公开(公告)号：US09380044B2

公开(公告)日：2016-06-28

申请号：US14482052

申请日：2014-09-10

Applicant: Cisco Technology, Inc.

Inventor： Tao Zhang ,  Helder Antunes ,  Aaron Lung ,  Chintan Patel ,  Ajith Thrivikramannair ,  Akshay Singhal

IPC: H04L9/00 ,  H04L29/06 ,  H04L29/08

CPC classification number: H04L63/08 ,  H04L9/0833 ,  H04L63/0464 ,  H04L63/065 ,  H04L63/104 ,  H04L63/105 ,  H04L67/1044 ,  H04L67/28 ,  H04L2209/84

Abstract: A gateway apparatus supports differentiated secure communications among heterogeneous electronic devices. A communication port communicates via communication networks of different types with two or more associated devices having diverse secure communication capabilities. The gateway logic selectively authenticates the associated devices for group membership into a Secure Communication Group (SCG), and selectively communicates Secure Communication Group Keys (SCGKs) to the devices having the diverse secure communication capabilities for selectively generating session keys locally by the associated devices for mutual secure communication in accordance with the group membership of the associated devices in the SCG.

Abstract translation: 网关装置支持异构电子设备之间差异化的安全通信。 通信端口通过具有不同安全通信能力的两个或多个相关联的设备通过不同类型的通信网络进行通信。 网关逻辑选择性地认证相关联的设备以使组成员进入安全通信组（SCG），并且选择性地将安全通信组密钥（SCGK）传送到具有各种安全通信能力的设备，以便由相关设备本地选择性地生成会话密钥， 根据SCG中相关设备的组成员资格进行相互安全的通信。

公开(公告)号：US20160072781A1

公开(公告)日：2016-03-10

申请号：US14482052

申请日：2014-09-10

Applicant: Cisco Technology, Inc

Inventor： Tao ZHANG ,  Helder Antunes ,  Aaron Lung ,  Chintan Patel ,  Ajith Thrivikramannair ,  Akshay Singhal

IPC: H04L29/06 ,  H04L29/08

CPC classification number: H04L63/08 ,  H04L9/0833 ,  H04L63/0464 ,  H04L63/065 ,  H04L63/104 ,  H04L63/105 ,  H04L67/1044 ,  H04L67/28 ,  H04L2209/84

Abstract: A gateway apparatus supports differentiated secure communications among heterogeneous electronic devices. A communication port communicates via communication networks of different types with two or more associated devices having diverse secure communication capabilities. The gateway logic selectively authenticates the associated devices for group membership into a Secure Communication Group (SCG), and selectively communicates Secure Communication Group Keys (SCGKs) to the devices having the diverse secure communication capabilities for selectively generating session keys locally by the associated devices for mutual secure communication in accordance with the group membership of the associated devices in the SCG.

Abstract translation: 网关装置支持异构电子设备之间差异化的安全通信。 通信端口通过具有不同安全通信能力的两个或多个相关联的设备通过不同类型的通信网络进行通信。 网关逻辑选择性地认证相关联的设备以使组成员进入安全通信组（SCG），并且选择性地将安全通信组密钥（SCGK）传送到具有各种安全通信能力的设备，以便由相关设备本地选择性地生成会话密钥， 根据SCG中相关设备的组成员资格进行相互安全的通信。

公开(公告)号：US20150365389A1

公开(公告)日：2015-12-17

申请号：US14306440

申请日：2014-06-17

Applicant: Cisco Technology, Inc.

Inventor： Tao Zhang ,  Helder Antunes ,  Aaron Lung ,  Chintan Patel ,  Ajith Thrivikramannair ,  Akshay Singhal

IPC: H04L29/06 ,  H04L9/08

CPC classification number: H04L63/08 ,  H04L9/0833 ,  H04L9/0861 ,  H04L9/0891 ,  H04L9/321 ,  H04L63/0281 ,  H04L63/0869 ,  H04L63/0884 ,  H04L67/12 ,  H04L2209/76 ,  H04L2209/84

Abstract: A system authenticates in-vehicle electronic devices having unequal capabilities such as having varying different communication and processing capabilities. A Connected Vehicle Gateway portion of a selected in-vehicle device acts as an onboard authentication proxy and onboard key server functionality for other in-vehicle devices, and serves as an interface between an in-vehicle network and one or more associated external networks, thereby eliminating the need for explicit peer discovery protocol and the requirement of devices to perform key establishment with each individual communication peer. Instead, each in-vehicle device establishes the group keys as a result of its authentication with the onboard key server and uses the group keys to locally generate and update its session keys. The onboard key server selectively obtains the keys from one or more off-board authentication servers and distributes them to selected in-vehicle devices.

Abstract translation: 系统认证具有不同能力的车载电子设备，例如具有不同的通信和处理能力。 所选择的车载设备的连接车辆网关部分用作车载设备的车载认证代理和车载密钥服务器功能，并且用作车载网络和一个或多个相关联的外部网络之间的接口，从而 消除了对显式对等体发现协议的需要，以及设备对每个单独通信对等体执行密钥建立的要求。 相反，每个车载设备作为其与板载密钥服务器的认证的结果来建立组密钥，并且使用组密钥来本地生成和更新其会话密钥。 车载密钥服务器选择性地从一个或多个舷外认证服务器获取密钥并将其分配给所选择的车载设备。

公开(公告)号：US09215228B1

公开(公告)日：2015-12-15

申请号：US14306440

申请日：2014-06-17

Applicant: Cisco Technology, Inc.

Inventor： Tao Zhang ,  Helder Antunes ,  Aaron Lung ,  Chintan Patel ,  Ajith Thrivikramannair ,  Akshay Singhal

IPC: H04L9/00 ,  H04L29/06 ,  H04L9/08

CPC classification number: H04L63/08 ,  H04L9/0833 ,  H04L9/0861 ,  H04L9/0891 ,  H04L9/321 ,  H04L63/0281 ,  H04L63/0869 ,  H04L63/0884 ,  H04L67/12 ,  H04L2209/76 ,  H04L2209/84

Abstract: A system authenticates in-vehicle electronic devices having unequal capabilities such as having varying different communication and processing capabilities. A Connected Vehicle Gateway portion of a selected in-vehicle device acts as an onboard authentication proxy and onboard key server functionality for other in-vehicle devices, and serves as an interface between an in-vehicle network and one or more associated external networks, thereby eliminating the need for explicit peer discovery protocol and the requirement of devices to perform key establishment with each individual communication peer. Instead, each in-vehicle device establishes the group keys as a result of its authentication with the onboard key server and uses the group keys to locally generate and update its session keys. The onboard key server selectively obtains the keys from one or more off-board authentication servers and distributes them to selected in-vehicle devices.

Abstract translation: 系统认证具有不同能力的车载电子设备，例如具有不同的通信和处理能力。 所选择的车载设备的连接车辆网关部分用作车载设备的车载认证代理和车载密钥服务器功能，并且用作车载网络和一个或多个相关联的外部网络之间的接口，从而 消除了对显式对等体发现协议的需要，以及设备对每个单独通信对等体执行密钥建立的要求。 相反，每个车载设备作为其与板载密钥服务器的认证的结果来建立组密钥，并且使用组密钥来本地生成和更新其会话密钥。 车载密钥服务器选择性地从一个或多个舷外认证服务器获取密钥并将其分配给所选择的车载设备。