1. Field of the Invention
The present invention relates to a Machine-to-Machine (M2M) Bootstrap Procedure. More particularly, the present invention relates to an M2M Bootstrap Procedure that authenticates an M2M Device/Gateway with an M2M Service Provider, and allows the M2M Device/Gateway to download service parameters that are needed for utilizing the M2M service, such as a long-term M2M Service Root key (Kmr), IP address of network servers (e.g., M2M Network Node, device management server, etc.), etc.
2. Description of the Related Art
FIG. 1 depicts network elements involved in the M2M Bootstrap and M2M Connection Procedures according to the related art.
Referring to FIG. 1, the lines connecting the network elements show the communication interfaces used among them. Device is the entity seeking to get bootstrapped in order to start using the M2M facilities provided by the M2M Core network. Device engages in bootstrap procedure with an M2M Service Bootstrapping Function (MSBF) via the Core network. At the end of the bootstrap, a root secret key is generated (Kmr), which will be used for cryptographically securing the application communication over the M2M network Kmr is made available to the MAS (M2M service layer AAA Server) on the network side. Later, when the device wants to connect to the Core Network for receiving M2M service, the device goes through the Connection Procedure with the MAS via the Core network.
No procedure has been defined for reversing the effects of the bootstrap procedure. Accordingly, a procedure is desired for Device/Gateway and M2M Service Provider to erase the configuration parameters, subscription and service state generated by the Bootstrap Procedure. Such a procedure is desired when the Device/Gateway's service ties with the Service Provider needs to be severed (i.e., an unsubscribe procedure).
In the absence of an erase procedure, M2M bootstrap state (i.e., service subscription) cannot be fully managed. Full management of such state requires not only creation of the state but also the deletion of the state by the involved parties. So, a Device/Gateway, an MAS, and an M2M Service Bootstrapping Function (MSBF) shall be able to erase a bootstrap state. Otherwise, a Device/Gateway that bootstrapped with a given service provider stays in that state forever.
There are legitimate scenarios where a Device/Gateway decides to leave the service (e.g., switching from one service provider to another), or the service provider decides to remove the Device/Gateway from its subscriber base (e.g., unpaid bill, decommissioned device, etc.). Unless these actions are performed with state coordination on both sides, it can create ghost state and wasteful procedures (e.g., service provider trying to access a Device/Gateway that has left its service without notice).
Aspects of the present invention are to address at least the above-mentioned problems and/or disadvantages and to provide at least the advantages described below. Accordingly, an aspect of the present invention is to provide a method for erasing bootstrapping when a Device/Gateway decides to leave the M2M service or the service provider decides to remove the Device/Gateway from its subscriber base.
Another aspect of the present invention is to provide a method for Erase Procedure for being initiated by either the Device/Gateway, or a network element such as an M2M Service Bootstrap Function (MSBF) or an M2M Authentication Server (MAS).
Aspects of the present invention applies to M2M systems whether they use automated bootstrapping of the M2M Devices/Gateways, or they rely on pre-provisioning (e.g., during manufacturing time). Aspects of the present invention are agnostic to the methods used as the bootstrap and connection procedures (e.g., PANA, TLS, GBA). It can be used no matter what method is used for creating the M2M state.
In accordance with an aspect of the present invention, a method for erasing bootstrapping, at a device or a gateway in an M2M service is provided. The method includes receiving an erase request containing an M2M-Erase-Token from an MAS or an MSBF, processing the erase request based on the M2M-Erase-Token of the erase request or a local policy of the device or the gateway, and sending an erase response containing an M2M-Erase-Token to the MAS or the MSBF.
In accordance with another aspect of the present invention, a device or a gateway for erasing bootstrapping in an M2M service is provided. The device or the gateway includes a transceiver for communicating signals with an MAS or an MSBF, and a controller for receiving an erase request containing an M2M-Erase-Token from an MAS or an MSBF, for processing the erase request based on the M2M-Erase-Token of the erase request or a local policy of the device or the gateway, and for sending a erase response containing an M2M-Erase-Token to the MAS or the MSBF.
Other aspects, advantages, and salient features of the invention will become apparent to those skilled in the art from the following detailed description, which, taken in conjunction with the annexed drawings, discloses exemplary embodiments of the invention.
Throughout the drawings, it should be noted that like reference numbers are used to depict the same or similar elements, features, and structures.