AUTHENTICATION GATEWAY APPARATUS FOR ACCESSING UBIQUITOUS SERVICE AND METHOD THEREOF

US 20090158034A1
Filed: 09/18/2008
Published: 06/18/2009
Est. Priority Date: 12/17/2007
Status: Active Grant

First Claim

Patent Images

1. An authentication gateway apparatus for accessing a ubiquitous service, comprising:

a first authentication device of a portable apparatus that transmits an authentication data request message to an authentication server of a service provider, and receives and stores an authentication token from the authentication server;

a plurality of ubiquitous apparatuses that are connected to the portable apparatus via wireless communication; and

second authentication devices that are connected to the first authentication device of the portable apparatus by a wireless communication scheme, have individual unique values, and are correspondingly attached to, incorporated in, or connected to the ubiquitous apparatuses.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An authentication gateway apparatus for accessing a ubiquitous service includes: an authentication server of a service provider that receives an authentication data request message from a portable apparatus, and provides an authentication token; a first authentication device of the portable apparatus that transmits the authentication data request message to the authentication server, receives and stores an authentication token from the authentication server, and is used as a representative authentication device; and second authentication devices of ubiquitous apparatuses that are connected to the first authentication device of the portable apparatus by a wireless communication system, and have individual unique values.

73 Citations

View as Search Results

20 Claims

1. An authentication gateway apparatus for accessing a ubiquitous service, comprising:
- a first authentication device of a portable apparatus that transmits an authentication data request message to an authentication server of a service provider, and receives and stores an authentication token from the authentication server;
  
  a plurality of ubiquitous apparatuses that are connected to the portable apparatus via wireless communication; and
  
  second authentication devices that are connected to the first authentication device of the portable apparatus by a wireless communication scheme, have individual unique values, and are correspondingly attached to, incorporated in, or connected to the ubiquitous apparatuses.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The authentication gateway apparatus of claim 1,wherein the first authentication device includes:
    - a main authentication unit that transmits the authentication data request message to the authentication server, and receives and stores the authentication token from the authentication server; and
      
      a first wireless communication unit that is connected to the second authentication devices by the wireless communication scheme.
  - 3. The authentication gateway apparatus of claim 1,wherein each of the second authentication devices includes:
    - a second wireless communication unit that is connected to the first authentication device of the portable apparatus by the wireless communication scheme; and
      
      an auxiliary authentication unit that receives a request to transmit the unique value of the corresponding second authentication device from the first authentication device of the portable apparatus, and transmits the stored unique value of the second authentication device to the first authentication device of the portable apparatus.
  - 4. The authentication gateway apparatus of claim 1,wherein the second authentication devices are correspondingly attached to, incorporated in, or connected to the ubiquitous apparatuses, and may be connected to the authentication server of the service provider through different network paths.
  - 5. The authentication gateway apparatus of claim 1,wherein the ubiquitous apparatuses comprise at least one of a display device, such as a monitor or a television (TV), a presentation apparatus, such as a large LCD screen, a printer, and a speaker.
  - 6. The authentication gateway apparatus of claim 1,wherein the authentication token includes a unique value of the first authentication device, a unique value of the service provider, a service unique value, time information when initial authentication is completed, and signature information.

7. A service provider server for a ubiquitous service, comprising:
- an authentication server module of a service provider that receives an access request message from a first authentication device of a portable apparatus, transmits an access permission and authentication data request message to the first authentication device of the portable apparatus, receives an authentication data request message including user authentication information from the first authentication device of the portable apparatus, and transmits an authentication token to the first authentication device of the portable apparatus; and
  
  a service data providing unit that, after service negotiation, provides service data to a ubiquitous apparatus.
- View Dependent Claims (8, 9, 10, 11)
- - 8. The service provider server of claim 7,wherein the authentication server module of the service provider receives and decrypts the encrypted authentication token from the first authentication device of the portable apparatus and a unique value of a second authentication device, and after authentication is verified, provides desired service data to the ubiquitous apparatus.
  - 9. The service provider server of claim 7,wherein the service data providing unit negotiates a service quality with the ubiquitous apparatus connected to the second authentication device so as to provide the service data after authentication is verified, and transmits desired service data to the ubiquitous apparatus connected to the second authentication device according to the negotiation result.
  - 10. The service provider server of claim 7,wherein, when wireless communication is disconnected between the first authentication device of the portable apparatus and the second authentication device of the ubiquitous apparatus, the service data providing unit receives a service stop request message from the second authentication device, and stops the transmission of the service data to the ubiquitous apparatus.
  - 11. The service provider server of claim 7,wherein the service data providing unit periodically checks the connection between the first authentication device of the portable apparatus and the second authentication device of the ubiquitous apparatus, and if it is determined that they are disconnected from each other, stops the transmission of the service data to the ubiquitous apparatus.

