Using a network-service credential for access control
First Claim
Patent Images
1. A method for controlling access to a service over a network, said method comprising:
- receiving a network-service credential at a device, wherein said network-service credential is issued by a provider of said service and includes a value to indicate that said device is enrolled in said network, wherein the value is selected from the group including a name of the service provider and an Internet Protocol (IP) address of the service provider;
identifying a device-manufacturer credential that is stored in a non-volatile memory of said device and that identifies a manufacturer of said device;
storing said network-service credential in said non-volatile memory on said device to replace the device-manufacturer credential, wherein the existence of said network-service credential in said non-volatile memory binds said device to said network and prevents said device from accessing other networks besides the network; and
said device presenting said networkservice credential to the provider of said service, wherein said provider uses said network-service credential to authenticate and authorize said device, wherein upon authorization said device is provided access to said service.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and devices for controlling access to a service over a network are described. A credential is provided to a device. The credential indicates the device is enrolled in the network. The credential is stored in non-volatile memory on the device. The credential binds the device to the network and prevents the device from accessing another network. The device presents the credential to a provider, and the provider uses the credential to authenticate and authorize the device. Upon authorization, the device is provided access to the service.
-
Citations
15 Claims
-
1. A method for controlling access to a service over a network, said method comprising:
-
receiving a network-service credential at a device, wherein said network-service credential is issued by a provider of said service and includes a value to indicate that said device is enrolled in said network, wherein the value is selected from the group including a name of the service provider and an Internet Protocol (IP) address of the service provider; identifying a device-manufacturer credential that is stored in a non-volatile memory of said device and that identifies a manufacturer of said device; storing said network-service credential in said non-volatile memory on said device to replace the device-manufacturer credential, wherein the existence of said network-service credential in said non-volatile memory binds said device to said network and prevents said device from accessing other networks besides the network; and said device presenting said networkservice credential to the provider of said service, wherein said provider uses said network-service credential to authenticate and authorize said device, wherein upon authorization said device is provided access to said service. - View Dependent Claims (2, 3, 4, 5)
-
-
6. An apparatus, comprising:
-
a bus; one or more processors coupled to said bus; and a memory unit coupled to said bus, said memory unit containing instructions that when executed by the processors are operable to; receive a network service credential sent from an issuing device operated by a service provider that controls access to a service, the network service credential logically associating the network service credential with the service provider through inclusion of a name or address of the service provider in the network service credential; identify, in a non-volatile memory of said apparatus, a location corresponding to a device-manufacturer credential that identifies a manufacturer of said apparatus; store said network service credential in the identified location in the non-volatile memory wherein the existence of said network-service credential in said non-volatile memory binds said apparatus to a network and prevents said apparatus from accessing other networks besides the network; and present said network service credential to said service provider for allowing said service provider to authenticate and authorize said apparatus to access the service based on the network service credential. - View Dependent Claims (7, 8, 9, 10, 11, 12)
-
-
13. An apparatus, comprising:
-
one or more processors; and a memory unit coupled to said bus, said memory unit containing instructions that when executed by the processors are operable to; receive a network service credential sent from an issuing device operated by a service provider that controls access to a service, the network service credential logically associating the network service credential with the service provider though inclusion of a name or address of the service provider in the network service credential; identify a location in a non-volatile memory of the apparatus for storing a device- manufacturer credential that identifies a manufacturer of said apparatus; and store the received credential in the identified location in the memory to replace the device-manufacturer credential, wherein the existence of said network service credential in said non-volatile memory binds said apparatus to a network and prevents said apparatus from accessing other networks besides the network. - View Dependent Claims (14, 15)
-
Specification