SYSTEM FOR MOBILE APPLICATION NOTARY SERVICE

US 20150281362A1
Filed: 03/31/2014
Published: 10/01/2015
Est. Priority Date: 03/31/2014
Status: Active Grant

First Claim

Patent Images

1. A system, comprising:

a computer platform configured as a notary server, for a mobile application notary service; and

a computer platform configured as a validator server, for the mobile application notary service, wherein;

1) the notary server is configured to;

provide, through a mobile communication network to a notary client running on a mobile device a challenge response, responsive to a request from the notary client;

receive, through the mobile communication network from the notary client on behalf of an application client running on the mobile device, a notarization token request including information from the challenge response and information corresponding to the application client running on the mobile device; and

forward the notarization token request to the validator server;

2) the validator server is configured to;

determine whether the notarization token request is valid based on at least some of information contained within the notarization token request; and

advise the notary server of a valid validation status, when the notarization token request is determined to be valid; and

3) the notary server is further configured to;

based upon the valid validation status of the notarization token request provided by the validator server, provide a notarization token through the mobile communication network to the notary client;

receive, from an application server, a notarization token validation request corresponding to a request for service from the application client running on the mobile device and comprising a notarization token; and

when the received notarization token corresponds to the provided notarization token, indicate to the application server that the received notarization token is valid as an indication that the information corresponding to the application client running on the mobile device is valid.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An example of a system that provides notary services on behalf of an application client running on a mobile device is described. The application client requests a notarization token from an application notary service client running on the same mobile device. The application notary service client utilizes a SIM card of the mobile device to generate a notarization token request which is sent to an application notary service server. The application notary service server utilizes a SIM signature validator server to validate the notarization token request and generates the notarization token for delivery to the application client via the application notary service client. The application client includes the notarization token in a request to an application server, which uses the notarization token to validate the application client for access to a function or data of the server.

26 Citations

View as Search Results

20 Claims

1. A system, comprising:
- a computer platform configured as a notary server, for a mobile application notary service; and
  
  a computer platform configured as a validator server, for the mobile application notary service, wherein;
  
  1) the notary server is configured to;
  
  provide, through a mobile communication network to a notary client running on a mobile device a challenge response, responsive to a request from the notary client;
  
  receive, through the mobile communication network from the notary client on behalf of an application client running on the mobile device, a notarization token request including information from the challenge response and information corresponding to the application client running on the mobile device; and
  
  forward the notarization token request to the validator server;
  
  2) the validator server is configured to;
  
  determine whether the notarization token request is valid based on at least some of information contained within the notarization token request; and
  
  advise the notary server of a valid validation status, when the notarization token request is determined to be valid; and
  
  3) the notary server is further configured to;
  
  based upon the valid validation status of the notarization token request provided by the validator server, provide a notarization token through the mobile communication network to the notary client;
  
  receive, from an application server, a notarization token validation request corresponding to a request for service from the application client running on the mobile device and comprising a notarization token; and
  
  when the received notarization token corresponds to the provided notarization token, indicate to the application server that the received notarization token is valid as an indication that the information corresponding to the application client running on the mobile device is valid.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The system of claim 1, wherein the notarization token request comprises:
    - challenge data from the response to the challenge request;
      
      package information corresponding to the application client running on the mobile device; and
      
      a notarization token request signature generated by an identity card of the mobile device based on the challenge data and package information.
  - 3. The system of claim 2, wherein the validator server is further configured to:
    - generate a validation signature based on the challenge data and the package information corresponding to the application client running on the mobile device; and
      
      determine that the notarization token request is valid in response to determining that the validation signature generated by the validator server matches the notarization token request signature generated by the identity card of the mobile device.
  - 4. The system of claim 3, wherein the validator server is further configured to:
    - generate a hash of the challenge data and the package information corresponding to the application client running on the mobile device; and
      
      generate the validation signature by encrypting the hash with a corresponding symmetric key shared in common by the validator server and the identity card of the mobile device,wherein the validator server determines the corresponding symmetric key based on the package information corresponding to the application client running on the mobile device.
  - 5. The system of claim 2, wherein the notarization token comprises:
    - the challenge data from the response to the challenge request;
      
      the package information corresponding to the application client running on the mobile device; and
      
      a notarization token signature generated by the notary server,wherein the challenge data and the package information corresponding to the application client running on the mobile device are contained within the notarization token request received from the notary client.
  - 6. The system of claim 5, wherein the notary server is further configured to generate the notarization token signature based on the challenge data and the package information corresponding to the application client running on the mobile device.
  - 7. The system of claim 6, wherein the notary server is further configured to:
    - generate a hash of the challenge data and the package information corresponding to the application client running on the mobile device; and
      
      generate the notarization token signature by encrypting the hash with a secret key known only by the notary server.
  - 8. The system of claim 6, wherein the notary server is further configured to:
    - generate a hash of the challenge data and the package information corresponding to the application client running on the mobile device; and
      
      generate the notarization token signature by encrypting the hash with a private key portion of a public key/private key pair of the notary server.
  - 9. The system of claim 1, wherein:
    - the response to the challenge request comprises;
      
      a time stamp; and
      
      random data; and
      
      the information corresponding to the application client comprises;
      
      a package name; and
      
      signing information of the application client.

