Patents by Inventor Hannes Tschofenig
Hannes Tschofenig has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 12075525Abstract: Broadly speaking, the present techniques relate to a computer implemented method for enabling template-based registration, the method performed by an intermediary apparatus in communication with a first device and a server, the method comprising: receiving, from the first device, a registration request comprising one or more device identifiers for the first device; determining the availability of template information for the first device based on or in response to the one or more device identifiers; when the template information for the first device is unavailable: generating template information for the first device; or requesting, from the server, the template information.Type: GrantFiled: January 9, 2020Date of Patent: August 27, 2024Assignees: ARM IP LIMITED, ARM LIMITEDInventors: Mikko Johannes Saarnivala, Szymon Sasin, Yongbeom Pak, Hannes Tschofenig
-
Patent number: 12058197Abstract: A method implemented e.g. in a Lightweight Machine-to-Machine (LwM2M) server, comprises establishing a secure communication session with a client and transmitting an observation request to the client. The observation request identifies a first resource at the client, one or more criteria relating to the first resource to trigger a notification to be transmitted from the client to the server, and one or more resources at the client comprising at least one resource other than the first resource, the value of which is to be included in the notification.Type: GrantFiled: December 13, 2019Date of Patent: August 6, 2024Assignees: Arm Limited., Arm IP LimitedInventors: Mikko Johannes Saarnivala, Szymon Sasin, Yongbeom Pak, Hannes Tschofenig
-
Patent number: 12022010Abstract: Broadly speaking, embodiments of the present technique provide methods, apparatuses and systems for performing a TLS/DTLS handshake process between machines in a manner that reduces the amount of data sent during the handshake process.Type: GrantFiled: March 26, 2018Date of Patent: June 25, 2024Assignees: ARM LIMITED, ARM IP LIMITEDInventors: Yongbeom Pak, Hannes Tschofenig
-
Patent number: 11949664Abstract: Broadly speaking, the present techniques relate to a computer implemented method for establishing a secure communication session between a client device and a server, the method performed at the client device comprising: obtaining a security object comprising at least one security credential and server connection data for multiple connection options to a first server, wherein the security credential is to be used for each of the multiple connection options; generating, a first server security universal resource identifier (URI), the first Server Security URI comprising server contact information for the first server and a first security binding selected from the server connection data; communicating with the first server using the first Server Security URI and the at least one security credential to establish a secure communication session between the client device and the first server.Type: GrantFiled: February 7, 2020Date of Patent: April 2, 2024Assignees: Arm Limited, Arm IP LimitedInventors: Hannes Tschofenig, Mikko Johannes Saarnivala, Szymon Sasin
-
Patent number: 11831444Abstract: The present techniques generally describe a machine-implemented method for configuring a retransmission timer, the method performed at the server including: receiving, from a client, a first handshake message as part of a first handshake with the client; deriving a retransmission parameter from the first handshake message; setting a first wait time of the retransmission timer based on or in response to the retransmission parameter.Type: GrantFiled: January 9, 2020Date of Patent: November 28, 2023Assignees: Arm IP Limited, Arm LimitedInventors: Mikko Johannes Saarnivala, Szymon Sasin, Yongbeom Pak, Hannes Tschofenig, Kari Matias Severinkangas
-
Patent number: 11695743Abstract: A computer implemented method for managing a connection between a device and a server resource, the method comprising: establishing the connection between the device and a first server of the server resource; registering a connection identifier relating to the connection between the device and the first server in a first database entry of a database arrangement; pre-computing, at the first server, an encrypted alert for the device, the alert being provided with a pre-defined future communication sequence number; and transmitting the alert from the first server to the database arrangement for storage in association with the first database entry of the database arrangement.Type: GrantFiled: May 3, 2021Date of Patent: July 4, 2023Assignee: Izuma Tech, Inc.Inventors: Hanno Becker, Hannes Tschofenig
-
Patent number: 11627177Abstract: Broadly speaking, embodiments of the present technique provide methods, apparatuses and systems for operating a server in communication with a network-attachable electronic device, comprising: storing, in storage accessible by the server, a device registration and a registration lifetime value for the device; receiving at least one message from the device; analysing the message to derive a confidence modifier associated with a message type associated with that message; applying the derived confidence modifier to a calculation of a confidence score for the device; and responsive to the calculation, determining whether a stored registration lifetime value for the device is to be adjusted based upon the confidence score.Type: GrantFiled: January 9, 2020Date of Patent: April 11, 2023Assignees: Arm IP Limited, Arm LimitedInventors: Mikko Johannes Saarnivala, Szymon Sasin, Yongbeom Pak, Hannes Tschofenig
