporary registration mode, collector device 110 is configured to allow a source device 120 to become temporarily registered with collector device 110. According to one embodiment, other permanent registration modes of collector device 110 are disabled to avoid that the collecting device 110 is permanently registered with the source device 120 or other source devices when in the temporary registration mode.
In step 404, a temporary registration operation is initiated in collector device 110 from source device 120. More particularly, for example, collector device 110 receives a registration request from source device 120 via communication interface 306 A user can thus initiate the registration process of the source device 120 with the collector device 110, causing the source device 120 to submit the registration request to the collector device 110. During reception of the registration request, collector device 110 may be in a listening state, which collector device 110 may enter when collector device 110 is activated and is not registered with another source device. In this regard, the user is not required to access the collecting device 110 to start the registration process.
Turning now to Figure 5, there is shown a protocol diagram 500 describing the operations performed on the collector device 110 and the source device 120 in greater detail when temporarily registering the collector device 110 with the source device 120, according to an embodiment of the invention. Thus, from the top of the diagram, at step 404, the source device 120 starts the temporary registration operation. In so doing, source device 120 is configured to obtain identification from collector device 110. Source device 120 may obtain identification from collector device 110 in any of a number of different ways. For example, collecting device 110 may display its identification so that a user can input identification for source device 120 while initiating the temporary registration request. As another example, a discovery mechanism can be applied, where, the source device 120 is configured to look up the IDs of nearby collector devices 110 and where the collector devices 110 respond with their IDs, which a user can enter on the source device 120.
The source device is also configured to generate a random number (N0), such as a 2-byte random number, and compose a transaction ID (TID). In this mode, the source device 120 is configured to communicate the random number (NO0) and the TID to the collecting device 110 in the registration request message (Message 1) sent to the collecting device 110.
At step 406 (Figure 4), a determination of whether source device 120 is authorized to register with collector device 110 is made. In making this determination, collecting device 110 can check its logging configuration setting to ensure that it is in temporary logging mode. In response to a determination that collector device 110 is in temporary registration mode, collector device 110 communicates certified collector device 110 (certsnk) to source device 120 and a second message (message2) (Figure 5).
Furthermore, the originating device 120 receives the second message from the collecting device 110 and determines whether the certificate (certsnk) of the collecting device 110 is authentic, using, for example, a public key device root CA. In addition, the source device 120 obtains the public key (SnkPK) of the collector device 110. The source device 120 also checks that the collector device ID 110 matches the device ID in the certificate and the device ID of the collector device 110 In case any of these checks fail, the temporary registration operation is cancelled.
However, if the checks are determined to be valid, source device 120 generates a random number (Nsrc), such as a 16-byte random number, and a random number for each button in a list of button names (BtnLst ) from source device 120. In addition, source device 120 RSA encodes the random number (Nsrc) and button name list (BtnLst), including the button names and random values for each button with the public key (SnkPK) of the collector device 110. In addition, the source device 120 communicates a message (message3) that contains the source device's certificate 120, a source device ID 120, as well as the encrypted random number and name list of button.
In response, the collecting device 110 determines whether the certificate (certsrc) of the source device 110 is authentic using, for example, a Device Root CA Public Key. In addition, the collecting device 110 obtains the public key (SrcPK) of the source device 120. The collecting device 110 also verifies that the source device ID 120 matches the device ID in the source device's certificate and device ID 120 in the message header (Message3). In the event that any of these checks fail, the temporary registration operation is cancelled.
However, if the checks are determined to be valid, the collector device 110 decrypts the random number (Nsrc) and button list (BtnLst) using the collector device's private key (SnkPriK). In addition, the collector device 110 randomly selects one or more buttons in an order of being pressed from the list of buttons, displays their names to the user, and uses the corresponding button value or concatenation of the button values in the order of being pressed. as a personal identification number (PIN) record. In addition, the collecting device 110 generates a random number (Nsnk), such as a 16-byte random number, and derives the Registration Encryption Key (REK) and Registration Authentication Key (RAK). As a specific example, the collector device 110 derives the REK and RAK using the following method: {REK | RAK} = SHA-256 (Nsnk | Nsrc | PIN). REK is the most significant 16 bytes of the 32-byte SHA-256 output; RAK is the least significant 16 bytes of the 32-byte SHA-256 output.
In addition, the RSA collector device 110 encrypts the random numbers (Nsnk) and (Nsrc) using the source device's public key (SrcPK).
Collecting device 110 uses RAK to generate a message authentication code (SR44), such as a 128-bit AES-CMAC, over RSA encrypted random numbers (Nsnk) and (Nsrc). In addition, the collecting device 110 sends a message (message 4) containing the encrypted random numbers (Nsnk) and (Nsrc) and the message authentication code (SR) to the originating device 120.
The source device 120 receives the message (message 4) and decrypts the random numbers (Nsnk) and (Nsrc) using the source device's private key (SrcPriK) and checks whether the random number (Nsrc) generated by the source device 120 corresponds to the one transmitted in the third message (message3). If these numbers do not match, source device 120 terminates the temporary registration operation.
