System and method for user certificate initiation, distribution, and provisioning in converged WLAN-WWAN interworking networks

US 20060075242A1
Filed: 10/01/2004
Published: 04/06/2006
Est. Priority Date: 10/01/2004
Status: Active Grant

First Claim

Patent Images

1. A method for secure operations in a converged interworking network, comprising:

receiving a public key from a computing device;

performing a bootstrapping process with a cellular operator;

obtaining a user certificate from the cellular operator, wherein the user certificate is based on the public key; and

transferring the user certificate to the computing device for digital signature, verification, and encryption purposes, wherein the converged interworking network comprises a wireless wide-area network (WWAN) and a wireless local-area network (WLAN), wherein the user certificate is used in both the WWAN and WLAN networks to authenticate a subscriber.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for user certificate initiation, distribution, and provisioning in converged WLAN-WWAN interworking networks. A computing device operable in a wireless local area network sends a public key to a mobile device operable in a wireless cellular wide area network. The mobile device performs a bootstrapping procedure with a cellular operator in the wireless cellular wide area network to obtain a user certificate based on the public key. The mobile device sends the user certificate to the computing device for installation on the computing device. The user certificate may be used for digital signature, verification, and encryption purposes. The user certificate is also used in both the wireless local area network and the wireless wide area network for authenticating a subscriber when accessing services from both networks.

Citations

45 Claims

1. A method for secure operations in a converged interworking network, comprising:
- receiving a public key from a computing device;
  
  performing a bootstrapping process with a cellular operator;
  
  obtaining a user certificate from the cellular operator, wherein the user certificate is based on the public key; and
  
  transferring the user certificate to the computing device for digital signature, verification, and encryption purposes, wherein the converged interworking network comprises a wireless wide-area network (WWAN) and a wireless local-area network (WLAN), wherein the user certificate is used in both the WWAN and WLAN networks to authenticate a subscriber.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The method of claim 1, wherein the computing device comprises one of a laptop, a notebook, and any other computing device having WLAN support.
  - 3. The method of claim 1, wherein the public key is received by a mobile terminal and wherein the mobile terminal performs the bootstrapping process with the cellular operator.
  - 4. The method of claim 3, wherein the mobile terminal comprises a mobile device capable of cellular communications.
  - 5. The method of claim 1, wherein the computing device stores the user certificate in a secure storage device for digital signature, verification, and encryption.
  - 6. The method of claim 1, wherein the computing device installs the user certificate on a subscriber'"'"'s smart card.
  - 7. The method of claim 1, wherein the computing device installs the user certificate in a software-based store.
  - 8. The method of claim 1, wherein the public key comprises part of a secure and reliable key-pair, wherein the secure and reliable key-pair is generated by the computing device.
  - 9. The method of claim 8, wherein the secure and reliable key-pair is generated using a trusted hardware component.
  - 10. The method of claim 8, wherein the secure and reliable key-pair is generated using an application program interface (API).
  - 11. The method of claim 8, wherein the secure and reliable key-pair is generated using a smart card.
  - 12. The method of claim 1, wherein the public key is received via a short range wireless network.
  - 13. The method of claim 1, wherein the public key is received by a mobile terminal from the computing device via a Bluetooth connection.
  - 14. The method of claim 1, wherein the public key is received by a mobile terminal from the computing device via an infrared data association network.
  - 15. The method of claim 1, wherein the public key is received by a mobile terminal from the computing device over a wired connection.
  - 16. The method of claim 1, wherein the user certificate is installed on a mobile terminal prior to transferring the user certificate to the computing device.

17. A secure converged interworking network system, comprising:
- a wireless local area network (WLAN) having at least one computing device, the at least one computing device having WLAN support;
  
  a wireless wide area network (WWAN) having at least one mobile terminal for communicating over the WWAN network, wherein the WWAN network comprises a cellular network operator;
  
  wherein a single user certificate is used to authenticate a user when utilizing services offered by the WWAN and the WLAN networks, the single user certificate generated by enabling the at least one computing device to send a public key to the at least one mobile terminal, the at least one mobile terminal initiating a bootstrap procedure with the cellular network operator to obtain the single user certificate for the public key, and the at least one mobile terminal transferring the user certificate to the at least one computing device to be securely installed on the at least one computing device.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25)
- - 18. The system of claim 17, wherein the public key comprises part of a key-pair, wherein the key-pair is generated by the computing device.
  - 19. The system of claim 18, wherein the key-pair is generated using a trusted hardware component.
  - 20. The system of claim 18, wherein the key-pair is generated using an application program interface (API).
  - 21. The system of claim 18, wherein the key-pair is generated using a smart card.
  - 22. The system of claim 17, wherein the user certificate is installed on the mobile terminal prior to being transferred to the computing device.
  - 23. The system of claim 17, wherein the user certificate is installed on the computing device in a trusted hardware component.
  - 24. The system of claim 17, wherein the user certificate is installed on a SIM (subscriber identity module) card for the computing device.
  - 25. The system of claim 17, wherein the user certificate is installed on a smart card, wherein the computing device, the mobile terminal, and the smart card are owned by a subscriber of the converged interworking network system.

