Case: 1:21-cv-00482 Document #: 1-3 Filed: 01/27/21 Page 1 of 7 PageID #:39
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Exhibit B
`
`
`
`
`
`
`
`
`
`
`
`
`

`

`Case: 1:21-cv-00482 Document #: 1-3 Filed: 01/27/21 Page 2 of 7 PageID #:40
`
`(12) United States Patent
`Falk
`
`(*) Notice:
`
`(54) PLUG-IN CONNECTOR SYSTEM FOR
`PROTECTED ESTABLISHMENT OF A
`NETWORK CONNECTION
`(75) Inventor: Rainer Falk, Erding (DE)
`(73) Assignee: Siemens Aktiengesellschaft, Munich
`(DE)
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 262 days.
`(21) Appl. No.: 13/110,690
`(22) Filed:
`May 18, 2011
`(65)
`Prior Publication Data
`US 2011/0289231 A1
`Nov. 24, 2011
`Foreign Application Priority Data
`(30)
`May 21, 2010 (DE) ......................... 10 2010 O21, 257
`(51) Int. Cl.
`(2006.01)
`G06F I3/00
`(2006.01)
`H04L 29/06
`(52) U.S. Cl.
`CPC ............. H04L 63/10 (2013.01); H04L 63/0853
`(2013.01)
`USPC ........................................... 709/227; 709/229
`(58) Field of Classification Search
`CPC ............................ H04L 63/10; H04L 63/0853
`USPC .............. 709/227 229; 726/3–10, 16–21, 34:
`713/160–163, 168-174, 184-186, 192,
`713/194
`See application file for complete search history.
`
`USOO8843641B2
`(10) Patent No.:
`US 8,843,641 B2
`(45) Date of Patent:
`Sep. 23, 2014
`
`(56)
`
`References Cited
`U.S. PATENT DOCUMENTS
`7,167,078 B2 *
`1/2007 Pourchot ...................... 340, 5.61
`7,509,676 B2 * 3/2009 Trueba ............................ 726/22
`7,565,529 B2* 7/2009 Becket al.
`T13,156
`8,146,072 B2 * 3/2012 Trueba ...........
`717? 17O
`8.458,293 B1* 6/2013 Lemaitre et al. .............. TO9.218
`2005. O18485.6 A1
`8, 2005 Pourchot
`2006/0O26283 A1
`2/2006 Trueba. .......................... 709,225
`2006/0026686 A1
`2/2006 Trueba. ............................ T26/24
`2006,0072527 A1* 4, 2006 Becket al. ..
`370,338
`2007/0186099 A1
`8/2007 Becket al. .................... 713/159
`2009 OO61678 A1
`3/2009 Minoo et al.
`2009,0183233 A1* 7/2009 Trueba. .............................. T26/3
`FOREIGN PATENT DOCUMENTS
`10 2005040984
`3, 2007
`DE
`10 2009 044 140
`4/2010
`DE
`2O34423
`3, 2009
`EP
`WO WO 2009/086937
`T 2009
`WO WO 2010/040703
`4/2010
`* cited by examiner
`Primary Examiner — Kenneth Coulter
`(74) Attorney, Agent, or Firm — Cozen O'Connor
`(57)
`ABSTRACT
`A plug-in connector System for a data communication inter
`face comprising a network connector and a network Socket is
`equipped with an integrated authentication function that is
`independent of network communication. The authentication
`is undertaken independently of the data transmission or the
`data communication. The enabling is undertaken by a physi
`cal connection between the contacts of the network Socket,
`where the network connector associated therewith is estab
`lished after Successful authentication.
`7 Claims, 2 Drawing Sheets
`
`ConnectNetwork Corrector
`
`30
`
`Antheticate Network Connector
`
`Ceck
`Authentication
`Result
`
`306
`
`307
`
`308
`
`aitai
`Access
`
`Block
`Access
`
`
`
`
`
`
`
`
`
`

`

`Case: 1:21-cv-00482 Document #: 1-3 Filed: 01/27/21 Page 3 of 7 PageID #:41
`
`U.S. Patent
`
`Sep. 23, 2014
`
`Sheet 1 of 2
`
`US 8,843,641 B2
`
`
`
`