10. A mobile device, comprising:
- a communication interface system, including at least one wireless communication transceiver configured to communicate via a wireless communications network;
  
  an identity module;
  
  at least one user interface element configured to receive user input and to provide output to a user of the mobile device;
  
  a processor coupled to the communication interface system and the at least one user interface element;
  
  a memory;
  
  an operating system stored in the memory;
  
  an application client program stored in the memory; and
  
  a notary client program stored in the memory, wherein execution of the notary client program by the processor configures the mobile device to perform functions, including functions to;
  
  receive, by the notary client program, a request for a notarization token from the application client program;
  
  obtain, by the notary client program and based on an identifier of the application client program provided by the operating system, package information corresponding to the application client program from a package manager of the operating system;
  
  transmit, by the notary client program and via the wireless communications network, a challenge request to a notary server;
  
  receive, by the notary client program and via the wireless communications network, a response to the challenge request from the notary server;
  
  generate, by the notary client program, a notarization token request for signature by the identity module, the notarization token request including information from the challenge response and the package information;
  
  sign, by the identity module and based on commands issued by the notary client program and delivered to the identity module via a radio interface layer daemon of the mobile device, the notarization token request;
  
  send, by the notary client program and via the wireless communications network, the signed notarization token request to the notary server;
  
  receive, by the notary client program and via the wireless communications network, a notarization token from the notary server; and
  
  provide, by the notary client program, the notarization token to the application client program for inclusion in subsequent requests for service from an application server via the wireless communications network.
- View Dependent Claims (11, 12, 13, 14, 15)
- - 11. The mobile device of claim 10, wherein the notarization token request comprises:
    - the response to the challenge request; and
      
      the package information corresponding to the application client program.
  - 12. The mobile device of claim 10, wherein the signed notarization token request comprises:
    - the response to the challenge request;
      
      the package information corresponding to the application client program; and
      
      the signature generated by the identity module.
  - 13. The mobile device of claim 10, wherein the implemented function to sign the notarization token request further includes functions to:
    - generate, by the identity module, a hash of the notarization token request; and
      
      encrypt, by the identity module, the hash of the notarization token request with a symmetric key shared in common with the identity module and a validator server.
  - 14. The mobile device of claim 10, wherein the notarization token comprises:
    - the response to the challenge request;
      
      the package information corresponding to the application client; and
      
      a notarization token signature generated by the notary server.
  - 15. The mobile device of claim 10, wherein:
    - the response to the challenge request from the notary server comprises;
      
      a time stamp; and
      
      random data; and
      
      the package information corresponding to the application client comprises;
      
      a package name; and
      
      signing information of the application client program.

16. A non-transitory machine-readable storage medium having instructions stored therein executable by a processor of a mobile device, wherein execution of the instructions by the processor configures the mobile device to perform functions, including functions to:
- receive, by a notary client running on the mobile device, a request for a notarization token from an application client running on the mobile device;
  
  obtain, by the notary client and based on an identifier of the application client provided by an operating system of the mobile device, package information corresponding to the application client;
  
  transmit, by the notary client and via a wireless communications network, a challenge request to a notary server;
  
  receive, by the notary client and via the wireless communications network, a response to the challenge request from the notary server;
  
  generate, by the notary client, a notarization token request for signature by an identity module, the notarization token request including information from the challenge response and the package information;
  
  obtain, by the notary client and from the identity module, a signed notarization token request;
  
  send, by the notary client and via the wireless communications network, the signed notarization token request to the notary server;
  
  receive, by the notary client and via the wireless communications network, a notarization token from the notary server; and
  
  provide, by the notary client, the notarization token to the application client for inclusion in subsequent requests for service from an application server via the wireless communications network.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The storage medium of claim 16, wherein the notarization token request comprises:
    - the response to the challenge request; and
      
      the package information corresponding to the application client.
  - 18. The storage medium of claim 16, wherein the signed notarization token request comprises:
    - the response to the challenge request;
      
      the package information corresponding to the application client; and
      
      the signature generated by the identity module.
  - 19. The storage medium of claim 16, wherein the notarization token comprises:
    - the response to the challenge request;
      
      the package information corresponding to the application client; and
      
      a notarization token signature generated by the notary server.
  - 20. The storage medium of claim 16, wherein:
    - the response to the challenge request from the notary server comprises;
      
      a time stamp; and
      
      random data; and
      
      the package information corresponding to the application client comprises;
      
      a package name; and
      
      signing information of the application client.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cellco Partnership, Inc. (Verizon Communications Inc.)
Original Assignee
Cellco Partnership, Inc. (Verizon Communications Inc.)
Inventors
SHANMUGAM, Sankar, VIRKKULA, Petri, KAUR, Manmeet

Granted Patent

US 9,270,758 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 63/0892   by using authentication-aut...

H04L 67/12   specially adapted for propr...

H04W 12/068   using credential vaults, e....

H04W 12/069   using certificates or pre-s...

H04W 4/60   Subscription-based services...

SYSTEM FOR MOBILE APPLICATION NOTARY SERVICE

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

26 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM FOR MOBILE APPLICATION NOTARY SERVICE

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

26 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links