METHOD AND NODES FOR PROVIDING SECURE ACCESS TO CLOUD COMPUTING FOR MOBILE USERS
First Claim
10. A method of securely storing a content from a mobile node into a remote node, the method comprising the steps of:
- sending, from the mobile node towards an authentication server, a request for a first challenge;
receiving at the mobile node the first challenge from the authentication server, the first challenge comprising a random value;
generating at the mobile node a content key based on the random value;
encrypting at the mobile node the content by use of the content key;
transferring the encrypted content from the mobile node towards the remote node;
discarding the content key from the mobile node;
fetching at the mobile node the content from the remote node;
sending, from the mobile node towards the authentication server, a request to generate a second challenge;
receiving, at the mobile node, the second challenge from the authentication server;
regenerating, at the mobile node, the same content key based on the random value; and
decrypting, at the mobile node, the fetched content by use of the regenerated content key.
1 Assignment
0 Petitions
Accused Products
Abstract
A mobile node, a gateway node and methods are provided for securely storing a content into a remote node. The mobile node, or a gateway node of a network providing access to the mobile node, applies a content key to the content prior to sending the content for storage in the remote node. The content key is generated at the mobile node, based on a random value obtained from an authentication server, or directly at the authentication server if applied by the gateway node. The content key is not preserved in the mobile node or in the gateway node, for security purposes. When the mobile node or the gateway node fetches again the content from the remote node, the same content key is generated again for decrypting the content. The remote node does not have access to the content key and can therefore no read or modify the content.
-
Citations
25 Claims
-
10. A method of securely storing a content from a mobile node into a remote node, the method comprising the steps of:
-
sending, from the mobile node towards an authentication server, a request for a first challenge; receiving at the mobile node the first challenge from the authentication server, the first challenge comprising a random value; generating at the mobile node a content key based on the random value; encrypting at the mobile node the content by use of the content key; transferring the encrypted content from the mobile node towards the remote node; discarding the content key from the mobile node; fetching at the mobile node the content from the remote node; sending, from the mobile node towards the authentication server, a request to generate a second challenge; receiving, at the mobile node, the second challenge from the authentication server; regenerating, at the mobile node, the same content key based on the random value; and decrypting, at the mobile node, the fetched content by use of the regenerated content key. - View Dependent Claims (1, 2, 3, 4, 5, 6, 7, 8, 9, 11, 12, 13, 14, 15, 16, 17)
-
-
11-1. The method of claim 10, wherein:
-
metadata generated by the mobile node is included in the request for the first challenge; the metadata is transferred with the content towards the remote node; the metadata is included in the fetched content; and the metadata is included in the request to generate the second challenge.
-
-
18. A gateway node for securely storing a content into a remote node, comprising:
-
an interface configured to communicate with a mobile node, with an authentication server and with the remote node; and a controller to control the interface and configured to; receive the content from a mobile node; send towards the authentication server a request to generate a content key; receive the content key from the authentication server; encrypt the content by use of the content key; transfer the encrypted content towards the remote node; fetch the content from the remote node; send towards the authentication server, a request to regenerate the same content key; receive the regenerated content key from the authentication server; and decrypt the fetched content by use of the regenerated content key.
-
-
19. A mobile node for securely storing a content into a remote node, comprising:
-
an interface configured to communicate with an authentication server and with the remote node; and a controller to control the interface and configured to; send towards the authentication server a request for a first challenge; receive the first challenge from the authentication server, the first challenge comprising a random value; generate a content key based on the random value; encrypt the content by use of the content key; transfer the encrypted content towards the remote node; discard the content key; fetch the content from the remote node; send towards the authentication server a request to generate a second challenge; receive the second challenge from the authentication server; regenerate the same content key based on the random value; and decrypt the fetched content by use of the regenerated content key. - View Dependent Claims (20, 21, 22, 23, 24, 25)
-
Specification