SECURE DELIVERY OF TRUST CREDENTIALS

US 20140013109A1
Filed: 07/09/2012
Published: 01/09/2014
Est. Priority Date: 07/09/2012
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, by one or more servers, a request for a certificate from a user device,the request including a first parameter, a second parameter, and a third parameter;

identifying, by one or more servers, a key based on the first parameter;

generating, by one or more servers, a fourth parameter based on the key and the third parameter;

authenticating, by one or more servers, the user device based on the fourth parameter and the second parameter;

generating, by one or more servers, the certificate based on authenticating the user device;

storing, by one or more servers, information associated with the certificate; and

sending, by one or more servers, the certificate to the user device,the user device using the certificate to establish a session to interact with an application server.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system is configured to receive, by one or more servers, a request for a certificate from a user device. The request may include a first parameter , a second parameter , and a third parameter. The system is further configured to identify a key based on the first parameter, generate a fourth parameter based on the key and the third parameter, authenticate the user device based on the fourth parameter and the second parameter, generate the certificate based on authenticating the user device, store information associated with the certificate, and send the certificate to the user device. The user device may use the certificate to establish a session to interact with an application server.

Citations

20 Claims

1. A method comprising:
- receiving, by one or more servers, a request for a certificate from a user device,the request including a first parameter, a second parameter, and a third parameter;
  
  identifying, by one or more servers, a key based on the first parameter;
  
  generating, by one or more servers, a fourth parameter based on the key and the third parameter;
  
  authenticating, by one or more servers, the user device based on the fourth parameter and the second parameter;
  
  generating, by one or more servers, the certificate based on authenticating the user device;
  
  storing, by one or more servers, information associated with the certificate; and
  
  sending, by one or more servers, the certificate to the user device,the user device using the certificate to establish a session to interact with an application server.
- View Dependent Claims (2, 8)
- - 2. The method of claim 1, further comprising:
    - encrypting the certificate, based on the key and the second parameter, to form an encrypted certificate,where sending the certificate to the user device includes sending the encrypted certificate to the user device.
  - 8. The method of claim 1, where receiving the request for the credentials from the user device is based on the user device receiving an application from a verified source and selecting the application.

3. A method comprising:
- receiving, by a first server, a request for credentials from a user device,the request including a certificate and a first identifier,the credentials including information to authenticate the user device to access a second server;
  
  determining, by the first server, whether the certificate is up to date based on receiving the certificate;
  
  generating, by the first server, the credentials based on determining that the certificate is up to date;
  
  identifying, by the first server, a key based on the first identifier;
  
  encrypting, by the first server, the credentials based on the key; and
  
  sending, by the first server, the encrypted credentials to the user device.
- View Dependent Claims (4, 5, 6, 7)
- - 4. The method of claim 3, where the request further includes a second identifier, and a third identifier, the method further comprising:
    - identifying a fourth identifier based on the third identifier; and
      
      authenticating the user device based on the second identifier and the fourth identifier,where determining whether the certificate is up to date is based on authenticating the user device.
  - 5. The method of claim 3, further comprising:
    - instructing the user device to update the certificate based on determining that the certificate is not up to date.
  - 6. The method of claim 3, where the certificate includes a version identifier, and where determining whether the certificate is up to date is based on the version identifier.
  - 7. The method of claim 3, where the certificate is associated with a version identifier and a current version identifier,where determining whether the certificate is up to date is based on the version identifier and the current version identifier.

