US2013117829A1PendingUtilityA1

Internet enabled monitoring and control device

39
Assignee: DeviceCo LLCPriority: Nov 20, 2007Filed: Dec 27, 2012Published: May 9, 2013
Est. expiryNov 20, 2027(~1.4 yrs left)· nominal 20-yr term from priority
H04L 63/08G05B 2219/25062H04L 63/0823G06F 21/313G06F 11/3006G06F 11/3055H04L 63/0428G05B 19/0425H04L 9/3213H04L 9/3247H04L 29/06
39
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

A connection between a monitoring device and a remote user is accomplished securely over the Internet by using a communication channel with public/private key encryption to connect the two locations and by performing authentication of a user at the local monitoring device rather than at a device server at the remote location, thereby effectively removing the device server as vulnerable point for attack. In particular, when a remote user attempts to log in, via a web browser or interactive telephone system, the encrypted channel is established using the public/private key of the device and the device server proxies the log-in request to the monitored device. The device itself is then responsible for granting or denying access.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
         1 . A method for establishing a secure communication path between a remote user and a monitoring and control device over an unsecure network and through a server comprising:
 (a) using the device to establish and maintain an encrypted communication path to the server;   (b) receiving device identification information from the user over the network at the server;   (c) identifying and contacting the device with the server over the encrypted communication path using the device identification information; and   (d) exchanging login information between the device and the user over the network and through the server whereupon the device authenticates the user and allows the user to connect to the device.   
     
     
         2 . The method of  claim 1  wherein step (d) comprises detecting the physical manipulation of an object located on the device. 
     
     
         3 . The method of  claim 1  wherein step (a) comprises:
 (a1) installing the device at an operating location; 
 (a2) connecting the installed device to the network; 
 (a3) after connection to the network, connecting the device via the network to a server at a predetermined network address with the encrypted network connection; 
 (a4) forwarding a unique device ID from the device to the server; 
 (a5) pairing the unique device ID with an account ID at the server and storing the device ID and account ID pair at the server; and 
 (a6) maintaining a persistent encrypted network connection. 
 
     
     
         4 . The method of  claim 3  wherein step (c) comprises receiving an account ID from the user, locating the device ID from device ID and account ID pairs stored at the server and using the device ID to contact the device. 
     
     
         5 . A method for verifying the existence of a connection between a monitoring and control device and a first server by a second system, comprising:
 (a) sending a challenge token from the second system to the first server;   (b) at the first server and in response to the challenge token, sending the challenge token to the device over the connection;   (c) cryptographically signing the challenge token at the device and returning the signed challenge token to the first server over the connection; and   (d) forwarding the challenge token from the first server to the second system and verifying the challenge token was generated by the device at the second system.   
     
     
         6 . The method of  claim 5  wherein step (c) comprises signing the challenge token with a private key of a public/private key pair stored at the device. 
     
     
         7 . The method of  claim 6  wherein step (d) comprises verifying the challenge token with a public key of the public/private key pair. 
     
     
         8 . The method of  claim 5  wherein the device establishes the connection with the first server. 
     
     
         9 . A method for sending a notification from a monitoring and control device to a remote recipient, the method comprising:
 (a) in response to a change, using the device to select a notification server randomly from a list including a plurality of servers stored in the device;   (b) connecting the device to the selected server;   (c) sending a notification request to the server; and   (d) at the server, in response to the notification request, sending a notification message to the recipient.   
     
     
         10 . The method of  claim 9  wherein, in step (d), the notification message is stored only in the device. 
     
     
         11 . The method of  claim 9  wherein step (d) comprises sending an audio notification message to the user. 
     
     
         12 . The method of  claim 11  wherein step (d) comprises playing an audio notification message generated by the user and storing the recorded audio message on the server. 
     
     
         13 . The method of  claim 12  wherein step (d) comprises storing the recorded audio message on the server in encrypted form. 
     
     
         14 . The method of  claim 9  further comprising receiving at the notification server an acknowledgement that the user received the notification message.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.