Authentication Process for Access to Secure Networks or Services

US 20080268815A1
Filed: 04/26/2007
Published: 10/30/2008
Est. Priority Date: 04/26/2007
Status: Abandoned Application

First Claim

Patent Images

1. A method for accessing secured computing services, the method comprising:

receiving at an authentication server an identification of a mobile telephony device;

transmitting the identification of a mobile telephony device to a mobile telephone network server;

receiving at least one security challenge from the mobile telephone network server;

transmitting to the mobile telephony device the at least one security challenge;

receiving at the authentication server at least one response to the at least one security challenge from the mobile telephony device;

transmitting the at least one response to the at least one security challenge to the mobile telephone network server; and

authenticating a session to access the secured computing services in response to verification of the at least one response from the mobile telephone network server.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system (and a method) are disclosed to access to secured services that are located behind a firewall. In one embodiment, the system receives at an authentication server a request to access the secured services. The request includes an identification of a mobile telephony device. The system transmits the identification of a mobile telephony device to a mobile telephone network server. The mobile telephone network server generates and transmits at least one security challenge that is forwarded to the mobile telephony device. In response, the mobile telephony device generates at least one response to the at least one security challenge, which gets forwarded to the mobile telephone network server. The mobile telephone network server notifies the authentication server if the response has been appropriately verified, and if so, the system allows the authentication server to allow access to the secured services, e.g., through an authenticated session.

49 Citations

View as Search Results

21 Claims

1. A method for accessing secured computing services, the method comprising:
- receiving at an authentication server an identification of a mobile telephony device;
  
  transmitting the identification of a mobile telephony device to a mobile telephone network server;
  
  receiving at least one security challenge from the mobile telephone network server;
  
  transmitting to the mobile telephony device the at least one security challenge;
  
  receiving at the authentication server at least one response to the at least one security challenge from the mobile telephony device;
  
  transmitting the at least one response to the at least one security challenge to the mobile telephone network server; and
  
  authenticating a session to access the secured computing services in response to verification of the at least one response from the mobile telephone network server.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, further comprising terminating an attempted access to the server behind the firewall in response to receiving non-verification from the mobile telephone network server.
  - 3. The method of claim 2, further comprising:
    - coupling communicatively the mobile telephony device with a companion device; and
      
      accessing the secured computing services through the companion device in response to the mobile computing device having been successfully authenticated.
  - 4. The method of claim 1, wherein the authentication server is a virtual private network (VPN) server.
  - 5. The method of claim 1, wherein the identification of the mobile telephony device comprises a subscriber identity module (SIM) identification.
  - 6. The method of claim 5, wherein the mobile telephone network server comprises an Extensible Authentication Protocol Method for Subscriber Identity Module (EAP-SIM) server.
  - 7. The method of claim 6, wherein the receiving the SIM identification, further comprises receiving the SIM identification through a virtual private network (VPN) application executing on a personal computing device and communicatively coupled with the Internet.
  - 8. The method of claim 6, wherein receiving the SIM identification further comprises receiving the SIM identification through a virtual private network (VPN) application executing on the mobile telephony device and communicatively coupled with a mobile telephone network corresponding to the mobile telephone network server.
  - 9. The method of claim 8, wherein the mobile telephone network includes a data service comprised of one of a General Packet Radio Service (GPRS), an Enhanced Data rates for Global Evolution (EDGE), or a High Speed Download Packet Access (HSDPA).

10. In a mobile telephony device, a method to access a server secured behind a firewall, the method comprising:
- transmitting a request to establish an authenticated session with the server secured behind the firewall, the request including an identification of a mobile telephony device;
  
  receiving at least one security challenge in response to the request;
  
  transmitting at least one response to the at least one security challenge; and
  
  establishing and authenticated session to access the server secured behind the firewall in response to at least one response to the at least one security challenge being verified.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. The method of claim 10, further comprising establishing a communication channel with a personal computing device.
  - 12. The method of claim 11, wherein the mobile telephony device is not connected with a mobile telephone network.
  - 13. The method of claim 11, wherein the personal computing device is communicatively coupled with an authentication server over an Internet protocol (IP) connection.
  - 14. The method of claim 10, further comprising executing an authentication application on the mobile telephony device;
  - 15. The method of claim 14, further comprising establishing a data communication link on a mobile telephony network.
  - 16. The method of claim 14, wherein the identification of the mobile telephony device comprises a subscriber identity module (SIM) identification.
  - 17. The method of claim 16, wherein the mobile telephony network includes a data service comprising one of a General Packet Radio Service (GPRS), an Enhanced Data rate for Global Evolution (EDGE), or a High Speed Download Packet Access (HSDPA).

18. A system for providing access to a secured server, the system comprising:
- a mobile telephony device having a unique device identifier corresponding to a mobile telephony network and configured to transmit that unique device identifier for use in an authentication process;
  
  an access authentication server configured to receive a request to access the secured server, the request including the unique device identifier, and configured to transmit a request to authenticate the unique device identifier; and
  
  a mobile telephony network authentication server configured to receive the request to authenticate the unique device identifier and configured to;
  
  transmit a security challenge for the mobile telephony device;
  
  receive, from the mobile telephony device, a response to the security challenge; and
  
  transmit to the access authentication server verification to authenticate the unique device identifier in response to the response to the security challenge being valid.
- View Dependent Claims (19, 20, 21)
- - 19. The system of claim 18, wherein the mobile telephony device is communicatively couples a companion device, the companion device configured to access the secured computing services in response to the mobile computing device having been successfully authenticated.
  - 20. The system of claim 19, further comprising a personal computing device communicatively coupled with the mobile telephony device and communicatively coupled with the access authentication server through an virtual private network (VPN) application.
  - 21. The system of claim 20, wherein the mobile computing device and the access authentication server are configured to transmit the security challenge and response between the mobile telephony network authentication server and the mobile telephony device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Original Assignee
Palm, Inc. (TCL Technology Group Corp.)
Inventors
Shi, Jianxiong, Jazra, Cherif, Mahe, Isabel

Application Number

US11/740,714
Publication Number

US 20080268815A1
Time in Patent Office

Days
Field of Search
US Class Current

455/411
CPC Class Codes

H04L 63/0272   Virtual private networks

H04L 63/0853   using an additional device,...

H04L 67/53   using third party service p...

H04W 12/069   using certificates or pre-s...

Authentication Process for Access to Secure Networks or Services

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

49 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Authentication Process for Access to Secure Networks or Services

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

49 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links