9. A system comprising:
- a first server to;
  
  receive a request for credentials from a user device,the request including a certificate and a first identifier,the certificate including a version identifier,the credentials including information to authenticate the user device to access a second server;
  
  determine whether the certificate is up to date based on the version identifier;
  
  generate the credentials based on determining that the certificate is up to date;
  
  identify a key based on the first identifier associated with the request;
  
  encrypt the credentials based on the key; and
  
  send the encrypted credentials to the user device.
- View Dependent Claims (10, 11, 12, 13)
- - 10. The system of claim 9, where the request further includes a second identifier, and a third identifier, and where the first server is further to:
    - identify a fourth identifier based on the third identifier; and
      
      authenticate the user device based on the second identifier and the fourth identifier,where when determining whether the certificate is up to date, the first server is further to determine whether the certificate is up to date based on the version identifier and based on authenticating the user device.
  - 11. The system of claim 9, where the first server is further to:
    - instruct the user device to update the certificate based on the first server determining that the certificate is not up to date.
  - 12. The system of claim 9, where the certificate is associated with a current version identifier,where when determining whether the certificate is up to date, the first server is to determine whether the certificate is up to date based on a comparison of the version identifier and the current version identifier.
  - 13. The system of claim 9, where the first server and the second server are associated with different parties.

14. A computer-readable medium comprising:
- a plurality of instructions, which, when executed by one or more processors associated with a first server, cause the one or more processors to;
  
  receive a request for credentials from a user device,the request including a certificate, a first identifier, a second identifier, and a third identifier,the credentials including information to authenticate the user device to access a second server;
  
  identify a fourth identifier based on the third identifier;
  
  authenticate the user device based on the second identifier and the fourth identifier;
  
  determine whether the certificate is up to date;
  
  generate the credentials based on determining that the certificate is up to date;
  
  identify a key based on the first identifier;
  
  encrypt the credentials based on the key; and
  
  send the encrypted credentials to the user device.
- View Dependent Claims (15, 16, 17)
- - 15. The computer-readable medium of claim 14, where the certificate includes a version identifier and is associated with a current version identifier,where one or more instructions, of the plurality of instructions, to determine whether the certificate is up to date, include one or more instructions to cause the one or more processors to:
    - determine whether the certificate is up to date based on the version identifier and the current version identifier.
  - 16. The computer-readable medium of claim 14, where the plurality of instructions further cause the one or more processors to:
    - instruct the user device to update the certificate based on the first server determining that the certificate is not up to date.
  - 17. The computer-readable medium of claim 14, where one or more instructions, of the plurality of instructions, to receive the request for the credentials from the user device, include one or more instructions to cause the one or more processors to:
    - receive the request for the credentials from the user device based on the user device receiving an application from a verified source and selecting the application.

18. A method comprising:
- receiving, by a user device, an application from a first server;
  
  receiving, by the user device, an instruction to open the application;
  
  determining, by the user device, whether the user device is storing a certificate, associated with the application based on opening the application,the certificate including information to receive credentials;
  
  requesting, by the user device, the certificate from a second server, based on determining that user device is not storing the certificate;
  
  receiving, by the user device, the certificate from the second server, based on requesting the certificate,the certificate being an encrypted certificate;
  
  decrypting the certificate;
  
  storing, by the user device, the certificate in a secure storage, associated with the user device, based on receiving and decrypting the certificate;
  
  requesting, by the user device, the credentials, from the second server,the credentials including information to authenticate the user device to access a third server,the request including the certificate;
  
  receiving, by the user device, the credentials from the second server;
  
  storing, by the user device, the credentials in the secure storage associated with the user device; and
  
  requesting a session with the third server using the credentials.
- View Dependent Claims (19, 20)
- - 19. The method of claim 18, where the application includes an identifier and decrypting the certificate is based on a key associated with the identifier.
  - 20. The method of claim 18, where the application includes credential parameters embedded within the application.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Verizon Patent and Licensing Incorporated (Verizon Communications Inc.)
Original Assignee
Verizon Patent and Licensing Incorporated (Verizon Communications Inc.)
Inventors
YIN, Fenglin

Granted Patent

US 9,009,463 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/156
CPC Class Codes

H04L 63/062   for key distribution, e.g. ...

H04L 63/0815   providing single-sign-on or...

H04L 63/0823   using certificates cryptogr...

H04W 12/04   Key management, e.g. using ...

H04W 12/068   using credential vaults, e....

SECURE DELIVERY OF TRUST CREDENTIALS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SECURE DELIVERY OF TRUST CREDENTIALS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links