ZERO SIGN-ON AUTHENTICATION

US 20110158406A1
Filed: 12/31/2009
Published: 06/30/2011
Est. Priority Date: 12/31/2009
Status: Active Grant

First Claim

Patent Images

1. A method of providing zero sign-on authentication comprising:

identifying a gateway being used by a first user device to request access to a media service;

determining a level of trust for the identified gateway, the level of trust being determined based on information electronically collected from the gateway; and

authenticating the first user device to access the media service depending on the level of trust determined for the identified gateway.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A authenticating system and process for authenticating user devices to a access a media service where access to certain portions of the media service may be limited according to a gateway or other device used by a user device to facilitate interfacing a user with the media service. The authentication may be achieved without directly assessing a trustworthiness of the user devices, and optionally, without requiring a user thereof to complete a sign-on operation.

48 Citations

View as Search Results

20 Claims

1. A method of providing zero sign-on authentication comprising:
- identifying a gateway being used by a first user device to request access to a media service;
  
  determining a level of trust for the identified gateway, the level of trust being determined based on information electronically collected from the gateway; and
  
  authenticating the first user device to access the media service depending on the level of trust determined for the identified gateway.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1 further comprising determining the level of trust without collecting information used to determine the level of trust from the first user device.
  - 3. The method of claim 1 further comprising authenticating the first user device without requiring a user of the first user device to contemporaneously complete a sign-on operation.
  - 4. The method of claim 1 further comprising authenticating the first user device without requiring a user of the first user device to complete a sign-on operation.
  - 5. The method of claim 1 further comprising authenticating the first user device without relying on the first user device to transmit certificates.
  - 6. The method of claim 1 further comprising determining the level of trust with a server in electronic communication with the gateway, the server determining the level of trust based on a comparison of information collected from the gateway to data previously associated with the gateway.
  - 7. The method of claim 6 further comprising determining the gateway to have one of a first, second, and third level of trust depending on whether the server is able to support SNMP communications with the gateway, whether the server is able to support a privacy certificate exchange with the gateway, and whether a MAC address of the gateway has the same domain name as a domain previously associated with the MAC address.
  - 8. The method of claim 7 further comprising authenticating the first user device to a first tier of the media service if the first user device is determined to have the first level of trust, authenticating the first user device to a second tier of the media service if the first user device is determined to have the second level of trust, and authenticating the first user device to a third tier of the media service if the first user device is determined to have the third level of trust.
  - 9. The method of claim 8 wherein the media service available within the first tier is limited to viewing of non-premium television channels, wherein the media service available within the second tier is limited to viewing of non-premium and premium television channels, and wherein the media service available within the third tier is unlimited and includes viewing of non-premium and premium television channels as well as viewing of previously recorded, personal media.
  - 10. The method of claim 6 wherein the server collects the information used for the comparison proximate in time to the service provider receiving a media request from the first user device to access the media service.
  - 11. The method of claim 10 wherein the gateway supports access to the media service by interfacing wireline signals used to communicate with the service provider with wireless signals used to communicate with the first user device.
  - 12. The method of claim 1 further comprising authenticating a second user device to access media services through the gateway as function of the level of trust determined for the gateway and without contemporaneously collecting information used to determine the level of trust from the second user device.

13. A method of authenticating user devices to access a media service available from a service provider when at least a portion of signaling used to support access to the media service is exchanged through a gateway configured to interconnect one or more user devices with the service provider, the method comprising:
- for each user device requesting access to a media service, determining a level of trust for each gateway used to support signaling therewith; and
  
  authenticating the user devices requesting access to the media service to access certain portions of the media service depending on the level of trust determined for the gateway used to support signaling therewith such that user devices connected to gateways having greater levels of trust are permitted access to larger portions of the media service than gateways having lesser levels of trust.
- View Dependent Claims (14, 15, 16, 18, 19, 20)
- - 14. The method of claim 13 wherein authenticating at least one of the user devices includes providing the at least one of the user devices with decryption keys suitable for decrypting one or more television channels of the service provider, wherein the number of television channels suitable for decryption with the decryption keys is proportional to the level of trust of the gateway.
  - 15. The method of claim 13 further comprising authenticating each user device connected to the same gateway to the same certain portions of the media service regardless of a user associated therewith.
  - 16. The method of claim 15 further comprising limiting the number of user devices the gateways can connect to at the same time to a predefined number.
  - 18. The system of claim 15 wherein the server automatically authenticates each user device interfacing signals with one of the gateways regardless of an identity of each user device and a user thereof.
  - 19. The system of claim 15 wherein in the event one of the gateways is determined to be untrustworthy the server implements user devices connected thereto by requesting the user devices to complete a sign-on process or to provide trust certificates.
  - 20. The system of claim 15 wherein the server determines the level of trust for each gateway based on whether the server is able to support SNMP communications with the gateway, whether the server is able to support a privacy certificate exchange with the gateway, and whether a MAC address of the gateway has the same domain name as a domain previously associated with the MAC address.

17. A system for supporting zero sign-on authentication to a media service comprising:
- a provider network used to carry signaling associated with sourcing of the media service;
  
  a plurality of gateways configured to interface the signaling of the provider network with one or more of the user devices; and
  
  a server configured to electronically query the plurality of gateways for information;
  
  determine a level of trust for each of the gateways from the information; and
  
  authenticate each user device interfacing signals with the gateways to access the media service according to the level of trust of the gateway being used to interface signals therewith.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cable Television Laboratories Incorporated
Original Assignee
Cable Television Laboratories Incorporated
Inventors
Krauss, Simon, Marcia, Oscar, Hoggan, Stuart

Granted Patent

US 8,793,769 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/200
CPC Class Codes

G06F 21/10 Protecting distributed prog...

ZERO SIGN-ON AUTHENTICATION

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

48 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

ZERO SIGN-ON AUTHENTICATION

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

48 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links