Scribd Logo
Upload

Welcome to Scribd!

  • US20200367057A1

    Uploaded by

    Abdoulaye Mbaye
    5 views16 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF or read online from Scribd
    Flag for inappropriate content
    Download as pdf
    5 views16 pages

    US20200367057A1

    Uploaded by

    Abdoulaye Mbaye

    Copyright:

    © All Rights Reserved
    Download as PDF or read online from Scribd
    Flag for inappropriate content
    Download as pdf
    of 16
    cu») United States ‘US 202003670: AL 2) Patent Application Publication co) Pub. No.: US 2020/0367057 Al DOTCHKOFF et al. (54). SINGLE SIGNAN FOR TOT DEVICES (71) Applicant: Microsoft Technology Licensing, LIC Redmond, WA (US) (72) Inventors: Konstantin DOTCHKOFF, Resinond, WA (US); Affan DAR, Redinond, WA ws) (21) Appl. Now 167948,863, (22) Filed: Aug. 1, 2020 Related US. Application Data (63) Coatinnation of application No. 157788,768, filed on (ct. 19, 2017, nov Pat. No, 10,750,364 Publication Classiieation (1) Inte HOW 1206 (2006.01) nosw 70 (2005.01) HosW 6400 (2006.01) (43) Pub. Date: Nov. 19, 2020 Most 2906 200501) HodW 450 (2006.01), Hos 2908 (200501), 2) US. ¢ ce OSW 1206 (2013.01), HaaW 470 (2018.02), Ha4W’ 64/003 (201501); Hose 630876 201301}; GO6E 21/305 (2013.01) OSI. 63/083 (2013.01); HOM. 63/0853 (2013.01); HO4L 67/12 2013.01); Hosw 450 (2018.02) on ABSTRACT In one example of the technology, a fist third-party service is registered with the loT support service, A fist IoT device ‘of a plurality of IoT deviees is caused to be provisioned with the IOT support service. An authentication is received token for the first loT device. The authentication token is based on fan authentication of the first 10T device with the first third-party serves. The authentication token is verified. The first IoT device is authenticated withthe loT support service based on the verification computing Dovicos US 2020/0367057 AI Patent Application Publication Nov. 19,2020 Sheet 1 of S seainag Buindwiog T ‘Ord seainag Burndwog i Bugndwoo “iG... Nea US 2020/0367057 AI Nov. 19, 2020 Sheet 2 of 5 Patent Application Publication eonag Bugndwog soe LeU andino. ove ose 00 ¢ DLT Je\depy 3HOMION o8e soeyequy nduy Kowey, Suneiedo Ja|]01U09 ynauID Kowa) Bulss001q oee ole US 2020/0367057 AI Nov. 19, 2020 Sheet 3 of 5 Patent Application Publication € DIA aoraq, Lor Tre aonsaq, Lr Tr aatsag seMaED, jaoddns or te pua-yaeq US 2020/0367057 AI ¢ DIA FIF aDtAIag Ayaed-payay, r SF wopnsaxg TF aots..ag Buyuoysysorg Nov. 19, 2020 Sheet 4 of 5 sqop pur spony Patent Application Publication er pua-yoeg uopwayddy GF be aoypedsig be Tra TF P= ua 210g, aannog, Lor OF US 2020/0367057 AI Nov. 19, 2020 Sheet 5 of 5 Patent Application Publication S$ DIT ses _~ ayeoqueusne fi t ves LY uayo} uoHeoRUaYINe AWIAA, t ves uayo} uoyeoqueyjne aneooy t zs pouoysinoud 51 89/A9p Lo} t veg 7} Joos Ayed-piiyy seysiBoy 5 oss US 2020/0367057 AI SINGLE SIGNAN FOR IOT DEVICI CROSS-REFERENCE TO RELATED APPLICATIONS) 10001] This application claims priority to U.S. patent application Sor. No. 15/788,768, fled Oct. 19,2017, entitled SSINGLE SIGN-IN FOR IOT DEVICES " (Atty. Dk. No. 402833-US-NP). The entirety ofthis afore-mentioned appi- ‘cation is incorporated herein by reference BACKGROUND [0002] The Intemet of Things (“loT*) generally refers to ‘2 system of devices capable of communicating over & network. The devices can include everyday objects such as toasters, coffee machines, thermostat systems, Washers, dry- ‘ers, lamps, automobiles, and the like. The devices may also include industrial equipment in buildings and factory machines, with sensors and actuators attached in some ‘examples, and the ike, The network communications ean be used for device automation, data capture, providing ales, pennalization of settings, and numerous other applications. SUMMARY OF THE DISCLOSURE. 10003] This Summary is provided to introduce a selection ‘of concepts in a simplified form that are further described below in the Detailed Description. This Summary is. not ‘intended wo identify key feaures or essential features ofthe ‘laimod subject matter. nor is it intended to be used to limit, the scope of the claimed subject mate, 10003} Briely stated, the disclosed technology is enerally directed to ToT technology. In one example of the technol ‘ogy, a first third-party service is registered with the ToT. support service. In some examples, a first loT device of 2 phiality of foT deviees is caused te be provisionod with the oT support service. In some examples, an authentication token is received for the fist loT deviee. In some examples, the authentication token is based onan authentication of the first loT device with the fist thin-party service. In some ‘examples, the authentication token is verified. In some ‘examples, the first IoT device is autheatcated ith the ToT support service based on the verification, 10005] Other aspects of andl applications forthe diselosed technology will be appreciated