System and method for securing system content by automated device authentication
First Claim
1. A method for authentication of a requesting entity by an authenticating entity comprising:
- receiving, by an authenticating entity, a request for data from a requesting entity; and
sending, by the authenticating entity, challenge data to the requesting entity;
receiving, by the authenticating entity, the challenge data from the requesting entity;
wherein the challenge data is encrypted, by a computer processor, in one direction between the authenticating entity and the requesting entity, and the challenge data is sent in plain text in the other direction between the authenticating entity and the requesting entity;
wherein the challenge data comprises time data based on a current time of a system of the authenticating entity;
wherein the authenticating entity determines a received time of the received challenge data and calculates, by a computer processor, a time difference between the time data and the received time when the challenge data is received from the requesting entity; and
authenticating, by the authenticating entity, the requesting entity by comparing the challenge data sent to the requesting entity and the challenge data received from the requesting entity, and determining that the time difference is less than a predetermined threshold, wherein when the requesting entity requests data, the authenticating entity provides an application and a key for download by the requesting entity, and wherein the challenge data is encrypted by the requesting entity or the authenticating entity and decrypted by the authenticating entity or the requesting entity using the key.
6 Assignments
0 Petitions
Accused Products
Abstract
A system is provided for securely downloading content to a mobile telecommunications device. The system includes a mobile application to enable the mobile telecommunications device to send a request for content identified on a telecommunication provider system. The system includes a content application maintained by the content provider to retrieve content and promote delivery of the content to the mobile telecommunications device. The system also includes a challenge component and a response component, the response component communicates with the mobile application and encodes a challenge data. The challenge component communicates with the content application. The challenge component sends the challenge data to the mobile application and decodes the challenge data received from the mobile application to validate the response for delivery of the content to the mobile application.
-
Citations
14 Claims
-
1. A method for authentication of a requesting entity by an authenticating entity comprising:
-
receiving, by an authenticating entity, a request for data from a requesting entity; and sending, by the authenticating entity, challenge data to the requesting entity; receiving, by the authenticating entity, the challenge data from the requesting entity; wherein the challenge data is encrypted, by a computer processor, in one direction between the authenticating entity and the requesting entity, and the challenge data is sent in plain text in the other direction between the authenticating entity and the requesting entity; wherein the challenge data comprises time data based on a current time of a system of the authenticating entity; wherein the authenticating entity determines a received time of the received challenge data and calculates, by a computer processor, a time difference between the time data and the received time when the challenge data is received from the requesting entity; and authenticating, by the authenticating entity, the requesting entity by comparing the challenge data sent to the requesting entity and the challenge data received from the requesting entity, and determining that the time difference is less than a predetermined threshold, wherein when the requesting entity requests data, the authenticating entity provides an application and a key for download by the requesting entity, and wherein the challenge data is encrypted by the requesting entity or the authenticating entity and decrypted by the authenticating entity or the requesting entity using the key. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for authentication of a requesting entity by an authenticating entity comprising:
-
receiving, by an authenticating entity, a request for data from a requesting entity; sending, by the authenticating entity to the requesting entity, challenge data in plain text, wherein the challenge data comprises time data based on a current time of a system of the authenticating entity; receiving, by the authenticating entity from the requesting entity, the challenge data, wherein the received challenge data is encrypted, by a computer processor of the requesting entity; calculating, by a computer processor, a time difference between when the challenge data is sent to the requesting entity in plain text from the authenticating entity and when the encrypted challenge data is received by the authenticating entity from the requesting entity; and authenticating, by the authenticating entity, the requesting entity by decrypting the received encrypted challenge data and determining that the time difference is less than a predetermined threshold, wherein when the requesting entity requests data, the authenticating entity provides an application and a key for download by the requesting entity, and wherein the challenge data is encrypted by the requesting entity and decrypted by the authenticating entity using the key. - View Dependent Claims (9, 10, 11)
-
-
12. A method for authentication of a requesting entity by an authenticating entity comprising:
-
receiving, by an authenticating entity, a request for data from a requesting entity; encrypting, by a computer processor of the authenticating entity, challenge data; sending, by the authenticating entity to the requesting entity, the encrypted challenge data, wherein the challenge data comprises time data based on a current time of a system of the authenticating entity; receiving, by the authenticating entity from the requesting entity, the challenge data in plain text, wherein the received challenge data in plain text is decrypted by the requesting entity, and calculating a time difference between when the encrypted challenge data is sent to the requesting entity from the authenticating entity and when the challenge data in plain text is received by the authenticating entity from the requesting entity; and authenticating, by the authenticating entity, the requesting entity when the authenticating entity receives the challenge data in plain text and when the time difference is less than a predetermined threshold, wherein when the requesting entity requests data, the authenticating entity provides an application and a key for download by the requesting entity, and wherein the challenge data is encrypted by the authenticating entity and decrypted by the requesting entity using the key. - View Dependent Claims (13, 14)
-
Specification