Apparatus and method for secure authentication of a communication device

US 10,104,062 B2
Filed: 11/02/2015
Issued: 10/16/2018
Est. Priority Date: 10/23/2013
Status: Expired due to Fees

First Claim

Patent Images

1. A communication device comprising:

a secure element having a secure element memory with first executable instructions, wherein the secure element, responsive to executing the first executable instructions, performs first operations comprising;

receiving a baseline credential and an external credential, wherein the external credential comprises access information that enables access to services provided by an external entity device;

mapping the external credential to the baseline credential in the secure element memory;

a secure device processor having a secure device processor memory with second executable instructions, wherein the secure device processor is separate from the secure element and in communication with the secure element, wherein the secure device processor, responsive to executing the second executable instructions, performs second operations comprising;

obtaining a user credential;

providing a request for an authentication to the secure element, wherein the request for the authentication includes the user credential and enables the secure element to compare the user credential with the baseline credential to determine a match between the user credential and the baseline credential to verify the authentication;

receiving the authentication and the external credential from the secure element without receiving the baseline credential;

providing the external credential to the external entity device that is remote from the communication device to enable the access to the services provided by the external entity device; and

a device processor that is separate from the secure device processor and in communication with the secure device processor, wherein the device processor facilitates wireless communications between the communication device and the external entity device, and wherein the device processor enables voice, video and data communication services to be provided by the communication device, wherein the first executable instructions are received by the secure element from a remote management server, and wherein the second executable instructions are received by the secure device processor from the remote management server.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system that incorporates the subject disclosure may perform, for example, receiving a baseline credential and an external credential, mapping the external credential to the baseline credential in a secure element memory, receiving a request for an authentication from a secure device processor of the communication device where the request for the authentication includes a user credential inputted into the communication device, comparing the user credential with the baseline credential to verify the authentication, and providing the authentication and the external credential to the secure device processor without providing the baseline credential to enable the secure device processor to provide the external credential to an external entity device that is remote from the communication device. Other embodiments are disclosed.

184 Citations

18 Claims

1. A communication device comprising:
- a secure element having a secure element memory with first executable instructions, wherein the secure element, responsive to executing the first executable instructions, performs first operations comprising;
  
  receiving a baseline credential and an external credential, wherein the external credential comprises access information that enables access to services provided by an external entity device;
  
  mapping the external credential to the baseline credential in the secure element memory;
  
  a secure device processor having a secure device processor memory with second executable instructions, wherein the secure device processor is separate from the secure element and in communication with the secure element, wherein the secure device processor, responsive to executing the second executable instructions, performs second operations comprising;
  
  obtaining a user credential;
  
  providing a request for an authentication to the secure element, wherein the request for the authentication includes the user credential and enables the secure element to compare the user credential with the baseline credential to determine a match between the user credential and the baseline credential to verify the authentication;
  
  receiving the authentication and the external credential from the secure element without receiving the baseline credential;
  
  providing the external credential to the external entity device that is remote from the communication device to enable the access to the services provided by the external entity device; and
  
  a device processor that is separate from the secure device processor and in communication with the secure device processor, wherein the device processor facilitates wireless communications between the communication device and the external entity device, and wherein the device processor enables voice, video and data communication services to be provided by the communication device, wherein the first executable instructions are received by the secure element from a remote management server, and wherein the second executable instructions are received by the secure device processor from the remote management server.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The communication device of claim 1, further comprising:
    - a device processor that is separate from the secure device processor and in communication with the secure device processor, wherein the device processor facilitates wireless communications between the communication device and the external entity device, and wherein the receiving of the baseline credential is from a remote management server that is remote from the communication device.
  - 3. The communication device of claim 1, further comprising:
    - a device processor that is separate from the secure device processor and in communication with the secure device processor, wherein the device processor facilitates wireless communications between the communication device and the external entity device, and wherein the obtaining of the user credential is in response to a prompt that is presented by the communication device responsive to an application being executed by the device processor.
  - 4. The communication device of claim 1, comprising a user interface and wherein the second operations further comprise:
    - receiving, by the secure device processor, biometric input captured at the user interface;
      
      converting, by the secure device processor, the biometric input into a binary biometric credential; and
      
      providing the binary biometric credential from the secure device processor to the secure element.
  - 5. The communication device of claim 1, wherein the baseline credential includes a first finger print, and wherein the user credential includes a second fingerprint.
  - 6. The communication device of claim 1, wherein the external credential includes a digital signature.
  - 7. The communication device of claim 1, wherein the second operations further comprise receiving an application registration request based on an application being executed by the communication device.
  - 8. The communication device of claim 1, wherein secure element comprises a universal integrated circuit card.
  - 9. The communication device of claim 1, comprising a user interface and wherein the second operations further comprise:
    - receiving, by the secure device processor, user data inputted at the user interface;
      
      converting, by the secure device processor, the user data into a binary credential; and
      
      providing the binary credential from the secure device processor to the secure element.

