Online secure device provisioning with online device binding using whitelists

Assignee

• Motorola Mobility LLC · US

Inventors

• Xin Qiu · San Diego, US
• Alexander Medvinsky · San Diego, US
• Stuart P. Moskovics · San Diego, US
• Jason A. Pasion · San Diego, US
• Fan Wang · Shanghai, CN
• Ting Yao · Beijing, CN

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L9/321
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

One or more servers are provided including a session manager, authentication module, authorization module, encryption module, database, and protocol handler. The session manager is configured to receive requests for new identity data from network-enabled devices. Each request is authenticated first by the update server via its authentication module by validating the signature of the request message as well as the certificate chain trusted by the update server. The authorization module is configured to determine if the network-enabled devices specified on a whitelist are authorized to be provisioned with new identity data. The database is configured to receive new identity records generated by an identity data generation system. Each of the new identity records includes a new identifier. The new identifier is not associated or linked to any previously assigned/used identifiers and identity data, thus all the new identity records are generated independently and then loaded to the update server.