upon reading and under standing the attached figures and descripto BRIEF DESCRIPTION OF THE DRAWINGS 10006] | Non-limiting and non-exhaustive examples of the present disclosure are described with reference to the fol- Towing drawings. In the drawings, ike reference numerals refer to like parts thoughout the various figures unless clherwise specified, These drawings are not necessarily ‘drain to scale, 10007] For a beter understanding of the present diselo- sure, reference will be made to the following Detailed Description, which is to be read in association with the accompanying drawings, in which: 10008] FIG. 1 isa block diagram illustrating one example ‘ofa suitable environment in which aspoct ofthe technology say be employed 10009] FIG. 2 isa block diggram illustrating one example ‘fa suitable computing device according to aspects of the disclosed technology: Nov. 19, 2020 [010] FIG. 3s ablock diagram ilustrating an example ot a system: [011] | FIG. 4s a block diagram ilustrating an example of ‘system that may be used as a subset of the system of FIG. 3: and [0012] FIG. $ is a Mow diagram illustrating an example process for oT technology in accondance with aspocts ofthe present disclosure DETAILED DESCRIPTION [0013] The following description provides specific details or a thorough understanding of, and enabling desription for, various examples ofthe technology. One skilled in the fart will understand that the technology may be practiced ‘without many of these details. In some instances, well Known structures and functions have not beea shown oF eseribed in detail avoid unnoeessarily obscuring the ‘description of examples ofthe technology. It is intended that the terminology used in this disclosure be interpreted in its broadest reasonable mannee, even theugh itis being vs0d ia conjunction witha detailed description of certain examples of the technology. Although certain terms may be empha- Sized below, any terminology intended to be interpreted in ‘any restricted manaer will be overtly and specifically defined as such in this Detailed Description section ‘Throughout the specification and elsims, the following ‘emis take ut least the meanings explicitly associated herein, ‘unless the context dictates otherwise. The meanings ident fied below do not necessarily limit the terms, but morely provide illustrative examples for the terms. For example, tach of the terms “based on” and “hased upon” i not exclusive, and js equivalent to the term “base, at least in part on", and includes the option of being based on add- ‘ional factors, some of which may not be deseibed herein As another example, the term “via” is not exclusive, and is ‘equivalent tothe term “vi, at Yast in part”, and includes the ‘option of being via additonal factors, some of which may ‘not be described herein, The meaning of “in includes “in” ‘nd “on.” The phrase “in one embodiment.” or “in one example,” as used herein does not necessarily refer to the same embodiment or example, although it may. Use of particular textual numeric designators does not imply the existence of lester-valued numerical designators. Por ‘example, reciting "a widget selected from the group con- sisting ofa third foo and a fourth bar” would not tel imply that there areat least three foo, nor that here are at east four bar, elements. References in the singular are made menely {or elatity of reading and include plural references unless plural references are specially excluded. The term “or” is an inclusive “or” operator unless specifically indicated oth- enwise. For example, the phrases “A or B” means “A, Bor and B.” As used herein, the tems “component” and “system” are intended to encompass hardware, software, or various combinations of hardware and software, Thus, for ‘example, a system or eomponent may be a process, process ‘exceting on @ computing device, the computing device, oF a portion thereof [014] Bret sated, the disclosed technology’is generally rected to loT technology. In one example of the technol- ‘gy; a first third-party service is rogisteod with the ToT support service. In some examples, a first loT dovice of a plurality of foT deviees is caused to be provisioned with the oT support service. In some examples, an authentication token i received for the fist ]oT device, In some examples, US 2020/0367057 AI the authentication token is based on an authentication ofthe firt lot device with the fist thin-party service. In some ‘examples, the authentication token is verified, In some ‘examples, the fist loT device is authenticated ith the [oT support service based on the verification [0015] ToT devices muy communicate with an loT support Service to receive IoT services, either communicating directly with the oT support service or indirectly via one oF ‘more intermediary devices such as gateway deviees. In some ‘examples, the IoT support service may also coordinate thin-pany services for use by IoT devices. In other ‘examples, devices not normally