Source device 120 also waits for the user to press the buttons in the order presented by collector device 110 before timing out. Furthermore, the source device 120 generates the PIN based on the buttons pressed by the user. In addition, source device 120 derives the Registration Encryption Key (REK) and Registration Authentication Key (RAK) using the same method discussed above with respect to collector device 110. In addition, source device 120 uses to RAK to verify the message authentication code (AES-CMAC). If verification fails, source device 120 disconnects the link and the temporary registration operation is cancelled. Otherwise, as indicated in step 408 (Figure 4), source device 120 becomes temporarily registered with collector device 110.
In temporary recording mode, both the source device 120 and the collector device 110 temporarily store the REK and RAK. As such, neither source device 120 nor collector device 110 persistently saves the REK and RAK. Thus, once the temporary registration has been terminated, for example, following the termination of a network connection between the collector device 110 and the source device 120 or following the shutdown of at least one collector device 110 and the source device 120 , collector device 110 and source device 120 are not to delete the swapped registry key stored in RAM memory. As such, collecting device 110 and source device 120 must perform the temporary registration process of Figure 4 in order to become temporarily registered again.
Furthermore, during the time that the source device 120 is temporarily registered with the collector device 110, a connection between these devices is established and content from the source device 120 can be communicated to the collector device 110. Thus, for example , source device 120 may direct collector device 110 to display content in the form of images, audio, and/or videos. In addition, processor 302 is configured to prevent another source device, such as source devices 122 and 124 depicted in Figure 2, from registering with collector device 110 while the connection with source device 120 is maintained.
When there is more than one collector device 110-114, for example, as discussed above in relation to Figure 2, each of the collector devices 110-114 may display the contents of a registered source device 120. In one embodiment, the collector device 110 comprises a repeater configured to receive content from a registered source device 120 and communicate the received content to one or more other collector devices 110. In this mode, therefore, source device 120 need only register with a single collector device 110 , while allowing content to be streamed across multiple collector devices 110-114.
Alternatively, however, source device 120 may register individually with each of multiple collector devices 110-114.
As a further alternative, for example, where a repeater is not available, one of the collecting devices 110-114 or the source device 120 can operate in a temporary domain registration mode to create a temporary domain for which all collecting devices 110-114 may temporarily register with the source device 120. A protocol diagram 600 of a temporary source domain mode is depicted in Figure 6 and a protocol diagram 700 of a temporary collector domain registration mode is depicted in Figure 7, according to embodiments of the invention.
Referring first to Figure 6, protocol diagram 600 includes all the same steps as discussed above in relation to Figure 5 and includes a couple of additional steps. More particularly, upon receipt of the fourth message (message 4), the source device 120, in addition to the first four steps discussed above with respect to Figure 5, RSA encrypts a source domain key (DKsrc) using the REK. In addition, the source device 120 uses RAK to generate a message authentication code (SR75), such as a 128-bit AES-CMAC, over the RSA encrypted source domain key (DKsrc). In addition, the source device 120 sends a message (message5) containing the TID, domain source name (DNsrc) and BtnNames, encrypted source domain key (EREK (DKsrc)) and message authentication code (SR75 ) for the collector device 110.
In response, the collecting device 110 determines whether the message authentication code (SR75) is authentic using RAK. Furthermore, in response to a determination that the message authentication code (SR75) is authentic, the collecting device 110 decrypts the source domain key (DKsrc) using the REK. In addition, the collecting device 110 sends an acknowledgment (ACK) message to the originating device. If, however, the collecting device 110 determines that the message authentication code (SR75) is not authentic, the collecting device 110 terminates the temporary domain registration operation. Furthermore, since multiple collector devices 110 receive the same temporary domain key, and if a new source device 120 intends to send content to all collector devices 110, the new source device 120 need only register once with either of the collector devices 110 in the domain.
Referring now to Figure 7, protocol diagram 700 includes all the same steps as discussed above in relation to Figure 5 and includes a couple of additional steps. More particularly, upon receipt of the third message (Message 3), in addition to the first seven bullet points describing operations performed on the collector device 110 discussed above with respect to Figure 5, the collector device 110 encrypts a collector domain key (DKsnk) using REK. In addition, the collector device 110 uses RAK to generate a message authentication code (SR84), such as a 128-bit AES-CMAC, over the RSA encrypted random numbers (Nsnk) and (Nsrc), the name collector domain key (DNsnk) and the encrypted collector domain key (DKsnk). In addition, the collector device 110 sends a message (message 4) that contains the encrypted random numbers (Nsnk) and (Nsrc), the collector domain name (DNsnk), the encrypted collector domain key (DKsnk), and the code. message authentication (SR85) for source device 120.
In response, the source device 120, in addition to the first four steps discussed above with respect to Figure 5, determines whether the message authentication code (SR84) is authentic using RAK. In addition, source device 120 decrypts the collector domain key (DKsnk) using REK. In addition, the source device 120 uses RAK to generate a message authentication code (SR85), such as a 128-bit AES-CMAC, on the TID and BtnNames and sends the TID, BtnNames and authentication code of (SR85) to the collecting device 110. In response, the collecting device 110, determines whether the message authentication code (SR85) is authentic using RAK. Furthermore, in response to a determination that the message authentication code (SR85) is authentic, the collecting device 110 sends an acknowledgment (ACK) message to the originating device 120. Otherwise, the collecting device 110 terminates the temporary domain registration operation.
