AUTHENTICATION BOOTSTRAP BY NETWORK SUPPORT
First Claim
Patent Images
1. A method for enabling a person to use a service subscription on a user device and have a service operator stream a video to a target device, said method comprising the steps of:
- enabling a first secure channel to be established between an authoritative server and the target device;
enabling a second secure channel to be established between the authoritative server and the user device;
enabling the authoritative server to interface with a database and use information associated with the second secure channel to obtain a user identity of the user device;
enabling the authoritative server to forward the user identity to the target device which displays the user identity so the user identity can be selected by a user of the user device;
enabling the authoritative server to use the first secure channel to transfer a shared secret key to the target device;
enabling the authoritative server to use the second secure channel to transfer the shared secret key to the user device;
enabling a third secure channel to be established between the target device and the user device by using the shared secret keys;
enabling the user device to transfer credential data associated with the service subscription over the third secure channel to the target device; and
enabling the target device to send the credential data to the service operator which then streams the video to the target device.
1 Assignment
0 Petitions
Accused Products
Abstract
An authoritative server and method are described herein that enable a person to use a Video-on-Demand (VoD) service subscription on their mobile phone (e.g., user device) to have a service operator (e.g., IMS operator) stream a video to a target device (e.g., TV terminal, computer terminal) instead of to their mobile phone.
107 Citations
14 Claims
-
1. A method for enabling a person to use a service subscription on a user device and have a service operator stream a video to a target device, said method comprising the steps of:
-
enabling a first secure channel to be established between an authoritative server and the target device; enabling a second secure channel to be established between the authoritative server and the user device; enabling the authoritative server to interface with a database and use information associated with the second secure channel to obtain a user identity of the user device; enabling the authoritative server to forward the user identity to the target device which displays the user identity so the user identity can be selected by a user of the user device; enabling the authoritative server to use the first secure channel to transfer a shared secret key to the target device; enabling the authoritative server to use the second secure channel to transfer the shared secret key to the user device; enabling a third secure channel to be established between the target device and the user device by using the shared secret keys; enabling the user device to transfer credential data associated with the service subscription over the third secure channel to the target device; and enabling the target device to send the credential data to the service operator which then streams the video to the target device. - View Dependent Claims (2, 3, 4, 5)
-
-
6. In a system including an authoritative server, a user device, a target device and a service operator, said authoritative server implements a method comprising the steps of:
-
receiving a session ID request over a first secure channel from the user device where the session ID request was originated at the target device; sending a session ID over the first secure channel to the user device which in turn forwards the session ID to the target device; establishing a second secure channel with the target device; receiving a user ID request over the second secure channel from the target device; obtaining a user identifier associated with the user device; sending the user identifier over the second secure channel to the target device which then displays the user identifier to be selected by a user of the user device; receiving a key distribution request over the second secure channel from the target device; sending a shared secret key over the second secure channel to the target device; receiving a key distribution request over the first secure channel from the user device after the user interacts with the user device; and sending the shared secret key over the first secure channel to the user device, wherein the user device and the target device use the shared secret key to establish a third secure channel between them on which the user device transfers credential data to the target device which then sends the credential data to the service operator which then streams the video to the target device. - View Dependent Claims (7, 8)
-
-
9. In a system including an authoritative server, a user device, a target device and a service operator, said target device implements a method comprising the steps of:
-
sending a session ID request to the user device which then sends the session ID request over a first secure channel to the authoritative server; receiving a session ID from the user device which received the session ID over the first secure channel from the authoritative server; establishing a second secure channel with the authoritative server; sending a user ID request over the second secure channel to the authoritative server; receiving a user identifier associated with the user device over the second secure channel from the authoritative server; displaying the user identifier so the user identifier can be selected by a user of the user device; sending a key distribution request over the second secure channel to the authoritative server after the user selects the displayed user identifier; receiving a shared secret key over the second secure channel from the authoritative server; using the shared secret key to establish a third secure channel with the user device which previously received the shared secret key over the first secure channel from the authoritative server; receiving credential data over the third secure channel from the user device; and sending the credential data to the service operator; and receiving the video from the service operator. - View Dependent Claims (10, 11)
-
-
12. In a system including an authoritative server, a user device, a target device and a service operator, said user device implements a method comprising the steps of:
-
receiving a session ID request from the target device and forwarding the session ID request over a first secure channel to the authoritative server; receiving a session ID over the first secure channel from the authoritative server and forwarding the session ID to the target device, wherein the target device establishes a second secure channel with the authoritative server, sends a user ID request over the second secure channel to the authoritative server, receives a user identifier associated with the user device over the second secure channel from the authoritative server, displays the user identifier so the user identifier can be selected by a user of the user device, sends a key distribution request over the second secure channel to the authoritative server after the user selects the displayed user identifier, and receives a shared secret key over the second secure channel from the authoritative server; sending a key distribution request over the first secure channel to the authoritative server; receiving the shared secret key over the first secure channel from the authoritative server; using the shared secret key to establish a third secure channel with the target terminal; and sending credential data over the third secure channel to the target device which then sends the credential data to the service operator and receives the video from the service operator. - View Dependent Claims (13, 14)
-
Specification