System and method for securing system content by automated device authentication
First Claim
1. A method for authentication of a requesting entity by an authenticating entity comprising:
- the requesting entity sending to the authenticating entity a request for data;
the authenticating entity retrieving a time data based on a current time of a system of the authenticating entity;
the authenticating entity sending the retrieved time data to the requesting entity;
the requesting entity returning the retrieved time to the authenticating entity;
the authenticating entity determining a received time and calculating a time difference between the retrieved time data and the received time when the retrieved time is received by the authenticating entity;
encrypting and decrypting the retrieved time data using a key maintained by both the requesting entity and the authenticating entity,wherein the retrieved time data is encrypted by the requesting entity and decrypted by the authenticating entity,wherein the authenticating entity sending the retrieved time to the requesting entity is performed by sending the retrieved time in plain text, andwhen the time difference is less than a predetermined threshold, the authenticating entity authenticating the requesting entity.
6 Assignments
0 Petitions
Accused Products
Abstract
A system is provided for securely downloading content to a mobile telecommunications device. The system includes a mobile application to enable the mobile telecommunications device to send a request for content identified on a telecommunication provider system. The system includes a content application maintained by the content provider to retrieve content and promote delivery of the content to the mobile telecommunications device. The system also includes a challenge component and a response component, the response component communicates with the mobile application and encodes a challenge data. The challenge component communicates with the content application. The challenge component sends the challenge data to the mobile application and decodes the challenge data received from the mobile application to validate the response for delivery of the content to the mobile application.
-
Citations
22 Claims
-
1. A method for authentication of a requesting entity by an authenticating entity comprising:
-
the requesting entity sending to the authenticating entity a request for data; the authenticating entity retrieving a time data based on a current time of a system of the authenticating entity; the authenticating entity sending the retrieved time data to the requesting entity; the requesting entity returning the retrieved time to the authenticating entity; the authenticating entity determining a received time and calculating a time difference between the retrieved time data and the received time when the retrieved time is received by the authenticating entity; encrypting and decrypting the retrieved time data using a key maintained by both the requesting entity and the authenticating entity, wherein the retrieved time data is encrypted by the requesting entity and decrypted by the authenticating entity, wherein the authenticating entity sending the retrieved time to the requesting entity is performed by sending the retrieved time in plain text, and when the time difference is less than a predetermined threshold, the authenticating entity authenticating the requesting entity. - View Dependent Claims (2, 3, 4)
-
-
5. A system for securely downloading content to a mobile telecommunications device comprising:
-
a mobile application on the mobile telecommunications device that sends a request for content, the mobile application downloaded from a telecommunications provider system for use by the mobile telecommunications device to download content identified on the telecommunications provider system; a content application maintained by a content provider that receives the request for content from the mobile application, where the content application retrieves the content and promotes delivery of the content to the mobile telecommunications device; a response component in communication with the mobile application, the response component on the mobile telecommunications device, where the response component encrypts a challenge data; and a challenge component in communication with the content application, where the challenge component sends the challenge data to the mobile application and decrypts the encrypted challenge data received from the mobile application to authenticate the mobile telecommunications device for delivery of the content to the mobile telecommunications device, wherein the challenge data is a time data the content provider obtained by the challenge component, the challenge component operable to determine a time difference between the time data with a received time related to when the challenge component receives the encrypted time data from the response component, such that when the time difference exceeds a predetermined threshold the challenge component prohibits transfer of the content. - View Dependent Claims (6, 7, 8, 9)
-
-
10. A method for authentication of a requesting entity by an authenticating entity to download content, comprising:
-
downloading, from a telecommunications provider system by a portable device, an application in response to identifying content to download to the portable device; sending a request for content from the portable device to a content provider system maintaining the content to download to the portable device; obtaining, by the content provider system, challenge data; communicating the challenge data to the portable device; encrypting, by the portable device, the challenge data; receiving the encrypted challenge data by the content provider system; decrypting the challenge data to authenticate the portable device, wherein the challenge data is a time data from the content provider system; calculating a time difference between the time data retrieved by the content provider system and communicated by the content provider system to the mobile device and a received time when the time data is received by the content provider system from the portable device; and when the time difference is less than a predetermined threshold, the content provider system accepting the portable device request for content. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
-
18. A method for authentication of a requesting entity by an authenticating entity to download content, comprising:
-
sending a request for content from a portable device to a content provider system maintaining content to download to the portable device; obtaining, by the content provider system, challenge data, wherein the challenge data is a current time of the content provider system; encrypting, by the content provider system, the challenge data; communicating the encrypted challenge data to the portable device; decrypting, by the portable device, the encrypted challenge data; returning, by the portable device, the decrypted challenge data to the content provider system in plain text; receiving the returned decrypted challenge data in plain text by the content provider system; determining, by the content provider system, a received time and calculating a time difference between the returned decrypted challenge data in plain text and the received time; and authenticating, by the content provider system, the portable device when the time difference is less than a predetermined threshold. - View Dependent Claims (19, 20)
-
-
21. A system for securely downloading content to a mobile telecommunications device comprising:
-
a mobile application on the mobile telecommunications device that sends a request for content, the mobile application downloaded from a telecommunications provider system for use by the mobile telecommunications device to download content identified on the telecommunications provider system; a content application maintained by a content provider that receives the request for content from the mobile application, where the content application retrieves the content and promotes delivery of the content to the mobile telecommunications device; a challenge component in communication with the content application, where the challenge component encrypts the challenge data and sends the encrypted challenge data to the mobile application; a response component in communication with the mobile application, the response component on the mobile telecommunications device, where the response component decrypts the encrypted challenge data, wherein the challenge component receives the decrypted challenge data from the mobile application to authenticate the mobile telecommunications device for delivery of the content to the mobile telecommunications device; and wherein the challenge data is a time data the content provider obtained by the challenge component, the challenge component operable to determine a time difference between the time data with a received time related to when the challenge component receives the encrypted time data from the response component, such that when the time difference exceeds a predetermined threshold the challenge component prohibits transfer of the content.
-
-
22. A method for authentication of a requesting entity by an authenticating entity to download content, comprising:
-
downloading, from a telecommunications provider system by a portable device, an application in response to identifying content to download to the portable device; sending a request for content from the portable device to a content provider system maintaining the content to download to the portable device; obtaining, by the content provider system, challenge data; encrypting, by the content provider system, the challenge data; communicating the encrypted challenge data to the portable device; decrypting, by the portable device, the encrypted challenge data; receiving the decrypted challenge data by the content provider system to authenticate the portable device, wherein the challenge data is a time data from the content provider system; calculating a time difference between the time data retrieved by the content provider system and communicated by the content provider system to the mobile device and a received time when the time data is received by the content provider system from the portable device; and when the time difference is less than a predetermined threshold, the content provider system accepting the portable device request for content.
-
Specification