US20150244713A1 - Password scheme that can be used for security of modems in an independently operated cable system that is scalable with dynamically changeable passwords - Google Patents
Password scheme that can be used for security of modems in an independently operated cable system that is scalable with dynamically changeable passwords Download PDFInfo
- Publication number
- US20150244713A1 US20150244713A1 US14/187,657 US201414187657A US2015244713A1 US 20150244713 A1 US20150244713 A1 US 20150244713A1 US 201414187657 A US201414187657 A US 201414187657A US 2015244713 A1 US2015244713 A1 US 2015244713A1
- Authority
- US
- United States
- Prior art keywords
- password
- modem
- public key
- cable
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
- H04L63/0846—Network architectures or network communication protocols for network security for authentication of entities using passwords using time-dependent-passwords, e.g. periodically changing passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
Definitions
- the present invention relates to a system for password access to consumer premises equipment (CPE), such as a cable modem with Wi-Fi transmission capability, in a network, such as a cable system which can be scalable between a network with only a few connected cable modems to a much larger system with many cable modems connected.
- CPE consumer premises equipment
- CPE system devices typically require passwords to enable developers to access a cable system.
- Passwords enable access to each cable modem (CM) in the system. It is desirable to have system configurations available that provide a cable system operator strong unique passwords that are dynamic and can be distributed in a CPE environment on a large scale depending on the cable system configuration and needs.
- Embodiments of the present invention provide a password system that uses strong unique passwords that are dynamic and scalable, can be distributed in a CPE environment to devices such as cable modems, and can be easily recovered in case of compromise.
- the password is unique to each device, it is not fixed for the life of the device, and is changed periodically based on some type of configuration.
- the system operates first with each modem creating its own random password. Then the modem encrypts the password using a public key provided by the cable system and stores the encrypted password in a Management Information Base (MIB) operated by the cable system, the MIB being physically located in an individual cable modem.
- MIB Management Information Base
- a user or operator of the cable system retrieves the MIB data and runs the encrypted password through a network management utility provided uniquely in the cable system that uses a private key corresponding to the public key and recovers the password.
- the CM obtains the public key from its config file with a (type/length/value) TLV file extension. If the public key in the config file is changed on the next reboot, the password must be regenerated and encrypted using the new public key and the password replaced in the MIB using the procedure described above. The new public key and encrypted password will replace the old ones in the NVRAM.
- the network management utility for the single cable system can generate a new key pair, and the new public key will be provided to replace the old public key in the config file in each modem.
- This solution limits the security exposure due to key compromise since only to the cable system that owns the compromised key pair will be affected and any other cable systems that might otherwise be interconnected to a central security service system are not affected.
- the single cable system simply replaces the key pair. Recovery does not involve any changes to the software, firmware or hardware of the cable system.
- the system can be implemented in a way that an individual modem password gets renewed periodically if the user wishes based on a validity period. With a validity time period implemented, the modem tags the password with the validity period. Once the password gets to its end of validity period, it gets renewed, encrypted and stored in the MIB.
- the network management utility of each individual cable system can generate its own public and private keys.
- a “single” “static” key system to secure multiple cable systems is not required, allowing a single cable system to be more distributed and scalable to add more modems when needed based on the individual cable system requirements.
- FIG. 1 shows a cable network system that can be used to implement embodiments of the present invention
- FIG. 2 shows a flowchart illustrating operation of a modem in a network with password generation according to the present invention.
- FIG. 1 shows a cable network system that can be used to implement embodiments of the present invention.
- FIG. 1 includes a first cable system network 100 that includes a cable network control 120 and connected cable modems 101 , 102 , 104 and 108 . As illustrated, between cable modems 104 and 108 additional modems can be included to scale the network to a much larger system.
- the cable modem 101 shows internal components that can be used in accordance with embodiments of the present invention.
- the cable modem includes a processor 112 and memory 114 .
- the memory 114 stores code that enables the processor to perform steps described for the present invention.
- the cable network control 120 likewise includes one or more processors with memory to enable functions to be performed.
- the memory 114 further includes a non-volatile RAM 118 portion for storing passwords, security keys and other data as described subsequently.
