Remote feature activation authentication file system

US 7,913,301 B2
Filed: 10/30/2006
Issued: 03/22/2011
Est. Priority Date: 12/26/2002
Status: Active Grant

First Claim

Patent Images

1. A method for installing a computational component on a first computational system, comprising:

providing a computational component for installation by a user on a first computational system, the computational component having a first set of authentication information permitting a first set of operations to be performed on the computational component, wherein the first set of authentication information corresponds to a first login and comprises a first key and/or password, and wherein the first set of operations comprises requesting delivery of a second set of authentication information;

receiving, at a network interface of a remote feature activation system, the first set of authentication information from the user before, during, or after installation of the computational component on the first computational system;

verifying, at the remote feature activation system, the first set of authentication information;

after the first set of authentication information is successfully verified, receiving a request from the user for the second set of authentication information, which permits a second set of operations to be performed on the computational component, the first and second sets of operations being different, wherein the first set of operations provides access by the user to fewer validly licensed operational features than the second set of operations;

receiving an authentication file containing the second set of authentication information, the second set of authentication information comprising a unique identifier of the first computational system, corresponding to a second login, and comprising a second key and/or password, whereby the unique identifier links the second set of authentication information with the first computational system such that the second set of authentication information cannot be used on a second computational system having a different unique identifier; and

loading the authentication file onto the first computational system.

View all claims

23 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for providing a user with authorization to perform one or more functions using or otherwise involving a computational component is provided. The system includes an authentication file system 100 operable to (a) receive a request from a user for a second set of authentication information permitting a second set of operations to be performed on a computational component, wherein the computational component is operable to be installed by the user on the computational system, wherein the computational component contains a first set of authentication information permitting a first set of operations to be performed on the computational component; and wherein the first and second sets of operations are different; (b) generate an authentication file containing the second set of authentication information; and (c) transmit the authentication file to the computational system.

261 Citations

19 Claims

1. A method for installing a computational component on a first computational system, comprising:
- providing a computational component for installation by a user on a first computational system, the computational component having a first set of authentication information permitting a first set of operations to be performed on the computational component, wherein the first set of authentication information corresponds to a first login and comprises a first key and/or password, and wherein the first set of operations comprises requesting delivery of a second set of authentication information;
  
  receiving, at a network interface of a remote feature activation system, the first set of authentication information from the user before, during, or after installation of the computational component on the first computational system;
  
  verifying, at the remote feature activation system, the first set of authentication information;
  
  after the first set of authentication information is successfully verified, receiving a request from the user for the second set of authentication information, which permits a second set of operations to be performed on the computational component, the first and second sets of operations being different, wherein the first set of operations provides access by the user to fewer validly licensed operational features than the second set of operations;
  
  receiving an authentication file containing the second set of authentication information, the second set of authentication information comprising a unique identifier of the first computational system, corresponding to a second login, and comprising a second key and/or password, whereby the unique identifier links the second set of authentication information with the first computational system such that the second set of authentication information cannot be used on a second computational system having a different unique identifier; and
  
  loading the authentication file onto the first computational system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein the first computational system is a telecommunication switch or server and the computational component is software to be loaded onto the switch or server, wherein the first set of operations provides, at most, only limited access to validly licensed operational features and the second set of operations provides full access to validly licensed operational features, and the method further comprising:
    - determining, by the first computational system, whether or not the unique identifier contained in the second set of authentication information matches the unique identifier of the first computational system;
      
      determining, by the first computational system, whether or not a right to use the computational component has expired;
      
      determining, by the first computational system, whether or not a version contained in the second set of authentication information matches a version of the computational component;
      
      wherein when the unique identifier in the second set of authentication information matches the unique identifier of the first computational system, when the right to use the computational component has not expired, and when the version in the second set of authentication information matches the version of the computational component, the second set of authentication information is considered to be valid; and
      
      wherein when one or more of the following is true;
      
