Patent Grant
11082421
The present technique relates, in general, to a bootstrap mechanism for endpoint devices. More specifically, the bootstrap mechanism initiates a directory and semantic lookup of all machine to machine nodes and resources in a system to provide transparent proxy services between the large-resource traditional Internet and constrained-resource protocols.
The Internet of Things encompasses all embedded devices and networks that are natively IP-enabled and Internet-connected, along with the Internet services monitoring and controlling those devices. Such IP-enabled embedded devices connected to the internet are termed endpoints and include sensors, machines, active positioning tags, radio-frequency identification (RFID) readers and building automation equipment to name but a few.
Data exchange between programs, computers and Machine-to-Machine (M2M) is a vital element. Different programs, computers and processors are used in different environments. On the Internet, the Transmission Control Protocol/Internet Protocol (TCP/IP) is the basic protocol used in communication. TCP/IP takes care of assembling and disassembling the data to be transmitted in packets. IP handles the addressing so that packets are delivered to the correct destination and above TCP/IP, the Hypertext Transfer Protocol (HTTP) is used as a client/server protocol whereby a program may send an HTTP request to a server which responds with another HTTP message.
The Wireless Embedded Internet is a subset of the Internet of Things and is generally represented by resource-limited embedded devices, often battery powered and connected by low-power, low-bandwidth wireless networks to the Internet.
Current web service technologies have high power and large bandwidth demands neither of which are compatible with low-power networks. Recently, binary web service protocols have been developed for low-power wireless networks. A binary web service solution includes the use of a suitable web service protocol (such as simplified HTTP or a binary web service protocol such as Constrained Application Protocol CoAP) and an efficient content encoding (such as Efficient XML Interchange EXI, Binary XML or Fast Infoset FI).
An example of a network technology where Machine-to-Machine (M2M) communication is widely applied is a low-power wireless network, such as an IEEE 802.15.4 based embedded and sensor network. More recently, as M2M devices have become IP enabled, systems have become more open by using IP as a networking protocol.
Following the introduction of IEEE 802.15.4 other standards were developed to standardize an IP adaption for such wireless embedded links. For example, the IPv6 over Low Power Wireless Standard (6LoWPAN) is a set of standards which enable the efficient use of IPv6 over low-power, low-rate wireless networks on simple embedded devices through an adaption layer and the optimization of related protocols.
The Open Mobile Alliance Lightweight LWM2M is a new standard applicable to 6LoWPAN and is focussed on constrained cellular and M2M devices. A Lightweight Machine-to-Machine (LWM2M) Bootstrap process is used to provide mandatory information through the Bootstrap Interface for LWM2M Clients so that they can perform the registration with one or more LWM2M Servers. After the bootstrap sequence, the Clients have an LWM2M Server Account and optionally some other object instances, such as Access Control or Connectivity Object.
It is an object of the present technique is to provide additional features to the LWM2M Bootstrap process.
Embodiments of the technique will now be described, by way of example only, and with reference to the accompanying drawings of which:
Therefore, referring to
The LWM2M protocol stack 32 uses the Constrained Application Protocol (CoAP) 34 as the underlying transfer protocol over User Datagram Protocol (UDP) and Short Message Server (SMS) bearers 36. The CoAP protocol 34 defines the message header, request/response codes, message options and retransmission mechanisms. The CoAP protocol 34 is an alternative to HTTP for Representational State Transfer (RESTful) Application Programming Interfaces (APIs) on resource-constrained devices 10 and supports the methods of GET, POST, PUT, DELETE, which can be mapped to those of HTTP. Unlike HTTP, CoAP messages are exchanged asynchronously between CoAP end-points over a datagram-oriented transport such as UDP. CoAP messages are encoded in a binary format allowing functionality to start with a 4-byte overhead. LWM2M defines the UDP Binding with CoAP as mandatory whereas the SMS Binding with CoAP is optional, which in effect means that LWM2M client 22 to server 16 interaction may occur both via SMS and UDP 36.
The LWM2M architecture 20 use security protocols to secure communications between client 22 and server 16 using a Datagram Transport Layer Security (DTLS) 38. DTLS 38 is used to provide a secure channel between the LWM2M server 16 and the LWM2M client 22 for all efficient payloads 40. The efficient payloads 40 can be plain text for individual resources and Binary TLV or JSON for resource batches (Object or Resource Arrays). DTLS 38 security modes include both pre-shared key and public key technology to support embedded devices 10.
M2M application 42 developers can manage the devices 10 remotely through a M2M web application 44 and a M2M device management application 46.