Turning now to Figure 8, there is shown a method 800 for temporarily registering a source device 120 with a collector device 110, in accordance with another embodiment. As shown here, at step 802, the collector device 110 emerges from an off or standby state, for example, in response to receiving an activation command, after a predetermined period of time, following a predetermined scheme, etc. . In this mode, collector device 110 is configured to be in a temporary recording mode when it emerges from the standby or off state.
At step 804, a registration PIN is automatically generated either randomly or based on the received button list, for example, as discussed above in relation to step 406 in Figure 4. Furthermore, at step 806, the collector device 110 visually or from audibly returns the registration PIN. According to one embodiment, collector device 110 returns the PIN record to users who can access collector device 110, such as participants sitting in conference rooms where collector device 110 is located. As such, unauthorized third parties such as attackers outside the conference room are substantially prevented from obtaining the registration PIN and thus completing the temporary registration.
Turning now to Figure 9, there is shown a protocol diagram 900 describing the operations performed on the collecting device 110 and the source device 120 in greater detail, in accordance with an embodiment of the invention. Protocol diagram 900 more particularly describes a staging operation that includes the use of certificates. Initially, diagram 900 depicts an example following the user entering the PIN for the source device 120.
From the top of diagram 900, source device 120 initiates the temporary registration operation by generating a random number (N0), such as a 2-byte random number, and composing a transaction ID (TID =IDsnk |IDsrc |N0). Source device 120 also generates a “hash” SHA256 by concatenating the TID and PIN. In addition, the source device 120 generates a signature on the transaction identification (TID), the transaction type (Tsrc), and the “hash” value SHA256 (SHA256 (TID | PIN)) using the private key corresponding to the device certificate, such as your WHDI certificate. In addition, the source device 120 communicates a message (message1) containing the source device certificate, the TID, the “hash” SHA 256, and the RSA signature to the collector device 110.
In response, collecting device 110 checks whether its logging setting is set to temporary logging mode (step 808, Figure 8). If collector device 110 is not in temporary recording mode, collector device 110 ends the temporary recording operation (step 812, Figure 8). Otherwise, the collector device 110 generates the “hash” SHA256 by concatenating the TID and the current PIN being displayed. If the SHA256 generated by the collector device 110 does not match the received SHA256 hash, the collector device 110 terminates the temporary registration operation. In one sense, this step is to lock source devices out of a room that contains the collector device 110 of unauthorized registration with the collector device 110.
If there is a match, the collecting device 110 verifies the source device's certificate, using, for example, the Root Device CA Public Key, and obtains the source device's public key and identification. Furthermore, the collecting device 110 verifies the identification of the originating device in the certificate by determining whether the identification matches the identification of the originating device in the TID and the MAC ID in a message header. In addition, the collector device 110 generates a random number (Nsnk), such as a 16-byte random number.
Collector device 110 also generates the “hash” SHA 256 by concatenating the random number (Nsnk), the TID and the PIN as the REK and RAK. As a particular example, the first 16 bytes of the “hash” are the REK and the next 16 bytes are the RAK. In addition, the collecting device 110 uses the derived RAK to generate a message authentication code (SNsnk), such as the AES-CMAC, from the concatenation of the TID and the random number (Nsnk). In addition, the collecting device 110 uses the source device's public key to encrypt the RSA random number (Nsnk) and message authentication code (SNsnk) and uses the collecting device's private key to generate the RSA signature of the random number. RSA encrypted (Nsnk) and message authentication code (SNsnk). The collecting device 110 also sends a message (message2) containing the certificate (certsnk) of the collecting device 110, the encrypted random number (Nsnk) and a message authentication code (SNsnk) and the RSA signature to the originating device 120.
In response, the source device 120 verifies the collector device's certificate (certsnk), using, for example, the Root Device CA Public Key, and receives the collector device's public key (SnkPK) and ID. The source device 120 also checks that the identification of the collecting device 110 in the certificate (certsnk) matches the source device ID (IDsrc) in the TID and the MAC ID in the message header. The source device 120 still uses the collector device public key (SnkPK) to verify that the RSA signature on the encrypted data is authentic. As the data includes the TID, which contains the random number (N0), the originating device 120 can determine that the message was sent by the collecting device 110 holding the certificate.
The source device 120 still uses the source device's RSA private key to decrypt the RSA encrypted data. Only the originating device containing the certificate of origin must be able to decrypt RSA encrypted data. In addition, the source device 120 generates the “hash” SHA256 by concatenating the random number (Nsnk), the TID and the PIN as REK and RAK. According to a particular example, the first 16 bytes of the “hash” are the REK and the next 16 bytes are the RAK. The source device 120 still uses the derived RAK to generate the message authentication code, such as AES-CMAC, from the concatenation of TID and random numbers (Nsnk) to verify the message authentication code (SNsnk). The source device 120 further determines whether the generated message authentication code matches the message authentication code (SNsnk). If there is a match, source device 120 determines that the RAK is correct and assumes that the REK is also correct (step 810, Figure 8.). Furthermore, the source device 120 becomes temporarily registered with the collector device 110 and the temporary registration operation is completed (step 814, Figure 8). If a match does not exist, however, the temporary registration operation is terminated and the source device 120 does not become registered with the collecting device 110 (step 812, Figure 8).
Furthermore, at this time, both the collecting device 110 and the source device 120 must have exchanged the temporary registration key securely. As an option, the temporary registry key can be used as an association key if multicast support in the temporary registry is not desired. Generally speaking, the Membership key is exchanged using the temporary registration key or temporary domain key for each connection. In addition, the association key is generated by the sending device and used to encrypt and decrypt data content. In a multicast, source device 120 may use the same association key for all connections to collector devices 110.