12. An authentication method for a ubiquitous service authentication gateway, the authentication method comprising the steps of:
- (a) causing a first authentication device of a portable apparatus to transmit an access request message to an authentication server of a service provider, to receive an authentication token according to a prescribed authentication system, and to store the received authentication token in a main authentication unit thereof;
  
  (b) when a specific button on the first authentication device of the portable apparatus is pressed, causing the portable apparatus to operate as an authentication gateway;
  
  (c) when the first authentication device of the portable apparatus is connected to a second authentication device of a ubiquitous apparatus through a wireless communication system, requesting the second authentication device for its unique value and receiving the unique value from the second authentication device;
  
  (d) combining the authentication token stored in the main authentication unit of the first authentication device of the portable apparatus with the unique value of the second authentication device, and transmitting the combined authentication token and unique value to the authentication server, to thereby request a service;
  
  (e) causing the authentication server to receive the combined authentication token and unique value, and if the service is permitted, negotiating a service quality with the ubiquitous apparatus, to which the second authentication device is attached; and
  
  (f) based on the result of the negotiation, causing the authentication server to provide service data to the ubiquitous apparatus, to which the second authentication device is attached.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
- - 13. The authentication method of claim 12,wherein step (a) includes the substeps of:
    - (a1) causing the first authentication device of the portable apparatus to transmit the access request message to the authentication server;
      
      (a2) causing the first authentication device of the portable apparatus to receive an access permission and authentication data request message from the authentication server;
      
      (a3) causing the first authentication device of the portable apparatus to transmit an authentication data request message to the authentication server according to the prescribed authentication system; and
      
      (a4) causing the first authentication device of the portable apparatus to receive the authentication token from the authentication server and to store the received authentication token in the main authentication unit thereof.
  - 14. The authentication method of claim 12,wherein, in the step (a), initial authentication is performed only once, such that the first authentication device of the portable apparatus is used as the authentication gateway.
  - 15. The authentication method of claim 12,wherein causing the portable apparatus to operate as an authentication gateway includes the substeps of:
    - (b1) displaying, on an LCD display unit of the portable apparatus, a desired service list and information about whether or not initial authentication is performed;
      
      (b2) when initial authentication of a ubiquitous service selected by a user is not performed, performing the initial authentication; and
      
      (b3) if the initial authentication of the selected service is completed, displaying connection information of a ubiquitous apparatus, to which the service is actually provided.
  - 16. The authentication method of claim 12,wherein, in the step (c), when the button on the first authentication device is pressed, the first authentication device and the second authentication device come close to each other or come into contact with each other and are connected with each other via wireless communication.
  - 17. The authentication method of claim 12,wherein, in the step (d), the authentication token and the unique value of the second authentication device are combined with each other, encrypted, and transmitted to the authentication server.
  - 18. The authentication method of claim 12, further comprising a step of:
    - when the first authentication device of the portable apparatus and the second authentication device of the ubiquitous apparatus are disconnected from each other, causing the second authentication device to transmit a service stop request message to the authentication server of the service provider.
  - 19. The authentication method of claim 12, further comprising the steps of, when the specific button on the first authentication device of the portable apparatus is pressed to request to stop the service:
    - causing the first authentication device of the portable apparatus to transmit a service stop request message to the second authentication device of the ubiquitous apparatus; and
      
      causing the second authentication device to transmit the service stop request message to the authentication server of the service provider.
  - 20. The authentication method of claim 12, further comprising a step of:
    - causing the authentication server of the service provider to periodically check the connection between the first authentication device of the portable apparatus and the second authentication device of the ubiquitous apparatus, and if they are disconnected from each other, to stop the transmission of the service data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Electronics and Telecommunications Research Institute
Original Assignee
Electronics and Telecommunications Research Institute
Inventors
JANG, Jongsoo, NAH, Jaehoon, GU, Jabeom

Granted Patent

US 8,082,591 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/156
CPC Class Codes

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 63/08   for authentication of entit...

H04L 63/123   received data contents, e.g...

H04L 9/3213   using tickets or tokens, e....

H04W 12/062   Pre-authentication

H04W 12/068   using credential vaults, e....

H04W 12/069   using certificates or pre-s...

H04W 12/10   Integrity

H04W 88/06   adapted for operation in mu...

AUTHENTICATION GATEWAY APPARATUS FOR ACCESSING UBIQUITOUS SERVICE AND METHOD THEREOF

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

73 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

AUTHENTICATION GATEWAY APPARATUS FOR ACCESSING UBIQUITOUS SERVICE AND METHOD THEREOF

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

73 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others