System, method, and apparatus for on-demand limited security credentials in wireless and other communication networks
First Claim
1. A method comprising:
- storing a security credential associated with a communication network on a portable storage device, the portable storage device configured to provide the security credential to at least one communication device, the security credential needed by the at least one communication device to access or use the communication network;
detecting removal of the portable storage device from a specified location;
in response to the removal of the portable storage device from the specified location, starting a timer and allowing the at least one communication device to communicate over the communication network after the at least one communication device has obtained the security credential; and
revoking the security credential after a specified time period has elapsed as indicated by the timer;
wherein allowing the at least one communication device to communicate over the communication network comprises at least one of;
(i) authenticating the at least one communication device or (ii) authorizing the at least one communication device to communicate over the communication network.
1 Assignment
0 Petitions
Accused Products
Abstract
A method includes storing a security credential associated with a communication network on a portable storage device. The method also includes detecting removal of the portable storage device from a specified location. The method further includes allowing at least one communication device to communicate over the communication network using the security credential. In addition, the method includes revoking the security credential after a specified time period has elapsed. The portable storage device could represent a card, and the specified location could represent a card reader/writer. Also, the communication network could represent a wireless network, and the security credential could represent a cryptographic key.
-
Citations
20 Claims
-
1. A method comprising:
-
storing a security credential associated with a communication network on a portable storage device, the portable storage device configured to provide the security credential to at least one communication device, the security credential needed by the at least one communication device to access or use the communication network; detecting removal of the portable storage device from a specified location; in response to the removal of the portable storage device from the specified location, starting a timer and allowing the at least one communication device to communicate over the communication network after the at least one communication device has obtained the security credential; and revoking the security credential after a specified time period has elapsed as indicated by the timer; wherein allowing the at least one communication device to communicate over the communication network comprises at least one of;
(i) authenticating the at least one communication device or (ii) authorizing the at least one communication device to communicate over the communication network. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system comprising:
-
a communication network; and a trust center configured to; store a security credential associated with the communication network on a portable storage device, the portable storage device configured to provide the security credential to at least one communication device, the security credential needed by the at least one communication device to access or use the communication network; detect removal of the portable storage device from a specified location; in response to the removal of the portable storage device from the specified location, start a timer and allow the at least one communication device to communicate over the communication network after the at least one communication device has obtained the security credential; and revoke the security credential after a specified time period has elapsed as indicated by the time; wherein the trust center is configured to allow the at least one communication device to communicate over the communication network by at least one of;
(i) authenticating the at least one communication device or (ii) authorizing the at least one communication device to communicate over the communication network. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. An apparatus comprising:
-
an interface configured to provide access to a portable storage device; a security credentials controller configured to; generate a security credential associated with a communication network; store the security credential on the portable storage device, the portable storage device configured to provide the security credential to at least one communication device, the security credential needed by the at least one communication device to access or use the communication network; detect removal of the portable storage device from a specified location; start a timer in response to the removal of the portable storage device from the specified location; and revoke the security credential after a specified time period has elapsed as indicated by the timer; and an authentication controller configured to allow, in response to the removal of the portable storage device from a specified location, the at least one communication device to communicate over the communication network after the at least one communication device has obtained the security credential when the security credential is valid, the authentication controller configured to at least one of;
(i) authenticate the at least one communication device or (ii) authorize the at least one communication device to communicate over the communication network. - View Dependent Claims (18, 19, 20)
-
Specification