A first IoT device includes a memory, a transceiver, bloom filter evaluation, false positive comparison and control modules. The memory stores: a bloom filter set including an array of bits representing entries in a certificate revocation list; and a false positive set including a list of certificate entries falsely identified as being revoked. The transceiver receives from a second IoT device a message including a certificate. The bloom filter evaluation module receives the bloom filter set from a back office station and determines whether an identifier associated with the certificate is in the bloom filter set. The false positive comparison module receives the false positive set from the back office station and determines whether the identifier is in the false positive set. The control module permits communication between the first and second IoT devices based on whether the identifier is in the bloom filter and false positive sets.

A first IoT device includes a memory, a transceiver, bloom filter evaluation, false positive comparison and control modules. The memory stores: a bloom filter set including an array of bits representing entries in a certificate revocation list; and a false positive set including a list of certificate entries falsely identified as being revoked. The transceiver receives from a second IoT device a message including a certificate. The bloom filter evaluation module receives the bloom filter set from a back office station and determines whether an identifier associated with the certificate is in the bloom filter set. The false positive comparison module receives the false positive set from the back office station and determines whether the identifier is in the false positive set. The control module permits communication between the first and second IoT devices based on whether the identifier is in the bloom filter and false positive sets.

Briefly, systems and methods for managing Internet of Things (IoT) devices provide platforms featuring an architecture for user and device authentication as well as IoT system self-healing.

A method and apparatus for preventing access to an IoT device is provided herein. During operation an apparatus will inquire about current and/or past connections to an IoT device. A list of identities of current and/or past apparatuses that were connected to the IoT device will be provided, and a determination on whether or not to allow access to the IoT device will be based on the identities of current and/or past apparatuses that are accessing, or have accessed the IoT device.

A method and apparatus for preventing access to an IoT device is provided herein. During operation an apparatus will inquire about current and/or past connections to an IoT device. A list of identities of current and/or past apparatuses that were connected to the IoT device will be provided, and a determination on whether or not to allow access to the IoT device will be based on the identities of current and/or past apparatuses that are accessing, or have accessed the IoT device.

The present disclosure provides an Internet of Things communication method and apparatus. The method includes: receiving a resource addition request transmitted by a client, where the resource addition request is used to indicate addition of an identification of a reference resource into a collection resource on the first server; performing communication with the reference resource according to an access location of the reference resource and the identification of the reference resource; adding the identification of the reference resource into the collection resource if the communication between the first server and the reference resource is successful. In this way, before adding the reference resource, the first server first performs communication with the reference resource, and adds the identification of the reference resource into the collection resource after determining that the communication between the first server and the reference resource is successful, thereby ensuring the validity of the reference resource.

Methods and apparatus automatically identify which Internet-of-Things (IoT) devices within a set are behaving in a manner non-compliant with a target behavior. Each IoT device is assigned to a grid point in a notional m-dimensional space. A respective assessment module is arranged to monitor behavior of a group of IoT devices assigned to grid points aligned with one another at a respective position along the respective dimension, and to produce an output indicative of non-compliant behavior if the monitoring indicates that behavior in the group of IoT devices deviates from a behavioral model of the IoT devices of said group. An identification module identifies at least one non-compliant IoT device in the set of IoT devices by combining outputs from the assessment modules assigned to the different dimensions of the space. The assessment modules may use trained machine-learning algorithms embodying a model of normal behavior of the group of devices.

Methods and apparatus automatically identify which Internet-of-Things (IoT) devices within a set are behaving in a manner non-compliant with a target behavior. Each IoT device is assigned to a grid point in a notional m-dimensional space. A respective assessment module is arranged to monitor behavior of a group of IoT devices assigned to grid points aligned with one another at a respective position along the respective dimension, and to produce an output indicative of non-compliant behavior if the monitoring indicates that behavior in the group of IoT devices deviates from a behavioral model of the IoT devices of said group. An identification module identifies at least one non-compliant IoT device in the set of IoT devices by combining outputs from the assessment modules assigned to the different dimensions of the space. The assessment modules may use trained machine-learning algorithms embodying a model of normal behavior of the group of devices.

An Internet of Things device is herein disclosed. The Internet of Things device comprises a communications module having circuitry to communicatively connect to a computer network, a memory operable to store data, a processor coupled to the memory and the communications module and operable to execute instructions stored in the memory, and an activity module, including at least one of a sensor and a control device. The activity module operates under control of the processor to perform a designated activity with at least one of the sensor and the control device. The activity module further communicates on the computer network via the communications module. The processor curtails a volume of communication of the communications module on the computer network if a measured value of a system parameter exceeds a threshold value.

An Internet of Things device is herein disclosed. The Internet of Things device comprises a communications module having circuitry to communicatively connect to a computer network, a memory operable to store data, a processor coupled to the memory and the communications module and operable to execute instructions stored in the memory, and an activity module, including at least one of a sensor and a control device. The activity module operates under control of the processor to perform a designated activity with at least one of the sensor and the control device. The activity module further communicates on the computer network via the communications module. The processor curtails a volume of communication of the communications module on the computer network if a measured value of a system parameter exceeds a threshold value.