Method and system for gateway-based authentication

US 7,503,065 B1
Filed: 04/24/2002
Issued: 03/10/2009
Est. Priority Date: 04/24/2002
Status: Active Grant

First Claim

Patent Images

1. A gateway comprising:

a user communication interface;

a processor; and

a set of instructions executable by the processor to receive via the communication interface a device identifier, the device identifier being associated with a user device;

the set of instructions being further executable to identify, directly from the device identifier, an authorized user of the device;

the set of instructions being further executable to receive via the communication interface a gateway password that is associated with the authorized user;

the set of instructions being further executable to set an authentication flag in response to the device identifier and the gateway password being received at the gateway;

the set of instructions being further executable to pass an authentication indicator to at least one application in response to the authentication flag being set, wherein the application comprises an interactive application provided by a third party independent of a provider of wireless communication services;

the set of instructions being further executable to pass to the at least one application a static unique identifier that is associated with the authorized user.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system permits efficient user authentication based on a gateway rather than information or hardware of a user'"'"'s communication device. The system may include a gateway that is operated by a trusted entity, the gateway logically connected between a communication network, such as the Internet, and the user'"'"'s device. The gateway can authenticate a user using device-specific as well as user-specific identifiers, and the authentication can then be passed on to multiple applications that are accessible via the network.

Citations

22 Claims

1. A gateway comprising:
- a user communication interface;
  
  a processor; and
  
  a set of instructions executable by the processor to receive via the communication interface a device identifier, the device identifier being associated with a user device;
  
  the set of instructions being further executable to identify, directly from the device identifier, an authorized user of the device;
  
  the set of instructions being further executable to receive via the communication interface a gateway password that is associated with the authorized user;
  
  the set of instructions being further executable to set an authentication flag in response to the device identifier and the gateway password being received at the gateway;
  
  the set of instructions being further executable to pass an authentication indicator to at least one application in response to the authentication flag being set, wherein the application comprises an interactive application provided by a third party independent of a provider of wireless communication services;
  
  the set of instructions being further executable to pass to the at least one application a static unique identifier that is associated with the authorized user.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 16, 17)
- - 2. The gateway of claim 1, wherein the set of instructions is further executable to receive a user ID via the communication interface, the user ID being associated with the user;
    - the set of instructions being further executable to set the authentication flag in response to receiving the user ID, wherein the authentication flag is not set unless the user ID, the device identifier, and the gateway password are received at the gateway.
  - 3. The gateway of claim 2, further comprising:
    - a network interface;
      
      wherein the authentication indicator and the static unique identifier are passed to the at least one application via the network interface.
  - 4. The gateway of claim 3, wherein the gateway receives, via the network interface, application information from the at least one application that is normally available only after a user enters an application password that is associated with a particular user and with the application, the application information being received in response to the authentication indicator and the static unique identifier being passed to the at least one application.
  - 5. The gateway of claim 1, wherein the authentication indicator is passed to the at least one application in an HTTP header.
  - 6. The gateway of claim 1, wherein the gateway comprises a voice-command platform and the gateway password comprises a human speech signal.
  - 7. The gateway of claim 1, wherein the gateway password comprises one or more DTMF signals.
  - 8. The gateway of claim 1, wherein the application information is received from a plurality of applications during a single communication session.
  - 9. The gateway of claim 8, wherein the application information is transmitted via the user communication interface.
  - 16. The gateway of claim 1, wherein the device identifier is selected from the group consisting of a mobile identification number, a mobile device number, a mobile subscriber identification, and an electronic serial number.
  - 17. The gateway of claim 1, wherein the device identifier comprises a mobile identification number.

