Systems and Methods for Secure Sign-Up Procedures for Application Servers in Wired and Wireless Environments
First Claim
Patent Images
1. A method of generating information for secure data exchange with an application server, the method comprising:
- performing, by a client device, an authentication with an authentication server of a wireless communication network;
sending, by the client device, a signup message to the application server, the signup message includes a signup form and a requested username;
receiving, by the client device, a signup acknowledgement message from the application server, the signup acknowledgement message includes an accepted username and a root key; and
storing, by the client device, the accepted username and root key, wherein the accepted username and root key are employed for secure data exchange with the application server, and the application server and client device do not have a prior security relationship.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods of providing strong authentication for a client device to sign-up with an online service. Authentication can involve verifying user'"'"'s identity, message authentication, message integrity and nonrepudiation. The security procedures may, in some cases, be sufficient to verify all of these parameters. In other cases, the sign-up procedure needs to be combined with other information in order to verify the user'"'"'s real identity.
-
Citations
18 Claims
-
1. A method of generating information for secure data exchange with an application server, the method comprising:
-
performing, by a client device, an authentication with an authentication server of a wireless communication network; sending, by the client device, a signup message to the application server, the signup message includes a signup form and a requested username; receiving, by the client device, a signup acknowledgement message from the application server, the signup acknowledgement message includes an accepted username and a root key; and storing, by the client device, the accepted username and root key, wherein the accepted username and root key are employed for secure data exchange with the application server, and the application server and client device do not have a prior security relationship. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method of generating information for secure data exchange with an application server, the method comprising:
-
obtaining, by a client device, a certificate for an application associated with the secure exchange of data; generating, by the client device, a key; sending, by the client device to the application server, a signup message to an application server, the signup message including the generated key, a requested username and a requested password; receiving, by the client device from the application server, a signup acknowledgement message, the signup acknowledgement message include an accepted username, an accepted password and a certificate for the secure data exchange. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
-
Specification