Characteristics of Security Associations
First Claim
1. A method of authenticating a user of a wireless transmit/receive unit (WTRU), the method comprising, at the WTRU:
- obtaining a measure of a strength of a user authentication;
generating an assertion based on the user authentication strength measure; and
based on the assertion, receiving access to a resource via the WTRU.
1 Assignment
0 Petitions
Accused Products
Abstract
Authentication of a user or a wireless transmit/receive unit may be based on an obtained measure of authentication strength, which may referred to as an assurance level. For example, a user, via a WTRU, may request access to a service controlled by an access control entity (ACE). The user may be authenticated with a user authenticator and assertion function (UAAF), producing a result. A user assertion may be provided that includes the user authentication result, a user assurance level, and/or a user freshness level. The WTRU may be authenticated with a device authenticator and assertion function (DAAF), producing an associated result. A device assertion may be provided that may include the device authentication result, a device assurance level, and/or a device freshness level. The assertions may be bound together to receive access to a service or resource.
90 Citations
33 Claims
-
1. A method of authenticating a user of a wireless transmit/receive unit (WTRU), the method comprising, at the WTRU:
-
obtaining a measure of a strength of a user authentication; generating an assertion based on the user authentication strength measure; and based on the assertion, receiving access to a resource via the WTRU. - View Dependent Claims (2, 3, 4, 5, 6, 7, 30)
-
-
8. In a system comprising a wireless transmit/receive unit (WTRU) and an access control entity (ACE) which communicate via a network, a method of authenticating a user of the WTRU and the WTRU, the method comprising:
-
requesting access to a service controlled by the ACE; providing a user assertion, to the ACE, associated with the user, wherein the user assertion indicates a result of an authentication between the user and a user authenticator and assertion function (UAAF), and wherein the user assertion comprises a user authentication assurance level; providing a device assertion, to the ACE, associated with a device identity of the WTRU, wherein the device assertion indicates a result of an authentication between the WTRU and a device authenticator and assertion function (DAAF), and wherein the device assertion comprises a device authentication assurance level; binding the user assertion with the device assertion to create a bounded assertion; and sending the bounded assertion to the ACE to receive access to the service. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
-
-
27. A wireless transmit/receive unit (WTRU), the WTRU comprising:
-
a memory comprising executable instructions; and a processor in communications with the memory, the instructions, when executed by the processor, cause the processor to effectuate operations comprising; obtaining a measure of a strength of a user authentication; generating an assertion based on the user authentication strength measure; and based on the assertion, receiving access to a resource. - View Dependent Claims (28, 29, 31, 32, 33)
-
Specification