`

`Case: 1:21-cv-00482 Document #: 1-3 Filed: 01/27/21 Page 4 of 7 PageID #:42
`
`U.S. Patent
`
`Sep. 23, 2014
`
`Sheet 2 of 2
`
`US 8,843,641 B2
`
`
`
`FIG 3
`
`
`
`Check
`Authentication
`Result
`
`

`

`Case: 1:21-cv-00482 Document #: 1-3 Filed: 01/27/21 Page 5 of 7 PageID #:43
`
`10
`
`15
`
`25
`
`30
`
`35
`
`US 8,843,641 B2
`2
`1.
`of solution also demands significant administrative outlay, for
`PLUG-IN CONNECTOR SYSTEM FOR
`example, for distributing and collecting the mechanical keys.
`PROTECTED ESTABLISHMENT OF A
`NETWORK CONNECTION
`SUMMARY OF THE INVENTION
`It is therefore in the object of the present invention to
`provide a system for administering and implementing access
`rights to maintenance functionalities that is operable securely
`and with little effort.
`This and other objects and advantages are achieved in
`accordance with the invention by a plug-in connector system,
`a network plug and a network Socket, wherein the inventive
`plug-in connector system for protected establishment of a
`network connection comprises a network plug featuring an
`authentication unit and a network Socket featuring an authen
`tication checking unit and an enabling unit. The authentica
`tion unit, the authentication checking unit and the enabling
`unit include devices for performing the following steps:
`A checking command is transferred by the authentication
`checking unit to the authentication unit. Based the checking
`command, a checking response is determined by the authen
`tication unit and transferred to the authentication checking
`unit. The checking response is checked by the authentication
`checking unit. In the event of a Successful check of the check
`ing response, a physical connection is enabled between the
`networkplug and network Socket for protected establishment
`of the network connection by the enabling device.
`In the preferred embodiment, a plug-in connection for a
`data communication interface is equipped with an integrated
`authentication function independent of network communica
`tion. The data communication connection typically involves
`an RJ45 or M12 plug-in connection. Consequently, the net
`work connector fulfils the function of a key, without a
`mechanical key being needed, however. The authentication is
`undertaken independently of data transmission or data com
`munication, so that neither a maintenance device nor a device
`to be maintained has to support this functionality. The
`enabling is undertaken by a physical connection being estab
`lished between the contacts of the network socket and the
`network plug connected to it.
`In an embodiment of the present plug-in connector, after
`the establishment of a network connection for a network
`connector by a physically access-protected network Socket,
`identification information of the network connector is stored.
`Based on the identification information, the network connec
`tor is checked at a predeterminable number of further network
`Sockets. In other words, an inventive maintenance cable with
`authentication function is connected to a physically access
`protected maintenance access. In this case, identification
`information of the network connector is captured and stored
`by the system to be maintained. Thereafter, further mainte
`nance accesses of the same system will typically be used with
`this network connector for a certain predeterminable period
`of time, in which case only the identification information is
`checked. As a result, a physical access protection only present
`at Some maintenance interfaces can be used to indirectly
`secure maintenance access by openly accessible maintenance
`interfaces.
`In accordance with an embodiment of the present connec
`tor system, the network connector is allowed to set up a
`network connection for a predeterminable period of time
`and/or for a predeterminable scope of access rights. Accord
`ingly, the authentication information of a network connector
`includes information about the maintenance accesses or the
`period of time for which the respective network connector is
`authorized and thus able to be used. This allows definition of
`the systems to which maintenance access is possible with a
`
`BACKGROUND OF THE INVENTION
`1. Field of the Invention
`The present invention relates to a plug-in connector sys
`tem, and a network plug and a network Socket for protected
`establishment of a network connection, which is especially
`Suitable for granting previously defined maintenance compa
`nies or maintenance technicians access to a system that is to
`be maintained.
`2. Description of the Related Art
`Technical devices require maintenance at regular intervals
`or in the event of malfunctions. To guarantee operational
`security, the maintenance should only be undertaken by
`authorized personnel. Consequently, it is necessary to allow
`only appropriately authorized personnel access to the main
`tenance functionality of the machine or system. For example,
`an owner of a machine can make it possible that only main
`tenance personnel who have completed the appropriate train
`ing have access to the machine to be maintained. Thus, on the
`one hand, the safety of the maintenance technician and, on the
`other hand, the correct operation of the machine to be main
`tained can be guaranteed.
`In Such cases, mobile maintenance devices, such as note
`books or PDAs (Personal Digital Assistants), are normally
`used, which obtain maintenance access by a locally acces
`sible interface to a specific industrial device, such as a train,
`an interlocking system, an automation controller or a medical
`device. The connection to the locally accessible interface is
`made by wire or wirelessly. Diagnostic functions can be
`called up through the maintenance access, error memories
`read out, configuration settings of the industrial system modi
`fied or software updates uploaded.
`To grant access rights, an authentication check is usually
`performed in which a claimed identity is verified and thus the
`authorization for accessing the respective maintenance inter
`face is checked. If the authentication check is successful, the
`access rights previously allocated to the respective user are
`granted.
`Most known authentication methods are based on the entity
`to be authorized having to prove, in relation to a checking
`45
`entity, that it is in possession of a secret and/or of an object.
`The best known authentication method is the transmission of
`a password in which the authenticating entity transmits a
`secret password directly to a checking entity. The checking
`entity or the authentication checking unit respectively then
`check the correctness of the transmitted password.
`For administration of maintenance accesses in large sys
`tems, however, Such a method involves a significant admin
`istrative overhead. In particular, when temporary mainte
`nance technicians or freelancers are used, the respective
`maintenance passwords should be changed again once main
`tenance on the system to be maintained has been completed so
`that future maintenance access is no longer possible for said
`persons.
`A further known option for secure administration of main
`tenance accesses is to provide the respective network Sockets
`for maintenance access in an area to which access is physi
`cally protected. For example, the network socket can be
`secured with a lockable maintenance flap or can be located in
`a lockable room. Such a method is, however, associated with
`uncertainties because a physical access protection can be
`overcome with little effort in most cases. In addition, this type
`
`40
`
`50
`
`55
`
`60
`
`65
`
`