capable of connecting directly to the IoT support service, such as devices with subscriber identification module (SIM) canls, can be ‘enabled to funetion as oT devices through coordination between the IoT support service and a thinl-party service. For instance, in some examples, devices can communicate with the [oT support service using the third-party service as intermediary. In other examples, the IoT support service ean use the thinl-pany service to reconfigure ToT devices and ‘enable a direct connection from the IoT device to the [oT Service, while keeping their ability to coanect vo the third- pany service as well [0016] —Afteran loT device has been provisioned, when the oT device establishes a connection to aa ToT support servie, authentication is typically required. However, ithe ‘device is already authenticated with a third-party service, by trusting authentication with a third-party service, the lol device can automatically be authenticated with the ToT support service based on trst in the authentication of the thinl-pary provider. In this way, i some examples, a single sign-in for'a device is sufficient to sign in to both the third-party service and oT services. In some examples, the single sign-in prevents the need for a separate sot of ere- dental to authenticate withthe ToT support servic, Ilustrative Devices/Operating Environments [0017] FIG. 1 isa diggram of environment 100 in whieh aspects of the technology may be practiced. AS shown, ‘environment 100 includes computing devices 110, as well as, network nodes 120, connected via network 130. Even though particular components of environment 100 are shown in FIG. 1, in other examples, enviroament 100 ca tlso include sditional and/or different components. For ‘exumple, in cern examples, the enviroament 100 caa also include network storage devices, maintenance managers, and/or other suitable components (aot shown). Computing devices 110 shown in FIG. 1 may be in various locations, including on premise, inthe cloud, oF the like. For example, ‘computer devices 110 may be on the client side, on the server side or the like [0018] As shown in FIG. 1, nework 130 can include one ‘or more network nodes 120 tha intereonnect multiple com= puting devices 110, and connect computing devices 110 10 ‘external network 140, eg. the Infemet or an intranet. For ‘example, network nodes 120 may include switees, routers, hubs, network controllers, of other network elements. In ‘certain examples, computing deviees 110 can be organized into racks, action zones, groups, sets, or other suitable divisions. For example, in the illustrated example, compote ing devices 110 are grouped into three host sets identified individually as frst, Second, and thin host sets 1124-112 Inthe illustrated example, each of host sets H12u-12e is ‘operatively coupled ta coresponding network node 120a~ Nov. 19, 2020 120, respectively, which are commonly referred 10 as “top-oF-rack” or “TOR” network nodes. TOR network nodes 120a-120¢ can then be operatively coupled (© addtional rework nodes 120 to fomm a computer network in a hier Aarchial, fat, mesh, of other suitable types of topology that allows communication between compiling devices 10 and external network 140, In oer examples, multiple host sets 112-112 may sharea single network nade 120. Computing devices 110 may be virtually any type of general- or spe- cilic-purpose computing device, For example, these com puting devices may be user devices such as desktop com- puters, laptop computers, tablet computers, display deviees amore, printers, IoT devices, or smartphones. However, in ‘dala center environment, these computing devices may be server devices such as application server computers, viral ‘computing host computers, or file server computers. More- ‘over, computing devices 110 may be individually configured {o provide computing, storage, andr other suitable com- puting services. [0019] In some examples, one oF more ofthe computing devices 110 isan loT device, a gateway deviee, a device that comprises pan or all of an JOT support service, a device ‘comprising part or al of an application back-end, or the fk as discussed in greater detail below: Ilustrative Computing Device [0020] FIG. 2 iso diggram illustrating one example of ‘computing device 200 in which aspects of the technology ‘ay be practiced. Computing device 200 may be virtually any type of general- or specific purpose computing device. For example, computing device 200 may be a user device such as @ desktop computer, @ laptop computer, a tablet computer. a display device, a camera, a printer, ofa smart- phone. Likewise, computing deviee 200 may also be server vice sueh es an application server computer, a viral ‘computing host computer, ora file server computer, ez. computing device 200 may be an example of computing vice 110 of network node 120 of FIG. 1. Computing device 200 may also be an ToT device that connects 10 3 network fo receive JoT services. Likewise, computer device 200 may be an example any ofthe deviees illustrated in or referred to in FIGS. 3-5, a discussed in greater detail below. As illsirated in FIG. 2, computing device 200 includes processing circuit 210, operating memory. 