Method and apparatus for secure communication and key distribution in a telecommunication system

US 20020172190A1
Filed: 09/17/2001
Published: 11/21/2002
Est. Priority Date: 03/17/1999
Status: Abandoned Application

First Claim

Patent Images

1. A method for secure routing of information and addressing of a service and of parties to the service in a telecommunication system that includes a telecommunication terminal, a telecommunication network, a service provider connected to the telecommunication network, a service apparatus connected to the telecommunication network for mediating the service, and a communication link connecting the telecommunication terminal and the service apparatus, said method comprising the steps of:

providing the telecommunication terminal with a terminal-specific unambiguous identifier;

addressing the service apparatus from the telecommunication terminal by sending a predetermined connection setup request from the telecommunication terminal to the service apparatus;

providing at least one of the service apparatus and the service mediated by the service apparatus with a service-specific unambiguous identifier associated with predetermined keys for at least one of encryption and digital signing; and

sending one of a network address of the service provider and information relating to the mediated service from the telecommunication terminal to the service apparatus via the communication link.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for secure routing of information and addressing of a service and of the parties to the service in a telecommunication system that includes a telecommunication terminal, a telecommunication network, a service provider connected to the telecommunication network, a service apparatus connected to the telecommunication network, and a communication link between the telecommunication terminal and the service apparatus. The service apparatus and/or the service indicated by the apparatus, and the telecommunication terminal, are each provided with an unambiguous identifier associated with predetermined encryption and/or digital signing keys. A given service apparatus is addressed by means of the telecommunication terminal by sensing a predetermined connection setup request from the telecommunication terminal to the service apparatus. The service provider'"'"'s network address and/or other information relating to the selected service is sent from the telecommunication terminal to the service apparatus via the communication link, which may be based on Bluetooth technology.

34 Citations

View as Search Results

33 Claims

1. A method for secure routing of information and addressing of a service and of parties to the service in a telecommunication system that includes a telecommunication terminal, a telecommunication network, a service provider connected to the telecommunication network, a service apparatus connected to the telecommunication network for mediating the service, and a communication link connecting the telecommunication terminal and the service apparatus, said method comprising the steps of:
- providing the telecommunication terminal with a terminal-specific unambiguous identifier;
  
  addressing the service apparatus from the telecommunication terminal by sending a predetermined connection setup request from the telecommunication terminal to the service apparatus;
  
  providing at least one of the service apparatus and the service mediated by the service apparatus with a service-specific unambiguous identifier associated with predetermined keys for at least one of encryption and digital signing; and
  
  sending one of a network address of the service provider and information relating to the mediated service from the telecommunication terminal to the service apparatus via the communication link.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
- - 2. A method in accordance with claim 1, wherein the service apparatus is addressed from the telecommunication terminal by sending the predetermined connection setup request from the telecommunication terminal to the service apparatus via the communication link.
  - 3. A method in accordance with claim 1, further comprising the step of one of encrypting and digitally signing information sent from the telecommunication terminal using the keys associated with the service-specific unambiguous identifier, and wherein said sending step comprises sending the one of encrypted and digitally signed information from the telecommunication terminal to the service provider using an address determined by the telecommunication terminal.
  - 4. A method in accordance with claim 1, wherein the service apparatus is controlled based on information sent by the service provider.
  - 5. A method in accordance with claim 1, further comprising the step of sending, from the service provider to one of the service apparatus and the telecommunication terminal, a confirmation message.
  - 6. A method in accordance with claim 1, further comprising the step of sending, from the service provider to one of the service apparatus and the telecommunication terminal, a confirmation message confirming a service transaction if a predetermined condition has been fulfilled.
  - 7. A method in accordance with claim 1, further comprising the step of sending, from the service provider to one of the service apparatus and the telecommunication terminal, an SMS message confirming a service transaction.
  - 8. A method in accordance with claim 1, wherein a service request from the telecommunication terminal is accepted only after the service apparatus has received from the service provider a confirmation code for a requested service transaction.
  - 9. A method in accordance with claim 1, wherein the communication link comprises a Bluetooth communication connection.
  - 10. A method in accordance with claim 1, wherein the communication link comprises an infrared communication connection.
  - 11. A method in accordance with claim 1, wherein the communication link is encrypted.
  - 12. A method in accordance with claim 1, further comprising the step of using a public-private key encryption system for one of encrypting and digitally signing information exchanged between at least two of the telecommunication terminal, the service apparatus and the service provider.
  - 13. A method in accordance with claim 1, wherein WAP is used in communications between the telecommunication terminal and one of the service apparatus and the service provider.
  - 14. A method in accordance with claim 1, wherein the service provider communicates with a trusted third party that maintains a database containing one of encryption and digital signing keys associated with the unambiguous identifiers.
  - 15. A method in accordance with claim 1, further comprising the step of sending a request, from one of the service provider and the service apparatus to a trusted third party that maintains a database containing one of encryption and digital signing keys associated with the unambiguous identifiers, a request for the keys.
  - 16. A method in accordance with claim 1, wherein the network address is an IP address.
  - 18. The system of claim 17, further comprising means for addressing the service apparatus from the telecommunication terminal by sending the predetermined connection setup request from the telecommunication terminal to the service apparatus via the communication link.
  - 19. The service of claim 17, further comprising:
    - means for at least one of encrypting a digitally signing information sent from the telecommunication terminal using the keys associated with the service-specific unambiguous identifier; and
      