- the memory 114 also includes a configuration memory 116 to store data, as described subsequently.
- the memory also includes a Management Information Base (MIB) 119 that provides for storage of passwords.
- MIB data is retrievable by a cable system operator using a MIB browser utility.
- the cable network control 120 includes a network management utility 122 that stores public and private keys and performs the function of encrypting and decrypting data and passwords as described subsequently.
- FIG. 1 shows how other cable system could be interconnected.
- the first cable system network 100 is connected to a central server 130 .
- Additional cable system networks like second cable system network 140 , can be included in an interconnected network system as controlled by a central server 130 .
- the second cable system network 140 includes a cable system control 141 and cable modems 142 , 144 and 148 , similar to the cable system 100 .
- the password scheme of the present invention prevents contamination of passwords by not having the passwords controlled by the central server 130 , and by having the passwords confined within a single cable system network, such as network 100 .
- a password scheme is provided that can be used for security of cable modems in a cable network.
- the password is unique to each modem, the password is not fixed for the life of the device, the password is not shared across cable systems, the password is easily recoverable after a compromise, and the password is changed periodically based on some type of configuration.
- the validity period will be added to the CM config file in the form of a TLV.
- the operator of the cable system inserts its public key and optional password validity period in the CM config file.
- An alternative is to insert a certificate (e.g. X509 certificate) in the config file instead of the public key.
- the CM downloads the config file securely at boot up from the cable operator's provisioning server.
- the config file authentication is not described here since different methods can be used to deliver the config file securely.
- standard DOCSIS config file authentication is implemented.
- the cable modem saves the public key in the NVRAM. If the public key in the config file is changed on the next reboot, the password must be regenerated and encrypted using the new public key and the password replaced in the MIB using the procedure described below.
- the new public key and encrypted password will replace the old ones in the NVRAM.
- the public key can be in the config file all the time to insure the CM receives the public key after each reboot.
- each modem creates its own random password. Then the modem encrypts the password using the public key provided by the cable system and stores the encrypted password in a Management Information Base (MIB) and in NVRAM.
- MIB Management Information Base
- NVRAM Non-Volatile Ram
- a modem in the system creates an encrypted password and stores it in the MIB
- a user or operator of the cable system retrieves the MIB data and runs the encrypted password through a network management utility provided uniquely in the cable system that uses a private key corresponding to the public key and recovers the password.
- FIG. 2 shows a flowchart illustrating operation of a modem in a network with password generation according to the present invention.
- the public key provided by the cable system network is loaded into the config file of an individual cable modem (CM).
- the individual CM in the network creates its own unique password.
- the individual modem encrypts the password using a public key provided by the cable system network.
- the modem stores the encrypted password in the MIB of the individual modem.
- the cable system operator fetches the MIB from the individual CM.
- the cable system uses a public key and private key pair to decrypt the password in the MIB.
- the cable system operator or user can now use the password to remotely log in to the individual CM.
- the network management utility for the single cable system can generate a new key pair, and the new public key will be provided to replace the old public key in the config file in each modem.
- This solution limits the security exposure due to key compromise since only to the cable system that owns the compromised key pair will be affected and any other cable systems that might otherwise be interconnected to a central security service system are not affected.
- the single cable system simply replaces the key pair. Recovery does not involve any changes to the software, firmware or hardware (SW/FW/HW) of the cable system.
- the system can be implemented in a way that an individual modem password gets renewed periodically if the user wishes based on a validity period. With a validity time period implemented, the modem tags the password with the validity period. Once the password gets to its end of validity period, it gets renewed, encrypted and stored in the MIB. If the CM does not get Time of Day to set its clock, the modem will continue using the current password. If a certificate is used in the config file, the certificate can have a short validity period to minimize its exposure to compromise.
- the network management utility can be developed using a generally available platform such as Windows or Linux which can take the private key and the encrypted password and returns the decrypted password.
- a Hardware Security Module to store the utility private key in the back office as part of their security solution.
- the network management utility software can be distributed by a system supplier to individual cable companies, even though the network management utilities when functioning do not interconnect between cable companies.
- the network management utility of each cable system will generates its own public/private key (or multiple key pairs if they break down their network).
