Method and system for controlling access to wireless apparatuses

摘要

A system for securely controlling access between two wireless (i.e. Bluetooth-enabled) apparatuses, also comprising a supervisor apparatus. The first apparatus is paired to the second by establishing a secure wireless (i.e. Bluetooth) link. The first apparatus includes a stored partial link key and a link key generator: The first apparatus receives a first secret key from the apparatus user, and may also receive a second secret key from the supervisor apparatus. The link key generator generates either a first link key based upon a stored first partial link key, the first secret key and the second secret key or a second link key based upon the stored first partial link key and the first secret key. An access control module in the second apparatus determines the level of access that the first apparatus is granted based upon the link key used to establish the secure connection—full/restricted access.

主权项

1. A method for securely controlling access in an apparatus, the method comprising:
storing a partial link key in a first apparatus; receiving, by the first apparatus, a first secret key from a first source; generating a link key for establishing a secure wireless connection with a second apparatus,wherein if the first apparatus receives a second secret key from a second source then the link key has a first link key value generated using the stored partial link key, the first secret key and the second secret key, else if no second secret key is received from a second source then the link key has a second link key value generated using the stored partial link key and the first secret key;
storing the generated link in the first apparatus; establishing a secure wireless connection between the first apparatus and the second apparatus using the link key; granting, to the first apparatus by the second apparatus, a first level of access to the second apparatus if the link key has the first link key value, and granting a second level of access if the link key has the second link key value, the second level of access having less access than the first level of access; and wirelessly transmitting the second secret key from the second source to the first apparatus using a near field or short range wireless communications protocol if the first apparatus is within a first communication range of the second source; wherein the first level of access is granted only whilst the first apparatus remains within the first communication range of the second source; and wherein when the first apparatus is no longer within the first communication range of the second source, the secure wireless connection between the first apparatus and the second apparatus using the first link key value is torn down and a new secure wireless connection is established using the second link key value.