System and method for authentication of applications in a non-trusted network environment

US 20050114694A1
Filed: 08/12/2004
Published: 05/26/2005
Est. Priority Date: 11/05/2003
Status: Abandoned Application

First Claim

Patent Images

1. A method for verifying an application'"'"'s authorization to receive position information, comprising:

sending a challenge key to a device on which an application is running;

sending an application key to the application;

sending a challenge string to the application;

receiving an encrypted hash of the challenge key, application key and challenge string from the application;

verifying that the encrypted hash is an expected value; and

sending positioning server information to the application.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for verifying an application'"'"'s authorization to receive position information comprising receiving a request for position information from the application, determining that the application has not yet been approved to receive the requested position information, sending a challenge key to the device on which the application is running, sending an application key to the application, sending a challenge string to the application, receiving an encrypted hash of the challenge key, application key and challenge string from the application, verifying that the encrypted hash is an expected value, and sending positioning server information to the application.

Citations

30 Claims

1. A method for verifying an application'"'"'s authorization to receive position information, comprising:
- sending a challenge key to a device on which an application is running;
  
  sending an application key to the application;
  
  sending a challenge string to the application;
  
  receiving an encrypted hash of the challenge key, application key and challenge string from the application;
  
  verifying that the encrypted hash is an expected value; and
  
  sending positioning server information to the application.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1 further comprising:
    - receiving a request for position information from the application; and
      
      determining that the application has not yet been approved to receive the requested position information.
  - 3. The method of claim 1 wherein the hash is an MD5 hash.
  - 4. The method of claim 1 wherein sending positioning server information to the application comprises sending a message to the application that contains an IP address of the positioning server.

5. A computer program product having a computer readable medium having computer program logic recorded thereon for providing services to a wireless device, comprising:
- code for receiving a request for location information from an application adapted to provide location-aware services to the wireless device;
  
  code for verifying that a user has given permission to the application to request the location information; and
  
  code for authorizing the application to receive the location information.
- View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 6. The computer program product of claim 5 wherein the code for receiving comprises code for determining that the application has not yet been authorized to receive the location information.
  - 7. The computer program product of claim 5 wherein the code for verifying comprises:
    - code for sending a challenge key to the wireless device;
      
      code for sending a challenge string to the application;
      
      code for receiving an encrypted hash of the challenge key and challenge string from the application; and
      
      code for verifying that the encrypted hash is an expected value.
  - 8. The computer program product of claim 5 wherein the code for authorizing comprises:
    - code for sending an application key to the application;
      
      code for sending a challenge string to the application;
      
      code for receiving an encrypted hash of the application key and challenge string from the application;
      
      code for verifying that the encrypted hash is an expected value; and
      
      code for sending positioning server information to the application.
  - 9. The computer program product of claim 5 wherein the wireless device is selected from the group consisting of:
    - a mobile telephone;
      
      a Personal Digital Assistant;
      
      a handheld email device; and
      
      a laptop computer.
  - 10. The computer program product of claim 5 wherein code for receiving, code for verifying, and code for authorizing are one or more computer programs included in a location services manager.
  - 11. The computer program product of claim 10 wherein the location services manager runs on a server computer.
  - 12. The computer program product of claim 5 wherein the code for verifying comprises a trusted framework adapted to prompt a user for permission to request the location information.
  - 13. The computer program product of claim 5 wherein the code for authorizing comprises:
    - code for sending a challenge string to the application;
      
      code for receiving a Public Key Infrastructure (PKI) encryption of the challenge string from the application;
      
      code for decrypting the PKI encryption; and
      
      code for determining that the decrypted encryption contains the challenge string.
  - 14. The computer program product of claim 5 further comprising:
    - code for interrogating a network operator'"'"'s system to map an IP address of the wireless device to a Mobile Subscriber Integrated Services Digital Network (MSISDN) associated with the wireless device; and
      
      code for determining that the MSISDN is the same for one or more subsequent requests for user location information.