`

`Case: 1:21-cv-00482 Document #: 1-3 Filed: 01/27/21 Page 6 of 7 PageID #:44
`
`10
`
`15
`
`25
`
`30
`
`35
`
`US 8,843,641 B2
`3
`4
`specific network connector. For example, a network connec
`In this way, for example, a control device for brake control
`can be maintained by uploading a software update. The
`tor can comprise authentication information for an entire
`industry branch or for a predeterminable member of an indus
`mobile maintenance device 111, for data communication
`try branch or for a predeterminable system type or a prede
`with the data network of the railroad car, can use RS232,
`terminable functionality of a system type. Furthermore, a
`USB, Ethernet or an IP protocol, for example.
`period of time in which the network connector can be used
`FIG. 2 shows a schematic diagram of a plug-in connector
`can be included in the authentication information. In this way,
`system for protected establishment of a network connection
`it is ensured that stolen or lost maintenance cables automati
`for a maintenance technician in accordance with the inven
`cally become invalid once a period of validity has elapsed.
`tion. Here, the mobile maintenance device 201 is connected
`The network connector in accordance with the contem
`by a two-wire line 202 to a network connector 203. The
`plated embodiments features an authentication unit which is
`network connector 203 comprises physical contacts 204 for
`Suitable for use in a plug-in connector System in accordance
`establishing a data communication connection and an authen
`with the contemplated embodiments.
`tication unit 205. The network socket 206 includes contacts
`The inventive network socket features an authentication
`207 for establishing a connection to the data network, an
`unit and an enabling unit which are Suitable for use in an
`authentication checking unit 208 and an enabling device 209.
`inventive plug-in connector system.
`In this exemplary embodiment, authentication between the
`Other objects and features of the present invention will
`authentication unit 205 and the authentication checking unit
`become apparent from the following detailed description
`208 is undertaken wirelessly over a radio interface 210. The
`considered in conjunction with the accompanying drawings.
`radio interface 210 can involve an Radio Frequency Identifi
`It is to be understood, however, that the drawings are designed
`cation (RFID) interface, for example. The authentication
`solely for purposes of illustration and not as a definition of the
`checking unit 208 transfers a checking command to the
`limits of the invention. It should be further understood that the
`drawings are not necessarily drawn to scale and that, unless
`authentication unit 205. The authentication unit 205 deter
`mines a checking response based on a checking command
`otherwise indicated, they are merely intended to conceptually
`and, in turn, transfers this response to the authentication
`illustrate the structures and procedures described herein.
`checking unit 208. In the event of a successful check by the
`authentication checking unit 208, the physical connection
`BRIEF DESCRIPTION OF THE DRAWINGS
`between network connector 203 and network socket 206 is
`through-connected by the enabling device 209. The enabling
`The invention is explained below in greater detail with
`device 209 is realized mechanically by a relay, for example, or
`exemplary embodiments which refer to the enclosed figures,
`electronically by an activatable optocoupler.
`in which:
`In one embodiment a wired interface is provided for
`FIG. 1 shows a schematic diagram of a railroad car with a
`number of control devices and a maintenance access;
