公开(公告)号：US20220103538A1

公开(公告)日：2022-03-31

申请号：US17547990

申请日：2021-12-10

Applicant: Network-1 Technologies, Inc.

Inventor： John A. Nix

IPC: H04L29/06 ,  H04L9/08 ,  H04L9/32 ,  H04W4/70 ,  H04W12/30 ,  H04W12/06 ,  H04B1/3816

Abstract: A module with an embedded universal integrated circuit card (eUICC) can include a profile for the eUICC. The profile can include a first and second shared secret key K for authenticating with a wireless network. The first shared secret key K can be encrypted with a first key, and the second shared secret key K can be encrypted with a second key. The module can (i) receive the first key, (ii) decrypt the first shared secret key K with the first key, and (iii) subsequently authenticate with the wireless network using the plaintext first shared secret key K. The wireless network can authenticate the user of the module using a second factor. The module can then (i) receive the second key, (ii) decrypt the second shared secret key K, and (iii) authenticate with the wireless network using the second shared secret key K. The module can comprise a mobile phone.

公开(公告)号：US11283603B2

公开(公告)日：2022-03-22

申请号：US16843107

申请日：2020-04-08

Applicant: Network-1 Technologies, Inc.

Inventor： John A. Nix

IPC: H04L29/06 ,  H04L9/08 ,  H04W52/02 ,  H04W12/04 ,  H04W4/70 ,  H04W76/27 ,  G06F21/35 ,  H04W12/033 ,  G06F21/44 ,  H04W12/40 ,  H04L9/32 ,  H04W12/06 ,  H04W12/02 ,  H04L9/14 ,  H04L9/30 ,  H04J11/00 ,  H04L12/28 ,  H04W8/08 ,  H04W40/00 ,  H04W80/04 ,  H04L9/00 ,  H04L67/04 ,  H04W84/12 ,  H04W88/12

Abstract: A set of servers can support secure and efficient “Machine to Machine” communications using an application interface and a module controller. The set of servers can record data for a plurality of modules in a shared module database. The set of servers can (i) access the Internet to communicate with a module using a module identity, (i) receive server instructions, and (iii) send module instructions. Data can be encrypted and decrypted using a set of cryptographic algorithms and a set of cryptographic parameters. The set of servers can (i) receive a module public key with a module identity, (ii) authenticate the module public key, and (iii) receive a subsequent series of module public keys derived by the module with a module identity. The application interface can use a first server private key and the module controller can use a second server private key.

公开(公告)号：US11258595B2

公开(公告)日：2022-02-22

申请号：US16593561

申请日：2019-10-04

Applicant: Network-1 Technologies, Inc.

Inventor： John A. Nix

IPC: H04L9/08 ,  H04W52/02 ,  H04W12/04 ,  H04W4/70 ,  H04W76/27 ,  H04L29/06 ,  G06F21/35 ,  H04W12/033 ,  G06F21/44 ,  H04W12/40 ,  H04L9/32 ,  H04W12/06 ,  H04W12/02 ,  H04L9/14 ,  H04L9/30 ,  H04J11/00 ,  H04L12/28 ,  H04W8/08 ,  H04W40/00 ,  H04W80/04 ,  H04L9/00 ,  H04L67/04 ,  H04W84/12 ,  H04W88/12

Abstract: Methods and systems are provided for supporting efficient and secure “Machine-to-Machine” (M2M) communications using a module, a server, and an application. A module can communicate with the server by accessing the Internet, and the module can include a sensor and/or an actuator. The module, server, and application can utilize public key infrastructure (PKI) such as public keys and private keys. The module can internally derive pairs of private/public keys using cryptographic algorithms and a first set of parameters. A server can authenticate the submission of derived public keys and an associated module identity. The server can use a first server private key and a second set of parameters to (i) send module data to the application and (ii) receive module instructions from the application. The server can use a second server private key and the first set of parameters to communicate with the module.

公开(公告)号：US11233780B2

公开(公告)日：2022-01-25

申请号：US16453682

申请日：2019-06-26

Applicant: Network-1 Technologies, Inc.

