Processing

Please wait...

Settings

Settings

Goto Application

1. WO2017172152 - REGISTRATION OF DEVICES IN SECURE DOMAIN

Publication Number WO/2017/172152
Publication Date 05.10.2017
International Application No. PCT/US2017/019564
International Filing Date 27.02.2017
IPC
H04L 9/32 2006.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
9Arrangements for secret or secure communication
32including means for verifying the identity or authority of a user of the system
H04L 9/08 2006.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
9Arrangements for secret or secure communication
08Key distribution
CPC
H04L 41/0893
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
41Arrangements for maintenance or administration or management of packet switching networks
08Configuration management of network or network elements
0893Assignment of logical groupings to network elements; Policy based network management or configuration
H04L 63/062
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
06for supporting key management in a packet data network
062for key distribution, e.g. centrally by trusted party
H04L 63/065
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
06for supporting key management in a packet data network
065for group communications
H04L 63/0807
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
08for supporting authentication of entities communicating through a packet data network
0807using tickets, e.g. Kerberos
H04L 63/104
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
10for controlling access to network resources
104Grouping of entities
H04W 12/0023
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
WWIRELESS COMMUNICATION NETWORKS
12Security arrangements, e.g. access security or fraud detection; Authentication, e.g. verifying user identity or authorisation; Protecting privacy or anonymity ; ; Protecting confidentiality; Key management; Integrity; Mobile application security; Using identity modules; Secure pairing of devices; Context aware security; Lawful interception
002Mobile device security; Mobile application security
0023Protecting application or service provisioning, e.g. securing SIM application provisioning
Applicants
  • INTEL CORPORATION [US]/[US]
Inventors
  • ZHAO, Meiyuan
  • WALKER, Jesse R.
  • LORTZ, Victor B.
  • ZHANG, Jianqing
Agents
  • PERDOK, Monique, M.
Priority Data
15/087,10631.03.2016US
Publication Language English (EN)
Filing Language English (EN)
Designated States
Title
(EN) REGISTRATION OF DEVICES IN SECURE DOMAIN
(FR) ENREGISTREMENT DE DISPOSITIFS DANS UN DOMAINE SÉCURISÉ
Abstract
(EN)
Embodiments are directed to enrollment of an endpoint device in a secure domain. An enrollment request is sent to a delegated registrar (DR) device to initiate a trust-establishment procedure with the DR device to establish initial connectivity and an initial symmetric key to be shared between the DR and the endpoint device. The DR device provides to the endpoint device limited-use credentials for group-access key establishment, and group connectivity parameters for accessing a group administrator (GA) device. The endpoint device and the GA device perform a group-enrollment procedure in which the endpoint device provides the limited-use credentials to the GA device and receives, from the GA device, the group-access key.
(FR)
Des modes de réalisation concernent l'inscription d'un dispositif de point d'extrémité dans un domaine sécurisé. Une demande d'inscription est envoyée à un dispositif registraire délégué (DR) pour lancer une procédure d'établissement de confiance avec le dispositif DR, afin d'établir une connectivité initiale et une clé symétrique initiale devant être partagée entre le DR et le dispositif de point d'extrémité. Le dispositif DR fournit des justificatifs d'identité à utilisation limitée au dispositif de point d'extrémité pour établir une clé d'accès au groupe, et des paramètres de connectivité de groupe pour accéder à un dispositif administrateur de groupe (GA). Le dispositif de point d'extrémité et le dispositif GA exécutent une procédure d'inscription de groupe dans laquelle le dispositif de point d'extrémité fournit les justificatifs d'identité à usage limité au dispositif GA et reçoit, en provenance du dispositif GA, la clé d'accès au groupe.
Also published as
Latest bibliographic data on file with the International Bureau