AUTHENTICATION-AUTHORIZATION SYSTEM FOR MOBILE COMMUNICATION TERMINAL AND METHOD THEREFOR
0 Assignments
0 Petitions
Accused Products
Abstract
An authentication-authorization system for a mobile communication terminal and a method therefor are provided. When a mobile communication terminal is in a connect state, code data randomly generated by a remote encoding terminal is continuously provided to the terminal and data management terminal. When an application service program on the mobile communication terminal or an application service terminal connected to the mobile communication terminal need to execute an authentication-authorization, identification data of the mobile communication terminal and its card and code data can be offered to the data management terminal to carry out a bidirectional dynamic authentication-authorization, to determine whether allow the application service program or the application service terminal to keep providing an application service or not. In a further aspect of the embodiment, at least two aforementioned authentication-authorization systems are joined, and a layered authentication-authorization mechanism is adopted, so as to provide a secured and completed system.
60 Citations
207 Claims
-
1-54. -54. (canceled)
-
55. A multi-terminal authentication-authorization system, applied in a Mobile Internet architecture, the system at least comprising a first terminal authentication-authorization system and a second terminal authentication-authorization system, each of the terminal authentication-authorization systems further including a terminal, located at a first end, having a first authentication program which can execute authentication-authorization, a plurality of application service programs which can provide application services, and a terminal identification data;
- a card, optionally installed in the terminal, having a card identification data and a preset code data;
a data management terminal, located at a second end, executing a second authentication program which can provide authentication-authorization and preset code data the same as the one in the card; and
an encoding terminal, located at a third end, executing a third authentication program which can provide authentication-authorization, responsible for dynamically generating a code data for authentication-authorization to the card and the data management terminal continuously and randomly according to the request of the data management terminal;
wherein the first terminal authentication-authorization system and the second terminal authentication-authorization system carry out the respective authentication-authorization independently;
after the first terminal authentication-authorization system and the second terminal authentication-authorization system activate the mobile communication terminal and install the card to make the mobile communication terminal in a first connect state and complete the initialization, when respective application service program requests the authentication-authorization, a data buffer time point is randomly appointed by the first authentication program and the second authentication program, and when reaching the data buffer time point, the first code data in the card and the second code data in the data management terminal are respectively buffered as a first buffer code data and a second buffer code data in sync, and the first authentication program transfers the first code data together with the card identification data and the terminal identification data to the second authentication program for comparison, to determine the authentication-authorization result;
if matching, the first authentication program allows the respective requesting application service program to proceed, which is characterized in that the first terminal authentication-authorization system and the second terminal authentication-authorization system are joined to execute multiple authentication-authorizations, when executing multiple authentication-authorizations;
after the first terminal authentication-authorization system completes the first-stage authentication-authorization , the terminal thereof transfers the first code data in its card and the second code data in the data management terminal to the second terminal authentication-authorization system;
the first code data and the second code data of the terminal of the second terminal authentication-authorization system and the data management terminal are joined with the first code data and the second code data of the first terminal authentication-authorization system as new first code data and second code data by the terminal of the second terminal authentication-authorization system and the data management terminal for carrying out the second-stage authentication-authorization;
after passing, the first authentication program of the first terminal authentication-authorization system is authorized by the terminal of the second terminal authentication-authorization system to allow the requesting application service program to proceed, achieving multi-terminal authentication-authorization. - View Dependent Claims (56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96, 97, 98, 99, 100, 101, 102, 103)
- a card, optionally installed in the terminal, having a card identification data and a preset code data;
-
104-158. -158. (canceled)
-
159. An multi-terminal authentication-authorization method, applied in a multi-terminal authentication-authorization system of a Mobile Internet architecture, wherein the multi-terminal authentication-authorization system at least comprises a first terminal authentication-authorization system and a second terminal authentication-authorization system;
- each of the terminal authentication-authorization systems further comprises a terminal, located at a first end and having a first authentication program for executing the authentication-authorization, a plurality of application service programs for providing application services, and a terminal identification data;
a card, optionally installed in the terminal and having a card identification data and a preset code data;
a data management terminal, located at a second end and executing a second authentication program which can provide the authentication-authorization and the preset code data same as the one in the card; and
an encoding terminal, located at a third end, executing a third authentication program which can provide the authentication-authorization and responsible for dynamically generating a code data for the authentication-authorization to the card and the data management terminal continuously and randomly according to the request of the data management terminal;
wherein the first terminal authentication-authorization system and the second terminal authentication-authorization system carry out the respective authentication-authorization independently;
after the first terminal authentication-authorization system and the second terminal authentication-authorization system activate the mobile communication terminal and install the card making the mobile communication terminal in a first connect state and complete initialization, when the respective application service program requests the authentication-authorization, a data buffer time point is randomly appointed by the first authentication program and the second authentication program, and when reaching the data buffer time point, buffering the first code data in the card and the second code data of the data management terminal respectively in sync;
the first authentication program transfers the first code data together with the card identification data and the terminal identification data to the second authentication program for comparison to determine the authentication-authorization result, if matching, the first authentication program is authorized to allow the respective requesting application service program to proceed, which is characterized in that the first terminal authentication-authorization system and the second terminal authentication-authorization system execute multiple authentication-authorizations, when executing multiple authentication-authorizations, it comprises the following steps;completing the first-stage authentication-authorization by the first terminal authentication-authorization system; after passing, transferring the first code data in its card and the second code data in the data management terminal to the second terminal authentication-authorization system through the terminal, joining the first code data and the second code data thereof with the first code data and the second code data of the first terminal authentication-authorization system as the new first code data and the new second code data by the terminal of the second terminal authentication-authorization system and the data management terminal to carry out second-stage authentication-authorization; and only after passing, the terminal of the second terminal authentication-authorization system authorizing the first authentication program of the first terminal authentication-authorization system, to allow the requesting application service program to proceed, and achieving multi-terminal authentication-authorization. - View Dependent Claims (160, 161, 162, 163, 164, 165, 166, 167, 168, 169, 170, 171, 172, 173, 174, 175, 176, 177, 178, 179, 180, 181, 182, 183, 184, 185, 186, 187, 188, 189, 190, 191, 192, 193, 194, 195, 196, 197, 198, 199, 200, 201, 202, 203, 204, 205, 206, 207)
- each of the terminal authentication-authorization systems further comprises a terminal, located at a first end and having a first authentication program for executing the authentication-authorization, a plurality of application service programs for providing application services, and a terminal identification data;
Specification