`authentication of the network connector instead of the wire
`less interface 210. This can typically involve an Inter IC (IC)
`FIG. 2 shows a schematic block diagram of a plug-in con
`interface or an Serial Peripheral (SPI) interface bus.
`nection for maintenance access in accordance with the
`In determining the checking response, the authentication
`present invention; and
`unit 205 can perform a cryptographic computation using a
`FIG. 3 is a flow chart of a method for establishing a secure
`stored cryptographic key. In Such cases, a symmetrical cryp
`maintenance access in accordance with an embodiment of the
`tographic method, e.g., Data Encryption Standard (DES).
`invention.
`Advanced Encryption Standard (AES) or Hash Based Mes
`sage Authentication Cope-Secure Hash Algorithm-1
`DETAILED DESCRIPTION OF THE PRESENTLY
`(HMAC-SHA1) can be used. An asymmetric cryptographic
`PREFERRED EMBODIMENTS
`method, e.g., Rivest, Shamir and Adelatan (RSA), Digital
`Signature Algorithm (DSA) or Elliptic Curve Cryptography
`FIG. 1 shows a first and a second railroad car 101, 102
`Digital Signature Algorithm (ECC-DSA) can also be used. In
`where the control devices are each shown schematically. The
`diagram shows a train control system 103, a passenger info
`one embodiment, the authentication unit transmits a digital
`tainment system 104 and a train maintenance system 105
`certificate, e.g., in accordance with X.509.
`which are connected to each other over a network. The net
`FIG. 3 is a flowchart for secure creation of a connection
`work of the individual railroad cars 101, 102 is connected by
`between a mobile maintenance device and a maintenance
`electrocouplings 106. Also shown are gateways 107, 108 by
`access. The network connector is connected to the network
`socket, as indicated in step 301. The network connector is
`which the network connection between the individual rail
`authenticated by the network socket in accordance with the
`road cars is routed. Access to the network from outside can be
`by wire or wirelessly. The diagram shows a wireless access
`above-described methodologies, as indicated in step 302.
`109 as a Wireless LAN Access Point and a wired access 110,
`After successful authentication, the authorization of the net
`work connector is checked, as indicated in step 304. If the
`i.e., maintenance access.
`network connector does not have any authorization to access
`So that a mobile maintenance device 111 now obtains
`the maintenance network the access is rejected, as indicated
`access to the maintenance network of the train, a maintenance
`in step 305.
`access 110 is provided in the railroad car 101. This mainte
`However, if the access check is successful the access to the
`nance access 110 is located behind a lockable maintenance
`maintenance network is enabled (see step 306), and main
`flap (not shown). To connect the mobile maintenance device
`tained for a predeterminable period of time, as indicated in
`111 to the maintenance access 110 the maintenance flap is
`step 307. After the predeterminable period of time has
`first mechanically unlocked. The mobile maintenance device
`elapsed, the maintenance access is blocked, as indicated in
`111 is then connected to the network socket 110 using a
`step 308.
`network connector. After Successful authentication of the net
`work connector of the mobile maintenance device 111, the
`In another embodiment the access to the maintenance net
`maintenance access 110 is enabled by the physical connec
`work remains enabled until the network connector is removed
`tion to the data network of the railroad car being established.
`from the network socket.
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`