- a “single” “static” key to secure multiple cable systems is not required, allowing a single cable system to be more distributed and scalable to add more modems when needed based on the individual cable system requirements.
- the system can be extended to have multiple access levels by generating multiple passwords. Each password is assigned different access level to the device command line.
Abstract
Description
- 1. Technical Field
- The present invention relates to a system for password access to consumer premises equipment (CPE), such as a cable modem with Wi-Fi transmission capability, in a network, such as a cable system which can be scalable between a network with only a few connected cable modems to a much larger system with many cable modems connected.
- 2. Related Art
- CPE system devices typically require passwords to enable developers to access a cable system. Passwords enable access to each cable modem (CM) in the system. It is desirable to have system configurations available that provide a cable system operator strong unique passwords that are dynamic and can be distributed in a CPE environment on a large scale depending on the cable system configuration and needs.
- Embodiments of the present invention provide a password system that uses strong unique passwords that are dynamic and scalable, can be distributed in a CPE environment to devices such as cable modems, and can be easily recovered in case of compromise. In the system, the password is unique to each device, it is not fixed for the life of the device, and is changed periodically based on some type of configuration.
- The system is defined in some embodiments by the following requirements:
-
- 1. A unique password is provided to each unit, or modem.
- 2. The password must be random and be changed periodically.
- 3. The system should not be centralized over a group of cable systems, or in other words the system is operated by a single cable system provider and none of the public keys, private keys or passwords for the system devices are shared with other cable systems.
- 4. The system must be recoverable quickly after compromise.
- 5. The system must not rely on symmetric key distribution that will require software modification upon key compromise.
- 6. The solution must be scalable to handle many cable modems.
- In one embodiment of a cable network system according to the present invention, the system operates first with each modem creating its own random password. Then the modem encrypts the password using a public key provided by the cable system and stores the encrypted password in a Management Information Base (MIB) operated by the cable system, the MIB being physically located in an individual cable modem. Once the modem in the system creates an encrypted password and stores it in the MIB, a user or operator of the cable system retrieves the MIB data and runs the encrypted password through a network management utility provided uniquely in the cable system that uses a private key corresponding to the public key and recovers the password. The CM obtains the public key from its config file with a (type/length/value) TLV file extension. If the public key in the config file is changed on the next reboot, the password must be regenerated and encrypted using the new public key and the password replaced in the MIB using the procedure described above. The new public key and encrypted password will replace the old ones in the NVRAM.
- If the cable system private key gets compromised, the network management utility for the single cable system can generate a new key pair, and the new public key will be provided to replace the old public key in the config file in each modem. This solution limits the security exposure due to key compromise since only to the cable system that owns the compromised key pair will be affected and any other cable systems that might otherwise be interconnected to a central security service system are not affected. To recover, the single cable system simply replaces the key pair. Recovery does not involve any changes to the software, firmware or hardware of the cable system.
- The system can be implemented in a way that an individual modem password gets renewed periodically if the user wishes based on a validity period. With a validity time period implemented, the modem tags the password with the validity period. Once the password gets to its end of validity period, it gets renewed, encrypted and stored in the MIB.
- The network management utility of each individual cable system can generate its own public and private keys. A “single” “static” key system to secure multiple cable systems is not required, allowing a single cable system to be more distributed and scalable to add more modems when needed based on the individual cable system requirements.
