VALIDATING AUTHORIZATION FOR USE OF A SET OF FEATURES OF A DEVICE
First Claim
1. A method, operational at a device, comprising:
- obtaining a proof of authority for the device to use a first set of selectively activated features at the device, signed by a first authorization server;
sending a request to use a network service to a network node, wherein the first set of selectively activated features includes first selectively activated features needed by the device to use the network service;
obtaining, from the network node, in response to sending the request to use the network service, a request for the proof of authority for the device;
sending, to the network node, the proof of authority for the device;
sending, to the network node, a request for a proof of authority for the network node to provide the network service;
obtaining, from the network node, the proof of authority for the network node to use a second set of selectively activated features at the network node, signed by a second authorization server, wherein the second set of selectively activated features includes second selectively activated features needed by the network node to provide the network service; and
validating the proof of authority for the network node before using the network service.
1 Assignment
0 Petitions
Accused Products
Abstract
A device obtains proof of its authority to use a first set of selectively activated features (first proof). An authorization server signs the first proof with its private key. The device sends a request to use a network service to a network node. The device sends the first proof to the network node. The network node validates the first proof using a public key of the authorization server. The network node grants the request to use the network service. The device sends a request for proof of authority for the network node to provide the network service (second proof). The device obtains the second proof, signed by another authorization server, and validates the second proof before using the network service. The first proof and the second proof each include a list of selectively activated features, where the selectively activated features are needed to use or provide the network service.
-
Citations
50 Claims
-
1. A method, operational at a device, comprising:
-
obtaining a proof of authority for the device to use a first set of selectively activated features at the device, signed by a first authorization server; sending a request to use a network service to a network node, wherein the first set of selectively activated features includes first selectively activated features needed by the device to use the network service; obtaining, from the network node, in response to sending the request to use the network service, a request for the proof of authority for the device; sending, to the network node, the proof of authority for the device; sending, to the network node, a request for a proof of authority for the network node to provide the network service; obtaining, from the network node, the proof of authority for the network node to use a second set of selectively activated features at the network node, signed by a second authorization server, wherein the second set of selectively activated features includes second selectively activated features needed by the network node to provide the network service; and validating the proof of authority for the network node before using the network service. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A device, comprising:
-
a network communication circuit; and a processing circuit coupled to the network communication circuit, the processing circuit configured to; obtain a proof of authority for the device to use a first set of selectively activated features at the device, signed by a first authorization server; send a request to use a network service to a network node, wherein the first set of selectively activated features includes first selectively activated features needed by the device to use the network service; obtain, from the network node, in response to sending the request o use the network service, a request for the proof of authority for the device; send, to the network node, the proof of authority for the device; send, to the network node, a request for a proof of authority for the network node to provide the network service; obtain, from the network node, the proof of authority for the network node to use a second set of selectively activated features at the network node, signed by a second authorization server, wherein the second set of selectively activated features includes second selectively activated features needed by the network node to provide the network service; and validate the proof of authority for the network node before using the network service. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. A method, operational at a network node, comprising:
-
obtaining a request, from a device, to use a network service; obtaining a proof of authority for the device to use a first set of selectively activated features at the device, signed by an authorization server; validating the proof of authority for the device; identifying a second set of selectively activated features needed by the device to use the network service; and sending a response to the request based on results of validating the proof of authority for the device and determining whether the second set of selectively activated features is included in the first set of selectively activated features. - View Dependent Claims (25, 26, 27, 28, 29, 30, 31, 32, 33)
-
-
34. A network node, comprising:
-
a network communication circuit; and a processing circuit coupled to the network communication circuit, the processing circuit configured to; obtain a request, from a device, to use a network service; obtain a proof of authority for the device to use a first set of selectively activated features at the device, signed by an authorization server; validate the proof of authority for the device; identify a second set of selectively activated features needed by the device to use the network service; and send a response to the request based on determining whether the second set of selectively activated features is included in the first set of selectively activated features. - View Dependent Claims (35, 36, 37, 38, 39)
-
-
40. A method operational at a server, comprising:
-
obtaining a first list of selectively activated features of a device; and updating a second list of selectively activated features of the device, stored at the server, based on the first list, wherein the second list is associated with a subscription profile of the device, to reflect a change to an authorization status of at least one selectively activated feature in the second list. - View Dependent Claims (41, 42, 43, 44, 45, 46)
-
-
47. A server comprising:
-
a network communication circuit for communicating over a network; and a processing circuit coupled to the network communication circuit, the processing circuit configured to; obtain a first list of selectively activated features of a device; and update a second list of selectively activated features of the device, stored at the server, based on the first list, wherein the second list is associated with a subscription profile of the device, to reflect a change to an authorization status of at least one selectively activated feature in the second list. - View Dependent Claims (48, 49, 50)
-
Specification