10. A gateway comprising:
- a user communication interface;
  
  a network interface;
  
  a processor; and
  
  a set of instructions executable by the processor to receive, via the communication interface, at least a device identifier associated with a user device;
  
  the set of instructions being further executable to identify, directly from the device identifier, an authorized user of the device;
  
  the set of instructions being further executable to receive a gateway password via the communication interface, the gateway password being associated with a user of the device;
  
  the set of instructions being further executable to set an authentication flag in response to the device identifier and the gateway password being received at the gateway;
  
  the set of instructions being further executable to pass an authentication indicator to at least one application when the authentication flag is set, wherein the application comprises an interactive application provided by a third party independent of a provider of wireless communication services;
  
  the set of instructions being further executable to pass to the at least one application a static unique identifier associated with the individual user;
  
  wherein the authentication indicator and the static unique identifier are passed to the at least one application via the network interface, and wherein the gateway receives, via the network interface, application information from the at least one application that is normally available only after a user enters an application password that is associated with a user and with the at least one application, the application information being received in response to the authentication indicator and the static unique identifier being passed to the at least one application;
  
  wherein the application information is transmitted via the communication interface.
- View Dependent Claims (11, 12, 13, 14, 15)
- - 11. The gateway of claim 10, wherein the gateway comprises a voice-command platform and the gateway password comprises a human speech signal.
  - 12. The gateway of claim 10, wherein the gateway password comprises one or more DTMF signals.
  - 13. The gateway of claim 10, wherein the application information is received from a plurality of applications during a single communication session.
  - 14. The gateway of claim 10, wherein the set of instructions is further executable to receive a user ID via the communication interface, the user ID being associated with an individual user;
    - the set of instructions being further executable to set the authentication flag in response to receiving the user ID.
  - 15. The gateway of claim 14, wherein the set of instructions is further executable to transmit a prompt for the gateway password via the communication interface, the prompt being transmitted when a record indicates that there are a plurality of users associated with the user device.

18. A method for authenticating a user of a communication device, the method comprising:
- receiving at least a device identifier, the device identifier being associated with the communication device;
  
  identifying, directly from the device identifier, an authorized user of the device;
  
  receiving a gateway password, the gateway password being associated with a user of the communication device;
  
  setting an authentication flag in response to receiving the device identifier and the gateway password;
  
  passing an authentication indicator to at least one application in response to the authentication flag being set, wherein the application comprises an interactive application provided by a third party independent of a provider of wireless communication services, the authentication indicator being associated with the gateway password and the communication device; and
  
  passing to the at least one application a static unique identifier in response to the authentication flag being set, the static, unique identifier being associated with the gateway password and the communication device.
- View Dependent Claims (19, 20, 21)
- - 19. The method of claim 18, further comprising:
    - receiving secure information from the at least one application in response to passing the authentication indicator and the static, unique identifier to the at least one application.
  - 20. The method of claim 18, wherein the at least one application is a plurality of applications.
  - 21. The method of claim 18, further comprising:
    - receiving a user ID, the user ID being associated with a user of the communication device;
      
      wherein the authentication flag is not set unless the user ID is received.

22. A method for authenticating a user of a communication device, the method comprising:
- receiving a device identifier, the device identifier being associated with the communication device;
  
  identifying, directly from the device identifier, an authorized user of the device;
  
  receiving a gateway password, the gateway password being associated with a user of the communication device;
  
  receiving a user ID, the user ID being associated with the user of the communication device;
  
  setting an authentication flag in response to receiving the device identifier, the user ID, and the gateway password;
  
  passing an authentication indicator to a plurality of applications in response to the authentication flag being set, wherein the applications comprise interactive applications provided by third parties independent of a provider of wireless communication services, the authentication indicator being associated with the gateway password and the communication device; and
  
  passing to the at least one application a static unique identifier in response to the authentication flag being set, the static, unique identifier being associated with the gateway password and the communication device; and
  
  receiving secure information from the plurality of applications in response to passing the authentication indicator and the static, unique identifier to the plurality of applications.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sprint Spectrum LLC (Deutsche Telekom AG)
Original Assignee
Sprint Spectrum LP (Deutsche Telekom AG)
Inventors
Urbanek, Robert, Packingham, Kevin
Primary Examiner(s)
Abrishamkar; Kaveh

Application Number

US10/128,828
Time in Patent Office

2,512 Days
Field of Search

726/4, 726/8, 726/12
US Class Current

726/12
CPC Class Codes

G06F 21/41   where a single sign-on prov...

H04L 63/083   using passwords cryptograph...

H04M 3/385   using speech signals

Method and system for gateway-based authentication

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for gateway-based authentication

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links