Referring to
The Resources 48 are further logically organized into Objects 50. Each LWM2M client 22 can have any number of Resources 48, each of which belongs to an Object 50. For example, a Firmware Object 52 may contain all the Resources 54 used for firmware update purposes.
Although not shown in
As an example, the device object allows remote retrieval of device information such as manufacturer, model, power information, free memory and error information. Furthermore the device object provides a resource for initiation of a remote reboot or factory reset.
As discussed in more detail with reference to
Bootstrapping for complete provisioning and key management may be pre-configured bootstrapping such as from Flash; smart card bootstrapping such as from a SIM card or use of a bootstrap server for initial setup or re-configuration and keying in the modes client-initiated bootstrapping and server-initiated bootstrapping.
In its most simplified form as shown in
Referring to
The Bootstrap Server 74 accepts the request by responding Acknowledge 2.03 (Valid) 76 and performs WRITE operations to PUT the following information to the client:
The client 70 acknowledges all operations by responding an ACK 2.05 (Content) 82 and after a successful bootstrap process, the Client 70 can register 84 with the appropriate assigned registry apparatus 75.
The Bootstrap server 90 accepts the request by responding Acknowledge 2.03 (Valid) 92 and performs WRITE operations to PUT the following information to the client 86.
The client 86 acknowledged all operations by responding an ACK 2.05 (Content) (not shown in
Referring to
The Bootstrap Server 74 accepts the request by responding Acknowledge 2.03 (Valid) 76 and performs WRITE operations to PUT the following information to the client:
Other information then put to the client 70 after the additional information is put to the client 70 includes:
After a successful bootstrap process, the Client can register 84 with the appropriate registry apparatus.
Referring to
The Bootstrap server 90 accepts the request by responding Acknowledge 2.03 (Valid) 92 and performs WRITE operations to PUT the following information to the client 86:
Other information then put to the client 86 after the additional information is put to the client 86 includes
The client 86 acknowledges all operations by responding an ACK 2.05 (Content) (not shown in
Additional embodiments of the technique are envisaged within the scope of the above specific description. For example, more information may be sent from the client to the server during bootstrapping depending upon the application. As an example, a list of endpoint types may include “sensor”, “switch” or “light” where a sensor may need to know who is interested in the detected information and when and for how long the sensor should operate. The additional information request may be an identifier sent as metadata from the client to the server. In response the server pushes bootstrap information back to the client and some of the bootstrap information is provided as a direct result of the additional information. The endpoint type can be sent as an Endpoint Client Name identifier in the form of a string uniquely identifying the LWM2M Client on one LWM2M Server and is provided to the server during registration. One example of an Endpoint Client Name is the International Mobile Station Equipment Identity (IMEI) number, the serial number or a logical name of the device.
In the case of an IMEI for example, the digits can uniquely identify the make and model of the endpoint device. The device management service may include a lookup table comprising a database of the parameters of the endpoint device allocated to make and models. The parameters of the endpoint device can include type and supported features such as clock and global positioning. The device management server can customise the bootstrap information sent by the server to the endpoint device based on the information contained in the endpoint name only.
In an alternative embodiment, the server may send back less information than required by the standard. This may occur if a user wants to reduce bandwidth. Such a reduction in information sent during bootstrapping compared to the standard can occur as a direct result of the additional information sent from the client to the server when initiating the bootstrapping process. Also, the server may send back less information based on a hardcoded agreement of the parameters found in the security method and/or certificate.
According to a first aspect, there is provided a method of bootstrapping between client and a server in a low power wireless network, the method comprising: initiating a bootstrap request from a client to the server with the bootstrap request including an endpoint client name in an identifier; determining a registry apparatus to be assigned to the endpoint client name; accepting the bootstrap request at the server and in response to the bootstrap request providing a security object and an identifier to the client to identify the assigned registry apparatus. In some embodiments the method may include registering the client with the assigned registry apparatus.
In some embodiments the bootstrap request may comprise the endpoint client name and additional identifier. The additional identifier may initiate an endpoint-type specific list of resources to be provided to the client during the bootstrap process. In some embodiments according to the method of the first aspect of the present invention, the specific list of resources may be provided to the client before the step of providing a security object and/or an identifier to the client to identify the assigned registry apparatus.
In some embodiments the specific list of resources may be set after the step of the server finding an assigned registry or central application providing apparatus for the client.
In some embodiments the additional identifier may include a request for additional information to the client from the server or a request for less information to be sent to the client from the server.
