Method and apparatus for using generic authentication architecture procedures in personal computers
First Claim
1. A method, comprising:
- authenticating, with a mobile terminal including an identity module, to a service provider to obtain generic bootstrapping architecture credentials specific to the service provider using only authentication information provided from the identity module in the mobile terminal;
transferring the generic bootstrapping architecture credentials specific to the service provider from the mobile terminal via a local link to a personal computer, wherein a communication between the mobile terminal and the personal computer is established via a generic authentication server architecture component on the mobile terminal and a generic authentication client architecture component on the personal computer, wherein the generic bootstrapping architecture credentials specific to the service provider are based upon at least one parameter representative of a universal subscriber identity module vector contained in the identity module of the mobile terminal;
attempting, by the personal computer, to access the service provider;
receiving an authentication request in the personal computer from the service provider in response to the access attempt; and
querying, with the generic authentication client architecture component in the personal computer, the generic authentication server architecture component in the mobile terminal for the generic bootstrapping architecture credentials, wherein the local link comprises one or more of a cable, an infrared connection, and a wireless connection, wherein querying further comprises;
sending a message from the generic authentication client architecture component in the personal computer to the generic authentication server architecture component in the mobile terminal containing an identification for the service provider;
requesting, with the generic authentication server architecture component in the mobile terminal, from a bootstrapping server function, to establish the credentials;
establishing the generic bootstrapping architecture credentials between the bootstrapping server function and the generic authentication server architecture component in the mobile terminal; and
sending the credentials from the generic authentication server architecture component in the mobile terminal to the generic authentication client architecture component in the personal computer.
8 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for authenticating to a third party service provider from a personal computer. The method includes authenticating, with a mobile terminal, to the service provider with a universal subscriber identity module associated with the mobile terminal to obtain credentials specific to the service provider, transferring the credentials specific to the service provider from the mobile terminal to the personal computer, and accessing the service provider with the personal computer using the credentials transferred from the mobile terminal. The apparatus includes a mobile terminal, a computing device, a bootstrapping security module, and a network application function that cooperatively work to allow the computing device to access the network application function using a security credential from the mobile terminal.
-
Citations
28 Claims
-
1. A method, comprising:
-
authenticating, with a mobile terminal including an identity module, to a service provider to obtain generic bootstrapping architecture credentials specific to the service provider using only authentication information provided from the identity module in the mobile terminal; transferring the generic bootstrapping architecture credentials specific to the service provider from the mobile terminal via a local link to a personal computer, wherein a communication between the mobile terminal and the personal computer is established via a generic authentication server architecture component on the mobile terminal and a generic authentication client architecture component on the personal computer, wherein the generic bootstrapping architecture credentials specific to the service provider are based upon at least one parameter representative of a universal subscriber identity module vector contained in the identity module of the mobile terminal; attempting, by the personal computer, to access the service provider; receiving an authentication request in the personal computer from the service provider in response to the access attempt; and querying, with the generic authentication client architecture component in the personal computer, the generic authentication server architecture component in the mobile terminal for the generic bootstrapping architecture credentials, wherein the local link comprises one or more of a cable, an infrared connection, and a wireless connection, wherein querying further comprises; sending a message from the generic authentication client architecture component in the personal computer to the generic authentication server architecture component in the mobile terminal containing an identification for the service provider; requesting, with the generic authentication server architecture component in the mobile terminal, from a bootstrapping server function, to establish the credentials; establishing the generic bootstrapping architecture credentials between the bootstrapping server function and the generic authentication server architecture component in the mobile terminal; and sending the credentials from the generic authentication server architecture component in the mobile terminal to the generic authentication client architecture component in the personal computer. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method, comprising:
-
determining network application function specific generic bootstrapping architecture credentials are needed for an application running on a computing device comprising a personal computer; requesting, by the application and through a generic bootstrapping architecture application programming interface that incorporates a wireless communication medium, the generic bootstrapping architecture credentials from a mobile terminal, wherein a communication between the mobile terminal and the personal computer is established via a generic authentication server architecture component on the mobile terminal and a generic authentication client architecture component on the personal computer, wherein the network application function specific generic bootstrapping architecture credentials are based upon at least one parameter representative of a universal subscriber identity module vector contained in the mobile terminal; bootstrapping by the mobile terminal with a bootstrapping server function to establish a master generic bootstrapping architecture credentials using only authentication information provided from the identity module in the mobile terminal; transmitting the network application function specific generic bootstrapping architecture credentials from the mobile terminal to the a generic bootstrapping architecture application programming interface, which transmits the network application specific generic bootstrapping architecture credentials to the application running on the personal computer; attempting, by the application running on the personal computer, to access a service provider; receiving an authentication request in the personal computer from the service provider in response to the access attempt; and querying, with the generic