Inventor： John A. Nix

IPC: H04L29/06 ,  H04L9/08 ,  H04L9/32 ,  H04W4/70 ,  H04W12/30 ,  H04W12/06 ,  H04B1/3816

Abstract: A module with an embedded universal integrated circuit card (eUICC) can include a profile for the eUICC. The profile can include a first and second shared secret key K for authenticating with a wireless network. The first shared secret key K can be encrypted with a first key, and the second shared secret key K can be encrypted with a second key. The module can (i) receive the first key, (ii) decrypt the first shared secret key K with the first key, and (iii) subsequently authenticate with the wireless network using the plaintext first shared secret key K. The wireless network can authenticate the user of the module using a second factor. The module can then (i) receive the second key, (ii) decrypt the second shared secret key K, and (iii) authenticate with the wireless network using the second shared secret key K. The module can comprise a mobile phone.

公开(公告)号：US20210184846A1

公开(公告)日：2021-06-17

申请号：US17249242

申请日：2021-02-24

Applicant: Network-1 Technologies, Inc.

Inventor： John A. Nix

IPC: H04L9/08 ,  H04W52/02 ,  H04W12/04 ,  H04W4/70 ,  H04W76/27 ,  H04L29/06 ,  G06F21/35 ,  H04W12/033 ,  H04L9/32 ,  H04W12/06 ,  H04W12/02 ,  H04L9/14 ,  H04L9/30 ,  H04J11/00 ,  H04L12/28 ,  H04W8/08 ,  H04W40/00 ,  H04W80/04 ,  H04L9/00 ,  H04L29/08

Abstract: A set of servers can support secure and efficient “Machine to Machine” communications using an application interface and a module controller. The set of servers can record data for a plurality of modules in a shared module database. The set of servers can (i) access the Internet to communicate with a module using a module identity, (i) receive server instructions, and (iii) send module instructions. Data can be encrypted and decrypted using a set of cryptographic algorithms and a set of cryptographic parameters. The set of servers can (i) receive a module public key with a module identity, (ii) authenticate the module public key, and (iii) receive a subsequent series of module public keys derived by the module with a module identity. The application interface can use a first server private key and the module controller can use a second server private key.

公开(公告)号：US10652017B2

公开(公告)日：2020-05-12

申请号：US15972914

申请日：2018-05-07

Applicant: Network-1 Technologies, Inc.

Inventor： John A. Nix

IPC: H04L29/06 ,  H04L9/08 ,  H04W52/02 ,  H04W12/04 ,  H04W4/70 ,  H04W76/27 ,  G06F21/35 ,  H04W12/00 ,  H04L9/32 ,  H04W12/06 ,  H04W12/02 ,  H04L9/14 ,  H04L9/30 ,  H04J11/00 ,  H04L12/28 ,  H04W8/08 ,  H04W40/00 ,  H04W80/04 ,  H04L9/00 ,  H04L29/08 ,  H04W84/12 ,  H04W88/12

Abstract: A set of servers can support secure and efficient “Machine to Machine” communications using an application interface and a module controller. The set of servers can record data for a plurality of modules in a shared module database. The set of servers can (i) access the Internet to communicate with a module using a module identity, (i) receive server instructions, and (iii) send module instructions. Data can be encrypted and decrypted using a set of cryptographic algorithms and a set of cryptographic parameters. The set of servers can (i) receive a module public key with a module identity, (ii) authenticate the module public key, and (iii) receive a subsequent series of module public keys derived by the module with a module identity. The application interface can use a first server private key and the module controller can use a second server private key.

公开(公告)号：US10594679B2

公开(公告)日：2020-03-17

申请号：US16271455

申请日：2019-02-08

Applicant: Network-1 Technologies, Inc.

Inventor： John A. Nix

IPC: H04L29/06 ,  H04L9/08 ,  H04L9/32 ,  H04W4/70 ,  H04W12/00 ,  H04W12/06 ,  H04B1/3816

Abstract: A network with a set of servers can support authentication from a module, where the module includes an embedded universal integrated circuit card (eUICC). The network can send a first network module identity, a first key K, and an encrypted second key K for an eUICC profile to an eUICC subscription manager. The second key K can be encrypted with a symmetric key. The module can receive and activate the eUICC profile, and the network can authenticate the module using the first network module identity and the first key K. The network can (i) authenticate the user of the module using a second factor, and then (ii) send the symmetric key to the module. The module can decrypt the encrypted second key K using the symmetric key. The network can authenticate the module using the second key K. The module can comprise a mobile phone.

公开(公告)号：US10540391B1

公开(公告)日：2020-01-21

申请号：US16131795

申请日：2018-09-14

Applicant: Network-1 Technologies, Inc.