In some embodiments the endpoint-type specific list of resources may be provided from server to client in sequence.
In some embodiments the additional identifier may be sent as metadata from the client to the server.
In a second aspect of the present technique, a hardware apparatus is provided for receiving a bootstrap request from an endpoint client, the hardware apparatus comprising an input for receiving a bootstrap request from an endpoint client with the bootstrap request including an endpoint client identifier; a processor block having logic gates to receive the bootstrap request and process the bootstrap request for determining from a registry block an assigned registry apparatus and security object for the endpoint client; communication circuitry configured, in response to the assigned registry apparatus and security object, to transmit to the endpoint client an identifier to identify the assigned registry apparatus and security object.
In some embodiments, the hardware apparatus is a networked device management server.
| Number | Date | Country | Kind |
|---|---|---|---|
| 1415562 | Sep 2014 | GB | national |
This application is a continuation of application Ser. No. 14/842,065 filed Sep. 1, 2015, which claims priority to GB 1415562.6 filed Sep. 3, 2014, each of which is hereby fully incorporated herein by reference.
| Number | Name | Date | Kind |
|---|---|---|---|
| 5349643 | Cox et al. | Feb 1994 | A |
| 5872968 | Knox et al. | Feb 1999 | A |
| 6463535 | Drews | Oct 2002 | B1 |
| 6950660 | Hsu et al. | Sep 2005 | B1 |
| 7363514 | Behren | Apr 2008 | B1 |
| 7882345 | Christensen | Feb 2011 | B1 |
| 7971045 | Currid et al. | Jun 2011 | B1 |
| 8108455 | Yeager et al. | Jan 2012 | B2 |
| 8244845 | Rao | Aug 2012 | B2 |
| 8370491 | Breau et al. | Feb 2013 | B1 |
| 8938061 | Dendy | Jan 2015 | B1 |
| 9064117 | Worsley | Jun 2015 | B1 |
| 9307405 | Curtis et al. | Apr 2016 | B2 |
| 9860235 | Curtis et al. | Jan 2018 | B2 |
| 10027646 | Curtis et al. | Jul 2018 | B2 |
| 10129268 | David et al. | Nov 2018 | B2 |
| 10185829 | Sasin et al. | Jan 2019 | B2 |
| 10321311 | Sasin et al. | Jun 2019 | B2 |
| 20020090085 | Vanstone et al. | Jul 2002 | A1 |
| 20030028763 | Malinen et al. | Feb 2003 | A1 |
| 20050010758 | Landrock et al. | Jan 2005 | A1 |
| 20060053276 | Lortz et al. | Mar 2006 | A1 |
| 20060075242 | Aissi et al. | Apr 2006 | A1 |
| 20060104234 | Zhang | May 2006 | A1 |
| 20060117177 | Buer | Jun 2006 | A1 |
| 20060150241 | Huh et al. | Jul 2006 | A1 |
| 20060155837 | Kobayashi | Jul 2006 | A1 |
| 20060200855 | Willis | Sep 2006 | A1 |
| 20060259765 | Song et al. | Nov 2006 | A1 |
| 20060277406 | Hashimoto et al. | Dec 2006 | A1 |
| 20070011446 | Kato et al. | Jan 2007 | A1 |
| 20070043608 | May et al. | Feb 2007 | A1 |
| 20070055867 | Kanungo et al. | Mar 2007 | A1 |
| 20070130476 | Mohanty | Jun 2007 | A1 |
| 20070143388 | Futa et al. | Jun 2007 | A1 |
| 20070220266 | Cooper et al. | Sep 2007 | A1 |
| 20070220589 | Salowey et al. | Sep 2007 | A1 |
| 20080034207 | Cam-Winget et al. | Feb 2008 | A1 |
| 20080130902 | Foo Kune et al. | Jun 2008 | A1 |
| 20090013177 | Lee′ et al. | Jan 2009 | A1 |
| 20090063851 | Nijdam | Mar 2009 | A1 |
| 20090086977 | Berggren | Apr 2009 | A1 |
| 20090129597 | Zimmer et al. | May 2009 | A1 |
| 20090215477 | Lee et al. | Aug 2009 | A1 |
| 20090276620 | McCarron et al. | Nov 2009 | A1 |
| 20090287922 | Herwono et al. | Nov 2009 | A1 |
| 20090313466 | Naslund et al. | Dec 2009 | A1 |
