Remote feature activation authentication file system

US 20040128551A1
Filed: 01/20/2003
Published: 07/01/2004
Est. Priority Date: 12/26/2002
Status: Active Grant

First Claim

Patent Images

1. A process for providing a user with authorization to perform one or more functions using or otherwise involving the computational component, comprising:

providing a computational component for installation by a user on a computational system, the computational component having a first set of authentication information permitting a first set of operations to be performed on the computational component;

receiving a request from the user for a second set of authentication information permitting a second set of operations to be performed on the computational component, the first and second sets of operations being different;

generating an authentication file containing the second set of authentication information; and

transmitting the authentication file to the computational system.

View all claims

24 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for providing a user with authorization to perform one or more functions using or otherwise involving a computational component is provided. The system includes an authentication file system 100 operable to (a) receive a request from a user for a second set of authentication information permitting a second set of operations to be performed on a computational component, wherein the computational component is operable to be installed by the user on the computational system, wherein the computational component contains a first set of authentication information permitting a first set of operations to be performed on the computational component; and wherein the first and second sets of operations are different; (b) generate an authentication file containing the second set of authentication information; and (c) transmit the authentication file to the computational system.

163 Citations

View as Search Results

50 Claims

1. A process for providing a user with authorization to perform one or more functions using or otherwise involving the computational component, comprising:
- providing a computational component for installation by a user on a computational system, the computational component having a first set of authentication information permitting a first set of operations to be performed on the computational component;
  
  receiving a request from the user for a second set of authentication information permitting a second set of operations to be performed on the computational component, the first and second sets of operations being different;
  
  generating an authentication file containing the second set of authentication information; and
  
  transmitting the authentication file to the computational system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1, wherein the computational system is a telecommunication switch or server and the computational component is software to be loaded onto the switch or server.
  - 3. The method of claim 1, wherein the first set of authentication information comprises a default password and the first set of operations comprise requesting delivery of the authentication file.
  - 4. The method of claim 1, wherein the computational system is associated with a unique identifier and the authentication file comprises the unique identifier.
  - 5. The method of claim 1, wherein the user is a non-trusted party.
  - 6. The method of claim 1, wherein the second set of authentication information comprises at least one of a password and key associated with a login name.
  - 7. The method of claim 1, wherein the second set of operations comprise logging onto the computational component and accessing information contained therein.
  - 8. The method of claim 1, wherein in the transmitting step the authentication file is transmitted in encrypted form.
  - 9. The method of claim 1, wherein the generating step comprises:
    - determining whether the request is for a newly created password or an existing password;
      
      when the request is for a newly created password, creating the new password; and
      
      when the request is for an existing password, retrieving the password from password storage.
  - 10. The method of claim 9, further comprising:
    - determining whether there any unconfirmed keys associated with the computational system.
  - 11. The method of claim 10, further comprising:
    - determining whether the request is for a newly created key or an existing key;
      
      when the request is for a newly created key, creating the new key; and
      
      when the request is for an existing key, retrieving the key from key storage.
  - 12. The method of claim 4, wherein the authentication file comprises a plurality of platform type, a software release, an expiration date, one or more login names, one or more passwords associated respectively with the one or more login names, and one or more keys associated respectively with the one or more login names.
  - 13. A computer readable medium operable to perform the steps of claim 1.
  - 14. A logic circuit operable to perform the steps of claim 1.

15. A process for installing a computational component on a computational system, comprising:
- providing a computational component for installation by a user on a computational system, the computational component having a first set of authentication information permitting a first set of operations to be performed on the computational component;
  
  receiving the first set of authentication information from the user before, during, or after installation of the computational component on the computational system;
  
  verifying the first set of authentication information;
  
  when the first set of authentication information is successfully verified, receiving a request from the user for a second set of authentication information permitting a second set of operations to be performed on the computational component, the first and second sets of operations being different;
  
  receiving an authentication file containing the second set of authentication information; and
  
  loading the authentication file onto the computational system.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24)
- - 16. The method of claim 15, wherein the computational system is a telecommunication switch or server and the computational component is software to be loaded onto the switch or server.
  - 17. The method of claim 15, wherein the first set of authentication information comprises a default password and the first set of operations comprise requesting delivery of the authentication file.
  - 18. The method of claim 15, wherein the computational system is associated with a unique identifier and the authentication file comprises the unique identifier.
  - 19. The method of claim 15, wherein the user is a non-trusted party.
  - 20. The method of claim 15, wherein the second set of authentication information comprises at least one of a password and key associated with a login name.
  - 21. The method of claim 15, wherein the second set of operations comprise logging onto the computational component and accessing information contained therein.
  - 22. The method of claim 15, wherein the authentication file is received in encrypted form.
  - 23. The method of claim 15, wherein the loading step comprises:
    - validating the authentication file; and
      
      decrypting the authentication file.
  - 24. The method of claim 23, wherein the validating step comprises at least one of the following operations (a) determining whether or not a serial number contained in the authentication file matches a serial number associated with the computational system, (b) determining whether or not a right to use the computational component has expired, (c) determining whether or not a version contained in the authentication file matches a version of the computational component, (d) verifying data integrity of the authentication file, and (e) determining whether or not the authentication file length and format are correct.