220, memory fconioller 230, data storage memory 280, input interface 260, output interface 270, and network adapter 280, Pach of these aforedsted components of computing device 200 jnclides atleast ane hardware clement 0021} Computing device 200 includes at lest one pro- ‘cessing circuit 210 configured to execute instructions, suck fas instructions for implementing the herein-described wot Toaus, processes, or technology. Processing cireuit 210 may include 2 microprocessor, a. microcontroller, graphics processor, a coprocessor fleld-programmable gate array, a programmable loge device, a signal processor, or any other circuit suitable for processing data, Processing circuit 210 is an example of a core. The aforementioned instructions, along with other data (eg, datasets, metadata, operating system instructions, etc), may be stored in operating ‘memory 220 dhring, runtime of computing device 200. (Operating memory 220 may also include any ofa variety of data storage devies/componeats, suchas volatile memories, Ssemi-volaile memories, random access memories, static ores, caches, butlers, oF other media used slore US 2020/0367057 AI run-time information. In one example, operating memory 220 does not retain information whea compating device 200 powered off; Rather, computing device 200 may be ‘configured to trisfer instructions from a non-volatile dats storage component (eg. data storage component 280) t0 ‘operating memory 220 at part of a booting or other loading process, In some examples, other forms of execution may be ‘employed, such as execution directly from data storage memory 250, et, eXecute In Place (XIP), 0022] Operating memory 220 may inlude 4th generation double data rate (DDR4) memory, 3ni generation double data rate (DDR3) memory, other dynamic random access memory (DRAM), High Bandwidth Memory (HBM), Hybrid Memory Cube memory, 3D-stacked memory, static random acoess memory (SRAM), magnetoresstive random access memory (MRAM), pseudostatic random access memory (PSRAM), or other memory, and such memory my ‘comprise one oF more memory circuits integrated onto & DIMM, SIMM, SODIMM, Known Good Die (KGD), of cther packaging Such opemting memory modules oF ‘devices may be organized according to channels, ranks, and banks. For example, operating memory devices may be ‘coupled to processing cieuit 210 via memory conteoler 230, ‘channels. One example of computing device 200 may Include oue or two DIMMs per channel, with ane or two ranks per channel. Operating memory within « rank may ‘operate with a shared clock, and shared address and com- mand bus. Also, an operating memory device may be ‘organized into several banks where a bank can be thought of ‘san aray addressed by row and column. Based on such an ‘organization of operating memory, physical adresses ‘within the operating memory may be refered to by a tuple ‘of channel, Fank, bank, ro, and column, [0023] Despite the above-diseussion, operating memory 220 specifically does not include or encompass comnmni- ‘ations media, any communications medium, or any signals, per se. [0024] | Memony controller 230 is configured to interface processing circuit 210 to operating memory 220. For ‘Cxample, memory controller 230 may be configured to Jterface commands, addresses, and dala between opersting memory 220 and processing eicuit 240. Memory controller 230 may also be configured to abstract or otherwise manage ‘erin aspects of memory management from or for process ing cireut 210. Although memory controller 230 is ilus- trated as single memory controller separate from processing it 240, in other examples, nitiple memory controllers may be employed, memory controller(s) may be integrated with operating memory 220, or the lke. Further, memory ccontoller(s) may be integrated into processing cicuit 210, “These and other variations are possible, 10025] In computing device 200, data stomge memory 260, input intriace 260, output interlace 270, and network ‘adapter 280 are interfaces to processing circuit 210 by bus 240. Although, FIG. 2 illustrates bus 240 asa single passive bus, other configurations, such us a collection of buses, @ collection of point to point Finks, an inpatioutpet controler, 1 bridge, other interfoe ciruity, or any collection thereof may also be suitably employed for interfacing data storage ‘memory 250, input interface 260, output interface 270, oF network adapter 280 to processing circuit 210, 10026] Incomputing device 200, data storage memory 250 fs employed for longctean non-volatile data storage. Data storage memory 250 may include any of a variety of Nov. 19, 2020 non-volatile data storage devices/components, such as non- volatile memories, disks, disk drives, hard drives, solid-state drives, or any