| 20100304716 | Hoeksel et al. | Dec 2010 | A1 |
| 20110154454 | Frelechoux | Jun 2011 | A1 |
| 20110161663 | Nakhjiri | Jun 2011 | A1 |
| 20110225296 | Hong et al. | Sep 2011 | A1 |
| 20120042081 | Liao et al. | Feb 2012 | A1 |
| 20120079031 | Matthews et al. | Mar 2012 | A1 |
| 20120108207 | Schell et al. | May 2012 | A1 |
| 20120122423 | Helmreich | May 2012 | A1 |
| 20120221725 | Schroeder, Jr. et al. | Aug 2012 | A1 |
| 20130035067 | Zhang et al. | Feb 2013 | A1 |
| 20130081113 | Cherian et al. | Mar 2013 | A1 |
| 20130095789 | Keevill et al. | Apr 2013 | A1 |
| 20130150105 | Clevorn et al. | Jun 2013 | A1 |
| 20130160094 | Luo | Jun 2013 | A1 |
| 20130174241 | Cha et al. | Jul 2013 | A1 |
| 20130222109 | Lim | Aug 2013 | A1 |
| 20130310003 | Sadhvani et al. | Nov 2013 | A1 |
| 20140089652 | Cerri et al. | Mar 2014 | A1 |
| 20140099916 | Mallikarjunan et al. | Apr 2014 | A1 |
| 20140165147 | Hershberg et al. | Jun 2014 | A1 |
| 20140289790 | Wilson et al. | Sep 2014 | A1 |
| 20140330952 | Starsinic et al. | Nov 2014 | A1 |
| 20140349614 | Starsinic | Nov 2014 | A1 |
| 20150067329 | Ben Saied | Mar 2015 | A1 |
| 20150071139 | Nix | Mar 2015 | A1 |
| 20150113592 | Curtis et al. | Apr 2015 | A1 |
| 20150113599 | Curtis et al. | Apr 2015 | A1 |
| 20150237031 | Neuman et al. | Aug 2015 | A1 |
| 20150296470 | Kim et al. | Oct 2015 | A1 |
| 20150305008 | Kim | Oct 2015 | A1 |
| 20150319263 | Koch et al. | Nov 2015 | A1 |
| 20150358824 | Kim et al. | Dec 2015 | A1 |
| 20160065556 | Sasin et al. | Mar 2016 | A1 |
| 20160072808 | David et al. | Mar 2016 | A1 |
| 20160191489 | Curtis et al. | Jun 2016 | A1 |
| 20170019427 | Vank et al. | Jan 2017 | A1 |
| 20170039373 | Sasin et al. | Feb 2017 | A1 |
| 20170041287 | Pak et al. | Feb 2017 | A1 |
| 20180295119 | Curtis et al. | Oct 2018 | A1 |
| 20180324168 | Curtis et al. | Nov 2018 | A1 |
| 20190044957 | David et al. | Feb 2019 | A1 |
| 20190156040 | Sasin et al. | May 2019 | A1 |
| Number | Date | Country |
|---|---|---|
| 2013100802 | Jul 2013 | AU |
| 1656830 | Aug 2005 | CN |
| 101217541 | Jul 2008 | CN |
| 101951595 | Jan 2011 | CN |
| 101309301 | Nov 2012 | CN |
| 2466791 | Jun 2012 | EP |
| 2533385 | Jun 2016 | GB |
| 20140113007 | Sep 2014 | KR |
| WO 2006059195 | Jun 2006 | WO |
| WO 2009141493 | Nov 2009 | WO |
| WO 2011123329 | Oct 2011 | WO |
| WO 2013049292 | Apr 2013 | WO |
| WO 2014048236 | Mar 2014 | WO |
| WO 2014069968 | May 2014 | WO |
| WO 2014114354 | Jul 2014 | WO |
| WO 2014116152 | Jul 2014 | WO |
| WO 2014182674 | Nov 2014 | WO |
| WO 2014190177 | Nov 2014 | WO |
| WO 2015036785 | Mar 2015 | WO |
| WO 2015042370 | Mar 2015 | WO |
| WO 2015065913 | May 2015 | WO |
| Entry |
|---|
| Office Action dated Mar. 31, 2020 for Chinese Application 201610629935.5, 16 pages. |
| Application and File history for U.S. Appl. No. 14/842,065, filed Sep. 1, 2015. Inventors: Sasin et al. |
| Application and File history for U.S. Appl. No. 15/218,902, filed Jul. 25, 2016. Inventors: Pak et al. |
| Application and File history for U.S. Appl. No. 15/226,523, filed Aug. 2, 2016. Inventors: Sasin et al. |
| Search Report dated Mar. 17, 2016 for GB Application No. GB1513750.8, 6 pages. |
| Examination Report dated Nov. 10, 2017 for Application No. GB1513750.8, 3 pages. |
| Search Report dated Jan. 12, 2015 for GB Application No. 1415562.6, 5 pages. |
| “Lightweight M2M”: Enabling Device Management and Applications for the Internet of Things, Feb. 26, 2014, Vodafone, Arm and Ericsson, 16 pages. |