      when the unique identifier in the second set of authentication information does not match the unique identifier of the first computational system, when the right to use the computational component has expired, or when the version in the second set of authentication information does not match the version of the computational component, the second set of authentication information is considered to be invalid.
  - 3. The method of claim 1, wherein the first set of authentication information comprises a default password and the first set of operations comprise requesting delivery of the authentication file.
  - 4. The method of claim 1, wherein the unique identifier is a serial number of a processor in the first computational system.
  - 5. The method of claim 1, wherein the user is a non-trusted party.
  - 6. The method of claim 1, wherein the second set of operations comprise logging onto the computational component and accessing information contained therein.
  - 7. The method of claim 1, wherein the authentication file is received in encrypted form.
  - 8. The method of claim 1, wherein the loading step comprises:
    - validating the authentication file; and
      
      decrypting the authentication file.
  - 9. The method of claim 8, wherein the validating step comprises at least one of the following operations (a) determining whether or not a serial number contained in the authentication file matches a serial number associated with the first computational system, (b) determining whether or not a right to use the computational component has expired, (c) determining whether or not a version contained in the authentication file matches a version of the computational component, (d) verifying data integrity of the authentication file, and (e) determining whether or not the authentication file length and format are correct.
  - 10. The method of claim 1, wherein the authentication file further comprises a platform type associated with the first computational system, a software release associated with software operating on the first computational system, and a right-to-use expiration date associated with the software.

11. A first telecommunication system, comprising:
- a computational component, the computational component having a first set of authentication information permitting a first set of operations to be performed on the computational component, wherein the first set of authentication information corresponds to a first login and comprises a first key and/or password, and wherein the first set of operations comprises requesting delivery of a second set of authentication information; and
  
  a local access controller operable to receive the second set of authentication information at a network interface, verify the second set of authentication information, and, if the second set of authentication information is successfully verified, load the second set of authentication information into the first telecommunication system, wherein the second set of authentication information permits a second set of operations to be performed on the computational component and wherein the first and second sets of operations are different, wherein the first set of operations provides access by the user to fewer validly licensed operational features than the second set of operations, wherein the second set of authentication information comprises a unique identifier of the first telecommunication system, corresponds to a second login, and comprises a second key and/or password, whereby the unique identifier links the second set of authentication information with the first telecommunication system such that the second set of authentication information cannot be used with a second telecommunication system having a different unique identifier.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
- - 12. The system of claim 11, wherein the computational component is software to be loaded onto the first telecommunication system.
  - 13. The system of claim 11, wherein the first set of authentication information comprises a default password and the first set of operations comprise requesting delivery of an authentication file.
  - 14. The system of claim 13, wherein the unique identifier is a serial number of a processor in the first telecommunication system.
  - 15. The system of claim 13, wherein the authentication file is received in encrypted form.
  - 16. The system of claim 13, wherein the local access controller is operable to validate the authentication file and decrypt the authentication file.
  - 17. The system of claim 16, wherein validation comprises at least one of the following operations (a) determining whether or not a serial number contained in the authentication file matches a serial number associated with the first telecommunication system, (b) determining whether or not a right to use the computational component has expired, (c) determining whether or not a version contained in the authentication file matches a version of the computational component, (d) verifying data integrity of the authentication file, and (e) determining whether or not the authentication file length and format are correct.
  - 18. The system of claim 11, wherein the user is a non-trusted party.
  - 19. The system of claim 11, wherein the second set of operations comprise logging onto the computational component and accessing information contained therein.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Avaya Incorporated
Original Assignee
Avaya Incorporated
Inventors
Serkowski, Robert J., Walker, William T.
Primary Examiner(s)
Davis, Zachary A

Application Number

US11/554,268
Publication Number

US 20070094710A1
Time in Patent Office

1,604 Days
Field of Search

726 16- 19, 726 5- 7, 380/278, 380/277, 713/168, 713/182, 713/183
US Class Current

726/18
CPC Class Codes

G06F 21/6218 to a system of files or obj...

Remote feature activation authentication file system

First Claim

23 Assignments

0 Petitions

Accused Products

Abstract

261 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Remote feature activation authentication file system

First Claim

23 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

261 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links