In recent times there has been a trend for mobile devices to have the capability to connect to an internet service. For example, a digital camera can connect via WiFi™ to the internet and access a service such as Facebook™ to share the photos it contains with a user's friends. A GPS logger can upload a user's running log and share this with other users on a service such as Endomondo™.
It is broadly expected that in the near future, as well as sharing device data over an internet service, a user will be able to share access to his device with other users of the internet service. At least one system giving this facility has been disclosed (e.g. US 2011/0258303 discussed further below.
FIG. 1 illustrates a service platform that facilitates the sharing of access to connected devices. A plurality of connected devices 110 communicate with a mobile network 120 via a gateway 115. In this case it is envisaged that connected devices 110 are small and/or have limited capabilities and as such they do not have a mobile network interface built in but need to communicate with a local gateway 115. The local gateway 115 relays the connection to mobile network 120. Alternative “devices” are also illustrated in the form of a car 121 and a truck 122. Here, it is envisaged that the car 121 and truck 122 would have mobile network connectivity built in as illustrated by the image of a SIM card next to them. Mobile network 120 allows the devices to connect to an M2M connectivity enablement module 130.
M2M (machine-to-machine) connectivity enablement module 130 may communicate with at least one business 140 which makes applications 141 available to users. Further, M2M connectivity module 130 may communicate with an M2M service enablement module 150 to allow the connected devices to be accessed by user equipments 160. The user equipments 160 may comprise tweeting machines, controller apps, socialized machines, and consumer equipment.
FIG. 2 shows a screenshot of a Facebook™ application called My Stuff. Of particular note on the screenshot are screen areas 210 and 220 which relate to Vincent's Lamp 1 and Vincent's Lamp 2 respectively. Vincent's Lamps 1 and 2 are accessible to the user (Vincent) via his home management system. Vincent may select to use, for example, Vincent's Lamp 1 via the “use” button 212. A further screen area 213 is provided to allow Vincent to share access to Vincent's Lamp 1 with one or more of his friends. Selecting screen area 213 brings up an option box 220 listing a plurality of the user's friends 221, 222, . . . , 228 and provides the user with a tick box option for each in order to select whether or not each user may have access to Vincent's Lamp 1. Once a user's friend is given access to the device, they can also access the device the same way that Vincent can with the “use” button 212. In this way a user can share access to a device, such as the lamp in the example above.
Prior to sharing access to a connected device via an online service such as Facebook™, the connected device must be registered with the online service. FIG. 3 shows a screenshot of a user interface for allowing a device to be added to the My Stuff application. Here, a plurality of devices is shown: a photo frame 310; a vehicle tracker 320; and a lamp 330. Upon selection of an add device screen area 340, labeled “Add Device”, a dialogue box 350 is shown. Dialogue box 350 requests that the user input information relating to the device to allow it to be added to the My Stuff application. This requires each device to have a pre-assigned unique identity which is unique to the device. In the example shown, the unique identity is the MSISDN which is a number which uniquely identifies a subscription in a GSM or UMTS mobile network. The MSISDN can only be used as the unique identifier of a device if it connects via a wireless communications network.
FIG. 4 is a messaging diagram illustrating the process for adding a device to the My Stuff application or service. In this example a user 401 has a device 410, which in this case includes a SIM card, and the user 401 has an account with a service 430 which in this case is Facebook™. The machine-to-machine (M2M) interface is provided by a service enablement platform 420. Service enablement platform 420 comprises a link service 421 arranged to receive communications from connectable devices, such as device 410. Service enablement platform 420 further comprises a service interface 423, which in the case provides an interface towards “My Stuff for Facebook” 423. Service enablement platform 420 further comprises a Directory 422 which keeps a directory matching devices 410 to user accounts on the service 430.
The process starts at 451 where end user 401 logs on to the Facebook™ service 430 and, using the My Stuff for Facebook application, he selects ‘add new device’ as, for example, illustrated in FIG. 3. In step 451 end user 401 enters the MSISDN currently used by device 420. Next, at 452 an add device message is sent from service 430 to the service interface 423 which at 453 registers the device with the directory 422.
At the device 410 side, end user 401 powers on 461 the device 410 which in turn at 462 connects to the communications network. Once connected to the communications network, the device sends a notify message 463 to the link service 421 in the service enablement platform 420. The link service 421 then sends a notifying message 464 to the directory 422. Messages 462, 463 and 464 away from the device 410 include the MSISDN of the device 410. At 471 the directory 422 correlates the MSISDN input at 451 with the MSISDN used by device 410 to attach to the network at 462. The stored information in Directory 422 is updated to reflect the connection between end user 401, his account on service 430, and the device 410.
For relatively large devices such as cars, it is reasonable to expect that each will have a SIM card loaded therein to facilitate communication via a wireless communications network, and as such each car will have an MSISDN circulated therewith. However, this is less reasonable for smaller devices such as temperature sensors which can be expected to be deployed in far greater numbers than cars. Indeed, this is particularly pertinent where a plurality of devices connect to a wireless communications network via a common gateway. Furthermore, the MSISDN is not confidential information, and so it is possible for a third party to obtain the MSISDN of a connected device and so control and share access to a connected device which is not theirs.
Accordingly there is required a method for authenticating a device when connecting it to a service.
US Patent Application Publication US2011/0258303 describes a system and method for personal device sharing using social networks. This document describes a system wherein a first user has a first personal device and a second user has a second personal device. The first user sends a request for sharing access to a resource or a state of a second personal device and whether to grant sharing access is determined, at least in part, upon the nature of the online social network relationship between the first user and the second user.