Dynamic network-centric generation of public service access identification

US 8,424,070 B1
Filed: 11/05/2009
Issued: 04/16/2013
Est. Priority Date: 11/05/2009
Status: Expired due to Fees

First Claim

Patent Images

1. A system for authenticating a mobile device with a re-assignable generic credential in the mobile device, comprising:

a network access server configured to receive the re-assignable generic credential from the mobile device when the mobile device requests data services, and recognize the re-assignable generic credential as an authentication user delegate request based on a format of the re-assignable generic credential, wherein the re-assignable generic credential is not configured to authenticate the mobile device;

an authentication server configured to receive the re-assignable generic credential from the network access server, receive information that the re-assignable generic credential is the authentication user delegate request, verify that the re-assignable generic credential is valid, and contact an authentication user delegate server through a relay responsive to the re assignable generic credential being the authentication user delegate request; and

the authentication user delegate server configured to receive the re-assignable generic credential select a unique user credential for the mobile device, and instruct the authentication server to use the unique user credential to authenticate the mobile device,wherein the authentication server instructs the network access server to use the unique user credential for the mobile device in place of the re-assignable generic credential, and wherein the network access server registers the mobile device at a registration server using the unique user credential.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and media are provided for authenticating a mobile device using credentials supplied by a network rather than using a credential configured in the mobile device. As the mobile device requests access to the Internet, an AUD request is sent to an AUD service based on the generic credential in the mobile device. The AUD service generates a user-specific credential for the mobile that enables authentication by an authentication server and subsequent registration at a registration server.

Citations

20 Claims

1. A system for authenticating a mobile device with a re-assignable generic credential in the mobile device, comprising:
- a network access server configured to receive the re-assignable generic credential from the mobile device when the mobile device requests data services, and recognize the re-assignable generic credential as an authentication user delegate request based on a format of the re-assignable generic credential, wherein the re-assignable generic credential is not configured to authenticate the mobile device;
  
  an authentication server configured to receive the re-assignable generic credential from the network access server, receive information that the re-assignable generic credential is the authentication user delegate request, verify that the re-assignable generic credential is valid, and contact an authentication user delegate server through a relay responsive to the re assignable generic credential being the authentication user delegate request; and
  
  the authentication user delegate server configured to receive the re-assignable generic credential select a unique user credential for the mobile device, and instruct the authentication server to use the unique user credential to authenticate the mobile device,wherein the authentication server instructs the network access server to use the unique user credential for the mobile device in place of the re-assignable generic credential, and wherein the network access server registers the mobile device at a registration server using the unique user credential.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The system of claim 1, wherein the network access server cannot register the mobile device with the re-assignable generic credential.
  - 3. The system of claim 2, wherein the re-assignable generic credential is provided to the mobile device when the mobile device participates in an authentication user delegate service.
  - 4. The system of claim 3, wherein the authentication user delegate request comprises an identifier that indicates an authentication of the mobile device is accomplished using credentials provided by a network service rather than using credentials in the mobile device.
  - 5. The system of claim 4, wherein the unique user credential comprises a username and password for the mobile device.
  - 6. The system of claim 4, wherein the unique user credential is generated at the authentication user delegate server based on at least one of a set of rules, contextual information about the mobile device, user settings in the mobile device, a time, and a geographic location of the mobile device.
  - 7. The system of claim 6, wherein the unique user credential is assigned and shared among multiple mobile devices.

8. One or more non-transitory computer-readable media having computer useable instructions embodied thereon for causing one or more servers to authenticate a mobile device, comprising:
- receiving a credential at an authentication server transferred by the mobile device wherein the mobile device requests access to data services;
  
  determining if the credential comprises an authentication user delegate request based on a format of the credential;
  
  if the credential does not comprise the authentication user delegate request, authenticating the mobile device at the authentication server and sending an acknowledgement that the mobile device is authenticated; and
  
  if the credential comprises the authentication user delegate request and the credential comprises a re-assignable generic credential that is not configured to authenticate the mobile device;
  
  verifying that the credential is valid, contacting an authentication user delegate server through a relay of a plurality of relays wherein the relay is selected based on the format of the credential and wherein the plurality of relays are respectively connected to a plurality of authentication user delegate servers,receiving the credential at the authentication user delegate server,selecting a unique user credential for the mobile device,instructing the authentication server to use the unique user credential in place of the credential to authenticate the mobile device, andsending the acknowledgement that the mobile device is authenticated.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The media of claim 8, wherein the network access server cannot register the mobile device with the credential when the credential comprises the authentication user delegate request.
  - 10. The media of claim 9, wherein the authentication user delegate request comprises an identifier that indicates an authentication of the mobile device is accomplished using credentials provided by a network service rather than using credentials in the mobile device.
  - 11. The media of claim 10, wherein the unique user credential comprises a username and password for the mobile device.
  - 12. The media of claim 10, wherein the unique user credential is generated at the authentication user delegate server based on at least one of a set of rules, contextual information about the mobile device, user settings in the mobile device, a time, and a geographic location of the mobile device.
  - 13. The media of claim 12, wherein the unique user credential is assigned and shared among multiple mobile devices.
  - 14. The media of claim 13, further comprising registering the mobile device at a registration server using the unique user credential.

15. A system for causing one or more servers to authenticate a mobile device, comprising:
- an authentication server configured to receive a credential transferred by the mobile device and determines if the credential comprises an authentication user delegate request based on a format of the credential, wherein the mobile device requests access to data services;
  
  if the credential does not comprise the authentication user delegate request, the authentication server is configured to authenticate the mobile device at the authentication server and send an acknowledgement that the mobile device is authenticated; and
  
  if the credential comprises the authentication user delegate request and the credential comprises a re-assignable generic credential that is not configured to authenticate the mobile device, the authentication server is configured to verify that the credential is valid and contact an authentication user delegate server through a relay of a plurality of relays wherein the relay is selected based on the format of the credential and wherein the plurality of relays are respectively connected to a plurality of authentication user delegate servers, and send the acknowledgement that the mobile device is authenticated after receiving instructions from the authentication user delegate server;
  
  the authentication user delegate server configured to receive the credential, selects a unique user credential for the mobile device, and instruct the authentication server to use the unique user credential to authenticate the mobile device.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The system of claim 15, wherein the network access server cannot register the mobile device with the credential when the credential comprises the authentication user delegate request.
  - 17. The system of claim 16, wherein the authentication user delegate request comprises an identifier that indicates an authentication of the mobile device is accomplished using credentials provided by a network service rather than using credentials in the mobile device.
  - 18. The system of claim 17, wherein the unique user credential is generated at the authentication user delegate server based on at least one of a set of rules, contextual information about the mobile device, user settings in the mobile device, a time, and a geographic location of the mobile device.
  - 19. The system of claim 18, wherein the unique user credential is assigned and shared among multiple mobile devices.
  - 20. The system of claim 19, further comprising a registration server that registers the mobile device using the unique user credential.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
T-Mobile Innovations LLC (Deutsche Telekom AG)
Original Assignee
Sprint Communications Company LP (Deutsche Telekom AG)
Inventors
Reeves, Raymond Emilio, Karki, Prabhat, Lamsal, Sailesh, Wick, Ryan Alan
Primary Examiner(s)
HENNING, MATTHEW T

Application Number

US12/613,185
Time in Patent Office

1,258 Days
Field of Search

726/5
US Class Current

726/7
CPC Class Codes

H04L 63/08   for authentication of entit...

H04L 63/0884   by delegation of authentica...

H04W 12/06   Authentication

Dynamic network-centric generation of public service access identification

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Dynamic network-centric generation of public service access identification

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links