-
Patent number: 11595213Abstract: Aspects of the present disclosure relate to an apparatus comprising first interface circuitry to communicate with relying party circuitry, the first interface circuitry being configured to receive, from the relying party circuitry, an attestation request in respect of a processing operation requested by attester circuitry to be performed by the relying party circuitry; second interface circuitry to communicate with the attester circuitry, the second interface circuitry being configured to: transmit the attestation request to the attester circuitry; and receive, from the attester circuitry, evidence data associated with the processing operation, and third interface circuitry to communicate with verifier circuitry, the third interface circuitry being configured to: transmit the evidence data to the verifier circuitry; and receive, from the verifier circuitry, attestation result data indicative of a verification of the evidence data, wherein the first interface circuitry is configured to transmit the attestationType: GrantFiled: June 29, 2020Date of Patent: February 28, 2023Assignee: Izuma Tech, Inc.Inventors: Brendan James Moran, Derek Del Miller, Hannes Tschofenig
-
Publication number: 20220385483Abstract: A device can establish operational credentials for enabling the device to provide an attestation of the device's identity to another party, by performing a method comprising: obtaining bootstrap credentials from a hardware secure element or a trusted execution environment (TEE) of the device; using the bootstrap credentials to establish a secure session with an enrolment server; and via the secure session, establishing the operational credentials with the enrolment server.Type: ApplicationFiled: July 23, 2021Publication date: December 1, 2022Inventors: Hannes TSCHOFENIG, Paul David BRADLEY
-
Patent number: 11503134Abstract: Broadly speaking, embodiments of the present technique provide methods, apparatuses and systems for controlling device resource subscriptions by an LwM2M server, comprising receiving at said LwM2M server a registration request message from a LwM2M client device, the message comprising an enumeration of a plurality of subscribable elements of an object hierarchy of the device; storing, using the LwM2M server, an association between the device and the plurality of subscribable elements; and sending from the LwM2M server to the LwM2M client device a subscription message comprising a unitary compressed expression representing plural ones of said plurality of subscribable elements associated with said device.Type: GrantFiled: January 9, 2020Date of Patent: November 15, 2022Assignees: Arm IP Limited, Arm LimitedInventors: Mikko Johannes Saarnivala, Szymon Sasin, Yongbeom Pak, Hannes Tschofenig
-
Publication number: 20220353060Abstract: The present techniques generally describe a computer implemented method for establishing a secure communication session between a client device and a first server, the method performed by the client device comprising: obtaining, from a second server, credential data comprising a session identifier and cryptographic key data; performing a connection handshake with the first server to establish the secure communication session; creating a security state record defining one or more parameters used to establish the secure communication session, and associating the session identifier with the security state record; performing a first resumption handshake with the first server using the session identifier to re-establish the secure communication session.Type: ApplicationFiled: January 9, 2020Publication date: November 3, 2022Inventors: Mikko Johannes SAARNIVALA, Szymon SASIN, Yongbeom PAK, Hannes TSCHOFENIG
-
Patent number: 11438230Abstract: Broadly speaking, the present techniques relate to a computer implemented method comprising: receiving, at a first server, one or more device identifiers from a device; determining, with the first server, the availability of a resource template for the device based on or in response to the one or more device identifiers; when the resource template is available for the device: provisioning, from the first server to the device, a template identifier to enable the device to register with a second server using the template identifier.Type: GrantFiled: January 9, 2020Date of Patent: September 6, 2022Assignees: Arm IP Limited, Arm LimitedInventors: Mikko Johannes Saarnivala, Szymon Sasin, Yongbeom Pak, Hannes Tschofenig
-
Publication number: 20220217515Abstract: Broadly speaking, the present techniques relate to a computer implemented method for establishing a secure communication session between a client device and a server resource.Type: ApplicationFiled: May 4, 2020Publication date: July 7, 2022Inventors: Hannes TSCHOFENIG, Mikko Johannes SAARNIVALA, Szymon SASIN, Hanno BECKER, Manuel PEGOURIE-GONNARD
-
Publication number: 20220200967Abstract: Broadly speaking, the present techniques relate to a computer implemented method for establishing a secure communication session between a client device and a server, the method performed at the client device comprising: obtaining a security object comprising at least one security credential and server connection data for multiple connection options to a first server, wherein the security credential is to be used for each of the multiple connection options; generating, a first server security universal resource identifier (URI), the first Server Security URI comprising server contact information for the first server and a first security binding selected from the server connection data; communicating with the first server using the first Server Security URI and the at least one security credential to establish a secure communication session between the client device and the first server.Type: ApplicationFiled: February 7, 2020Publication date: June 23, 2022Inventors: Hannes TSCHOFENIG, Mikko Johannes SAARNIVALA, Szymon SASIN