- Further details of the present invention are explained with the help of the attached drawings in which:
-
FIG. 1 shows a cable network system that can be used to implement embodiments of the present invention; and -
FIG. 2 shows a flowchart illustrating operation of a modem in a network with password generation according to the present invention. -
FIG. 1 shows a cable network system that can be used to implement embodiments of the present invention.FIG. 1 includes a firstcable system network 100 that includes acable network control 120 and connectedcable modems cable modems cable modem 101 shows internal components that can be used in accordance with embodiments of the present invention. The cable modem includes aprocessor 112 andmemory 114. Thememory 114 stores code that enables the processor to perform steps described for the present invention. Although not specifically shown, thecable network control 120 likewise includes one or more processors with memory to enable functions to be performed. Thememory 114 further includes anon-volatile RAM 118 portion for storing passwords, security keys and other data as described subsequently. Thememory 114 also includes aconfiguration memory 116 to store data, as described subsequently. The memory also includes a Management Information Base (MIB) 119 that provides for storage of passwords. The MIB data is retrievable by a cable system operator using a MIB browser utility. Thecable network control 120 includes anetwork management utility 122 that stores public and private keys and performs the function of encrypting and decrypting data and passwords as described subsequently. - Although embodiments of the present invention enable the first
cable system network 100 to operate independently of other cable system networks,FIG. 1 shows how other cable system could be interconnected. The firstcable system network 100 is connected to acentral server 130. Additional cable system networks, like secondcable system network 140, can be included in an interconnected network system as controlled by acentral server 130. The secondcable system network 140 includes acable system control 141 andcable modems cable system 100. The password scheme of the present invention prevents contamination of passwords by not having the passwords controlled by thecentral server 130, and by having the passwords confined within a single cable system network, such asnetwork 100. - In the system of the embodiments of the present invention, a password scheme is provided that can be used for security of cable modems in a cable network. In the system, the password is unique to each modem, the password is not fixed for the life of the device, the password is not shared across cable systems, the password is easily recoverable after a compromise, and the password is changed periodically based on some type of configuration. In the case of CM, the validity period will be added to the CM config file in the form of a TLV.
- The system of embodiments of the present invention can be defined by the following requirements:
-
- 1. A unique password is provided to each unit, or modem.
- 2. The password must be random and be changed periodically.
- 3. The system should not be centralized over a group of cable systems. In other words, the system is operated by a single cable system provider and none of the public keys, private keys or passwords for the system devices are shared with other cable systems. A centralized secure server used to distribute and share keys or passwords between different cable system operations is not utilized. Thus, a single cable system operator can support security of the entire system without requiring an outside service that supports other cable systems to provide password security. The cable system operator, or each individual system user, can set up and configure its own security system.
- 4. The system must be recoverable quickly and easily if it gets compromised.
- 5. The system must not rely on any symmetric key in the software that will require software modification upon key compromise.
- 6. The solution must be scalable by enabling addition of devices, such as modems, to the system.
- The system operation is described in the following paragraphs.
- First, the operator of the cable system inserts its public key and optional password validity period in the CM config file. An alternative is to insert a certificate (e.g. X509 certificate) in the config file instead of the public key. The CM downloads the config file securely at boot up from the cable operator's provisioning server. The config file authentication is not described here since different methods can be used to deliver the config file securely. In the case of CM, standard DOCSIS config file authentication is implemented. The cable modem saves the public key in the NVRAM. If the public key in the config file is changed on the next reboot, the password must be regenerated and encrypted using the new public key and the password replaced in the MIB using the procedure described below. The new public key and encrypted password will replace the old ones in the NVRAM. In one alternative to avoid storing the public key in NVRAM in case of memory limitation, the public key can be in the config file all the time to insure the CM receives the public key after each reboot.
- Next, in the cable network system each modem creates its own random password. Then the modem encrypts the password using the public key provided by the cable system and stores the encrypted password in a Management Information Base (MIB) and in NVRAM. In one alternative instead of storing the password in a MIB, the password storage can be more generic to cover other protocols such as the TR-069. Each modem further stores the encrypted password in its own Non-Volatile Ram (NVRAM) accessible by TR-069 protocol.
- Once a modem in the system creates an encrypted password and stores it in the MIB, a user or operator of the cable system retrieves the MIB data and runs the encrypted password through a network management utility provided uniquely in the cable system that uses a private key corresponding to the public key and recovers the password.
