• No results found

Smartphone Assisted Setup for Headless Devices

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Smartphone Assisted Setup for Headless Devices"

Copied!
7
0
0

Loading.... (view fulltext now)

Download now ( 7 Page )

Full text

(1)

May 2020

Smartphone Assisted Setup for Headless Devices

Smartphone Assisted Setup for Headless Devices

Erdi Chen

Follow this and additional works at: https://www.tdcommons.org/dpubs_series

Recommended Citation Recommended Citation

Chen, Erdi, "Smartphone Assisted Setup for Headless Devices", Technical Disclosure Commons, (May 07, 2020)

(2)

Smartphone Assisted Setup for Headless Devices

ABSTRACT

This disclosure describes techniques for secure setup and/or configuration for headless devices using a smartphone or other available device. A smartphone is connected to a headless device via USB and is utilized to perform setup and debug operations related to the headless device. The headless device advertises itself as an accessory device and provides a device ID and vendor ID to the smartphone. An app on the smartphone is launched with the headless device identifier as parameters. Additional communication between the headless device and the smartphone is performed over the connection using a custom protocol or encapsulated HTTP. The internet connection provided by the smartphone is utilized to fetch an authentication token from an external service that is passed to the headless device to perform authenticated

setup/provisioning. The device can perform authentication with a shared secret or cryptographic signature as part of initial configuration and/or set up.

KEYWORDS

● Headless device ● Inputless device

● Internet of Things (IoT) ● Device setup

● Device configuration ● Encapsulated HTTP ● HTTP Tunnel

(3)

BACKGROUND

Headless devices such as Internet of things (IoT) devices, WiFi routers, printers, airport kiosks, etc. exclude peripherals such as display, keyboard, or other input/output devices. Many headless devices require initial setup, e.g., to connect to available WiFi or Ethernet networks to enable the devices to connect to cloud service(s) for remote device management.

Troubleshooting the setup for headless devices can pose challenges due to the absence of peripheral devices for input and/or output.

Headless devices can use unencrypted data transmission for configuration. For example, WiFi routers utilize network passwords or QR codes printed on a label affixed to the device for configuration and initial setup. Broadband routers/modems use a web-based user interface when connected to an internal network. Some headless devices utilize audio encoded data

transmission for configuration, some devices use Bluetooth (or other local wireless network) for initial setup, and some devices use a serial port for troubleshooting. However, these

mechanisms do not typically enable the use of encryption, authentication, etc. DESCRIPTION

A configuration process for headless devices that can enable the use of encryption and other security mechanisms can enable easy device setup without sacrificing device or user security. This disclosure describes techniques for secure set up and/or configuration for

headless devices. Per techniques of this disclosure, a smartphone or other device is connected to a headless device over a USB connection and is utilized to enable users to perform setup and debug operations related to the headless device.

(4)

Fig. 1: Smartphone assisted setup of a headless device

Fig. 1 illustrates an example of smartphone assisted headless device configuration, per techniques of this disclosure. In this illustrative example, a headless device (104) is connected to a smartphone (102) via a USB cable (106) that connects the respective USB ports. The smartphone enables a user to access the headless device to view and update configuration settings, or for other functions. The connection via a USB cable also establishes a proof of physical presence (and access to) of the headless device and thus provides physical security control for configuration of the headless device.

(5)

Fig. 2: Communication set up between smartphone and headless device

Fig. 2 illustrates an example process for smartphone assisted configuration of a headless device, e.g., an IoT device. The headless device is physically connected (210) to a smartphone (or other device) via their USB host ports using a USB cable (or other hardware connection that offers similar features). The headless device advertises itself (220) as an accessory device on the USB Connection using a communication protocol that is compatible with the smartphone.

(6)

and the smartphone. For example, a custom protocol can be implemented (240, Option 1) to facilitate transmission of data packets between the smartphone and the headless device.

Alternatively, encapsulated HTTP can be utilized (250, Option 2) to run an HTTP server on the headless device and encapsulate HTTP over accessory protocol packets. On the smartphone side, the app can create a HTTP-compatible view and feed the HTTP traffic that originates from the headless device (260).

By utilizing the communication protocols, the smartphone can act as an intermediary to enable communication between the headless device and external networks (for example, ethernet, cloud networks, etc.) for configuration, debug, etc. A vendor associated with the headless device can provide a custom app that can be installed in the smartphone. Alternatively, HTTP content can be served by different headless devices to an existing app that is already available on the smartphone in conjunction with a vendor ID/device ID pair that identifies the headless device.

An internet connection provided by the smartphone is utilized to fetch an authentication token from a cloud service that is passed to the headless device to perform authenticated setup/provisioning even when the device does not have an internet connection. The device can perform authentication with a shared secret or cryptographic signature as part of its initial configuration and/or setup. The described techniques can also be utilized in enterprise applications for multiple headless devices.

CONCLUSION

This disclosure describes techniques for secure setup and/or configuration for headless devices using a smartphone or other available device. A smartphone is connected to a headless device via USB and is utilized to perform setup and debug operations related to the headless

(7)

device. The headless device advertises itself as an accessory device and provides a device ID and vendor ID to the smartphone. An app on the smartphone is launched with the headless device identifier as parameters. Additional communication between the headless device and the smartphone is performed over the connection using a custom protocol or encapsulated HTTP. The internet connection provided by the smartphone is utilized to fetch an authentication token from an external service that is passed to the headless device to perform authenticated

setup/provisioning. The device can perform authentication with a shared secret or cryptographic signature as part of initial configuration and/or set up.

REFERENCES

[1] USB accessory overview accessed on Apr. 1, 2020.

References

Download now ( PDF - 7 Page - 310.95 KB )

Related documents

Sample Policy For Employees

Favor you leave and sample policy employees use their job application for absence may take family and produce emails waste company it discusses email etiquette Deviation from

Pope Francis on Frantic Quest to Unite All Religions Under Rome - Now the End Begins _ Now the End Begins

(It’s small , but cozy.) But nonetheless, it was hard to do. I am not rich, we barely keep our heads above water, as Ron has told you many times. We do not receive government help.

Response. from 27 November to 4 December CPT/Inf (2014) 19

The Lithuanian authorities are invited to consider acceding to the Optional Protocol to the United Nations Convention against Torture (paragraph 8). XII-630 of 3

Student Building 130 Student Building 331 Bloomington, IN Phone: (812)

Reporting. 1990 The Ecosystem Approach in Anthropology: From Concept to Practice. Ann Arbor: University of Michigan Press. 1984a The Ecosystem Concept in

Network-driven reputation in online scientific communities

We amend the real EF data by generating a certain number of papers by author X and linking each of them with 35 randomly chosen users (35 is the average paper degree in the

EXAM questions for the course TTM Information Security June Part 1

message authentication and confidentiality where authentication is tied both to the plaintext and to the

On Examining the Information Efficiency of SSE50 ETF Option Market

When option market is informational effective, the option market implied model free forward variance should subject to martingale restriction with corresponding daily change

Eftal Dodur - Pop & Rock Gitar Metodu

NOT = ilk önce 1 ve 2 diye kalın mi teline kadar yukarı doğru yavaş bir bir şekilde penanıza ve basmis olduğunuz pozizyona dikkat ederek METRONOMLU yani düzenli ritm