Authentication method, system, server, and client
First Claim
1. In a client device configured to establish a session with a server, a method for establishing the session when the server requests the client to initiate the session using a Trigger message, the method comprising:
- receiving a Trigger message from a server that includes a session ID identifying a session to be triggered, a system time of the server and a first digest;
determining that a difference between a local time of the client and the system time of the server is within a predetermined threshold;
calculating a second digest using the system time of the server;
authenticating the first digest carried in the Trigger message by comparing the first digest and the second digest; and
based on the authentication, sending a session request including the session ID carried in the Trigger message to the server.
1 Assignment
0 Petitions
Accused Products
Abstract
An authentication method is disclosed herein. The method includes: by a server, using a Trigger message nonce to generate a Trigger message, and sending the generated Trigger message to a client so that the client can extract the Trigger message nonce; after determining that the Trigger message nonce is valid, using the Trigger message nonce to generate a digest, and authenticating the Trigger message generated by using the Trigger message nonce; after the authentication succeeds, sending a session request to the server indicated by the Trigger message, where the session request carries a session ID. The corresponding system, server and client are disclosed herein. The present invention makes the authentication process more secure through the client and the server based on the DS or DM protocol.
-
Citations
4 Claims
-
1. In a client device configured to establish a session with a server, a method for establishing the session when the server requests the client to initiate the session using a Trigger message, the method comprising:
-
receiving a Trigger message from a server that includes a session ID identifying a session to be triggered, a system time of the server and a first digest; determining that a difference between a local time of the client and the system time of the server is within a predetermined threshold; calculating a second digest using the system time of the server; authenticating the first digest carried in the Trigger message by comparing the first digest and the second digest; and based on the authentication, sending a session request including the session ID carried in the Trigger message to the server. - View Dependent Claims (2)
-
-
3. A client device configured to establish a session with a server, comprising a receiver, a transmitter, a processor and computer executable instructions stored on a non-transitory computer readable storage medium, wherein:
-
the receiver is configured to receive a Trigger message from a server that includes a session ID identifying a session to be triggered, a system time of a server and a first digest; the computer executable instructions stored on a non-transitory computer readable storage medium are configured such that, when executed by the processor, cause the client device to, determine that a difference between a local time of the client and the system time of the server is within a predetermined threshold, calculate a second digest using the system time of the server, and authenticate the first digest carried in the Trigger message by comparing the first digest and the second digest; and the transmitter is configured to send a session request including the session ID carried in the Trigger message to the server based on the authentication. - View Dependent Claims (4)
-
Specification