-
FIG. 2 shows a flowchart illustrating operation of a modem in a network with password generation according to the present invention. In afirst step 200, the public key provided by the cable system network is loaded into the config file of an individual cable modem (CM). In anext step 202, the individual CM in the network creates its own unique password. Instep 204 the individual modem encrypts the password using a public key provided by the cable system network. Instep 206 the modem stores the encrypted password in the MIB of the individual modem. In afurther step 208, the cable system operator fetches the MIB from the individual CM. Next instep 210 the cable system uses a public key and private key pair to decrypt the password in the MIB. Finally, in astep 212 the cable system operator or user can now use the password to remotely log in to the individual CM. - If the cable system private key gets compromised, the network management utility for the single cable system can generate a new key pair, and the new public key will be provided to replace the old public key in the config file in each modem. This solution limits the security exposure due to key compromise since only to the cable system that owns the compromised key pair will be affected and any other cable systems that might otherwise be interconnected to a central security service system are not affected. To recover, the single cable system simply replaces the key pair. Recovery does not involve any changes to the software, firmware or hardware (SW/FW/HW) of the cable system.
- The system can be implemented in a way that an individual modem password gets renewed periodically if the user wishes based on a validity period. With a validity time period implemented, the modem tags the password with the validity period. Once the password gets to its end of validity period, it gets renewed, encrypted and stored in the MIB. If the CM does not get Time of Day to set its clock, the modem will continue using the current password. If a certificate is used in the config file, the certificate can have a short validity period to minimize its exposure to compromise.
- The network management utility can be developed using a generally available platform such as Windows or Linux which can take the private key and the encrypted password and returns the decrypted password. As an alternative to a generally available platform for key storage, the user may want to use a Hardware Security Module to store the utility private key in the back office as part of their security solution. The network management utility software can be distributed by a system supplier to individual cable companies, even though the network management utilities when functioning do not interconnect between cable companies. The network management utility of each cable system will generates its own public/private key (or multiple key pairs if they break down their network). A “single” “static” key to secure multiple cable systems is not required, allowing a single cable system to be more distributed and scalable to add more modems when needed based on the individual cable system requirements. The system can be extended to have multiple access levels by generating multiple passwords. Each password is assigned different access level to the device command line.
- Although the present system, method and apparatus has been described above with particularity, this was merely to teach one of ordinary skill in the art how to make and use the in system, method and/or apparatus. Many additional modifications will fall within the scope of the system, method and/or apparatus, as that scope is defined by the following claims.
Claims (15)
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US14/187,657 US9118664B1 (en) | 2014-02-24 | 2014-02-24 | Password scheme that can be used for security of modems in an independently operated cable system that is scalable with dynamically changeable passwords |