`

`Case: 1:21-cv-00482 Document #: 1-3 Filed: 01/27/21 Page 7 of 7 PageID #:45
`
`10
`
`15
`
`US 8,843,641 B2
`6
`5
`connector system further comprising a predeterminable num
`Thus, while there are shown, described and pointed out
`ber of further network sockets configured to check the stored
`fundamental novel features of the invention as applied to
`preferred embodiments thereof, it will be understood that
`identification information of the network connector.
`4. The plug-in connection system as claimed in claim 1,
`Various omissions and substitutions and changes in the form
`wherein the network connector is configured to allow estab
`and details of the illustrated apparatus, and in its operation,
`lishment of the network connection for only a predetermined
`may be made by those skilled in the art without departing
`period of time.
`from the spirit of the invention. Moreover, it should be rec
`5. The plug-in connection system as claimed in claim 1,
`ognized that structures shown and/or described in connection
`wherein the network connector is provided with a predeter
`with any disclosed form or embodiment of the invention may
`minable scope of access rights to establish a network connec
`be incorporated in any other disclosed or described or sug
`gested form or embodiment as a general matter of design
`tion.
`6. A network connector having an authentication unit con
`choice.
`figured for implementation in a plug-in connection system for
`What is claimed is:
`protected establishment of a network connection, the authen
`1. A plug-in connector system for protected establishment
`tication unit being configured to determine a checking
`of a network connection, comprising:
`response based on a checking command transferred from an
`a network connector including an authentication unit; and
`authentication checking unit and to transfer the checking
`a network socket including an authentication checking unit
`response to the authentication checking unit for protected
`and an enabling unit,
`establishment of the network connection, determining the
`the authentication checking unit being configured to trans
`checking response comprising performing a cryptographic
`fer a checking command to the authentication unit,
`computation utilizing a stored cryptographic key; wherein the
`the authentication unit being configured to determine a
`network connector includes a communication unit for wired
`checking response based on the checking command
`transfer of the checking command and the checking response
`transferred by the authentication checking unit and
`between the authentication unit and the authentication check
`transfer the checking response to the authentication
`ing unit, the network connector being physically connectable
`checking unit, determining the checking response com
`25
`to an enabling unit configured to enable a physical connection
`prising performing a cryptographic computation utiliz
`between the network connector and a network socket for the
`ing a stored cryptographic key:
`protected establishment of the network connection in an event
`the authentication checking unit being configured to check
`of a successful check of the checking response by the authen
`the transferred checking response, and
`tication checking unit.
`the enabling unit being configured to enable a physical
`7. A network socket having an authentication checking unit
`connection between the network connector and the net
`and an enabling unit, the network socket being configured for
`work socket for protected establishment of the network
`implementation in a plug-in connection system for protected
`connection in an event of a successful check of the
`establishment of a network connection, the authentication
`checking response by the authentication checking unit;
`checking unit being configured to transfer a checking com
`wherein the network connector and the network socket
`mand to an authentication unit and to check a transferred
`each include a communication unit for wired transfer of
`checking response from the authentication unit, checking the
`the checking command and the checking response
`transferred checking response comprising performing a cryp
`between the authentication unit and the authentication
`tographic computation utilizing a stored cryptographic key,
`checking unit.
`and the enabling unit being configured to enable a physical
`2. The connector system as claimed in claim 1, wherein the
`connection between a network connector and the network
`network socket is provided in an area protected from physical
`socket for protected establishment of the network connection
`in an event of a successful check of the checking response
`aCCCSS.
`3. The connector system as claimed in claim 1, wherein the
`transferred from the authentication unit; wherein the network
`network Socket is a physically access-protected network
`Socket includes a communication unit for wired transfer of the
`Socket, and identification information of the network connec
`checking command and the checking response between the
`tor is stored in the connector system after the protected estab
`authentication unit and the authentication checking unit.
`lishment of the network connection for the network connector
`through the physically access protected network socket, the
`
`40
`
`30
`
`35
`
`45
`
`