Method and system for providing multifactor authentication

US 8,495,720 B2
Filed: 05/06/2010
Issued: 07/23/2013
Est. Priority Date: 05/06/2010
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

determining, via a processor, whether a user equipment has been authenticated for an access network;

receiving an identifier corresponding to the user equipment; and

when the user equipment is authenticated for the access network, generating, via a processor, an alias identifier based on the received identifier corresponding to the user equipment for use in combination with a universal user identifier to authenticate a user corresponding to the user equipment for accessing a plurality of services via the access network,wherein the user equipment is a computing device that communicates over the access network, andwherein the alias identifier is generated by performing a hashing operation on the received identifier corresponding to the user equipment, and the access network is a wireless network, the services including a web-based service or a network service.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An approach is provided for using multifactor authentication to access multiple services. A determination is made that a user equipment has been authenticated for an access network. An identifier corresponding to the user equipment is received. An alias identifier is generated based on the received user equipment identifier for use in combination with a universal user identifier to authenticate a user corresponding to the user equipment for accessing a plurality of services via the access network.

77 Citations

View as Search Results

16 Claims

1. A method comprising:
- determining, via a processor, whether a user equipment has been authenticated for an access network;
  
  receiving an identifier corresponding to the user equipment; and
  
  when the user equipment is authenticated for the access network, generating, via a processor, an alias identifier based on the received identifier corresponding to the user equipment for use in combination with a universal user identifier to authenticate a user corresponding to the user equipment for accessing a plurality of services via the access network,wherein the user equipment is a computing device that communicates over the access network, andwherein the alias identifier is generated by performing a hashing operation on the received identifier corresponding to the user equipment, and the access network is a wireless network, the services including a web-based service or a network service.
- View Dependent Claims (2, 3, 4)
- - 2. The method according to claim 1, further comprising:
    - storing the generated alias identifier within local memory; and
      
      initiating transmission of the generated alias identifier to the user equipment for storage therein.
  - 3. The method according to claim 2, further comprising:
    - communicating with a universal identification service module to validate the user equipment based on the alias identifier stored within the user equipment, wherein the universal identification service module is configured to assign the universal user identifier to the user.
  - 4. The method according to claim 1, further comprising:
    - assigning a validity period to the alias identifier that specifies an expiration value for the alias identifier.

5. An apparatus comprising:
- at least one processor; and
  
  at least one memory including computer program code,the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus to perform at least the following,determine that a user equipment has been authenticated for an access network;
  
  receive an identifier corresponding to the user equipment; and
  
  when the user equipment is authenticated for the access network, generate an alias identifier based on the received identifier corresponding to the user equipment for use in combination with a universal user identifier to authenticate a user corresponding to the user equipment for accessing a plurality of services via the access network,wherein the user equipment is a computing device that communicates over the access network, andwherein the alias identifier is generated by performing a hashing operation on the received identifier corresponding to the user equipment, and the access network is a wireless network, the services including a web-based service or a network service.
- View Dependent Claims (6, 7, 8)
- - 6. The apparatus according to claim 5, wherein the apparatus is further caused, at least in part, to:
    - store the generated alias identifier within local memory; and
      
      initiate transmission of the generated alias identifier to the user equipment for storage therein.
  - 7. The apparatus according to claim 6, wherein the apparatus is further caused, at least in part, to:
    - communicate with a universal identification service module to validate the user equipment based on the alias identifier stored within the user equipment, wherein the universal identification service module is configured to assign the universal user identifier to the user.
  - 8. The apparatus according to claim 5, wherein the apparatus is further caused, at least in part, to:
    - assign a validity period to the alias identifier that specifies an expiration value for the alias identifier.

9. A method comprising:
- receiving an equipment identifier of a user equipment from the user equipment;
  
  forwarding the equipment identifier to a network identity service module for authenticating the user equipment to permit access on a communication network, wherein the network identity service module is configured to manage the equipment identifier;
  
  when the user equipment is authenticated by the network identity service, receiving a universal user identifier associated with a user of the user equipment, wherein the universal user identifier provides access to a plurality of services; and
  
  authenticating the user based on the universal user identifier to access one or more of the plurality of services,wherein the user equipment is a computing device that communicates over the communication network, andwherein the equipment identifier is an alias identifier that is generated by performing a hashing operation on the received equipment identifier of the user equipment, and the communication network is a wireless network, the services including a web-based service or a network service.
- View Dependent Claims (10, 11, 12)
- - 10. The method according to claim 9, wherein the network identity service module authenticates the user equipment by retrieving a stored version of the alias identifier for comparison with an alias identifier provided by the user equipment.
  - 11. The method according to claim 9, further comprising:
    - generating a request for one or more credentials from the user equipment, wherein the credentials include the alias identifier and the universal user identifier.
  - 12. The method according to claim 11, wherein the credentials further include a user password and address of a portal for the network identity service module.

13. An apparatus comprising:
- at least one processor; and
  
  at least one memory including computer program code,the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus to perform at least the following,receive an equipment identifier of a user equipment from the user equipment;
  
  forward the equipment identifier to a network identity service module for authenticating the user equipment to permit access on a communication network, wherein the network identity service module is configured to manage the equipment identifier;
  
  when the user equipment is authenticated by the network identity service, receive a universal user identifier associated with a user of the user equipment, wherein the universal user identifier provides access to a plurality of services; and
  
  authenticate the user based on the universal user identifier to access one or more of the plurality of services,wherein the user equipment is a computing device that communicates over the communication network, andwherein the equipment identifier is an alias identifier that is generated by performing a hashing operation on the received equipment identifier of the user equipment, and the communication network is a wireless network, the services including a web-based service or a network service.
- View Dependent Claims (14, 15, 16)
- - 14. The apparatus according to claim 13, wherein the network identity service module authenticates the user equipment by retrieving a stored version of the alias identifier for comparison with an alias identifier provided by the user equipment.
  - 15. The apparatus according to claim 13, wherein the apparatus is further caused, at least in part, to:
    - generate a request for one or more credentials from the user equipment, wherein the credentials include the alias identifier and the universal user identifier.
  - 16. The apparatus according to claim 15, wherein the credentials further include a user password and address of a portal for the network identity service module.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Verizon Patent and Licensing Incorporated (Verizon Communications Inc.)
Original Assignee
Verizon Patent and Licensing Incorporated (Verizon Communications Inc.)
Inventors
Counterman, Raymond
Primary Examiner(s)
Arani, Taghi
Assistant Examiner(s)
Rahman, Mahfuzur

Application Number

US12/775,018
Publication Number

US 20110277025A1
Time in Patent Office

1,174 Days
Field of Search

726/6, 726/8
US Class Current

726/8
CPC Class Codes

G06F 21/40 by quorum, i.e. whereby two...

H04L 9/3226 using a predetermined code,...

Method and system for providing multifactor authentication

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

77 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for providing multifactor authentication

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

77 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links