15. A computer program product having a computer readable medium having computer program logic recorded thereon for providing services to a wireless device, comprising:
- code for requesting user location information from a network resource;
  
  code for prompting a user for permission to request the location information; and
  
  code for authorizing an application, operable to provide location-aware services to the wireless device, to receive the location information.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
- - 16. The computer program product of claim 15 wherein the code for requesting comprises:
    - code for sending a request for the user location information to a location services manager and;
      
      code for receiving notification that the user location information request failed.
  - 17. The computer program product of claim 15 wherein the code for requesting comprises code for sending an application name and an application identifier to an LCS manager.
  - 18. The computer program product of claim 15 wherein the code for prompting comprises:
    - code for prompting the user to enter a challenge key that was sent by a network resource;
      
      code for receiving a challenge string from the network resource;
      
      code for creating an encrypted hash of the challenge key and challenge string; and
      
      code for sending the encrypted hash to the network resource.
  - 19. The computer program product of claim 15 wherein the code for authorizing comprises:
    - code for creating an encrypted hash of an application key and challenge string;
      
      code for sending the encrypted hash to a network resource; and
      
      code for receiving a network address for a positioning server from the network resource.
  - 20. The computer program product of claim 15 wherein the code for requesting, code for prompting, and code for authorizing comprises one or more programs running on a wireless device.
  - 21. The computer program product of claim 15 wherein the one or more programs comprise a location services agent.
  - 22. The computer program product of claim 15 wherein the code for requesting, code for prompting, and code for authorizing comprises a trusted framework adapted to authorize one or more other applications operable to provide location-aware services to a wireless device.
  - 23. The computer program product of claim 22 wherein the code for requesting comprises:
    - code for creating a message which includes permission from a user and a request for location information; and
      
      code for signing the message with a private key associated with a certificate.
  - 24. The computer program product of claim 22 wherein the code for authorizing comprises:
    - code for receiving a challenge string; and
      
      code for generating a PKI of the challenge string.
  - 25. The computer program product of claim 22 wherein the trusted framework is middleware adapted to communicate with the applications through use of an Application Programming Interface (API).
  - 26. The computer program product of claim 22 wherein the trusted framework further comprises:
    - code for detecting that a first Subscriber Identity Module (SIM) associated with the wireless device has been replaced by a second SIM; and
      
      code for erasing one or more stored keys not associated with the second SIM.

27. A method for approving an application'"'"'s request for position information, comprising:
- sending an application name and an application identifier to a location services manager;
  
  prompting a user to enter a challenge key that was sent by the location services manager;
  
  receiving an application key from the location services manager;
  
  receiving a challenge string from the location services manager;
  
  creating an encrypted hash of the challenge key, application key and challenge string;
  
  sending the encrypted hash to the location services manager; and
  
  receiving a positioning server address from the location services manager.
- View Dependent Claims (28, 29, 30)
- - 28. The method of claim 27 further comprising:
    - sending a request for position information to a location services manager; and
      
      receiving notification that the position information request failed.
  - 29. The method of claim 27 further including contacting a DNS server to request an IP address of the location services manager.
  - 30. The method of claim 27 wherein the application is running on a wireless device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Openwave Systems Incorporated (JP Morgan Chase & Co)
Original Assignee
Openwave Systems Incorporated (JP Morgan Chase & Co)
Inventors
Cedervall, Mats, Wager, Garrick

Application Number

US10/917,087
Publication Number

US 20050114694A1
Time in Patent Office

Days
Field of Search
US Class Current

726/26
CPC Class Codes

H04L 2209/80   Wireless

H04L 63/0428   wherein the data content is...

H04L 63/12   Applying verification of th...

H04L 9/3263   involving certificates, e.g...

H04L 9/3271   using challenge-response

System and method for authentication of applications in a non-trusted network environment

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for authentication of applications in a non-trusted network environment

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links