other media that ean be used for the non- volatile storie of information. However, data stonige memory 250 specifically does not include or encompass communications media, any communications medium, or any signals pe se, In contrast to operating memory’ 220, data Stomige memory 250 is emplayed by computing device 200 or non-votatile long-term data storage, instead of for rane time data storage. [0027] Also, computing device 200 may include or be coupled to any type of processor-readable media suc as processorreadable storage media (eg, operating memory 220 and data storage memory 250) aid communication ‘media (eg, communication signals and radio waves). Whi the lerm processor readable slomuge media includes oper ing momory 220 and data storage memory 280, the term “processor-eadable storage media.” throughout the cation and the claims whether used in the singular oF the pur, s defined herein so tht the term “processorseadable pass comm ‘rany signals per se. However, the term “processor-readable storage media” does eneompass processor eache, Random Access Memory (RAM), register memory, andlor the like. [0028] Computing device 200 also includes input interee 260, which may be configured to enable computing device 200'to receive input from users or from other devices, In Addition, computing device 200 includes output interface 270, which may be configured to provide output from computing device 200. In one example, output interface 270 includes a frame buer, graphics processor, graphics pro- cessor or aocelemstor and is configured to render displays for presentation on a separate visval display device (such as a ‘monitor, projector virtual computing client computer, et.) In another example, output interface 270 includes a visual display device and is configured to render and present splays for viewing, In yet another example, input interface 260 andlor output interface 270 may inclide a universal asynchronous receverfransmitter (ART), a Serial Periph- cra Interface (SP), Inter-Integrated Circuit (120), 2 Gen- era-purpose inpuvoutput (GPIO), and/or the like. More- ‘over, nul interface 260 aadior output interface 270 may include or be interfaced to any number or type of peripber als, 0029} In the illustrated example, computing device 200 is ‘configured to communicate with olher computing devices oF elites via network adapter 280, Network adapter 280 may include a wired network adapter. eg an Pthemet adapter, a Token Ring adapter, or a Digital Subscriber Line (DSL) adapter, Network adapter 280 may also include a wireless petwork adapter, for example, a Wi-Fi adapter, 2 Blvetonth adapter, ZipBee adapter, a Long Term Evolution (LTE) adapter, Low-Power Wide-Area Network (LPWAN), Sig- Fox, LoRa, Powerline, 2G, 3G, 4G or a SG adspter. [0030] Although computing device 200 i itlustrated with ‘certain components configured in a parieular arrangement, these components and arrangement are merely one example ‘of @ computing device in which the technology may ‘be employed. In othor examples, data storage memory 280, input interface 260, output interface 270, or network adapter 280 may be directly coupled to processing circuit 210, oF be ‘coupled to processing cicuit 210 via an inpuvoutput eon- US 2020/0367057 AI twoller abridge, or other interface eicuitey, Other variations of the lechaology are possible, 0031} Some examples of computing devie 20 ince st least one memory (es, operting memory 220) adspted to store runtime data and atleast one processor (2, proce ing unit 210) that sated wo exeuteprocesorexccuable fle that in response (© execution, enables computing ‘eviee 200 to perform actions Illustrative Systems 10032] FIG. 3 is block diagram illustrating an example of 8 system (300). System 300 may include network 390, as well as oT support service 381, ToT devices 341-343, ‘znteway edge devices 311 and 312, provisioning service ‘device 315, application back-end 313, and thix-pary ser vice 314, which all coanect to network 330. The term “lo device” refers to a device intended to make use of IoT services. An loT device can inchude virally any device that ‘connects 10 the cloud © use ToT servoes, including for telemetry collection or any other purpose. ToT devices ‘include any devices that can eonneet to & network to make use of IoT services. ToT devices ean include everyday ‘objects such #8 toasters, coffee machines, thermostat sys= tems, washers, dryers, lamps automobiles, and the like. [oT ‘devices may also include, for example, a variety of devices, jncluding industrial devices, with atlached sensors or tors. For example, a “smart” building might inclode lights, temperature sensors, thermostats, humidity sensors, occu ancy sensors, door locks, HVAC contol modules, and the like, The IoT services for the IoT devices can be used for ‘device automation, data capture, providing alerts, executing ‘operatonslactions on the devices throgh their actators, andor personalization of settings. However, the foregoing