Inventor： Ingemar J. Cox

IPC: H04N21/43 ,  G06F16/583 ,  H04M1/725 ,  H04N21/24 ,  G06Q30/06 ,  H04L29/12 ,  H04N21/81 ,  H04N21/858 ,  H04N21/61 ,  H04H60/59 ,  H04L29/08 ,  H04L29/06 ,  H04H60/37 ,  H04L12/26 ,  H04N21/478 ,  H04N21/44 ,  H04N21/258 ,  G06Q30/02 ,  H04N21/4788 ,  H04H60/58 ,  H04N21/234 ,  H04N21/439 ,  H04N21/84 ,  G06Q40/00 ,  G06F16/29 ,  G06F16/40 ,  G06F16/43 ,  G06F16/48 ,  G06F16/51 ,  G06F16/73 ,  G06F16/248 ,  G06F16/28 ,  G06F16/432 ,  G06F16/532 ,  G06F16/951 ,  G06F16/58 ,  G06F16/9535 ,  G06F16/955

Abstract: A computer system comprising one or more processors and computer-readable media operatively connected thereto, having stored thereon instructions for carrying out the steps of: maintaining one or more databases comprising first electronic data comprising digitally created reference compact electronic representations for each of a plurality of reference electronic works and second electronic data associated with the reference electronic works and related to action information corresponding thereto; obtaining a first digitally created compact electronic representation comprising one or more extracted feature vectors of a first electronic work; identifying a matching reference electronic work by comparing the first digitally created compact electronic representation of the first electronic work with the first electronic data using a sub-linear search of the first electronic data; determining the action information corresponding to the matching reference electronic work based on the second electronic data; and associating the determined action information with the first electronic work.

公开(公告)号：US10523432B2

公开(公告)日：2019-12-31

申请号：US16271428

申请日：2019-02-08

Applicant: Network-1 Technologies, Inc.

Inventor： John A. Nix

IPC: G06F21/35 ,  H04J11/00 ,  H04L12/28 ,  H04L29/06 ,  H04L29/08 ,  H04L9/00 ,  H04L9/08 ,  H04L9/14 ,  H04L9/30 ,  H04L9/32 ,  H04W12/00 ,  H04W12/02 ,  H04W12/04 ,  H04W12/06 ,  H04W4/70 ,  H04W40/00 ,  H04W52/02 ,  H04W76/27 ,  H04W8/08 ,  H04W80/04 ,  H04W84/12 ,  H04W88/12

Abstract: Methods and systems are provided for power management and security for wireless modules in “Machine-to-Machine” communications. A wireless module operating in a wireless network and with access to the Internet can efficiently and securely communicate with a server. The wireless network can be a public land mobile network (PLMN) that supports wireless wide area network technology including 3rd generation (3G) and 4th generation (4G) networks, and future generations as well. The wireless module can (i) utilize sleep and active states to monitor a monitored unit with a sensor and (ii) communicate with wireless network by utilizing a radio. The wireless module can include power control steps to reduce the energy consumed after sending sensor data by minimizing a tail period of a radio resource control (RRC) connected state. Messages between the wireless module and server can be transmitted according to the UDP or UDP Lite protocol with channel coding in the datagram body for efficiency while providing robustness to bit errors. The wireless module and server can utilize public key infrastructure (PKI) such as public keys to encrypt messages. The wireless module and server can use private keys to generate digital signatures for datagrams sent and decrypt messages received. The communication system between the wireless module and the server can conserve battery life in the wireless module while providing a system that is secure, scalable, and robust.

公开(公告)号：US10362012B2

公开(公告)日：2019-07-23

申请号：US15162292

申请日：2016-05-23

Applicant: Network-1 Technologies, Inc.

Inventor： John A. Nix

IPC: H04L9/08 ,  H04L9/32 ,  H04W4/70 ,  H04L29/06 ,  H04W12/06 ,  H04B1/3816

Abstract: A network with a set of servers can support authentication from a module, where the module includes an embedded universal integrated circuit card (eUICC). The network can send a first network module identity, a first key K, and an encrypted second key K for an eUICC profile to an eUICC subscription manager. The second key K can be encrypted with a symmetric key. The module can receive and activate the eUICC profile, and the network can authenticate the module using the first network module identity and the first key K. The network can (i) authenticate the user of the module using a second factor, and then (ii) send the symmetric key to the module. The module can decrypt the encrypted second key K using the symmetric key. The network can authenticate the module using the second key K. The module can comprise a mobile phone.