AUTHENTICATION BOOTSTRAP BY NETWORK SUPPORT

US 20080141313A1
Filed: 11/29/2007
Published: 06/12/2008
Est. Priority Date: 12/06/2006
Status: Abandoned Application

First Claim

Patent Images

1. A method for enabling a person to use a service subscription on a user device and have a service operator stream a video to a target device, said method comprising the steps of:

enabling a first secure channel to be established between an authoritative server and the target device;

enabling a second secure channel to be established between the authoritative server and the user device;

enabling the authoritative server to interface with a database and use information associated with the second secure channel to obtain a user identity of the user device;

enabling the authoritative server to forward the user identity to the target device which displays the user identity so the user identity can be selected by a user of the user device;

enabling the authoritative server to use the first secure channel to transfer a shared secret key to the target device;

enabling the authoritative server to use the second secure channel to transfer the shared secret key to the user device;

enabling a third secure channel to be established between the target device and the user device by using the shared secret keys;

enabling the user device to transfer credential data associated with the service subscription over the third secure channel to the target device; and

enabling the target device to send the credential data to the service operator which then streams the video to the target device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An authoritative server and method are described herein that enable a person to use a Video-on-Demand (VoD) service subscription on their mobile phone (e.g., user device) to have a service operator (e.g., IMS operator) stream a video to a target device (e.g., TV terminal, computer terminal) instead of to their mobile phone.

107 Citations

14 Claims

1. A method for enabling a person to use a service subscription on a user device and have a service operator stream a video to a target device, said method comprising the steps of:
- enabling a first secure channel to be established between an authoritative server and the target device;
  
  enabling a second secure channel to be established between the authoritative server and the user device;
  
  enabling the authoritative server to interface with a database and use information associated with the second secure channel to obtain a user identity of the user device;
  
  enabling the authoritative server to forward the user identity to the target device which displays the user identity so the user identity can be selected by a user of the user device;
  
  enabling the authoritative server to use the first secure channel to transfer a shared secret key to the target device;
  
  enabling the authoritative server to use the second secure channel to transfer the shared secret key to the user device;
  
  enabling a third secure channel to be established between the target device and the user device by using the shared secret keys;
  
  enabling the user device to transfer credential data associated with the service subscription over the third secure channel to the target device; and
  
  enabling the target device to send the credential data to the service operator which then streams the video to the target device.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, wherein said first secure channel is established between the authoritative server and the target device without the authoritative server having to authenticate the target device.
  - 3. The method of claim 1, wherein said second secure channel is established between the authoritative server and the user device after a mutual authentication between the service operator and the user device.
  - 4. The method of claim 1, wherein said user device is a mobile phone.
  - 5. The method of claim 1, wherein said target device is a television terminal or a computer terminal.

6. In a system including an authoritative server, a user device, a target device and a service operator, said authoritative server implements a method comprising the steps of:
- receiving a session ID request over a first secure channel from the user device where the session ID request was originated at the target device;
  
  sending a session ID over the first secure channel to the user device which in turn forwards the session ID to the target device;
  
  establishing a second secure channel with the target device;
  
  receiving a user ID request over the second secure channel from the target device;
  
  obtaining a user identifier associated with the user device;
  
  sending the user identifier over the second secure channel to the target device which then displays the user identifier to be selected by a user of the user device;
  
  receiving a key distribution request over the second secure channel from the target device;
  
  sending a shared secret key over the second secure channel to the target device;
  
  receiving a key distribution request over the first secure channel from the user device after the user interacts with the user device; and
  
  sending the shared secret key over the first secure channel to the user device, wherein the user device and the target device use the shared secret key to establish a third secure channel between them on which the user device transfers credential data to the target device which then sends the credential data to the service operator which then streams the video to the target device.
- View Dependent Claims (7, 8)
- - 7. The method of claim 6, wherein said user device is a mobile phone.
  - 8. The method of claim 6, wherein said target device is a television terminal or a computer terminal.

9. In a system including an authoritative server, a user device, a target device and a service operator, said target device implements a method comprising the steps of:
- sending a session ID request to the user device which then sends the session ID request over a first secure channel to the authoritative server;
  
  receiving a session ID from the user device which received the session ID over the first secure channel from the authoritative server;
  
  establishing a second secure channel with the authoritative server;
  
  sending a user ID request over the second secure channel to the authoritative server;
  
  receiving a user identifier associated with the user device over the second secure channel from the authoritative server;
  
  displaying the user identifier so the user identifier can be selected by a user of the user device;
  
  sending a key distribution request over the second secure channel to the authoritative server after the user selects the displayed user identifier;
  
  receiving a shared secret key over the second secure channel from the authoritative server;
  
  using the shared secret key to establish a third secure channel with the user device which previously received the shared secret key over the first secure channel from the authoritative server;
  
  receiving credential data over the third secure channel from the user device; and
  
  sending the credential data to the service operator; and
  
  receiving the video from the service operator.
- View Dependent Claims (10, 11)
- - 10. The method of claim 9, wherein said user device is a mobile phone.
  - 11. The method of claim 9, wherein said target device is a television terminal or a computer terminal.

12. In a system including an authoritative server, a user device, a target device and a service operator, said user device implements a method comprising the steps of:
- receiving a session ID request from the target device and forwarding the session ID request over a first secure channel to the authoritative server;
  
  receiving a session ID over the first secure channel from the authoritative server and forwarding the session ID to the target device, wherein the target device establishes a second secure channel with the authoritative server, sends a user ID request over the second secure channel to the authoritative server, receives a user identifier associated with the user device over the second secure channel from the authoritative server, displays the user identifier so the user identifier can be selected by a user of the user device, sends a key distribution request over the second secure channel to the authoritative server after the user selects the displayed user identifier, and receives a shared secret key over the second secure channel from the authoritative server;
  
  sending a key distribution request over the first secure channel to the authoritative server;
  
  receiving the shared secret key over the first secure channel from the authoritative server;
  
  using the shared secret key to establish a third secure channel with the target terminal; and
  
  sending credential data over the third secure channel to the target device which then sends the credential data to the service operator and receives the video from the service operator.
- View Dependent Claims (13, 14)
- - 13. The method of claim 12, wherein said user device is a mobile phone.
  - 14. The method of claim 12, wherein said target device is a television terminal or a computer terminal.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Telefonaktiebolaget LM Ericsson
Original Assignee
Telefonaktiebolaget LM Ericsson
Inventors
Oda, Toshikane, Murakami, Shingo, Kato, Ryoji

Application Number

US11/947,576
Publication Number

US 20080141313A1
Time in Patent Office

Days
Field of Search
US Class Current

725/62
CPC Class Codes

H04L 63/061   for key exchange, e.g. in p...

H04L 63/062   for key distribution, e.g. ...

H04L 63/0853   using an additional device,...

H04L 63/18   using different networks or...

H04N 21/2347   involving video stream encr...

H04N 21/25866   Management of end-user data...

H04N 21/41407   embedded in a portable devi...

H04N 21/4143   embedded in a Personal Comp...

H04N 21/4227   Providing Remote input by a...

H04N 21/4405   involving video stream decr...

H04N 21/47202   for requesting content on d...

H04N 21/4753   for user identification, e....

H04N 21/63345   by transmitting keys key di...

H04N 7/1675   Providing digital key or au...

H04N 7/17336   Handling of requests in hea...

H04W 12/0431   Key distribution or pre-dis...

H04W 12/06   Authentication

AUTHENTICATION BOOTSTRAP BY NETWORK SUPPORT

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

107 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

AUTHENTICATION BOOTSTRAP BY NETWORK SUPPORT

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

107 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links