10. A method comprising:
- mapping, by a secure element of a communication device, an external credential to a baseline credential in a secure element memory;
  
  receiving, by a secure device processor of the communication device, user input including a user credential, wherein the secure device processor is separate from the secure element and in communication with the secure element;
  
  providing a request for an authentication from the secure device processor to the secure element, wherein the request for the authentication includes the user credential and enables the secure element to compare the user credential with the baseline credential to verify the authentication;
  
  receiving, by the secure device processor, the authentication from the secure element without receiving the baseline credential; and
  
  facilitating, by a device processor of the communication device, wireless communications for the communication device, wherein the device processor is separate from the secure device processor and in communication with the secure device processor, and wherein the device processor is separate from the secure element and in communication with the secure element; and
  
  wherein the device processor of the communication device facilitates wireless communications between the communication device and an external entity device, wherein the device processor is separate from the secure device processor and in communication with the secure device processor, wherein the device processor enables voice, video and data communication services at the communication device.
- View Dependent Claims (11, 12, 13, 14, 15, 16)
- - 11. The method of claim 10, comprising:
    - receiving, by the secure device processor, the external credential from the secure element without receiving the baseline credential; and
      
      providing, by the secure device processor, the external credential to an external entity device that is remote from the communication device.
  - 12. The method of claim 10, comprising:
    - enabling voice, video and data communication services at the communication device utilizing the device processor; and
      
      providing, by the secure device processor, the external credential to an application being executed by the communication device.
  - 13. The method of claim 10, comprising:
    - receiving, by the secure device processor, biometric input captured at a user interface of the communication device;
      
      converting, by the secure device processor, the biometric input into a binary biometric credential; and
      
      providing the binary biometric credential from the secure device processor to the secure element.
  - 14. The method of claim 10, wherein the baseline credential includes a finger print.
  - 15. The method of claim 10, wherein the secure element and the secure device processor are mutually authenticated with a remote management server using a remote management keyset.
  - 16. The method of claim 10, wherein the receiving of the user input is in response to a prompt that is presented by the communication device responsive to receiving an application registration request from an application being executed by the device processor.

17. A computer readable storage device comprising instructions which, responsive to being executed by a secure element of a communication device, cause the secure element to perform operations comprising:
- receiving a baseline credential and an external credential, wherein the external credential comprises access information that enables access to services provided by an external entity device;
  
  mapping the external credential to the baseline credential in the secure element memory;
  
  receiving a request for an authentication from a secure device processor of the communication device, wherein the request for the authentication includes a user credential;
  
  comparing the user credential with the baseline credential to determine a match between the user credential and the baseline credential to verify the authentication;
  
  providing the authentication and the external credential to the secure device processor without providing the baseline credential, wherein the external credential provided to the secure device processor was mapped to the baseline credential that was compared to the user credential; and
  
  wherein a device processor of the communication device facilitates wireless communications between the communication device and the external entity device, wherein the device processor is separate from the secure device processor and in communication with the secure device processor, wherein the secure device processor is separate from the secure element and in communication with the secure element, wherein the device processor is separate from the secure element, wherein the device processor enables voice, video and data communication services at the communication device.
- View Dependent Claims (18)
- - 18. The computer readable storage device of claim 17, wherein the operations further comprise:
    - receiving a binary biometric credential from the secure device processor, wherein the binary biometric credential is generated by the secure device processor by converting biometric input captured at a user interface of the communication device into the binary biometric credential.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Original Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Inventors
Chastain, Walter Cooper, Chin, Stephen Emille
Primary Examiner(s)
Okeke, Izunna
Assistant Examiner(s)
Zarrineh, Shahriar

Application Number

US14/929,501
Publication Number

US 20160057127A1
Time in Patent Office

1,079 Days
Field of Search

726 6
US Class Current
CPC Class Codes

G06F 21/31   User authentication

G06F 21/32   using biometric data, e.g. ...

G06F 21/45   Structures or tools for the...

H04L 63/083   using passwords cryptograph...

H04L 63/0853   using an additional device,...

H04L 63/0861   using biometrical features,...

H04L 63/0869   for achieving mutual authen...

Apparatus and method for secure authentication of a communication device

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

184 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Apparatus and method for secure authentication of a communication device

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

184 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links