Turning now to Figure 10, there is shown a protocol diagram 1000 describing the operations performed at the collector device 110 and the source device 120 in greater detail, in accordance with another embodiment of the invention. Protocol diagram 1000 more particularly describes a staging operation that does not include the use of certificates. Initially, diagram 1000 depicts an example following user input of the PIN for source device 120.
From the top of diagram 1000, source device 120 initiates the temporary registration operation by generating a random number (N0), such as a 2-byte random number, and composing a transaction ID (TID =IDsnk |IDsrc |N0). IDsnk is device ID of collector and IDsrc is device ID of source. In addition, the source device 120 generates a Diffie-Hellman Public Key Pair (DHPubK1, DHPriK1) and keeps the private key secure. The source device 120 also generates the “hash” SHA256 by concatenating TID, DHPubK1 and PIN and composes and sends a first message (message1) containing the TID, TSRC, DHPubK1, and SHA256 (TID | DHPubK1 | PIN) for the collecting device 110.
When the collecting device 110 receives the message, the collecting device 110 checks whether its logging configuration allows the temporary logging mode. For example, collecting device 110 determines whether it is in temporary recording mode (step 808, Figure 8). If collector device 110 is not in temporary recording mode, collector device 110 ends the temporary recording operation (step 812, Figure 8). Otherwise, the collector device 110 generates the “hash” SHA256 by concatenating the TID, DHPubK1 and the current PIN being displayed.
If the “hash” SHA256 does not match the “hash” SHA256 received, the collecting device 110 leaves the message and ends the temporary logging operation (step 812, Figure 8). In one sense, this step is to lock source devices out of a room that contains the collector device 110 of unauthorized registration with the collector device 110.
If the collecting device 110 determines that the generated SHA hash 256 matches the received SHA256 hash, the collecting device 110 checks whether the source device ID (IDsrc) in the TID matches the source MAC ID in the message header . If the source device ID in the TID does not match the source MAC ID in the message header, the collecting device 110 leaves the message and ends the temporary registration operation (step 812, Figure 8). Otherwise, collecting device 110 generates a Diffie-Hellman Public Key Pair (DHPubK2, DHPriK2) and uses the private key and DHPubK1 to generate a shared secret value. Also, collector device 110 uses the shared secret value to derive the REK and RAK. By way of a particular example, the collecting device 110 uses the first 16 bytes of the SHA256 hash of the shared secret value for the REK and the next 16 bytes for the RAK.
In addition, collector device 110 uses derived RAK to generate message authentication code such as AES-CMAC from the concatenation of TID and DHPubK2. The collecting device still composes a message (message2) and sends the message to the source device 120.
After source device 120 receives the message (message2), source device 120 uses the source device's Diffie-Hellman private key DHPriK1 and DHPubK2 to generate the shared secret value. Source device 120 also uses the shared secret value to derive the REK and RAK. As an example, source device 120 uses the first 16 bytes of the SHA256 hash of the shared secret value for REK and the next 16 bytes for RAK. The source device 120 still uses the derived RAK to generate the message authentication code, such as AES-CMAC, from the concatenation of TID and DHPubK2 to verify the signature of the collecting device 110.
At this point, both the collecting device 110 and the source device 120 should have securely exchanged the temporary registration PIN. As an option, the temporary registration PIN can be used as the Membership key if multicast support in the temporary registration is not desired.
Some or all of the operations set forth in the figures may be contained as a utility, program, or subprogram, on any desired computer-readable storage medium. Furthermore, operations can be incorporated by computer programs, which can exist in a variety of forms, both active and inactive. For example, they can exist as software program(s) consisting of program instructions in source code, object code, executable code or other formats. Any of the above can be incorporated into a computer-readable storage medium, which includes storage devices.
Exemplary computer readable storage media include conventional computer system RAM, ROM, EPROM, EEPROM, and magnetic or optical disks or tapes. Concrete examples of the above include the distribution of programs on a CD-ROM or via download from the Internet. It is, therefore, to be understood that any other electronic device capable of performing the above-described functions can perform the above-listed functions.
By applying the method and collecting device disclosed herein, the collecting device can be temporarily registered with a source device without requiring a user to access the collecting device to start the registration, to, for example, allow the registration to be started in source device. A user can thus initiate registration without having to manually access the collecting device, which can be positioned in a location that is relatively difficult to access, such as a bedroom ceiling. In addition, the collecting device and method provide different measures to prevent unauthorized registration and use of the collecting device, such as the requirement that at least one of the collecting device and the source device delete their information, such as a key. logging, required for temporary logging, respectively, after a network connection between the source device and the collector device is terminated or after one or both of the first device and the second device have been powered off.
Although specifically described throughout the instant disclosure, representative embodiments of the present invention have utility over a wide range of applications, and the above discussion is not intended and should not be construed to be limiting, but is offered as an illustrative discussion. of aspects of the invention.
What has been described and illustrated in this document are embodiments of the invention, along with some of its variations. The terms, descriptions and figures used herein are presented for illustration only and are not intended to be limitations. Those skilled in the art will recognize that many variations are possible within the scope of the invention, where the invention is intended to be defined by the following claims - and their equivalents - in which all terms are meant in their broadest rational sense, unless otherwise indicated.

