| CPC H04L 9/3263 (2013.01) [G06F 21/33 (2013.01); G06F 21/44 (2013.01); G06F 21/602 (2013.01); G06F 2221/2143 (2013.01); H04L 9/3268 (2013.01); H04L 63/0823 (2013.01); H04L 63/083 (2013.01); H04L 63/10 (2013.01); H04L 63/126 (2013.01)] | 7 Claims |
|
1. An identification and authentication system comprising:
a plurality of controllers including a first controller having a first device certificate and a second controller having a second device certificate, the first device certificate having a first user identifier and a first set of device control privileges, and the second device certificate having a second user identifier and a second set of device control privileges that is different from the first set of device control privileges; and
an embedded device including:
an embedded device memory; and
an embedded device processor configured to:
obtain, from the first controller, the first device certificate;
obtain, from the second controller, the second device certificate;
extract, from the first device certificate, the first user identifier and the first set of device control privileges;
extract, from the second device certificate, the second user identifier and the second set of device control privileges;
compare the second user identifier with the first user identifier to authenticate access to the embedded device for the second controller without connectivity to a server;
determine whether the second user identifier within the second device certificate is the same as the first user identifier within the first device certificate; and
allow or prevent access to the embedded device by the second controller based on the determination and the extracted second set of device control privileges.
|