AUTHENTICATION MESSAGING SERVICE

US 20090193507A1
Filed: 01/28/2008
Published: 07/30/2009
Est. Priority Date: 01/28/2008
Status: Abandoned Application

First Claim

Patent Images

1. A method to regulate access to a service in a communication network accessible by one or more mobile devices, comprising:

receiving, in an authentication server, a first authentication token request for an authentication token, wherein the first authentication token request uniquely identifies a mobile client computing device and a unique service;

processing, in the authentication server, the first authentication token request; and

transmitting an authentication token from the authentication server to the mobile client computing device when the first authentication token request is approved by the authentication server.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one embodiment an authentication server comprises one or more processors, and a memory module communicatively connected to the one or more processors. The memory module and comprises logic instructions which, when executed on the one or more processors configure the one or more processors to regulate access to a service in a communication network by performing operations, comprising receiving, in the authentication server, a first authentication token request for an authentication token, wherein the first authentication token request uniquely identifies a client computing device and a unique service, processing, in the authentication server, the first authentication token request, and transmitting an authentication token from the authentication token server to the client computing device when the first authentication token request is approved by the authentication server.

97 Citations

View as Search Results

22 Claims

1. A method to regulate access to a service in a communication network accessible by one or more mobile devices, comprising:
- receiving, in an authentication server, a first authentication token request for an authentication token, wherein the first authentication token request uniquely identifies a mobile client computing device and a unique service;
  
  processing, in the authentication server, the first authentication token request; and
  
  transmitting an authentication token from the authentication server to the mobile client computing device when the first authentication token request is approved by the authentication server.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, wherein:
    - the first authentication token request is initiated by a service request to a first resource server coupled to a communication network; and
      
      the first resource server transmits the authentication token request to the authentication server.
  - 3. The method of claim 1, wherein the client computing device transmits the first authentication token request directly to the authentication server.
  - 4. The method of claim 1, wherein:
    - the first authentication token request is transmitted to the authentication token server via a first communication channel; and
      
      the authentication token is transmitted from the authentication token server to the mobile client computing device via a second communication channel, different from the first communication channel.
  - 5. The method of claim 2, wherein the authentication token comprises a code which a user of the mobile client computing device must provide to the first resource server in order to access the resource provided by the first resource server.
  - 6. The method of claim 1, wherein processing the first authentication token request comprises:
    - validating at least one of the mobile client computing device and the user; and
      
      assigning an initiation time and an expiration time to the authentication token.
  - 7. The method of claim 2, further comprising:
    - receiving the authentication token in the mobile client computing device; and
      
      transmitting at least a portion of the authentication token from the mobile client computing device to the first resource server to complete the service request.
  - 8. The method of claim 2, wherein:
    - the first authentication token request comprises encryption data generated at least in part based on at least one specific hardware parameter of the mobile client computing device; and
      
      the authentication server transmits a key component to the first resource server.
  - 9. The method of claim 8, further comprising:
    - receiving the service request and at least a portion of the authentication token in the first resource server;
      
      decrypting the service requestgenerating, in the first resource server, a second service request for a second authentication token, wherein the second authentication token request uniquely identifies the mobile client computing device, the first resource server, a second resource server, and a unique service; and
      
      transmitting the second authentication token to the authentication server.
  - 10. The method of claim 9, further comprising:
    - receiving, in the authentication server, the second authentication token request; and
      
      processing the second authentication token request, wherein processing the second authentication token request comprises;
      
      confirming, in the authentication server, a successful completion of the first service request; and
      
      validating at least one of the mobile client computing device and the user; and
      
      assigning an initiation time and an expiration time to the authentication token for the second service request; and
      
      transmitting the authentication token for the second service request to the client computing device.
  - 11. The method of claim 10, wherein:
    - the second authentication token request comprises encryption data generated at least in part based on at least one specific hardware parameter of the client computing device and at least one specific hardware parameter of the first resource server; and
      
      the authentication server transmits a key component to the second resource server.
  - 12. The method of claim 10, further comprising:
    - receiving, in the mobile client computing device, the authentication token for the second service request; and
      
      transmitting at least a portion of the authentication token for the second service request from the mobile client computing device to the second resource server to complete the service request.

