Security profile management in a machine-to-machine messaging system

摘要

Techniques and systems for managing security profiles in a machine-to-machine messaging system are provided. For example, computing device, a method, and a computer-program product may be provided for maintaining one or more security profiles, and may include registering one or more IoT devices with a messaging system, generating one or more security profiles for an IoT device, and assigning the one or more security profiles to one or more other IoT devices. A security profile includes a permissions record and one or more sets of restrictions.

主权项

1. A messaging system server device communicatively connected to multiple Internet of Things (IoT) devices, wherein the messaging system server device is located remotely from the multiple IoT devices and is configured to maintain one or more security profiles for one or more universally unique identifiers, the computing device comprising:
one or more data processors; a receiver configured to receive a first registration request from a first IoT device and a second registration request from a second IoT device, wherein the first registration request includes a request to register the first IoT device with a messaging system, and wherein the second registration request includes a request to register the second IoT device with the messaging system; and a non-transitory computer-readable storage medium of the messaging system server device containing instructions, which when executed on the one or more data processors, cause the one or more data processors to register the first IoT device and the second IoT device with the messaging system, wherein registering the first IoT device includes assigning a first universally unique identifier to the first IoT device, and wherein registering the second IoT device includes assigning a second universally unique identifier to the second IoT device; wherein the receiver is further configured to receive a communication from the first IoT device, wherein the communication includes a request to generate a first security profile and a second security profile; wherein the instructions which when executed on the one or more data processors, further cause the one or more data processors to generate the first security profile and the second security profile and to associate the first security profile and the second security profile with the first IoT device and the assigned first universally unique identifier, the first security profile including a first permissions record and a first set of restrictions, and the second security profile including a second permissions record and a second set of restrictions; wherein the receiver is further configured to receive a request to assign the first security profile to the second IoT device; and wherein the instructions which when executed on the one or more data processors, further cause the one or more data processors to assign the first security profile to the second IoT device, wherein the second IoT device is granted one or more access permissions to the first IoT device according to the first permissions record of the first security profile, and wherein the one or more access permissions are constrained by the first set of restrictions.