Authentication Process for Access to Secure Networks or Services
First Claim
1. A method for accessing secured computing services, the method comprising:
- receiving at an authentication server an identification of a mobile telephony device;
transmitting the identification of a mobile telephony device to a mobile telephone network server;
receiving at least one security challenge from the mobile telephone network server;
transmitting to the mobile telephony device the at least one security challenge;
receiving at the authentication server at least one response to the at least one security challenge from the mobile telephony device;
transmitting the at least one response to the at least one security challenge to the mobile telephone network server; and
authenticating a session to access the secured computing services in response to verification of the at least one response from the mobile telephone network server.
4 Assignments
0 Petitions
Accused Products
Abstract
A system (and a method) are disclosed to access to secured services that are located behind a firewall. In one embodiment, the system receives at an authentication server a request to access the secured services. The request includes an identification of a mobile telephony device. The system transmits the identification of a mobile telephony device to a mobile telephone network server. The mobile telephone network server generates and transmits at least one security challenge that is forwarded to the mobile telephony device. In response, the mobile telephony device generates at least one response to the at least one security challenge, which gets forwarded to the mobile telephone network server. The mobile telephone network server notifies the authentication server if the response has been appropriately verified, and if so, the system allows the authentication server to allow access to the secured services, e.g., through an authenticated session.
-
Citations
21 Claims
-
1. A method for accessing secured computing services, the method comprising:
-
receiving at an authentication server an identification of a mobile telephony device; transmitting the identification of a mobile telephony device to a mobile telephone network server; receiving at least one security challenge from the mobile telephone network server; transmitting to the mobile telephony device the at least one security challenge; receiving at the authentication server at least one response to the at least one security challenge from the mobile telephony device; transmitting the at least one response to the at least one security challenge to the mobile telephone network server; and authenticating a session to access the secured computing services in response to verification of the at least one response from the mobile telephone network server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. In a mobile telephony device, a method to access a server secured behind a firewall, the method comprising:
-
transmitting a request to establish an authenticated session with the server secured behind the firewall, the request including an identification of a mobile telephony device; receiving at least one security challenge in response to the request; transmitting at least one response to the at least one security challenge; and establishing and authenticated session to access the server secured behind the firewall in response to at least one response to the at least one security challenge being verified. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
-
18. A system for providing access to a secured server, the system comprising:
-
a mobile telephony device having a unique device identifier corresponding to a mobile telephony network and configured to transmit that unique device identifier for use in an authentication process; an access authentication server configured to receive a request to access the secured server, the request including the unique device identifier, and configured to transmit a request to authenticate the unique device identifier; and a mobile telephony network authentication server configured to receive the request to authenticate the unique device identifier and configured to; transmit a security challenge for the mobile telephony device; receive, from the mobile telephony device, a response to the security challenge; and transmit to the access authentication server verification to authenticate the unique device identifier in response to the response to the security challenge being valid. - View Dependent Claims (19, 20, 21)
-
Specification