权利要求:
Claims (22)
[0001]
1. A method of temporarily registering a second device with a first device, wherein the first device includes a temporary registration mode, the method characterized in that it comprises: activating the temporary registration mode on the first device; initiating a temporary registration operation on the first device from the second device; determining whether the second device is authorized to register with the first device, and temporarily registering the second device with the first device in response to a determination that the second device is authorized to register with the first device; following at least one of a termination of a network connection between the first device and the second device and a shutdown of at least one of the first device and the second device: terminating temporary registration; and at least one of the second device and the first device erase information required by a temporary registration.
[0002]
2. Method according to claim 1, characterized in that it further comprises: in the second device, generating a random number for the second device and a random number for each input device from a list of input devices; encrypt the random number generated for the second device and the list of input devices, including the random number for each input device; and sending a message containing the encrypted random number to the second device and the list of input devices, including the random number for each input device to the first device.
[0003]
3. Method according to claim 2, characterized in that it further comprises: in the first device, decrypting the encrypted random number of the second device and the list of input devices, including the random number for each input device; randomly select one or more input devices from the list of input devices and an order in which the one or more input devices should be entered, which maps to a registration personal identification number (PIN). show the input devices in the selected order that is used to map the registration PIN; generate a random number for the first device and derive a Registration Encryption Key (REK) and Registration Authentication Key (RAK) using the random number for the first device, the random number for the second device, and the registration PIN ; temporarily save the REK and RAK, and transmit a message containing the encrypted random number for the first device to the second device.
[0004]
4. Method according to claim 3, characterized in that it further comprises: in the second device, receiving the message containing the encrypted random number for the first device, in which the message contains a signature; decrypt the encrypted random number for the first device; receive input device presses from a user and map them to a PIN; derive a REK and RAK with the decrypted random number for the first device, the generated random number for the second device, and the registration PIN; determine whether the received message signature is verified using the derived RAK, and stop the temporary logging in response to the message signature not verifying correctly.
[0005]
5. Method according to claim 1, characterized in that it further comprises: rejecting requests from other devices to register with the first device when the second device is connected with the first device, in temporary registration mode.
[0006]
6. Method according to claim 1, characterized in that the first device comprises a repeater configured to be one of the temporarily and permanently registered with a plurality of other first devices, said method further comprising: in the first device, receiving data from the second device, and communicate the received data to the plurality of other first devices.
[0007]
7. Method according to claim 1, characterized in that it further comprises: creating a temporary domain by operating the second device in operable temporary source domain mode to allow the second device to be simultaneously and temporarily registered with collector devices multiples per record with only one collector device.
[0008]
8. Method according to claim 1, further comprising: creating a temporary domain by operating the first device in an operable temporary collector domain mode to allow the second device to obtain temporary domain information, to thereby allowing the second device to be concurrently and temporarily registered with multiple collector devices.
[0009]
9. A method of temporarily registering a second device with a first device, wherein the first device comprises at least one of a projector and a screen and the second device comprises an electronic device capable of wirelessly communicating data to the first device, said method characterized in that it comprises: in the first device, automatically generating a registration personal identification number (PIN) on at least one of an appearance of one of a standby mode and an off state; display the generated registration PIN; receive an indication from the second device whether the generated registration PIN has been entered; determine whether the generated registration PIN is valid; and temporarily registering the second device with the first device in response to a determination that the generated registration PIN is valid; and following at least one of a termination of a network connection between the first device and the second device and a shutdown of at least one of the first device and the second device: terminating temporary registration; and at least one of the second device and the first device erase information required by a temporary registration.
[0010]
10. Method according to claim 9, characterized in that it further comprises: determining whether the first device is registered with another device, and wherein generating a registration PIN further comprises generating the registration PIN in response to a determination that the first device is not registered with another device.
[0011]
11. Method according to claim 9, characterized in that it further comprises: in the second device, generating a random number; compose an operation ID; get a certificate; generate a “hash” over a concatenation of the transaction ID and the entered registration PIN; generates an RSA signature to verify certificate ownership; and communicate a message containing the random number, certificate, "hash" and RSA signature to the first device.
[0012]
12. Method according to claim 11, characterized in that it further comprises: in the first device, generating a second "hash" by concatenating the transaction identification and the registration PIN; determine if the second “hash” matches the “hash” received from the second device; determining whether the second device's certificate matches information contained in a message header received from the second device; determine whether the RSA signature of the message is verified using the public key retrieved from the second device's certificate; and stopping registration of the second device with the first device in response to at least one of the second "hash" not matching the "hash" received from the second device, the certificate not matching the information contained in the message header, and a failure in verifying the RSA signature of the message.
[0013]
