Bluetooth pairing system, method, and apparatus

摘要

The system provides secure controlled access to multiple Bluetooth devices issued to users. For example an officer may be issued a weapon. To enable monitoring of weapon status, a Bluetooth sensor may be fitted to a holster and the Officer issued with a Bluetooth enabled mobile phone. In order to establish a secure Bluetooth connection between the devices, sensor contains a restored link key and the mobile phone stores a partial link key. The supervisor enters their username and password, and a secret key into the phone which is then used with the partial link key to generate a copy of the link key stored in the first device, so that a secure connection can be established with the first device. The officer enters their username and password into the sensor, and once the secure connection is established it is sent over the secure connection to the mobile phone which then sends both user names and passwords to a verification authority. If the officer is verified and authorized to issue the devices, an authorization message is returned and use of the devices allowed. If the authorization fails, a failure message is returned and the devices are not issued and features may be blocked. The verification authority may be internal or external to the phone. If the authority is external, then the supervisor's user name and password could be omitted.

主权项

1. A method for securely controlling access to two Bluetooth enabled apparatuses, the method including:
storing a link key in a first Bluetooth enabled apparatus having a first Bluetooth device address (BD_ADDR1); storing a partial link key in a second Bluetooth enabled apparatus having a second Bluetooth device address (BD_ADDR2); receiving, by the first Bluetooth enabled apparatus, a first user verification information and storing a first user identifier; receiving a secret key by the second Bluetooth enabled apparatus; generating a copy of the link key in the second Bluetooth enabled apparatus using the stored partial link key and the received secret key, associating the generated link key in the second Bluetooth enabled apparatus with the Bluetooth device address of the first Bluetooth enabled apparatus (BD_ADDR1); and associating the stored link key in the first Bluetooth enabled apparatus with the Bluetooth device address of the second Bluetooth enabled apparatus (BD_ADDR2); establishing a secure Bluetooth connection between the first and second Bluetooth enabled apparatuses using the link key; sending, from the first Bluetooth enabled apparatus to the second Bluetooth enabled apparatus, the first user identifier; sending the first identifier to a verification authority in communication with the second Bluetooth enabled apparatus, determining, by the verification authority, whether the first user identifier is authorized to use the first and second Bluetooth enabled apparatuses; receiving, by the second Bluetooth enabled apparatus, a verification status message, wherein if a successful verification status message is received use of the Bluetooth enabled apparatuses is allowed, and if a unsuccessful verification status message is received the use of the Bluetooth enabled apparatuses is denied.