25. A system for providing a user with authorization to perform one or more functions using or otherwise involving a computational component, comprising:
- an authentication file system operable to;
  
  (a) receive a request from a user for a second set of authentication information permitting a second set of operations to be performed on a computational component, wherein the computational component is operable to be installed by the user on the computational system, wherein the computational component contains a first set of authentication information permitting a first set of operations to be performed on the computational component; and
  
  wherein the first and second sets of operations are different;
  
  (b) generate an authentication file containing the second set of authentication information; and
  
  (c) transmit the authentication file to the computational system.
- View Dependent Claims (26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
- - 26. The system of claim 25, wherein the computational system is a telecommunication switch or server and the computational component is software to be loaded onto the switch or server.
  - 27. The system of claim 25, wherein the first set of authentication information comprises a default password and the first set of operations comprise requesting delivery of the authentication file.
  - 28. The system of claim 25, wherein the computational system is associated with a unique identifier and the authentication file comprises the unique identifier.
  - 29. The system of claim 25, wherein the user is a non-trusted party.
  - 30. The system of claim 25, wherein the second set of authentication information comprises at least one of a password and key associated with a login name.
  - 31. The system of claim 25, wherein the second set of operations comprise logging onto the computational component and accessing information contained therein.
  - 32. The system of claim 25, wherein the authentication file is transmitted in encrypted form and wherein the authentication file system comprises an encryptor operable to encrypt the authentication file.
  - 33. The system of claim 25, wherein the authentication file system comprises:
    - an authentication file generator operable to generate the authentication file;
      
      a password creator operable to create at least one of a random and pseudo random password;
      
      an authentication file encryptor operable to encrypt the authentication file; and
      
      a platform login table comprising a listing of login names and at least one of an associated password and key.
  - 34. The system of claim 33, further comprising:
    - a password retrieval agent operable to store passwords in and retrieve passwords from password storage;
      
      a key manager operable to generate new keys and store keys in and retrieve keys from key storage; and
      
      a password change system scheduler operable to periodically request a new authentication file to be generated and transmitted to the computational system.
  - 35. The system of claim 25, wherein the authentication file comprises a plurality of platform type, a software release, an expiration date, one or more login names, one or more passwords associated respectively with the one or more login names, and one or more keys associated respectively with the one or more login names.

36. A telecommunication system, comprising:
- a computational component, the computational component having a first set of authentication information permitting a first set of operations to be performed on the computational component; and
  
  a local access controller operable to receive a second set of authentication information, verify the second set of authentication information, and, when the second set of authentication information is successfully verified, load the second set of authentication information into the telecommunication system, wherein the second set of authentication information permits a second set of operations to be performed on the computational component and wherein the first and second sets of operations are different.
- View Dependent Claims (37, 38, 39, 40, 41, 42, 43, 44, 45)
- - 37. The system of claim 36, wherein the computational component is software to be loaded onto the telecommunication system.
  - 38. The system of claim 36, wherein the first set of authentication information comprises a default password and the first set of operations comprise requesting delivery of the authentication file.
  - 39. The system of claim 36, wherein the computational system is associated with a unique identifier and the authentication file comprises the unique identifier.
  - 40. The system of claim 36, wherein the user is a non-trusted party.
  - 41. The system of claim 36, wherein the second set of authentication information comprises at least one of a password and key associated with a login name.
  - 42. The system of claim 36, wherein the second set of operations comprise logging onto the computational component and accessing information contained therein.
  - 43. The system of claim 36, wherein the authentication file is received in encrypted form.
  - 44. The system of claim 36, wherein the local access controller is operable to validate the authentication file and decrypt the authentication file.
  - 45. The system of claim 44, wherein validation comprises at least one of the following operations (a) determining whether or not a serial number contained in the authentication file matches a serial number associated with the computational system, (b) determining whether or not a right to use the computational component has expired, (c) determining whether or not a version contained in the authentication file matches a version of the computational component, (d) verifying data integrity of the authentication file, and (e) determining whether or not the authentication file length and format are correct.

46. An authentication file for use in controlling access to a computational system, comprising:
- a set of login names;
  
  for each login name in the set of login names, at least one of a password and a key; and
  
  a unique identifier associated with the computational system.
- View Dependent Claims (47, 48, 49, 50)
- - 47. The authentication file of claim 46, wherein each login name has a corresponding password.
  - 48. The authentication file of claim 46, wherein each login name has a corresponding key.
  - 49. The authentication file of claim 46, wherein the unique identifier is a serial number of a processor in the computational system.
  - 50. The authentication file of claim 46, further comprising a platform type associated with the computational system, a software release associated with software operating on the computational system, and a right-to-use expiration date associated with the software.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Avaya Incorporated
Original Assignee
Avaya Incorporated
Inventors
Serkowski, Robert J., Walker, William T.

Granted Patent

US 7,890,997 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/201
CPC Class Codes

G06F 21/6218 to a system of files or obj...

Remote feature activation authentication file system

First Claim

24 Assignments

0 Petitions

Accused Products

Abstract

163 Citations

50 Claims

Specification

Solutions

Use Cases

Quick Links

Remote feature activation authentication file system

First Claim

24 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

163 Citations

50 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links