SYSTEMS AND METHODS FOR SECURING NETWORK COMMUNICATIONS
First Claim
1. In a system comprising a user equipment (UE), a service provider, and an identity provider, a method for establishing secure communications between the service provider and the UE, the method comprising:
- establishing, at the UE, a secure channel between the UE and the service provider;
sending, to the identity provider, authentication parameters for performing an authentication of the UE with the identity provider;
determining, at the UE, an authentication assertion that indicates a successful authentication of the UE; and
verifying, at the UE, that the service provider with which the secure channel has been established is an intended service provider for performing authentication for access to services, wherein the service provider is verified using at least one parameter generated during the authentication of the UE with the identity provider or during the establishment of the secure channel.
1 Assignment
0 Petitions
Accused Products
Abstract
Secure communications may be established amongst network entities for performing authentication and/or verification of the network entities. For example, a user equipment (UE) may establish a secure channel with an identity provider, capable of issuing user identities for authentication of the user/UE. The UE may also establish a secure channel with a service provider, capable of providing services to the UE via a network. The identity provider may even establish a secure channel with the service provider for performing secure communications. The establishment of each of these secure channels may enable each network entity to authenticate to the other network entities. The secure channels may also enable the UE to verify that the service provider with which it has established the secure channel is an intended service provider for accessing services.
-
Citations
25 Claims
-
1. In a system comprising a user equipment (UE), a service provider, and an identity provider, a method for establishing secure communications between the service provider and the UE, the method comprising:
-
establishing, at the UE, a secure channel between the UE and the service provider; sending, to the identity provider, authentication parameters for performing an authentication of the UE with the identity provider; determining, at the UE, an authentication assertion that indicates a successful authentication of the UE; and verifying, at the UE, that the service provider with which the secure channel has been established is an intended service provider for performing authentication for access to services, wherein the service provider is verified using at least one parameter generated during the authentication of the UE with the identity provider or during the establishment of the secure channel. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A user equipment (UE) configured to establish secure communications with a service provider, the UE comprising:
-
a memory having computer-executable instructions stored thereon; and a processor configured to execute the computer executable instructions to perform the following; establish a secure channel between the UE and the service provider; send authentication parameters to an identity provider for performing an authentication of the UE with the identity provider; determine an authentication assertion that indicates a successful authentication of the UE; and verify that the service provider with which the secure channel has been established is an intended service provider for performing authentication for services, wherein the service provider is verified using at least one parameter generated during the authentication of the UE with the identity provider or during the establishment of the secure channel. - View Dependent Claims (21, 22, 23)
-
-
24. In a system comprising a user equipment (UE), a service provider, and an identity provider, a method for establishing secure communications between the service provider and the UE, the method comprising:
-
establishing, at the service provider, a secure channel between the identity provider and the service provider; receiving key information via the secure channel between the identity provider and the service provider; establishing, at the service provider, a secure channel between the service provider and the UE using the received key information; receiving, at the service provider, an authentication assertion indicating an authentication of the UE; and verifying, at the service provider, the authentication assertion using information received via at least one of the secure channel between the identity provider and the service provider or the secure channel between the service provider and the UE. - View Dependent Claims (25)
-
Specification