| Examination Report dated Jul. 12, 2018 for Application No. GB1806259.6, 6 pages. |
| “Public Key Infrastructures and Digital Certificates for the Internet of Things”, Schukat et al, 26th Irish Signals and Systems Conference (ISSC), pp. 1-5, IEEE, Jun. 24-25, 2015. |
| “Security for IoT. An effective DTLS with public certificates”, Panwar et al., 2015 International Conference on Advances in Computer Engineering and Applications (ICACEA), pp. 163-166, IEEE, Mar. 19-20, 2015. |
| Search Report dated Mar. 17, 2016 for GB Application No. 1513748.2, 7 pages. |
| Application and File history for U.S. Appl. No. 14/056,459, filed Oct. 17, 2013. Inventors: Curtis et al. |
| Application and File history for U.S. Appl. No. 15/060,639, filed Mar. 4, 2016. Inventors: Curtis et al. |
| Application and File history for U.S. Appl. No. 14/056,468, filed Oct. 17, 2013. Inventors: Curtis et al. |
| Application and File history for U.S. Appl. No. 14/056,423, filed Oct. 17, 2013. Inventors: Curtis et al. |
| Application and File history for U.S. Appl. No. 16/009,277, filed Jun. 15, 2018. Inventors: Curtis et al. |
| Application and File history for U.S. Appl. No. 16/035,765, filed Jul. 16, 2018. Inventors: Curtis et al. |
| Application and File history for U.S. Appl. No. 14/843,420, filed Sep. 2, 2015. Inventors: David et al. |
| Partial International Search Report dated Jan. 29, 2015 for PCT Application No. PCT/GB2014/053098, 5 pages. |
| International Search Report and Written Opinion dated Jan. 30, 2015 for PCT Application No. PCT/GB2014/053096, 12 pages. |
| International Search Report and Written Opinion dated Jan. 30, 2015 for PCT Application No. PCT/GB2014/053097, 15 pages. |
| International Search Report and Written Opinion dated Apr. 8, 2015 for PCT Application No. PCT/GB2014/053098, 20 pages. |
| International Preliminary Report on Patentability dated Apr. 28, 2016 for PCT Application No. PCT/GB2014/053098, 14 pages. |
| International Preliminary Report on Patentability dated Apr. 28, 2016 for PCT Application No. PCT/GB2014/053097, 10 pages. |
| International Preliminary Report on Patentability dated Apr. 28, 2016 for PCT Application No. PCT/GB2014/053096, 9 pages. |
| HP Device Registration Repository Capability; M2M06-014 Device Registry Repository Capability; ETSI Draft; M2M06-014 Device Registry Repository Capability; European Telecommunications Standards Institute, 650, Route Des Lucioles; F-06921 Sophia-Antipolis; France, vol. SmartM2M, Oct. 13, 2009, pp. 1-2. XP014207713. |
| [Internet Citation], Certicom Device Certification Authority for ZigBee Smart Energy, Certicom Corp., http://www.certicom.com/index.php/device-authentication-service/smart-energy-device-certificate-service, Oct. 1, 2013, printed on Oct. 16, 2013, 2 pages. |
| Search Report dated Mar. 18, 2015 for GB Application No. 1415861.2, 3 pages. |
| First Office Action dated Dec. 29, 2018 for Chinese Application No. 201480056752.8, 38 pages. |
| Second Office Action dated May 17, 2019 for Chinese Application No. 201480056752.8, 9 pages. |
| Examination Report dated Nov. 29, 2019 for GB Application No. 1513748.2, 7 pages. |
| Search Report dated Jun. 8, 2020 for GB Application No. GB1415562.6, 5 pages. |
| Search and Examination Report dated Feb. 26, 2021 for GB Application No. 1415562.6, 4 pages. |
| Number | Date | Country | |
|---|---|---|---|
| 20190289467 A1 | Sep 2019 | US |
| Number | Date | Country | |
|---|---|---|---|
| Parent | 14842065 | Sep 2015 | US |
| Child | 16434567 | US |