      means for sending the at least one of encrypted and digitally signed information over the telecommunication network to a network address determined by one of the telecommunication terminal and the service apparatus.
  - 20. The system of claim 17, further comprising means for controlling the service apparatus based on information sent by the service provider.
  - 21. The system of claim 17, further comprising means for sending, from the service provider to one of the service apparatus and the telecommunication terminal, a confirmation message.
  - 22. The system of claim 17, further comprising means for sending, from the service provider to one of the service apparatus and the telecommunication terminal, a confirmation message confirming a service transaction if a predetermined condition has been fulfilled.
  - 23. The system of claim 17, further comprising means for only accepting a service request from the telecommunication terminal after the service apparatus has received from the service provider a confirmation code for a requested service transaction.
  - 24. The system of claim 17, further comprising means for encrypting the communication link.
  - 25. The system of claim 17, further comprising a trusted third party that communicates with one of the service apparatus and the service provider over the telecommunication network.
  - 26. The system of claim 17, wherein one of the service provider and the service apparatus comprises means for sending to a trusted third party a request for the one of the encryption and digital signing keys associated with the unambiguous identifier.
  - 27. The system of claim 17, wherein the telecommunication terminal comprises a mobile station having a connected subscriber identity module.
  - 28. The system of claim 17, wherein the service apparatus comprises an automated teller machine.
  - 29. The system of claim 17, wherein the service apparatus comprises a cash register system.
  - 30. The system of claim 17, wherein the service apparatus comprises a computer.
  - 31. The system of claim 17, wherein the service apparatus comprises an automated service machine.
  - 32. The system of claim 17, wherein the telecommunication network comprises the Internet.
  - 33. The system of claim 17, wherein the telecommunication network comprises a bank payment network.

17. In a telecommunication system that includes a telecommunication terminal, a telecommunication network, a service provider connected to the telecommunication network, a service apparatus connected to the telecommunication network for mediating a service, and a communication link connecting the telecommunication terminal and the service apparatus, the improvement comprising a system for secure routing of information and addressing of the service and of parties to the service, said system comprising:
- means for providing the telecommunication terminal with a terminal-specific unambiguous identifier;
  
  means for addressing the service apparatus from the telecommunication terminal by sending a predetermined connection setup string from the telecommunication terminal to the service apparatus;
  
  means for providing at least one of the service apparatus and the service mediated by the service apparatus with a service-specific unambiguous identifier associated with predetermined keys for at least one of encryption and digital signing; and
  
  means for sending one of a network address of the service provider and information relating to the mediated service from the telecommunication terminal to the service apparatus via the communication link.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Harri Vatanen
Original Assignee
Harri Vatanen
Inventors
Vatanen, Harri

Application Number

US09/954,932
Publication Number

US 20020172190A1
Time in Patent Office

Days
Field of Search
US Class Current

370/352
CPC Class Codes

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/80   Wireless network architectu...

H04L 63/12   Applying verification of th...

H04L 9/083   involving central third par...

H04L 9/3247   involving digital signatures

H04W 12/106   Packet or message integrity

Method and apparatus for secure communication and key distribution in a telecommunication system

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

34 Citations

33 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for secure communication and key distribution in a telecommunication system

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

34 Citations

33 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links