list merely includes some ofthe many possible uses for [oT serves. Such services may be employed fo, orn eonjune- tion with, numerous other applications, whether or not such applications are discussed herein. Some examples allow devices, such a legaey deviees, that don't operate a8 IoT ‘devices 40 be enabled to act as ToT devices through ad tional equipment. For instance, some of the IoT device 341-343 may he mobile devices, various devices with SIM ‘cards such as vending machines with SIM cards, dor the like that ean be activated to operate as loT devices. In some ‘examples, 1oT devices MI-343 and gateway devices 311 and 312 are edge devices. In some examples, although not shown in FIG. 3, network 330 may also include cloud-side cznteway devices, 10033] Application back-end 313 refers to a device, oF nlite devices such as a distributed system, that performs ction that enable data collection, stomge, and/or actions to be taken based on the lo data including user access and ‘contol, data analysis, data display; control of data storage, ‘automatic actions taken based on the IoT data, andor the like. For example, application back-end 313 may include a ‘device or multiple devices that perlom back-end funetions jn support of IoT services In some examples, atleast some ‘of the actions taken by the application back-end may be Performed by services and applications ruaning in appli tion back-end 313, while other actions ean be taken by ToT devices or thit-party services 10034) Third-party service 314 refers to a device, or mol- tiple devices, that performs actions to provide a thin-party Nov. 19, 2020 Examples of third-party serviees, may include update management services, mobile network management services, and the like [0035] ‘Te term “oT suppor service” refers to a device ‘or multiple devices such a distributed system, to which, {in some examples, oT devices connect on the network for ToT services. In some examples, the IoT support service is an Jol hub. In some examples, the lol hub is exeluded, and ToT devices communicate with an application back-end, direetly of through one of more intermediates, without including an ToT hub, and a software component in the application back-end operates as the lol support service. of devices receive loT services via communication with the oT support service [0036] In some examples, gateway devices 311 and 312 are each a deviee, or multiple devices such asa distributed system. In some examples, gateway devices may be edge sdovices that serve as network intermediaries between one oF nore IoT devices and an IoT support service [0037] In some examples, device provisioning sevice 315 refers to a device, or multiple devices such asa distributed system, that perform aetins in provisioning an ede device to an loP support service [0038] Each of the Io devices 341-343, andlor tho ‘devices tht comprise IoT support service 381 andor appl cation back-end 313 andlor gateway devices 311 and M2 andlor provision service device 315 may include examples ‘of computing device 200 of FIG. 2. The term “lol support service” is not limited to one particular type of ToT service, but refers to the device to which the lol device communi- cate, aller provisioning fora least one loT pplication, loT Solution o loT service. That is, the term “lol support * as used throughout the specication andthe claims, is genetic to any IoT solution. Te term IoT support service simply refers to the portion ofthe JoT solution oT service! [oT application to which provisioned lol devices comm- nicate. In some examples, communication between 1oT devices and one or more application back-ends occur with ‘an IoT support service as an intermediary. The ToT support service is in the cloud, whereas the loT devices are edge devices, FIG. 3 and the corresponding description of FIG, 3 in the specification illustrates an example system for ills ‘tative purposes that does not limit the scope ofthe diselo- [0039] Network 330 may include one oF more computer networks, including wired andlor wireless networks, where each network may be, for example, wireless network, local area network (LAN), wide-area network (WAN), and/or a ‘lobal network suchas the Internet. On an interconnected set Of LAN, including those based on differing architectures and protocols, a router acis as a link between LANs, enabling messages to be sent fom one to another. Also ‘commiication links within LANs typically inchide twisted wire pair or coaxial cable, while communication links between networks mia utilize analog telephone lines, fll or ‘actional dedicated digital Iines including TI, T2, 13, and 14, Integrated Services Digital Networks (ISDNs}, Digital Subscriber Lines (DSLs), Wireless links including cellular ‘nd satellite inks, or other communications Finks known to ‘thoso skilled in the ar. Furthermore, remote computers and other related electronic devices could be remotely connected to either LANs or WANS vin a modem and temporary telephone