US14/804,827 US9473492B2 (en) | 2014-02-24 | 2015-07-21 | Password scheme that can be used for security of modems in an independently operated cable system that is scalable with dynamically changeable passwords |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US14/187,657 US9118664B1 (en) | 2014-02-24 | 2014-02-24 | Password scheme that can be used for security of modems in an independently operated cable system that is scalable with dynamically changeable passwords |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/804,827 Continuation US9473492B2 (en) | 2014-02-24 | 2015-07-21 | Password scheme that can be used for security of modems in an independently operated cable system that is scalable with dynamically changeable passwords |
Publications (2)
Publication Number | Publication Date |
---|---|
US9118664B1 US9118664B1 (en) | 2015-08-25 |
US20150244713A1 true US20150244713A1 (en) | 2015-08-27 |
Family
ID=53838592
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/187,657 Active 2034-02-27 US9118664B1 (en) | 2014-02-24 | 2014-02-24 | Password scheme that can be used for security of modems in an independently operated cable system that is scalable with dynamically changeable passwords |
US14/804,827 Active US9473492B2 (en) | 2014-02-24 | 2015-07-21 | Password scheme that can be used for security of modems in an independently operated cable system that is scalable with dynamically changeable passwords |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/804,827 Active US9473492B2 (en) | 2014-02-24 | 2015-07-21 | Password scheme that can be used for security of modems in an independently operated cable system that is scalable with dynamically changeable passwords |
Country Status (1)
Country | Link |
---|---|
US (2) | US9118664B1 (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2018222791A1 (en) * | 2017-06-02 | 2018-12-06 | Arris Enterprises Llc | Secure enabling and disabling points of entry on a device remotely or locally |
US10951599B2 (en) | 2017-06-02 | 2021-03-16 | Arris Enterprises Llc | Secure shell (SSH) server public key validation by a SSH client in a high volume device deployment |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9942208B2 (en) * | 2014-11-14 | 2018-04-10 | Microsoft Technology Licensing, Llc | Updating stored encrypted data with enhanced security |
CN112367341B (en) * | 2020-12-04 | 2022-10-21 | 北京超维电感科技有限公司 | Centralized password management system and management method for large number of scattered intelligent devices |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6510162B1 (en) * | 1998-05-27 | 2003-01-21 | 3Com Corporation | System and method for managing channel usage in a data over cable system |
US8266449B2 (en) * | 2009-03-31 | 2012-09-11 | Lenovo (Singapore) Pte. Ltd. | Security for storage devices |
-
2014
- 2014-02-24 US US14/187,657 patent/US9118664B1/en active Active
-
2015
- 2015-07-21 US US14/804,827 patent/US9473492B2/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6510162B1 (en) * | 1998-05-27 | 2003-01-21 | 3Com Corporation | System and method for managing channel usage in a data over cable system |
US8266449B2 (en) * | 2009-03-31 | 2012-09-11 | Lenovo (Singapore) Pte. Ltd. | Security for storage devices |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2018222791A1 (en) * | 2017-06-02 | 2018-12-06 | Arris Enterprises Llc | Secure enabling and disabling points of entry on a device remotely or locally |
US20180351797A1 (en) * | 2017-06-02 | 2018-12-06 | Arris Enterprises Llc | Secure enabling and disabling points of entry on a device remotely or locally |
US10951599B2 (en) | 2017-06-02 | 2021-03-16 | Arris Enterprises Llc | Secure shell (SSH) server public key validation by a SSH client in a high volume device deployment |
US10951467B2 (en) * | 2017-06-02 | 2021-03-16 | Arris Enterprises Llc | Secure enabling and disabling points of entry on a device remotely or locally |
US11570159B2 (en) | 2017-06-02 | 2023-01-31 | Arris Enterprises Llc | Secure key management in a high volume device deployment |
Also Published As
Publication number | Publication date |
---|---|
US9473492B2 (en) | 2016-10-18 |
US9118664B1 (en) | 2015-08-25 |
US20150326566A1 (en) | 2015-11-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11570159B2 (en) | Secure key management in a high volume device deployment | |