13. Method according to claim 12, characterized in that it further comprises: in the first device, in response to the second "hash" matches the "hash" received from the second device and the certificate matches the information contained in the header from the message, generate a random number; generate a “hash” by concatenating the random number, transaction ID, and registration PIN, and partition the “hash” into a registration encryption key (REK) and a Registration Authentication Key (RAK); use RAK to generate a message authentication code from the concatenation of the transaction ID and the random number; use the second device's public key to encrypt the random number and message authentication code and communicate a message containing the encrypted random number and message authentication code; at the second device, verifying a certificate from the first device and obtaining a public key and identification from the first device; use the first device's public key to verify the signature on the encrypted random number and message authentication code; use the second device's private key to decrypt the random encrypted number and message authentication code; generate a "hash" by concatenating the random number, transaction identification, and the entered registration PIN and partition the "hash" into REK and RAK, and use the derived RAK to generate a message authentication code from the concatenation of the identification of transaction and random number to verify the message authentication code in the message received from the first device.
[0014]
14. Method according to claim 9, characterized in that it further comprises in the second device, generating a random number and composing a transaction identification; generate a Diffie-Hellman Public Key Pair and hold a private key; generate a “hash” by concatenating the transaction ID, the second device's Diffie-Hellman public key, and the entered registration PIN; and communicate a message containing the “hash” to the first device.
[0015]
15. Method according to claim 14, characterized in that it further comprises: in the first device, generating a second "hash" by concatenating the transaction identification, the Diffie-Hellman public key of the second device, and the PIN from register; determine if the second “hash” matches the “hash” received from the second device, and stop the second device from logging with the first device in response to the second “hash” not matching the “hash” received from the second device.
[0016]
16. Method according to claim 15, characterized in that it further comprises: in the first device, in response to the second "hash" corresponding with the "hash" received from the second device, generating a public key pair of Diffie- Hellman; use the received Diffie-Hellman private key and public key to generate a shared secret value; use the shared secret value to derive a Registry Encryption Key (REK) and a Registry Authentication Key (RAK); use the derived RAK to generate a message authentication code from the concatenation of the transaction ID and the Diffie-Hellman public key of the first device, and communicate a message containing the message authentication code to the second device, and the second device , using the second device's private key and the one's public key received from the first device to generate the shared secret value; use the shared secret value to derive the REK and RAK, and use the derived RAK to generate the message authentication code from the concatenation of the transaction ID and the Diffie-Hellman public key of the first device to verify the signature of the first device .
[0017]
17. Collecting device characterized in that it comprises: one or more modules configured to activate a temporary registration mode, receive a request to initiate a temporary registration operation from a source device, determine whether the source device is authorized to register with the collector device, and temporarily register the source device with the collector device in response to a determination that the source device is authorized to register with the collector device, where temporary registration requires following at least one of a termination of a network connection between the collector device and the source device and a disconnection of at least one of the collector device and the source device, at least one of the source device and the collector device temporarily terminate the temporary registration and erase the information required by the temporary registration; and a processor configured to implement one or more modules.
[0018]
18. Collector device according to claim 17, characterized in that the collector device comprises at least one of an image projector and a screen, and in which one or more modules are configured to return a registration PIN or a press string of input devices that maps to the registration PIN by displaying the registration PIN or the press string of input devices via at least one of the image projector and the screen.
[0019]
19. Collector device according to claim 17, characterized in that one or more modules are further configured to receive a message including an encrypted at least a random number and a list of input devices in the source device, decrypt the encrypted at least one random number and input device list from the source device, randomly select one or more input devices in a specific order from the input device list to be used as a PIN entry on the source device, and display the randomly selected one or more input devices and the order of input for input into the source device.
[0020]
20. Collector device according to claim 17, characterized in that one or more modules are further configured to reject requests from other source devices to register with the collector device when the source device is connected with the collector device in the temporary registration mode.
[0021]
21. Collector device according to claim 17, characterized in that the collector device comprises a repeater configured to be registered with a plurality of other collector devices, said one or more modules being further configured to receive data from a registered source device and communicate the received data to the plurality of other collector devices.
[0022]
22. A computer-readable storage medium characterized in that therein is incorporated one or more computer programs, said one or more computer programs implementing a method of temporarily registering a second device with a first device, wherein the first device includes a temporary registration mode, referred to one or more computer programs comprising a set of instructions for: activating the temporary registration mode on the first device; initiating a temporary registration operation on the first device from the second device; determine whether the second device is authorized to register with the first device, and temporarily register the second device with the first device in response to a determination that the second device is authorized to register with the first device, where temporary registration requires that , following at least one of a termination of a network connection between the first device and the second device and a disconnection of at least one of the first device and the second device, at least one of the second device and the first device terminate the temporary registration, and erase the information required by the temporary registration.

