Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Methods and systems for operating a secure mobile device

a mobile device and mobile technology, applied in the field of methods and systems for operating a machine to machine (m2 m) device, can solve the problems of difficult to reach, difficult management, complex approach, and inability to secure broadcasts such as firmware updates or public warning messages

Inactive Publication Date: 2016-08-11
VODAFONE IP LICENSING
View PDF0 Cites 25 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

[0042]This has an advantage of reduced or no PKI. Furthermore, certificate validation may be easier. Protection of the data may be by encryption or digital signature or both.
[0076]establishing a secure association between the first and second devices using the first and second key data. At least one device uses GBA. A broker may act as a “trusting” entity between the entities that manage these devices. One advantage of using GBA in this case is that it allows these keys may be provided in a simple and efficient manner.
[0084]Optionally, the protected data may include an instruction to the M2M device to conduct a test or tests. This prevents unauthorised operation of typically unmonitored devices.

Problems solved by technology

Machine to Machine (M2M) devices are often numerous, hard-to-reach, and have constrained capabilities (owing to low cost, small size, low processing power or limited battery life).
All of this makes their management, often remote, very complicated.
However, such an approach is not suited to securing broadcasts such as firmware updates or public warning messages.
Obtaining such material securely under these circumstances can be problematic.
To date, most of the limited number of deployments of GBA in the world has been for mobile broadcast.
These alternatives all work well with mobile devices and operators already, so service providers use them, although they are not as secure as GBA.
Strong security is not possible with current alternatives such as a user-entered PIN or a bootstrapping message delivered by an SMS.
These alternatives would either not be feasible or they would not provide the required level of security.
First, there might not be a user around to enter a PIN (as most M2M devices operate independently from human intervention).
Second, the service provider may be likely to want strong security (e.g. because M2M devices may include critical infrastructure), whereas PIN-based bootstrapping has weaker security.
Third, if a PIN or SMS-based bootstrapping goes wrong (server connects to wrong client, client connects to wrong server, or there is a Man-In-The-Middle), then the user is likely to notice, complain and get it fixed, whereas an M2M device is unlikely to notice and complain, so may be permanently compromised.
Neither is particularly practical by way of existing methods.
Moreover, as mentioned above, the OMA Device Management is not compatible for use with an M2M device, as discussed above.
Moreover, for the reasons mentioned above, the OMA Device Management and the standard document are incompatible, and a combination of the GBA Push for OMA Device Management with the standard document is not feasible, as it would result in the wrong device management protocol (i.e. one that is not suitable for M2M devices, particularly simple M2M devices), and some very laborious effort to make the two compatible and delete the elements which are redundant.
However, coaps requires a secure association to be provisioned between a device and a network server (DM Server) while providing no strong means to provision such an association from scratch.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Methods and systems for operating a secure mobile device
  • Methods and systems for operating a secure mobile device
  • Methods and systems for operating a secure mobile device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0106]A device may communicate securely with a server. The device may be a Machine to Machine (M2M) device, or an equivalent device (e.g. a device, a generic or specific communication device, including one or more modules capable of providing M2M capabilities).

[0107]Aspects of the Generic Authentication Architecture (GAA) and Generic Bootstrapping Architecture (GBA) are identified in “Details of 3GPP standards and technologies used to implement aspects of the method and system” above. In particular, the specific architecture on which the method and system may be based is GBA.

[0108]Generic Bootstrapping Architecture (GBA) uses existing security associations between a network (e.g. a mobile network) and a card (e.g. a SIM card or UICC) to derive a key that can be used for the secure communication between the client and the server. Accordingly, if the device is associated with such a card, as well as with the client, the method can advantageously use the GBA to derive the security elem...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

Method and apparatus for communicating with a machine to machine, M2M, device comprising: deriving at a M2M device using generic bootstrapping architecture, GBA, a first key. Sending a second key to the M2M device protected using the first key, wherein the second key is different to the first key. Sending protected data to the M2M device, wherein the protected data is verifiable by the M2M device using the second key.

Description

FIELD OF THE INVENTION[0001]The present invention relates to a method and system for operating a machine to machine (M2M) device.BACKGROUND OF THE INVENTION[0002]Machine to Machine (M2M) devices are often numerous, hard-to-reach, and have constrained capabilities (owing to low cost, small size, low processing power or limited battery life). All of this makes their management, often remote, very complicated. Moreover, M2M devices often need to be managed in a secure manner. For example, they may contain information that is commercially sensitive and / or confidential for the one or more entities that manage and / or own said devices. There is a need to remotely manage them in a secure way, while respecting these constraints.[0003]WO 2012 / 035340 describes forming secure associations between IP-enabled devices. An originating device establishes a secure connection to a first server. A target device establishes a secure connection to a second server. The first and second servers establish a...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(United States)
IPC IPC(8): H04W12/04H04W12/02H04W4/00H04L29/06G06F9/44G06F9/4401H04W4/50H04W4/70
CPCH04L63/062H04W8/04H04L63/10H04W4/001H04W4/005H04W4/14H04W12/02H04W12/04H04W88/02H04W88/06H04L2463/061H04L63/08G06F13/1689G06F13/28G06F13/4027H04L67/1095H04W4/12H04W12/06H04W52/0229H04L63/029H04L63/0428H04L63/061H04L63/0823H04L63/166G06F21/71H04L67/42H04L63/0442H04L63/0838H04L67/125H04W28/08H04W80/06G06F21/606H04L63/04H04L63/20H04B1/3816H04L63/0876H04L9/0861H04L63/0869H04W4/70H04W4/50Y02D10/00Y02D30/70H04W12/37H04W12/0431H04L9/0819H04L63/068H04L63/0853G06F9/44H04L63/00H04L67/00H04W8/005H04L9/0816H04W12/40H04W12/033H04W12/084H04W12/00H04L67/01G06F9/4401
Inventor BONE, NICKSNAPE, TIMBENTO, JORGEPRABDIAL, YAKEEN
Owner VODAFONE IP LICENSING
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products