26. An article comprising:
- a storage medium having a plurality of machine accessible instructions, wherein when the instructions are executed by a processor, the instructions provide for receiving a public key from a computing device;
  
  performing a bootstrapping process with a cellular operator;
  
  obtaining a user certificate from the cellular operator, wherein the user certificate is based on the public key; and
  
  transferring the user certificate to the computing device for digital signature, verification, and encryption purposes, wherein the converged interworking network comprises a wireless wide-area network (WWAN) and a wireless local-area network (WLAN), wherein the user certificate is used to access services in both the WWAN and WLAN networks to authenticate a subscriber.
- View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35)
- - 27. The article of claim 26, wherein the computing device comprises one of a laptop, a notebook, and any other computing device having WLAN support.
  - 28. The article of claim 26, wherein a mobile device having cellular capabilities receives the public key from the computing device and performs the bootstrapping process with the cellular operator.
  - 29. The article of claim 26, wherein the computing device stores the user certificate in a secure storage device for digital signature, verification, and encryption.
  - 30. The article of claim 26 wherein the computing device installs the user certificate on a subscriber'"'"'s smart card.
  - 31. The article of claim 26, wherein the computing device installs the user certificate in a software-based store.
  - 32. The article of claim 26, wherein the public key comprises part of a secure and reliable key-pair, wherein the secure and reliable key-pair is generated by the computing device.
  - 33. The article of claim 32, wherein the secure and reliable key-pair is generated using a trusted hardware component.
  - 34. The article of claim 32, wherein the secure and reliable key-pair is generated using an application program interface (API).
  - 35. The article of claim 32, wherein the secure and reliable key-pair is generated using a smart card.

36. An authentication method, comprising:
- sending, via a computing device operable in a wireless local area network, a public key to a mobile device having cellular capabilities, the mobile device operable in a wireless wide area network, wherein the mobile device performs a bootstrapping procedure with a cellular operator in the wireless wide area network to obtain a user certificate based on the public key; and
  
  receiving the user certificate from the mobile device for digital signature, verification, and encryption purposes;
  
  wherein the user certificate is used in both the wireless local area network and the wireless wide area network for authenticating a subscriber on each of the networks.
- View Dependent Claims (37, 38, 39, 40, 41, 42, 43, 44, 45)
- - 37. The method of claim 36, further comprising securely installing the user certificate on the computing device.
  - 38. The method of claim 36, wherein the computing device comprises one of a laptop, a notebook, a computing tablet, and any other computing device capable of WLAN access.
  - 39. The method of claim 36, wherein the mobile device comprises a cellular phone, a personal digital assistant, and any other mobile device capable of operating in a cellular network.
  - 40. The method of claim 36, wherein the public key comprises part of a secure and reliable key-pair, wherein the secure and reliable key-pair is generated by the computing device.
  - 41. The method of claim 40, wherein the secure and reliable key-pair is generated using a trusted hardware component.
  - 42. The method of claim 40, wherein the secure and reliable key-pair is generated using an application program interface (API).
  - 43. The method of claim 40, wherein the secure and reliable key-pair is generated using a smart card.
  - 44. The method of claim 36, wherein the user certificate obtained from the bootstrapping process is distributed to other mobile devices used by the subscriber.
  - 45. The method of claim 36, wherein the user certificate obtained from the bootstrapping process is distributed to multiple computing devices used by the subscriber.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Aissi, Selim, Matasar, Benjamin, Dharmadhikari, Abhay, Yelamanchi, Mrudula, Dashevsky, Jane

Granted Patent

US 9,282,455 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/176
CPC Class Codes

H04L 63/062   for key distribution, e.g. ...

H04L 63/0823   using certificates cryptogr...

H04W 12/04   Key management, e.g. using ...

H04W 12/0431   Key distribution or pre-dis...

H04W 12/06   Authentication

H04W 12/08   Access security

H04W 48/16   Discovering, processing acc...

H04W 84/12   WLAN [Wireless Local Area N...

System and method for user certificate initiation, distribution, and provisioning in converged WLAN-WWAN interworking networks

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

45 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for user certificate initiation, distribution, and provisioning in converged WLAN-WWAN interworking networks

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

45 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links