13. An authentication server, comprising:
- one or more processors;
  
  a memory module communicatively connected to the one or more processors and comprising logic instructions which, when executed on the one or more processors configure the one or more processors to regulate access to a service in a communication network by performing operations, comprising;
  
  receiving, in the authentication server, a first authentication token request for an authentication token, wherein the first authentication token request uniquely identifies a mobile client computing device and a unique service;
  
  processing, in the authentication server, the first authentication token request; and
  
  transmitting an authentication token from the authentication token server to the mobile client computing device when the first authentication token request is approved by the authentication server.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 14. The authentication server of claim 13, further comprising a first resource server coupled to the authentication server via a communication network, wherein:
    - the first authentication token request is initiated by a service request to the first resource server coupled to the communication network; and
      
      the first resource server transmits the authentication token request to the authentication server.
  - 15. The authentication server of claim 13, wherein:
    - the first authentication token request is transmitted to the authentication token server via a first communication channel; and
      
      the authentication token is transmitted from the authentication token server to the mobile client computing device via a second communication channel, different from the first communication channel.
  - 16. The authentication server of claim 13, further comprising logic instructions which, when executed on the one or more processors configure the one or more processors to:
    - validate at least one of the mobile client computing device and the user; and
      
      assign an initiation time and an expiration time to the authentication token.
  - 17. The authentication server of claim 14, further comprising logic instructions which, when executed on the one or more processors configure the one or more processors to:
    - receive the authentication token in the mobile client computing device; and
      
      transmit at least a portion of the authentication token from the client computing device to the first resource server to complete the service request.
  - 18. The authentication server of claim 14, wherein:
    - the first authentication token request comprises encryption data generated at least in part based on at least one specific hardware parameter of the mobile client computing device; and
      
      the authentication server transmits a key component to the first resource server.
  - 19. The authentication server of claim 18, further comprising logic instructions which, when executed on the one or more processors configure the one or more processors to:
    - receive the service request and at least a portion of the authentication token in the first resource server;
      
      decrypt the service requestgenerate, in the first resource server, a second authentication token request for an authentication token, wherein the second authentication token request uniquely identifies the mobile client computing device, the first resource server, a second resource server, and a unique service; and
      
      transmit the second authentication token to the authentication server.
  - 20. The authentication server of claim 19, further comprising logic instructions which, when executed on the one or more processors configure the one or more processors to:
    - receive, in the authentication server, the second authentication token request; and
      
      process the second authentication token request, wherein processing the second authentication token request comprises;
      
      confirming, in the authentication server, a successful completion of the first service request; and
      
      validating at least one of the client computing device and the user; and
      
      assigning an initiation time and an expiration time to the authentication token for the second service request; and
      
      transmit the authentication token for the second service request to the client computing device.
  - 21. The authentication server of claim 20, wherein:
    - the second authentication token request comprises encryption data generated at least in part based on at least one specific hardware parameter of the client computing device and at least one specific hardware parameter of the first resource server; and
      
      the authentication server transmits a key component to the second resource server.
  - 22. The authentication server of claim 20, further comprising logic instructions which, when executed on the one or more processors configure the one or more processors to:
    - receive, in the client computing device, the authentication token for the second service request; and
      
      transmit at least a portion of the authentication token for the second service request from the mobile client computing device to the second resource server to complete the service request.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Original Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Inventors
Ibrahim, Wael

Application Number

US12/021,021
Publication Number

US 20090193507A1
Time in Patent Office

Days
Field of Search
US Class Current

726/9
CPC Class Codes

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/80   Wireless network architectu...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 9/3234   involving additional secure...

H04W 12/068   using credential vaults, e....

H04W 12/069   using certificates or pre-s...

H04W 4/00   Services specially adapted ...

AUTHENTICATION MESSAGING SERVICE

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

97 Citations

22 Claims

Specification

Use Cases

Quick Links

Others

AUTHENTICATION MESSAGING SERVICE

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

97 Citations

22 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others