-
Publication number: 20220191089Abstract: Broadly speaking, embodiments of the present technique provide methods, apparatuses and systems for operating a configuration server in communication with a client electronic device, comprising: receiving a handshake initiation message from the client electronic device specifying a registration at a specified server; receiving, from the client electronic device, a first enumeration of client features supported; responsive to detecting no stored client provisioning configuration for the client electronic device, retrieving, from the specified server, a second enumeration of server features supported; performing a comparison between the first and the second enumeration to detect a match between the client features supported and the server features supported; responsive to detecting a match, creating a client provisioning configuration; storing the client provisioning configuration in a configuration store; and sending a provisioning message comprising the client provisioning configuration to the client electronType: ApplicationFiled: January 9, 2020Publication date: June 16, 2022Inventors: Mikko Johannes SAARNIVALA, Szymon SASIN, Yongbeom PAK, Hannes TSCHOFENIG
-
Publication number: 20220190968Abstract: The present techniques generally describe a machine-implemented method for configuring a retransmission timer, the method performed at the server comprising: receiving, from a client, a first handshake message as part of a first handshake with the client; deriving a retransmission parameter from the first handshake message; setting a first wait time of the retransmission timer based on or in response to the retransmission parameter.Type: ApplicationFiled: January 9, 2020Publication date: June 16, 2022Inventors: Mikko Johannes SAARNIVALA, Szymon SASIN, Yongbeom PAK, Hannes TSCHOFENIG, Kari Matias SEVERINKANGAS
-
Publication number: 20220182436Abstract: A method implemented e.g. in a Lightweight Machine-to-Machine (LwM2M) server, comprises establishing a secure communication session with a client and transmitting an observation request to the client. The observation request identifies a first resource at the client, one or more criteria relating to the first resource to trigger a notification to be transmitted from the client to the server, and one or more resources at the client comprising at least one resource other than the first resource, the value of which is to be included in the notification.Type: ApplicationFiled: December 13, 2019Publication date: June 9, 2022Inventors: Mikko Johannes SAARNIVALA, Szymon SASIN, Yongbeom PAK, Hannes TSCHOFENIG
-
Publication number: 20220109980Abstract: Broadly speaking, the present techniques relate to a computer implemented method for enabling template-based registration, the method performed by an intermediary apparatus in communication with a first device and a server, the method comprising: receiving, from the first device, a registration request comprising one or more device identifiers for the first device; determining the availability of template information for the first device based on or in response to the one or more device identifiers; when the template information for the first device is unavailable: generating template information for the first device; or requesting, from the server, the template information.Type: ApplicationFiled: January 9, 2020Publication date: April 7, 2022Inventors: Mikko Johannes SAARNIVALA, Szymon SASIN, Yongbeom PAK, Hannes TSCHOFENIG
-
Publication number: 20220103656Abstract: Broadly speaking, embodiments of the present technique provide methods, apparatuses and systems for operating a server in communication with a network-attachable electronic device, comprising: storing, in storage accessible by the server, a device registration and a registration lifetime value for the device; receiving at least one message from the device; analysing the message to derive a confidence modifier associated with a message type associated with that message; applying the derived confidence modifier to a calculation of a confidence score for the device; and responsive to the calculation, determining whether a stored registration lifetime value for the device is to be adjusted based upon the confidence score.Type: ApplicationFiled: January 9, 2020Publication date: March 31, 2022Inventors: Mikko Johannes SAARNIVALA, Szymon SASIN, Yongbeom PAK, Hannes TSCHOFENIG
-
Publication number: 20220103634Abstract: Broadly speaking, the present techniques relate to a machine-implemented method for registering a device with a server, the method performed at the device comprising: applying a data-reducing function to at least one object, object instance, resource and/or resource instance at the device to generate resource data comprising compressed data representative of the at least one object object instance, resource and/or resource instance; transmitting a registration message comprising said resource data to register said device with server.Type: ApplicationFiled: January 9, 2020Publication date: March 31, 2022Inventors: Mikko Johannes SAARNIVALA, Szymon SASIN, Yongbeom PAK, Hannes TSCHOFENIG