类似技术:

---

公开号 | 公开日 | 专利标题

---

BR112012016080B1|2021-04-20|method of temporarily registering a second device with a first device, collecting device, and computer-readable storage medium

---

US9794083B2|2017-10-17|Method of targeted discovery of devices in a network

---

US8504836B2|2013-08-06|Secure and efficient domain key distribution for device registration

---

JP6166484B2|2017-07-19|Unified communication protocol for communication between controller and accessories

---

US7600113B2|2009-10-06|Secure network channel

---

US7552322B2|2009-06-23|Using a portable security token to facilitate public key certification for devices in a network

---

CA2764582C|2015-05-12|Communicating a device descriptor between two devices when registering onto a network

---

US20100017602A1|2010-01-21|Ad-Hoc Trust Establishment Using Visual Verification

---

KR20050052978A|2005-06-07|System and method for constructing a home domain using a smart card which contains the information of a home network member device

---

TW201240422A|2012-10-01|Method and apparatus for building a hardware root of trust and providing protected content processing within an open computing platform

---

EP2382804B1|2016-07-06|Method, apparatus and storage medium for personal identification number | generation between two devices in a network

---

BR112016028024A2|2021-09-08|METHOD AND SYSTEM TO PROTECT COMMUNICATIONS WITH ADVANCED MEDIA PLATFORMS AND COMPUTER STORAGE MEDIA

---

US20090198998A1|2009-08-06|Method and apparatus of ensuring security of communication in home network

同族专利:

---

公开号 | 公开日

---

WO2011090630A1|2011-07-28|

---

CA2784025C|2015-06-30|

---

US20110161660A1|2011-06-30|

---

CN102687483A|2012-09-19|

---

KR20120104404A|2012-09-20|

---

BR112012016080A2|2016-08-16|

---

CN102687483B|2015-10-14|

---

MX2012006945A|2012-07-30|

---

CA2784025A1|2011-07-28|

---

US8788810B2|2014-07-22|

---

EP2520062B1|2021-01-27|

---

EP2520062A1|2012-11-07|

---

KR101478419B1|2014-12-31|

引用文献:

---

公开号 | 申请日 | 公开日 | 申请人 | 专利标题

---

---

JP2000293587A|1999-04-09|2000-10-20|Sony Corp|Information processor, information processing method, management device and method, and providing medium|

---

JP4238411B2|1999-04-12|2009-03-18|ソニー株式会社|Information processing system|

---

JP3708007B2|1999-11-22|2005-10-19|株式会社東芝|Information exchange device|

---

JP3450808B2|2000-08-25|2003-09-29|株式会社東芝|Electronic device and connection control method|

---

US7103663B2|2001-06-11|2006-09-05|Matsushita Electric Industrial Co., Ltd.|License management server, license management system and usage restriction method|

---

JP3767561B2|2002-09-02|2006-04-19|ソニー株式会社|Device authentication device, device authentication method, information processing device, information processing method, and computer program|

---

US7436300B2|2004-11-12|2008-10-14|Microsoft Corporation|Wireless device support for electronic devices|

---

AT411694T|2006-07-17|2008-10-15|Research In Motion Ltd|AUTOMATIC MANAGEMENT OF SAFETY INFORMATION FOR A DEVICE WITH SECURITY STORE ACCESS AND MULTIPLE CONNECTIONS|

---

KR101360354B1|2007-04-16|2014-02-19|삼성전자주식회사|Method for authentication and apparatus therefor|

---

US7873276B2|2007-06-06|2011-01-18|At&T Intellectual Property I, L.P.|System and method for registration of network units|

---

WO2009125411A2|2008-04-10|2009-10-15|Amimon Ltd.|A method circuit device and system for conveying control signaling between media devices|

---

US8185049B2|2008-12-29|2012-05-22|General Instrument Corporation|Multi-mode device registration|

---

US8504836B2|2008-12-29|2013-08-06|Motorola Mobility Llc|Secure and efficient domain key distribution for device registration|

---

US9148423B2|2008-12-29|2015-09-29|Google Technology Holdings LLC|Personal identification number generation between two devices in a network|