EP3453135B1 (en) | System and method for encryption and decryption based on quantum key distribution | |
US9762392B2 (en) | System and method for trusted provisioning and authentication for networked devices in cloud-based IoT/M2M platforms | |
EP2677682B1 (en) | Key management system | |
US9122888B2 (en) | System and method to create resilient site master-key for automated access | |
CN100380274C (en) | Method and system for backup and restore of a context encryption key | |
US10965449B2 (en) | Autonomous secrets management for a key distribution service | |
US10044706B2 (en) | Encryption methods and apparatus | |
US10735186B2 (en) | Revocable stream ciphers for upgrading encryption in a shared resource environment | |
US11469903B2 (en) | Autonomous signing management operations for a key distribution service | |
US10951467B2 (en) | Secure enabling and disabling points of entry on a device remotely or locally | |
US9473492B2 (en) | Password scheme that can be used for security of modems in an independently operated cable system that is scalable with dynamically changeable passwords | |
EP2647156A1 (en) | Method and apparatus for key provisioning of hardware devices | |
EP3360069A1 (en) | Device and method for password generation in a user device | |
US20220085976A1 (en) | Distributed session resumption | |
CN110362984B (en) | Method and device for operating service system by multiple devices | |
WO2008012759A2 (en) | A network management method based on snmp | |
US9641325B1 (en) | Server systems for distributed cryptographic protocols | |
US11818110B2 (en) | Method and apparatus for providing secure short-lived downloadable debugging tools | |
KR101301970B1 (en) | Network sharing device-based apparatus for providing cloud service |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: ARRIS ENTERPRISES, INC., GEORGIA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:NEGAHDAR, ALI;REEL/FRAME:033026/0232 Effective date: 20140507 |
|
AS | Assignment |
Owner name: BANK OF AMERICA, N.A., AS ADMINISTRATIVE AGENT, NORTH CAROLINA Free format text: SECURITY INTEREST;ASSIGNORS:ARRIS GROUP, INC.;ARRIS ENTERPRISES, INC.;ARRIS INTERNATIONAL LIMITED;AND OTHERS;REEL/FRAME:036020/0789 Effective date: 20150618 Owner name: BANK OF AMERICA, N.A., AS ADMINISTRATIVE AGENT, NO Free format text: SECURITY INTEREST;ASSIGNORS:ARRIS GROUP, INC.;ARRIS ENTERPRISES, INC.;ARRIS INTERNATIONAL LIMITED;AND OTHERS;REEL/FRAME:036020/0789 Effective date: 20150618 |
|
STCF | Information on status: patent grant |
Free format text: PATENTED CASE |
|
AS | Assignment |
Owner name: ARRIS ENTERPRISES LLC, PENNSYLVANIA Free format text: CHANGE OF NAME;ASSIGNOR:ARRIS ENTERPRISES INC;REEL/FRAME:041995/0031 Effective date: 20151231 |
|
MAFP | Maintenance fee payment |
Free format text: PAYMENT OF MAINTENANCE FEE, 4TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1551); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY Year of fee payment: 4 |
|
AS | Assignment |
Owner name: POWER GUARD, INC., PENNSYLVANIA Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENTS;ASSIGNOR:BANK OF AMERICA, N.A., AS ADMINISTRATIVE AGENT;REEL/FRAME:050721/0401 Effective date: 20190404 Owner name: ARRIS SOLUTIONS, INC., PENNSYLVANIA Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENTS;ASSIGNOR:BANK OF AMERICA, N.A., AS ADMINISTRATIVE AGENT;REEL/FRAME:050721/0401 Effective date: 20190404 Owner name: BIG BAND NETWORKS, INC., PENNSYLVANIA Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENTS;ASSIGNOR:BANK OF AMERICA, N.A., AS ADMINISTRATIVE AGENT;REEL/FRAME:050721/0401 Effective date: 20190404 Owner name: ARCHIE U.S. MERGER LLC, PENNSYLVANIA Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENTS;ASSIGNOR:BANK OF AMERICA, N.A., AS ADMINISTRATIVE AGENT;REEL/FRAME:050721/0401 Effective date: 20190404 Owner name: GIC INTERNATIONAL CAPITAL LLC, PENNSYLVANIA Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENTS;ASSIGNOR:BANK OF AMERICA, N.A., AS ADMINISTRATIVE AGENT;REEL/FRAME:050721/0401 Effective date: 20190404 Owner name: ARRIS HOLDINGS CORP. OF ILLINOIS, INC., PENNSYLVAN Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENTS;ASSIGNOR:BANK OF AMERICA, N.A., AS ADMINISTRATIVE AGENT;REEL/FRAME:050721/0401 