公开(公告)号：EP3308523A1

公开(公告)日：2018-04-18

申请号：EP16808012.5

申请日：2016-05-23

Applicant: Intel Corporation

Inventor： SMITH, Ned M. ,  AGERSTAM, Mats G. ,  HELDT-SHELLER, Nathan

IPC: H04L29/06

CPC classification number: H04L63/205 ,  G06F21/62 ,  G06F2221/2141 ,  H04L63/101 ,  H04L63/20 ,  H04L67/12 ,  H04W4/70 ,  H04W12/08

Abstract: In one embodiment, a method includes receiving a first request from a first device to access a first resource of the system and determining whether to grant access to the first resource based on a first access control list stored in the system, the first access control list associated with the first device, the first device having a first relevance value, and based on the determination, granting the access to the first resource; and receiving a second request from a second device to access a second resource of the system and forwarding the second request to an access manager service coupled to the system to determine whether to grant access to the second resource based on a second access control list stored in the access manager service associated with the second device, the second device having a second relevance value, receive an access grant from the access manager service and based thereon, granting the access to the second resource.

公开(公告)号：EP3308521A1

公开(公告)日：2018-04-18

申请号：EP16808010.9

申请日：2016-05-23

Applicant: Intel Corporation

Inventor： SMITH, Ned M. ,  AGERSTAM, Mats G.

IPC: H04L29/06 ,  H04L29/12

CPC classification number: H04L63/0428 ,  H04L63/061 ,  H04L63/065 ,  H04L67/1063 ,  H04W12/04 ,  H04W76/14 ,  H04W88/16

Abstract: In one embodiment, a method includes: receiving, in a rendezvous server (RS), a first registration message (FRM) from a first registrar of a first network domain (FND), the FRM including a first device roster of a plurality of first devices of the FND; receiving, in the RS, a second registration message (SRM) from a second registrar of a second network domain (SND), the SRM including a second device roster of a plurality of second devices of the SND; and generating a first rendezvous point (RP) based at least in part on a plurality of key management server identifiers each associated with a key management server of the FND and SND, the first RP to enable the plurality of key management servers to perform key management exchange to generate at least one group key.

公开(公告)号：EP3329637A1

公开(公告)日：2018-06-06

申请号：EP16833456.3

申请日：2016-06-15

Applicant: Intel Corporation

Inventor： SMITH, Ned M. ,  AGERSTAM, Mats G. ,  HELDT-SHELLER, Nathan

IPC: H04L9/08 ,  H04L9/32 ,  H04L29/08

CPC classification number: H04L67/141 ,  H04L9/0822 ,  H04L9/0825 ,  H04L9/0833 ,  H04L9/14 ,  H04L9/321 ,  H04L9/3213 ,  H04L9/3247 ,  H04L9/3263 ,  H04L9/3268 ,  H04L9/3297 ,  H04L63/0281 ,  H04L63/061 ,  H04L63/062 ,  H04L63/0807

Abstract: In one embodiment, a method includes establishing a first session between a first computing device and a second computing device, when the first computing device does not have connectivity to a credential manager; proxying a request to the credential manager from the second computing device on behalf of the first computing device and receive in the second computing device a first keyless ticket encrypted to the first device and a second keyless ticket encrypted to the second device; providing the second keyless ticket from the second computing device to the first computing device; and enabling communication between the first and second computing devices according to the first and second keyless tickets. Other embodiments are described and claimed.

公开(公告)号：EP3308519A1

公开(公告)日：2018-04-18

申请号：EP16807991.1

申请日：2016-05-11

Applicant: Intel Corporation

Inventor： SMITH, Ned M. ,  HELDT-SHELLER, Nathan ,  AGRAWAL, Sachin ,  AGERSTAM, Mats G.

IPC: H04L29/06 ,  H04L9/08 ,  H04L9/32 ,  H04L9/12

CPC classification number: H04L63/1416 ,  H04L63/06 ,  H04L63/10 ,  H04L63/20

Abstract: In one embodiment, a method includes receiving, in an on-boarding system for a first network, a request to transfer ownership of a first device to a new owner; receiving, in the on-boarding system, notification information from a spectrum analyzer regarding wireless signal information within the first network; determining if a potential attacker is within a radio range of the first network based on the wireless signal information; responsive to determining that the potential attacker is within the radio range, manipulating a signal strength of the on-boarding system and the first device, to limit an emission range of the on-boarding system and the first device; and performing a native communication protocol to communicate ownership information, and to cause the first device to store the ownership information in a storage of the first device.

公开(公告)号：EP3308496B1

公开(公告)日：2020-09-02

申请号：EP16808008.3

申请日：2016-05-23

Applicant: Intel Corporation

Inventor： SMITH, Ned M. ,  AGERSTAM, Mats G. ,  GADIRAJU, Narasimham

IPC: H04L9/08 ,  H04L9/32 ,  H04L29/06 ,  H04W12/06 ,  H04L29/08

公开(公告)号：EP3308496A2

公开(公告)日：2018-04-18

申请号：EP16808008.3

申请日：2016-05-23

Applicant: Intel Corporation

Inventor： SMITH, Ned M. ,  AGERSTAM, Mats G. ,  GADIRAJU, Narasimham

IPC: H04L9/08 ,  H04L9/32

CPC classification number: H04L63/0428 ,  H04L63/083 ,  H04L67/1002 ,  H04W12/00502 ,  H04W12/00503 ,  H04W12/00508 ,  H04W12/06

Abstract: In one embodiment, a method includes: receiving, in a first device of a first segment of a first network, a root seed from a second device; generating a pseudo-random seed tree using the root seed; according to a predetermined schedule, accessing at a first time a random number at a level of the pseudo-random seed tree associated with the first time; generating a rendezvous point record to enable communication with a third device in a second segment of the first network, the rendezvous point record including a rendezvous point name based on the random number; and encrypting and sending a message to the third device via an exchange server identified using the rendezvous point record, where the rendezvous point record does not include connection metadata and the exchange server has an anonymous network location.