SECURITY GATEWAY FOR ONLINE CONSOLE-BASED GAMING
First Claim
Patent Images
1. A method of providing an online service between a private network and a game console, the method comprising:
- communicatively coupling a security gateway between the game console and the private network for secure communications;
receiving, from the game console, a request to establish a secure communication channel with the security gateway in order to allow the game console to communicate with one or more servers within the private network configured to provide online services via the security gateway the request includes at least an initiation message an authenticator, and a security ticket the authenticator is encrypted using a first key and the security ticket is encrypted using a second key, and the first key is different than the second key;
authenticating the game console using the security gateway based at least in part on the initiation message and the security ticket received from the game console;
transmitting from the security gateway a response to the request to establish a secure communication channel the response including at least a portion of the initiation message at least a portion of the response authenticating the security gateway to the game console;
establishing one or more security keys to be used by the security gateway and the game console to encrypt information to be sent to one another, the one of more security keys being based on at least portions of the security ticket and the initiation message;
maintaining within the security gateway the one or more security keys as being associated with the game console; and
generating a requested service in response to a request from the game console, wherein the generating of the requested service is abstracted from the authentication performed by the security gateway.
1 Assignment
0 Petitions
Accused Products
Abstract
An exemplary implementation of a security gateway for online console-based gaming operates as a gateway between a public network (e.g., the Internet), and a private network (e.g., an internal data center network). The security gateway allows secure communication channels to be established with game consoles via the public network, and allows secure communication between game consoles on the public network and service devices on the private network.
83 Citations
15 Claims
-
1. A method of providing an online service between a private network and a game console, the method comprising:
-
communicatively coupling a security gateway between the game console and the private network for secure communications; receiving, from the game console, a request to establish a secure communication channel with the security gateway in order to allow the game console to communicate with one or more servers within the private network configured to provide online services via the security gateway the request includes at least an initiation message an authenticator, and a security ticket the authenticator is encrypted using a first key and the security ticket is encrypted using a second key, and the first key is different than the second key; authenticating the game console using the security gateway based at least in part on the initiation message and the security ticket received from the game console; transmitting from the security gateway a response to the request to establish a secure communication channel the response including at least a portion of the initiation message at least a portion of the response authenticating the security gateway to the game console; establishing one or more security keys to be used by the security gateway and the game console to encrypt information to be sent to one another, the one of more security keys being based on at least portions of the security ticket and the initiation message; maintaining within the security gateway the one or more security keys as being associated with the game console; and generating a requested service in response to a request from the game console, wherein the generating of the requested service is abstracted from the authentication performed by the security gateway. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. One or more computer readable media having stored thereon a plurality of instructions that, when executed by one or more processors, causes the one or more processors to:
-
receive, from a game console, a request to establish a secure communication channel with a security gateway in order to allow the game console to communicate with a private network that includes one or more servers configured to provide online services to the game console via the security gateway, the request includes at least an initiation message, an authenticator, and a security ticket, the authenticator is encrypted using a first key and the security ticket is encrypted using a second key, and the first key is different than the second key; authenticate the game console using the security gateway based at least in part on the initiation message and the security ticket received from the game console; transmit from the security gateway a response to the request to establish a secure communication channel, the response including at least a portion of the initiation message, at least a portion of the response authenticates authenticate the security gateway to the game console; establish one or more security keys to be used by the security gateway and the game console to authenticate information to be sent to one another, the one of more security keys being based on at least portions of the security ticket and the initiation message; and maintain within the security gateway the one or more security keys as being associated with the game console, wherein generating a requested service in response to a request from the game console is abstracted from the authentication performed by the security gateway.
-
-
9. One or more computer readable media having stored thereon a plurality of instructions that, when executed by one or more processors, causes the one or more processors to:
-
establish, for each of a plurality of game consoles, a different security association corresponding to the game console, wherein each security association has one or more related security keys to be used to encrypt data to be communicated to and from the corresponding game console using a security gateway configured between the plurality of game consoles and a private network that includes one or more service devices configured to provide online services to the plurality of game consoles; maintain, for each of the plurality of game consoles, information related to the security association using the security gateway until the game console is no longer available, wherein the information related to the security association includes the one or more security keys; and use the maintained information related to the security association corresponding to the game console in communicating data, received from at least one of the service devices, to the game console using the security gateway wherein generation of a requested service by the private network in response to a request from at least one of the game consoles is abstracted from the establishment and maintenance of the security associations performed by the security gateway, wherein at least one security association is established based at least in part on; a request received from the game console, the request including at least an initiation message, an authenticator, and a security ticket, the authenticator is encrypted using a first key and the security ticket is encrypted using a second key, and the first key is different than the second key; authenticating the game console using the security gateway based at least in part on the initiation message and the security ticket received from the game console; transmitting from the security gateway a response to the request to establish a secure communication channel the response including at least a portion of the initiation message, at least a portion of the response authenticating the security gateway to the game console; and establishing one or more security keys to be used by the security gateway and the game console to encrypt information to be sent to one another, the one of more security keys being based on at least portions of the security ticket and the initiation message. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A method comprising:
-
communicatively linking a security gateway between a plurality of game consoles and a private network that includes one or more service devices configured to provide online services; using the security gateway to establish, for each of the plurality of game consoles, a different security association corresponding to the game console, wherein each security association has one or more related security keys to be used to authenticate data to be communicated to and from the corresponding game console via the security gateway; using the security gateway to maintain, for each of the plurality of game consoles, information related to the security association until the game console is no longer available, wherein the information related to the security association includes the one or more security keys; using the maintained information related to the security association corresponding to the game console in communicating data, received from at least one of the service devices, to the game console via the security gateway; and generating a requested service using the private network in response to a request from at least one of the game consoles, wherein the generation of the requested service is abstracted from the establishment and maintenance of the security associations performed by the security gateway, wherein the step of using the security gateway to establish for each of the plurality of game consoles, a different security association corresponding to the game console further comprises; receiving a request from the game console, the request including at least an initiation message, an authenticator, and a security ticket, the authenticator is encrypted using a first key and the security ticket is encrypted using a second key, and the first key is different than the second key; authenticating the game console using the security gateway based at least in part on the initiation message, the authenticator, and the security ticket received from the game console; transmitting from the security gateway a response to the request to establish a secure communication channel, the response including at least a portion of the initiation message, at least a portion of the response authenticating the security gateway to the game console; and establishing one or more security keys to be used by the security gateway and the game console to encrypt information to be sent to one another, the one of more security keys being based on at least portions of the security ticket and the initiation message.
-
Specification