专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

WO2017131887A1 LOCAL DEVICE AUTHENTICATION 审中-公开
标题翻译：本地设备认证
公开(公告)号：WO2017131887A1
公开(公告)日：2017-08-03
申请号：PCT/US2016/066896
申请日：2016-12-15
申请人： GOOGLE INC. , BIRGISSON, Arnar , GUTNIK, Yevgeniy , ZHU, Bo , BUKA, Vitaly , EDERLE, Jason Reid , SEMENOV, Alexey , JACOBY, Mackenzie Lee , GUPTA, Vikas
发明人： BIRGISSON, Arnar , GUTNIK, Yevgeniy , ZHU, Bo , BUKA, Vitaly , EDERLE, Jason Reid , SEMENOV, Alexey , JACOBY, Mackenzie Lee , GUPTA, Vikas
IPC分类号： H04L29/06 , H04W12/08 , H04W4/00
CPC分类号： H04L63/083 , G07C9/00174 , G07C9/00571 , G07C2009/00769 , G07C2209/04 , H04L12/2803 , H04L63/0807 , H04L63/101 , H04W4/70 , H04W4/80 , H04W12/08
摘要： The disclosed embodiments include computerized methods, systems, and devices, including computer programs encoded on a computer storage medium, for device authentication. For example, the resource device may generate and maintain master access tokens, which may be transmitted to a computing system. The computing system may receive, from a device of an owner of the resource device, data granting a client device limited access to the resource device in accordance with various access restrictions. The computing system may generate and provide to the client device a limited version of the master access token that specifies the access restrictions. The client device may present the local access token to the resource device over a direct wireless connection, and the resource device may verify the token and grant the requested access without communication with the computing system.
摘要翻译：所公开的实施例包括计算机化的方法，系统和设备，包括编码在计算机存储介质上的用于设备认证的计算机程序。例如，资源设备可以生成并保持主访问令牌，其可以被传送给计算系统。计算系统可以从资源设备的所有者的设备接收授权客户端设备根据各种访问限制对资源设备进行有限访问的数据。计算系统可生成并向客户端设备提供指定访问限制的受限版本的主访问令牌。客户端设备可以通过直接无线连接将本地访问令牌呈现给资源设备，并且资源设备可以在不与计算系统通信的情况下验证令牌并授予所请求的访问。

2. 发明申请

WO2017131892A1 DEVICE ACCESS REVOCATION 审中-公开
标题翻译：器件访问撤销
公开(公告)号：WO2017131892A1
公开(公告)日：2017-08-03
申请号：PCT/US2016/067286
申请日：2016-12-16
申请人： GOOGLE INC.
发明人： BIRGISSON, Arnar , GUTNIK, Yevgeniy
IPC分类号： H04L29/06 , G06F21/62 , H04L9/32 , H04W12/08
CPC分类号： G06F21/45 , G06F21/62 , H04L63/0807 , H04L63/083 , H04L63/101 , H04L63/102 , H04W12/08
摘要： In some implementations, after one or more users have each been granted a respective access token allowing access to a resource device, revocation data is received by the resource device. The revocation data indicates that the previously granted access to the resource device should be revoked. For example, the revocation data may indicate (i) a user, role, or permission level for which access is revoked and (ii) a duration that access to the resource device was allowed. After receiving the revocation data, the resource device receives token data derived from an access token that allows access to the resource device. The resource device determines that the access token relies on authorization of the user, role, or permission level indicated by the revocation data, and in response, the resource device denies access.
摘要翻译：在一些实施方式中，在一个或多个用户已经被授予允许访问资源设备的相应访问令牌之后，资源设备接收撤销数据。撤销数据表明先前授予的对资源设备的访问应被撤销。例如，撤销数据可以指示（i）访问被撤销的用户，角色或许可级别，以及（ii）允许访问资源设备的持续时间。在接收到撤销数据之后，资源设备接收从允许访问资源设备的访问令牌导出的令牌数据。资源设备确定访问令牌依赖于由撤销数据指示的用户，角色或许可级别的授权，并且作为响应，资源设备拒绝访问。

3. 发明申请

WO2017132136A1 SECURE CONNECTIONS FOR LOW-POWER DEVICES 审中-公开
标题翻译：低功耗设备的安全连接
公开(公告)号：WO2017132136A1
公开(公告)日：2017-08-03
申请号：PCT/US2017/014718
申请日：2017-01-24
申请人： GOOGLE INC.
发明人： BIRGISSON, Arnar , ZHU, Bo , GUTNIK, Yevgeniy
IPC分类号： H04L29/06 , H04W12/06 , H04W12/08 , H04L29/08
CPC分类号： H04L63/0428 , H04L9/0869 , H04L9/3247 , H04L63/10 , H04L2209/24 , H04W12/06 , H04W12/08 , Y02D70/142 , Y02D70/144 , Y02D70/164 , Y02D70/166 , Y02D70/26
摘要： The disclosed embodiments include computerized methods, systems, and devices, including computer programs encoded on a computer storage medium, for establishing secure wireless communications sessions involving low-power devices. A client device may discover a low-power resource device operating within a wireless network. Upon discovery, the client and resource devices may establish mutual randomness, and establish mutual possession of a shared cryptographic key. The resource device may, in some aspects, provide data proving its knowledge of an authentication tag of a local authentication token held confidentially by the client device. If the resource device proves its knowledge of the client device's authentication tag, the client and resource device may establish a secure communication session and generate session keys for subsequent communications.
摘要翻译：所公开的实施例包括计算机化的方法，系统和设备，包括编码在计算机存储介质上的计算机程序，用于建立涉及低功率设备的安全无线通信会话。客户端设备可以发现在无线网络内操作的低功率资源设备。在发现之后，客户端和资源设备可以建立相互随机性，并建立共享密钥的相互拥有。在一些方面中，资源设备可以提供证明其对由客户端设备保密地保存的本地认证令牌的认证标签的知识的数据。如果资源设备证明其对客户端设备的认证标签的知识，则客户端和资源设备可以建立安全通信会话并生成用于后续通信的会话密钥。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式