Home Patent Forecast® Sectors Log In   Contact  
How it works Patent Forecast® Sectors Insights
Menu
Enjoy your FREE PREVIEW which shows only 2022 data and 25 documents. Contact Patent Forecast for full access.        

Edge Computing


  1. Home
  2. News and Insights
  3. Companies
  4. Patents
  5. Applications
  6. Visualization
  7. Download
  8. Subscribe
  9. History
  1. Home
  2. Menu
  3. Applications

Search All Applications in Edge Computing


Application US20200067708


Published 2020-02-27

Method For Ensuring Security Of An Internet Of Things Network

A mechanism for registering a device with an Internet of Things (IoT) edge network is disclosed. The manufacturer of the device stores credentials of the device in a secure storage of the device. The manufacturer also stores the credentials on a public blockchain with sensitive parameters hashed or encrypted. A certifying node accesses the credentials from the public blockchain to establish a secure connection with the device and to verify its credentials. The device sends the credentials to the certifying node, only if the certifying node is able to decrypt a device access parameter from the public blockchain. Upon verifying the credentials of the device, the certifying node issues a digital certificate to the new device and it is stored on a permissioned blockchain within the IoT network. Other nodes in the IoT network may use the digital certificate on the permissioned blockchain for secure communication with the device.



Much More than Average Length Specification


View the Patent Matrix® Diagram to Explore the Claim Relationships

USPTO Full Text Publication >

2 Independent Claims

  • 1. A method for registering a second node by at least one first node of a network, the method comprising: i) a step of the second node transmitting a registration request to the first node, wherein the registration request comprises a unique identification parameter associated with the second node, and wherein a device status of the second node is used for indicating that the device is a bought device; ii) a step of receiving, by the first node, the registration request from the second node; iii) a step of accessing, by the first node, the encrypted device parameters of the second node from a smart contract stored on a public blockchain using the unique identification parameter, wherein the encrypted device parameters comprises a device access code and a Diffie-Hellman common secret multiplier; iv) a step of establishing a shared secret between the first node and the second node using the Diffie-Hellman common secret multiplier; v) a step of computing, by the first node and the second node, a symmetric key using the shared secret; vi) a step of transmitting, by the first node, a registration key request to the second node, wherein the registration key request comprises the device access code encrypted using the symmetric key, vii) a step of receiving the registration key request and decrypting the registration key request, by the second node, using the symmetric key for validating the device access code, wherein the second node validates the device access code based on a value of the device access code stored in a secure storage of the second node and transmits the registration key response; viii) a step of receiving, by the first node, a registration key response from the second node, wherein the registration key response comprises a registration key encrypted using the symmetric key; ix) a step of decrypting, by the first node, the registration key using the symmetric key and transmitting a hash of the registration key to the smart contract on the public blockchain for validation against a hash of a registration key stored on the smart contract; x) a step of creating and storing, by the first node, a digital certificate for the second node, wherein the digital certificate is stored in a permissioned blockchain upon successful validation of the registration key by the public blockchain; and xi) a step of updating, by the first node, a device status of the second node, on the public blockchain, for indicating that the second node is registered.

  • 7. A method for secure communication between a first node and a second node, the method comprising: i) a step of retrieving, by the first node and the second node, Diffie-Hellman public keys of the second node and the first node, respectively, from digital certificates stored on a permissioned block chain; ii) a step of establishing a shared secret between the first node and the second node using the Diffie-Hellman public keys; iii) a step of independently deriving, by the first node and the second node, an ephemeral symmetric key from the shared secret; iv) a step of generating, by the first node, at least one nonce, for deriving, independently, at least one Message Integrity and Authenticity key by the first node and by the second node; v) a step of encrypting and transmitting, by the first node, the at least one nonce to the second node, wherein the nonce is encrypted using the ephemeral symmetric key; vi) a step of deriving, by the second node, the at least one Message Integrity and Authenticity key by decrypting the encrypted nonce received from the first node, wherein the nonce is decrypted using the ephemeral symmetric key; vii) a step of transmitting, by the second node, a message and a message Integrity and Authenticity code determined from the derived Message Integrity and Authenticity key, to the first node; and viii) a step of validating, by the first node, the message received from the second node based on the Message Integrity and Authenticity code received from the second node and the Message Integrity and Authenticity key derived by the first node.