Authentication key management system and method
First Claim
1. A method for securely programming a mobile system with sensitive authentication information, comprising the steps of:
- electrically connecting the mobile system to a first unit;
initiating a connection between said first unit and an authentication management system unit via a data network;
identifying a second sensitive authentication signal;
encrypting said second sensitive authentication signal;
transmitting said encrypted second sensitive authentication from said first unit to said authentication management system unit;
wherein said authentication management system unit uses said second sensitive authentication signal to generate first sensitive authentication information;
generating said first sensitive authentication information signal in the authentication management system unit;
encrypting said first sensitive authentication information;
transmitting said first encrypted sensitive authentication information signal from the authentication management system unit to a validation unit via the data network;
unencrypting said first encrypted sensitive authentication information signal in the validation unit; and
automatically programming said mobile system with said first sensitive authentication information.
0 Assignments
0 Petitions
Accused Products
Abstract
A system and method for enabling sensitive authentication information to be under the control of the service provider and transmitting only non-sensitive authentication information to the AC, and for providing a secure technique for generating sensitive authentication information and for securely transmitting to and storing the information in the mobile system (MS) and a storage device controlled by the service provider. The present invention utilizes a secure authentication center (SAC) and a secure A-key management system (SAMS) to perform authentication. The present invention automatically and securely generates and programs an MS and SAMS with the sensitive authentication information while significantly reducing the risk of misappropriation of the sensitive authentication information. The risk of misappropriation is reduced since the sensitive authentication information (or other sensitive information) need not be pre-programmed into the MS, or if it is pre-programmed, the sensitive authentication information can be re-programmed, thereby reducing the potential access to the information by unauthorized people before the MS is sold. In addition, the risk of misappropriation is reduced since the generation and programming system and method is performed automatically using a secured communication technique.
-
Citations
11 Claims
-
1. A method for securely programming a mobile system with sensitive authentication information, comprising the steps of:
-
electrically connecting the mobile system to a first unit; initiating a connection between said first unit and an authentication management system unit via a data network; identifying a second sensitive authentication signal; encrypting said second sensitive authentication signal; transmitting said encrypted second sensitive authentication from said first unit to said authentication management system unit; wherein said authentication management system unit uses said second sensitive authentication signal to generate first sensitive authentication information; generating said first sensitive authentication information signal in the authentication management system unit; encrypting said first sensitive authentication information; transmitting said first encrypted sensitive authentication information signal from the authentication management system unit to a validation unit via the data network; unencrypting said first encrypted sensitive authentication information signal in the validation unit; and automatically programming said mobile system with said first sensitive authentication information. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A system for securely programming a mobile system with sensitive authentication information, comprising:
-
a first unit, capable of securely communicating with a mobile system having a unique identifier, comprising; a receiver, for receiving said unique identifier and a first sensitive authentication information signal, and a programming unit, for automatically programming the mobile system with said first sensitive authentication information signal; and an authentication management system unit for communicating with said first unit over a wide area network, comprising; a first data generator for generating said first sensitive authentication information signal; and an encryption unit for encrypting said first sensitive authentication information signal. - View Dependent Claims (7, 8, 9, 10, 11)
-
Specification