link. In essence, network 330 includes any com- mication method by which information may travel US 2020/0367057 AI between IoT support service 381, [oT devices 341-343, andor application back-end 313. Although each device o serve is shown as connected to network 390, tht does not run that exch device communicates with cach other device shown, In some examples, some devicesservices shown ‘only communicate with some other devices/services shows, Via one or more intermediary deviees. Also, other network 330 jsillustrated as one network, n some examples, network 4330 may instead include multiple networks that may or may rot be connected with each othe, with some of the devices shown communicating with each other through one network ‘of the multiple networks and other of the deviees showa, ‘communicating with each other with a different network of the mnuliple neworks, [0040] As one example, IoT devices 341-343 are devices that are intended to make use of loT services provided by the oT suppor service, which, in some examples, includes one ‘or more Jol suppor services, such as lol support service 381. JOT devices 341-348 may be coupled to loT support ‘service 381, directly, via network 330, via a gateway device (ex, giteway device 312), via multiple gateway deviees, via @ third-party service, andior the like [0041] System 300 may include more or fess devices than ‘lustrated in FIG, 3, which is shown by way of example aly, [0042] After an loT device (eg, loT device 341 or 442) has been provisioned by provisioning device 315, whea the oT device establishes a connection to IoT support service 2381, auentieation i typically required. However, by trst- ing authentication with third-party service 314, the lol device can automatically be authenticated against the thin! party service 314 based on trust inthe authentication of the ‘hind-pary provider In this way, in some examples, a single sign-in for'a device is sufficient to sign in to both the third-party service and ToT services [0043] FIG. 4 is a diagram illustrating an example of @ system 400, In some examples, system 400 may be ‘employed as a subset of system 300 of FIG. 3. FIG. 4 and, the corresponding description of FIG. 4 in the specification illstrate an example system for illustrative purposes that do not limit the scope of the disclosure [0044] _ In some examples, system 400 includes ToT device 441, loT device 442, [oT support service 451, application back-end 413, provisioning service device 415, and third- pany service 414, Some examples of lol support service SI include device twin DTI, device twin DT2, and dis- patcher 457, 10045] In some examples, dispatcher 487 performs fune- tions such as dispatching communications, coordinating telemetry trafic, synchronizing device twin properties, and ‘execiting of operations between the [oT suppor service and oT devices oF thind-paet services. [0046] In some examples, loT support service 481 stores ‘a corresponding device twin (eg, DT, DT2) for each Io ‘device e441, 442) provisioned with IoT support service “451, In some examples, each device twin isa set of securely isolated primitives comprising communication and state synchronization primitives. Ia some examples, each device ‘win includes metadata about the corresponding device, such ‘8 what type of device iti, various infomation about the ‘dovice, as well as relevant information about the device (or equipment) that the device is in (eg, Iype of devi ‘capabilities, oeation, andor the like, where relevant to the ‘device). The device twin may aso include metadata deserib- Nov. 19, 2020 ing operations associated with a thinkparty service are supported. including expected paramcters and valid ranges. In some examples, at least a portion of exch device in is synchronized with the eoresponding device, [0047] Fach device iin may include properties of the Gevices, some of whieh may be synchronized with the device. For example, inthe ease of a smart lock, the devi ‘win may include a propery indicating whether the come: sponding smart lock is locked or unlocked. In some ‘examples, the deviee twin for each device includes a section ‘associated with propertics fora thin-party service. In this way, the device twin may provide an aggregated view ofthe device seross JoT device properies and properties aso sted with third-party services. In some examples, if there is ‘more than one third-party service associated wih the device that corresponds to the device twin, then the device twin has 1 separate setion for each third-party service. The devi ‘wins can be used t0 synchronize device conditions and configurations. In addition, the device win may expose ‘metadata information about supported operations for this ‘device, including operation associated with third-party ser vices. Application hackond 413 may use device twins 10 ‘query supported operations axl expected parameters for «execution. For example, an application, such as an applic: ‘ion in the appliation