Method and System for Automated and Secure Provisioning of Service Access Credentials for On-Line Services to Users of Mobile Communication Terminals
2 Assignments
0 Petitions
Accused Products
Abstract
In a communications network including at least one authentication entity adapted to authenticating a network access requestor in order to conditionally grant thereto access to the communications network, wherein the authenticating is based on public key cryptography, a method for automatically provisioning the network access requestor with service access credentials for accessing an on-line service offered by an on-line service provider accessible through the communications network. The method includes: during the authenticating the network access requestor, having an authentication entity request to the on-line service provider the generation of the service access credentials; at the on-line service provider, generating the service access credentials, encrypting the service access credentials by exploiting a public encryption key of the network access requestor and providing the encrypted service access credentials to the authentication entity; and having the authentication entity cause the network access requestor to be provided with the encrypted service access credentials.
-
Citations
53 Claims
-
1-28. -28. (canceled)
-
29. In a communications network comprising at least one authentication entity adapted to authenticating a network access requestor in order to conditionally grant thereto access to the communications network, wherein said authenticating is based on public key cryptography, a method for automatically provisioning the network access requestor with service access credentials for accessing an on-line service offered by an on-line service provider accessible through the communications network, comprising:
-
during said authenticating the network access requestor, having the authentication entity request to the on-line service provider the generation of said service access credentials; at the on-line service provider, generating the service access credentials, encrypting the service access credentials by exploiting a public encryption key of the network access requestor and providing the encrypted service access credentials to the authentication entity; and having the authentication entity cause the network access requester to be provided with the encrypted service access credentials. - View Dependent Claims (30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46)
-
-
47. A system for automatically provisioning a communications terminal, capable of being adapted for a communications network, service access credentials for accessing an online service offered by an on-line service provider accessible through the communications network, comprising:
-
at least one authentication entity adapted to authenticating a network access requestor in order to conditionally grant thereto access to the communications network, wherein said authenticating is based on public key cryptography; and at least one on-line service provider accessible through the communications network and providing an on-line service, wherein; the authentication entity is adapted to request to the on-line service provider the generation of said service access credentials for accessing during said authenticating the network access requester; the on-line service provider is adapted to generate the service access credentials, to encrypt the service access credentials by exploiting a public encryption key of the network access requestor and to provide the encrypted service access credentials to the authentication entity; and the authentication entity is adapted to cause the network access requester to be provided with the service access credentials as a part of said authenticating the network access requester. - View Dependent Claims (48, 49, 50)
-
-
51. An authentication entity comprising the capability of being adapted for a communications network for authenticating a network access requester in order to conditionally grant thereto access to the communications network, the authentication entity being adapted to:
-
request to an on-line service provider, accessible through the communications network and providing an on-line service, the generation of service access credentials for accessing during said authenticating the network access requestor; and cause the network access requester to be provided with encrypted service access credentials as a part of said authenticating network access requester.
-
-
52. An on-line service provider accessible through a communications network and providing an on-line service, comprising the capability of being adapted to:
-
receive a request for service access credentials by an authentication entity adapted to authenticating a network access requester in order to conditionally grant thereto access to the communications network, based on public key cryptography; generate the service access credentials; encrypt the service access credentials by exploiting a public encryption key of the network access requestor; and provide encrypted service access credentials to the authentication entity.
-
-
53. A communications terminal comprising the capability of being adapted for a communication network, adapted to:
-
interact with an authentication entity during an authentication procedure for being granted access to the communications network, based on public key cryptography; during an authentication procedure with the authentication entity, receive from the authentication entity encrypted service access credentials for accessing an on-line service offered by an on-line service provider accessible through the network, said encrypted service access credentials being encrypted with a public encryption key of the communications terminal; and decrypt the received encrypted service access credentials using a private decryption key.
-
Specification