Effective date: 20190404 Owner name: GIC INTERNATIONAL HOLDCO LLC, PENNSYLVANIA Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENTS;ASSIGNOR:BANK OF AMERICA, N.A., AS ADMINISTRATIVE AGENT;REEL/FRAME:050721/0401 Effective date: 20190404 Owner name: ARRIS TECHNOLOGY, INC., PENNSYLVANIA Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENTS;ASSIGNOR:BANK OF AMERICA, N.A., AS ADMINISTRATIVE AGENT;REEL/FRAME:050721/0401 Effective date: 20190404 Owner name: ARRIS ENTERPRISES, INC., PENNSYLVANIA Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENTS;ASSIGNOR:BANK OF AMERICA, N.A., AS ADMINISTRATIVE AGENT;REEL/FRAME:050721/0401 Effective date: 20190404 Owner name: TEXSCAN CORPORATION, PENNSYLVANIA Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENTS;ASSIGNOR:BANK OF AMERICA, N.A., AS ADMINISTRATIVE AGENT;REEL/FRAME:050721/0401 Effective date: 20190404 Owner name: ARRIS GROUP, INC., PENNSYLVANIA Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENTS;ASSIGNOR:BANK OF AMERICA, N.A., AS ADMINISTRATIVE AGENT;REEL/FRAME:050721/0401 Effective date: 20190404 Owner name: JERROLD DC RADIO, INC., PENNSYLVANIA Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENTS;ASSIGNOR:BANK OF AMERICA, N.A., AS ADMINISTRATIVE AGENT;REEL/FRAME:050721/0401 Effective date: 20190404 Owner name: NEXTLEVEL SYSTEMS (PUERTO RICO), INC., PENNSYLVANI Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENTS;ASSIGNOR:BANK OF AMERICA, N.A., AS ADMINISTRATIVE AGENT;REEL/FRAME:050721/0401 Effective date: 20190404 Owner name: ARRIS INTERNATIONAL LIMITED, PENNSYLVANIA Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENTS;ASSIGNOR:BANK OF AMERICA, N.A., AS ADMINISTRATIVE AGENT;REEL/FRAME:050721/0401 Effective date: 20190404 Owner name: ARRIS GLOBAL SERVICES, INC., PENNSYLVANIA Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENTS;ASSIGNOR:BANK OF AMERICA, N.A., AS ADMINISTRATIVE AGENT;REEL/FRAME:050721/0401 Effective date: 20190404 Owner name: ARCHIE U.S. HOLDINGS LLC, PENNSYLVANIA Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENTS;ASSIGNOR:BANK OF AMERICA, N.A., AS ADMINISTRATIVE AGENT;REEL/FRAME:050721/0401 Effective date: 20190404 Owner name: ARRIS HOLDINGS CORP. OF ILLINOIS, INC., PENNSYLVANIA Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENTS;ASSIGNOR:BANK OF AMERICA, N.A., AS ADMINISTRATIVE AGENT;REEL/FRAME:050721/0401 Effective date: 20190404 Owner name: NEXTLEVEL SYSTEMS (PUERTO RICO), INC., PENNSYLVANIA Free format text: TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENTS;ASSIGNOR:BANK OF AMERICA, N.A., AS ADMINISTRATIVE AGENT;REEL/FRAME:050721/0401 Effective date: 20190404 |
|
AS | Assignment |
Owner name: ARRIS ENTERPRISES LLC, GEORGIA Free format text: CHANGE OF NAME;ASSIGNOR:ARRIS ENTERPRISES, INC.;REEL/FRAME:049586/0470 Effective date: 20151231 |
|
AS | Assignment |
Owner name: WILMINGTON TRUST, NATIONAL ASSOCIATION, AS COLLATE Free format text: PATENT SECURITY AGREEMENT;ASSIGNOR:ARRIS ENTERPRISES LLC;REEL/FRAME:049820/0495 Effective date: 20190404 Owner name: JPMORGAN CHASE BANK, N.A., NEW YORK Free format text: TERM LOAN SECURITY AGREEMENT;ASSIGNORS:COMMSCOPE, INC. OF NORTH CAROLINA;COMMSCOPE TECHNOLOGIES LLC;ARRIS ENTERPRISES LLC;AND OTHERS;REEL/FRAME:049905/0504 Effective date: 20190404 Owner name: JPMORGAN CHASE BANK, N.A., NEW YORK Free format text: ABL SECURITY AGREEMENT;ASSIGNORS:COMMSCOPE, INC. OF NORTH CAROLINA;COMMSCOPE TECHNOLOGIES LLC;ARRIS ENTERPRISES LLC;AND OTHERS;REEL/FRAME:049892/0396 Effective date: 20190404 Owner name: WILMINGTON TRUST, NATIONAL ASSOCIATION, AS COLLATERAL AGENT, CONNECTICUT Free format text: PATENT SECURITY AGREEMENT;ASSIGNOR:ARRIS ENTERPRISES LLC;REEL/FRAME:049820/0495 Effective date: 20190404 |
|
AS | Assignment |
Owner name: WILMINGTON TRUST, DELAWARE Free format text: SECURITY INTEREST;ASSIGNORS:ARRIS SOLUTIONS, INC.;ARRIS ENTERPRISES LLC;COMMSCOPE TECHNOLOGIES LLC;AND OTHERS;REEL/FRAME:060752/0001 Effective date: 20211115 |
|
MAFP | Maintenance fee payment |
Free format text: PAYMENT OF MAINTENANCE FEE, 8TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1552); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY Year of fee payment: 8 |