backend, may query the device win {ora lst of available operations (jc. methods), a8 well as possible values forthe parameters, present this information {oan end user to sclet the intended operation and possible parameter Values, and enable the user to tigger the execu ‘ion of the operation through the Jo support service. As iscussed in greater deal below, the device wins may als ‘make functionality provided by third-party services avi able 0 application backend 413. In this way, in some ‘examples, when an application queries the device twin for a list of available methods, as sell a8 possible values for parameters, presen this information to an end user to select the intended operation and possible parameter values, and tenable the user to trigger the execution of the operation through the IoT support serve, the response 10 the query ray also include methods made available via thint-pary services, and the user is also enabled to rigger the execttion of methods associated with third-party service, where the ToT support service may communicate with the cotrespond- ing thinl-party service in order to execute the method. [048] _\ job can be wses to update device twins at scale Aandior invoke methods at scale across many devices. In some examples, a method isan interactive request-response pattem used 1 invoke a capability on a deviee, suc as Tocking or unlocking a door, tuning on or off light, or the like. A job can be used to update device twins andor invoke sthods on a schedule aid track the progress of execution for a lange number of devices. Jobs may be initiated by schedule joh instnctions received by methods and jobs execution component 485 of loT support service 481 irom ‘application back-end 413. Ia some examples, thied-party dispatcher 457 is configured to dispatch communications to third-party service 414, for example, as part ofan invoked ‘method that is associated with third-party service properties [0049] In some examples, partner onboarding may be used to assoeiate one oF more third-party services providers associated with the ToT services provided by lot support service 451. During partner onhoarding, in some examples ‘one of more connections are secured between oT support service 451 and thil-party service 414, In some examples, US 2020/0367057 AI ‘one oF more secure connections are established up front, ‘during the partser onboarding stag, belore specific tenants ‘can be connected and start exchanging information over the Secure connection(s) in later stages. In some examples ‘during partner onboarding, multtenant access and integra tion is configured, In some examples, a registry process is used (0 repister one or more third-party services to ToT support service 451 with a provider registry that may be stored in JoT support service 45 10080] In some examples, the provider registry stores ‘information regarding the connection with the third-party service. In some examples, the provider est also stores information about the thicl-pany service, including a meta- ‘data deseripton about what the third-party service can do, including in some examples, what telemety the third-party service Gan emit, and which operations the thin-party ser view supports, including expected parameters and valid parameter values. The provider registry may also store provider configuration information for each provider. Ia some examples, the provider registry contains all providers ‘configured and available for customers to enable for usage with the 1oT support service. In some examples, as part of provider registration, account and tenant information is ‘exchanged, andl necessary client IDs and secrets are ‘exchanged. In some examples, IoT support service 481 manages the onboarding of providers for third-party ser- vices: The provider registry may also contain information bout the authentication method used andor supported by the third party service. 10051] In some examples, after partner onboanting, cus- tomer onboarding is performed. In order for thi-party services to be performed for devices associated with particular customer, the customer may need to have an ‘account and credentials with te provider ofthe thinl-party service und the customer devices may already be tenants in the thin-pary service. During customer onboarding, tenant ‘configuration may be performed, which may vary based on the provider, In some examples, a mapping is established between tenants in think-party service 44 and tenants i lo support service 451 10082] For insiace, in some examples, such as a mulli- tenant integration between the ToT support service and 8 third-party service, a mapping is established between tenants in both systems: a customer i represented asa tenant in the rult-tenant lol support service as well at a tenant of the thin-pany service and 2 mapping is established between those tenants to enable exchange of information about the ToT devices of that particular customer, represented. as

    You might also like