SUBSCRIBER CERTIFICATE PROVISIONING
First Claim
Patent Images
1. A method for provisioning a device with a certificate comprising:
- receiving credentials transmitted from the device through an access point, the credentials identifying a credentials username and password;
verifying whether the credentials are trusted according to a two-factor authentication process, the two-factor authentication process determining;
i) the credentials to be trusted in the event (i) the credentials username and password match with a trusted username and password previously associated with the device and (ii) an address associated with the access point is within a range of trusted addresses;
ii) the credentials to be untrusted in the event the username and password fail to match with the trusted username and password or the address fails to fall within the range of trusted addresses;
providing the device with an assertion in the event the credentials are trusted, the assertion being sufficient for the device to request the certificate; and
preventing delivery of the assertion to the device in the event the credentials are untrusted until the device transmits trusted credentials.
1 Assignment
0 Petitions
Accused Products
Abstract
Provisioning a device with a certificate is contemplated. The certificate may be used to verify whether the device or a user of the device is authorized to access electronic content, services, and signaling. The certificate may be provisioned in relation to the device having successfully completed a two-factor authentication process so that an entity providing the certificate need not have to repeat the two-factor authentication process.
42 Citations
20 Claims
-
1. A method for provisioning a device with a certificate comprising:
-
receiving credentials transmitted from the device through an access point, the credentials identifying a credentials username and password; verifying whether the credentials are trusted according to a two-factor authentication process, the two-factor authentication process determining; i) the credentials to be trusted in the event (i) the credentials username and password match with a trusted username and password previously associated with the device and (ii) an address associated with the access point is within a range of trusted addresses; ii) the credentials to be untrusted in the event the username and password fail to match with the trusted username and password or the address fails to fall within the range of trusted addresses; providing the device with an assertion in the event the credentials are trusted, the assertion being sufficient for the device to request the certificate; and preventing delivery of the assertion to the device in the event the credentials are untrusted until the device transmits trusted credentials. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for provisioning a device with a certificate comprising:
-
receiving a certificate request from the device, the certificate request including a security token previously provided to the device after successfully completing a two-factor authentication process; providing the certificate to the device in the event the security token indicates the two-factor authentication process was completed by a trusted entity; and denying the certificate to the device in the event the security token fails to indicate the two-factor authentication process was completed by a trusted entity. - View Dependent Claims (11, 12, 13, 14)
-
-
15. A non-transitory computer-readable medium having computer-readable code embodied therein for controlling a computing device to electronically facilitate certificate provisioning, the computer-readable code comprising instructions for:
-
transmitting an authentication request with credentials to request an assertion, the credentials sufficient for use in a two-factor authentication process; receiving an assertion upon successfully completing the two-factor authentication process; transmitting a security token request with the assertion to request a security token; receiving the security token upon verification of the assertion; transmitting a certificate request with the security token to request the certificate; receiving the certificate upon verification of the security token; and provisioning the computing device with the certificate. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification