Secure method of termination of service notification
First Claim
1. A method for notifying a wireless client device of termination of at least one service provided to the client device by a server system through a wireless network, the server system being disposed within an enterprise network having access to the wireless network, the method comprising the steps of:
- during a provisioning operation carried out between the server system and the client device over a secure private channel, establishing authentication data and notification data, sending the authentication data to the client device for storage in non-volatile memory within the client device, and storing the notification data at the server system, wherein the notification data is related to the authentication data;
establishing said service provided to said client device by said server system;
identifying termination of said service provided to said client device by said server system; and
transmitting said notification data to said client device when said termination of said service is identified, wherein said client device may authenticate said notification data received from the sever system on the basis of the stored authentication data and the relationship between the notification data and the authentication data, and wherein said provisioning operation includes establishing an encryption process for communications between the client device and the server system, and wherein the service is carried out at least substantially through encrypted communications, and wherein said step of identifying includes receiving an encrypted packet from the client device, attempting decryption of the encrypted packet at said server system, and determining that said decryption failed.
4 Assignments
0 Petitions
Accused Products
Abstract
A method for notifying a client device of termination of at least one service provided to the client device by a server system within an enterprise network is disclosed. The method includes the step of establishing authentication data and notification data, where the authentication data is related to the notification data, and sending the authentication data to the client device for storage during a provisioning operation. When the server system identifies a termination of service, it sends the notification data to the client device, which may then authenticate the received notification data using the authentication data.
41 Citations
20 Claims
-
1. A method for notifying a wireless client device of termination of at least one service provided to the client device by a server system through a wireless network, the server system being disposed within an enterprise network having access to the wireless network, the method comprising the steps of:
-
during a provisioning operation carried out between the server system and the client device over a secure private channel, establishing authentication data and notification data, sending the authentication data to the client device for storage in non-volatile memory within the client device, and storing the notification data at the server system, wherein the notification data is related to the authentication data;
establishing said service provided to said client device by said server system;
identifying termination of said service provided to said client device by said server system; and
transmitting said notification data to said client device when said termination of said service is identified, wherein said client device may authenticate said notification data received from the sever system on the basis of the stored authentication data and the relationship between the notification data and the authentication data, and wherein said provisioning operation includes establishing an encryption process for communications between the client device and the server system, and wherein the service is carried out at least substantially through encrypted communications, and wherein said step of identifying includes receiving an encrypted packet from the client device, attempting decryption of the encrypted packet at said server system, and determining that said decryption failed. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system comprising:
-
at least one client device, including non-volatile memory storing authentication data;
an enterprise network including a server system in communication with said client device through a wireless network to provide at least one service to the client device, said server system including a termination of service (ToS) notifier for identifying termination of said service; and
a provisioning component within said server system for establishing said authentication data and notification data, sending said authentication data to the client device, and storing the notification data within the server system, wherein said ToS notifier transmits said notification data to said client device if said ToS notifier identifies that said service has been terminated, and wherein the notification data is related to the authentication data and said client device includes an authentication component for authenticating the received notification data on the basis of the stored authentication data and the relationship between the notification data and the authentication data, and wherein said authentication data and said notification data are established during a communications provisioning process between said client device and said server system managed by said provisioning component, and wherein said provisioning component sends said authentication data to the client device over a secure private channel, and wherein said provisioning component establishes encryption keys for use in encrypting service-related communications between the client device and the server system, and wherein the service is carried out at least substantially through encrypted communications, and wherein said server system receives an encrypted packet from the client device, attempts decryption of the encrypted packet at said server system, and informs the ToS notifier that said decryption failed. - View Dependent Claims (12, 13, 14, 15, 16)
-
-
17. A computer program product comprising a computer readable medium storing computer executable instructions method for notifying a wireless client device of termination of at least one service provided to the client device by a server system through a wireless network, the server system being disposed within an enterprise network having access to the wireless network, the computer executable instructions comprising:
-
computer executable code for establishing authentication data and notification data, sending the authentication data to the client device over a secure private channel during a provisioning operation for storage in non-volatile memory within the client device, and storing the notification data at the server system, wherein the notification data is related to the authentication data;
computer executable code for establishing said service provided to said client device by said server system;
computer executable code for identifying termination of said service provided to said client device by said server system; and
computer executable code for transmitting said notification data to said client device when said termination of said service is identified, wherein said client device may authenticate said notification data received from the sever system on the basis of the stored authentication data and the relationship between the notification data and the authentication data, and wherein said provisioning operation includes establishing an encryption process for communications between the client device and the server system, and wherein the service is carried out at least substantially through encrypted communications, and wherein said code for identifying includes code for receiving an encrypted packet from the client device, attempting decryption of the encrypted packet at said server system, and determining that said decryption failed. - View Dependent Claims (18, 19, 20)
-
Specification