Identity Management on a Wireless Device
First Claim
1. A wireless device comprising a processor, a memory, and communication circuitry, the wireless device configured to connect to a communications network via the communication circuitry, the wireless device including computer-executable instructions stored in the memory of the wireless device which, when executed by the processor of the wireless device, perform operations comprising:
- receiving a temporary key, wherein the temporary key is derived from a network authentication between the wireless device and a network entity;
generating, based on the temporary key, a session key associated with a service provider, wherein the session key is shared with the network entity, and wherein the session key is configured for use in a local authentication performed at the wireless device; and
storing the session key for use in the local authentication at the wireless device.
0 Assignments
0 Petitions
Accused Products
Abstract
A wireless device may perform a local authentication to reduce the traffic on a network. The local authentication may be performed using a local web server and/or a local OpenID provider (OP) associated with the wireless device. The local web server and/or local OP may be implemented on a security module, such as a smartcard or a trusted execution environment for example. The local OP and/or local web server may be used to implement a provisioning phase to derive a session key, associated with a service provider, from an authentication between the wireless device and the network. The session key may be reusable for subsequent local authentications to locally authenticate a user of the wireless device to the service provider.
-
Citations
19 Claims
-
1. A wireless device comprising a processor, a memory, and communication circuitry, the wireless device configured to connect to a communications network via the communication circuitry, the wireless device including computer-executable instructions stored in the memory of the wireless device which, when executed by the processor of the wireless device, perform operations comprising:
-
receiving a temporary key, wherein the temporary key is derived from a network authentication between the wireless device and a network entity; generating, based on the temporary key, a session key associated with a service provider, wherein the session key is shared with the network entity, and wherein the session key is configured for use in a local authentication performed at the wireless device; and storing the session key for use in the local authentication at the wireless device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A wireless device comprising a processor, a memory, and communication circuitry, the wireless device configured to connect to a communications network via the communication circuitry, the wireless device including computer-executable instructions stored in the memory of the wireless device which, when executed by the processor of the wireless device, perform operations comprising:
-
receiving an association handle from a service provider, wherein the association handle indicates that the service provider has performed an association with a network entity; receiving authentication information associated with a user of the wireless device; locally verifying the authentication information at the wireless device; generating a signature key based on the association handle and a session key associated with the service provider, wherein the session key is derived from a network authentication between the network entity and the wireless device, and wherein the session key is configured for use in performing a local authentication at the wireless device; and signing an identity assertion, using the signature key, to indicate that the wireless device has locally verified the authentication information. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
Specification