---

KR101665690B1|2009-06-26|2016-10-12|삼성전자주식회사|Method and apparatus for authenticating sensor node in sensor network|JP5446439B2|2008-07-24|2014-03-19|富士通株式会社|COMMUNICATION CONTROL DEVICE, DATA MAINTENANCE SYSTEM, COMMUNICATION CONTROL METHOD, AND PROGRAM|

---

US8392699B2|2009-10-31|2013-03-05|Cummings Engineering Consultants, Inc.|Secure communication system for mobile devices|

---

EP2553862A1|2010-03-31|2013-02-06|Robert Bosch GmbH|Method and apparatus for authenticated encryption of audio|

---

US10162316B2|2010-09-08|2018-12-25|Universal Electronics Inc.|System and method for providing an adaptive user interface on an electronic appliance|

---

US10104519B2|2010-10-08|2018-10-16|Beijing Xiaomi Mobile Software Co., Ltd.|Apparatus and method for communications|

---

TWM410273U|2010-12-08|2011-08-21|Elitegroup Computer Sys Co Ltd|Control transfer apparatus and control transfer system|

---

JP5690206B2|2011-05-11|2015-03-25|オリンパス株式会社|Wireless terminal and wireless system|

---

US8516563B2|2011-06-29|2013-08-20|Infosys Technologies, Ltd.|Methods for authenticating a user without personal information and devices thereof|

---

US8719573B2|2012-01-27|2014-05-06|Intuit Inc.|Secure peer discovery and authentication using a shared secret|

---

JP5967822B2|2012-10-12|2016-08-10|ルネサスエレクトロニクス株式会社|In-vehicle communication system and apparatus|

---

WO2014091337A1|2012-12-13|2014-06-19|Abb Research Ltd|A system and a method for registration of devices in a plant|

---

CN103237004A|2013-03-15|2013-08-07|福建联迪商用设备有限公司|Key download method, key management method, method, device and system for download management|

---

WO2014182115A1|2013-05-09|2014-11-13|전자부품연구원|Open m2m system and method|

---

WO2014200496A1|2013-06-13|2014-12-18|Intel Corporation|Secure pairing for communication across devices|

---

WO2016081624A1|2014-11-18|2016-05-26|Branch Media Labs, Inc.|Automatic identification and mapping of consumer electronic devices to ports on an hdmi switch|

---

WO2016081636A1|2014-11-18|2016-05-26|Branch Media Labs, Inc.|Seamless setup and control for home entertainment devices and content|

---

US10038936B2|2015-11-18|2018-07-31|Caavo Inc|Source device detection|

---

US9807083B2|2015-06-05|2017-10-31|Sony Corporation|Distributed white list for security renewability|

---

CN105592071A|2015-11-16|2016-05-18|中国银联股份有限公司|Method and device for authorization between devices|

---

US9906531B2|2015-11-23|2018-02-27|International Business Machines Corporation|Cross-site request forgeryprevention|

---

EP3244360A1|2016-05-12|2017-11-15|Skidata Ag|Method for registration of equipment, in particular for access control devices or payment or vending machines in a server of a system comprising several such devices|

---

US10158810B2|2016-10-07|2018-12-18|Caavo Inc|Remote control activity detection|

---

WO2018080201A1|2016-10-28|2018-05-03|엘지전자|Method and device for authenticating device using bluetooth technology|

---

US10701284B2|2017-02-10|2020-06-30|Caavo Inc|Determining state signatures for consumer electronic devices coupled to an audio/video switch|

---

US11256799B2|2017-08-29|2022-02-22|Seagate Technology Llc|Device lifecycle distributed ledger|

---

US20190097814A1|2017-09-28|2019-03-28|GM Global Technology Operations LLC|Method and apparatus for application authentication|

---

KR20190083552A|2018-01-04|2019-07-12|삼성전자주식회사|Electronic apparatus, method for controlling the same|

法律状态:
2019-01-08| B06F| Objections, documents and/or translations needed after an examination request according [chapter 6.6 patent gazette]|

---

2020-03-10| B15K| Others concerning applications: alteration of classification|Free format text: AS CLASSIFICACOES ANTERIORES ERAM: H04L 29/06 , H04L 9/08 , H04L 9/32 Ipc: H04L 9/08 (2006.01), H04L 9/32 (2006.01), H04L 29/ |

---

2020-03-10| B06U| Preliminary requirement: requests with searches performed by other patent offices: procedure suspended [chapter 6.21 patent gazette]|

---

2021-04-06| B09A| Decision: intention to grant [chapter 9.1 patent gazette]|

---

2021-04-20| B16A| Patent or certificate of addition of invention granted [chapter 16.1 patent gazette]|Free format text: PRAZO DE VALIDADE: 10 (DEZ) ANOS CONTADOS A PARTIR DE 20/04/2021, OBSERVADAS AS CONDICOES LEGAIS. |

优先权:

---

申请号 | 申请日 | 专利标题

---

US12/648,768|2009-12-29|

---

US12/648,768|US8788810B2|2009-12-29|2009-12-29|Temporary registration of devices|

---

PCT/US2010/060932|WO2011090630A1|2009-12-29|2010-12-17|Temporary registration of devices|

---