authentication client architecture component in the personal computer, the generic authentication server architecture component in the mobile terminal for the generic bootstrapping architecture credentials, wherein the local link comprises one or more of a cable, an infrared connection, and a wireless connection, wherein querying further comprises; sending a message from the generic authentication client architecture component in the personal computer to the generic authentication server architecture component in the mobile terminal containing an identification for the service provider; requesting, with the generic authentication server architecture component in the mobile terminal, from a bootstrapping server function, to establish the credentials; establishing the generic bootstrapping architecture credentials between the bootstrapping server function and the generic authentication server architecture component in the mobile terminal; and sending the credentials from the generic authentication server architecture component in the mobile terminal to the generic authentication client architecture component in the personal computer. - View Dependent Claims (11, 12, 13, 14)
-
-
15. An apparatus, comprising:
-
an authenticator configured to authenticate a computing device, wherein a universal subscriber identity module of a mobile terminal is configured to contain a shared secret, and the computing device comprising a personal computer is in communication with the mobile terminal and is configured to use a network application function that requires credentials; and a bootstrapping server function module in communication with the mobile terminal, the bootstrapping server function module being configured to establish master generic bootstrapping architecture credentials with the mobile terminal using only authentication information provided from the identity module in the mobile terminal, and to generate and transmit generic bootstrapping architecture credentials specific to the network application function to the network application function upon receiving a request for credentials from the network application function, wherein a communication between the mobile terminal and the personal computer is established via a generic authentication server architecture component on the mobile terminal and a generic authentication client architecture component on the personal computer; wherein the mobile terminal is configured to cause a generation and transfer of the generic bootstrapping architecture credentials specific to the network application function to the personal computer upon receiving a request for credentials from the personal computer for use in accessing the network application function; wherein the personal computer is configured to; attempt to access the service provider; receive an authentication request from the service provider in response to the access attempt; and query, with the generic authentication client architecture component in the personal computer, the generic authentication server architecture component in the mobile terminal for the generic bootstrapping architecture credentials, wherein the local link comprises one or more of a cable, an infrared connection, and a wireless connection, wherein query further causes the personal computer to; send a message from the generic authentication client architecture component in the personal computer to the generic authentication server architecture component in the mobile terminal containing an identification for the service provider; request, with the generic authentication server architecture component in the mobile terminal, from a bootstrapping server function, to establish the credentials; establish the generic bootstrapping architecture credentials between the bootstrapping server function and the generic authentication server architecture component in the mobile terminal; and send the credentials from the generic authentication server architecture component in the mobile terminal to the generic authentication client architecture component in the personal computer. - View Dependent Claims (16, 17)
-
-
18. An apparatus, comprising:
-
determining means for determining generic bootstrapping architecture credentials needed for an application running on a computing device comprising a personal computer and requesting, by the application and through a generic bootstrapping architecture application programming interface that incorporates a wireless communication medium, the generic bootstrapping architecture credentials from a mobile terminal, wherein a communication between the mobile terminal and the personal computer is established via a generic authentication server architecture component on the mobile terminal and a generic authentication client architecture component on the personal computer, wherein the generic bootstrapping architecture credentials are based upon at least one parameter representative of a universal subscriber identity module vector contained in the mobile terminal; bootstrapping means for bootstrapping the mobile terminal with a bootstrapping, server function to establish the bootstrapping architecture credentials using only authentication information provided from the identity module in the mobile terminal, which are transmitted to the application running on the personal computer from the mobile terminal; and processing means for processing, by the application running on the personal computer, the bootstrapping architecture credentials to run the application, wherein the processing means further configures the personal computer to; attempt to access the service provider; receive an authentication request from the service provider in response to the access attempt; and query, with the generic authentication client architecture component in the personal computer, the generic authentication server architecture component in the mobile terminal for the generic bootstrapping architecture credentials, wherein the local link comprises one or more of a cable, an infrared connection, and a wireless connection, wherein query further causes the personal computer to; send a message from the generic authentication client architecture component in the personal computer to the generic authentication server architecture component in the mobile terminal containing an identification for the service provider; request, with the generic authentication server architecture component in the mobile terminal, from a bootstrapping server function, to establish the credentials; establish the generic bootstrapping architecture credentials between the bootstrapping server function and the generic authentication server architecture component in the mobile terminal; and send the credentials from the generic authentication server architecture component in the mobile terminal to the generic authentication client architecture component in the personal computer.
-
-
19. An apparatus, comprising:
-
authenticating means for authenticating, with a mobile terminal, using only authentication information provided from an identity module in the mobile terminal to a service provider with the identity module associated with the mobile terminal to obtain generic bootstrapping architecture credentials specific to the service provider; transferring means for transferring the generic bootstrapping architecture credentials specific to the service provider from the mobile terminal to a personal computer, wherein a communication between the mobile terminal and the personal computer is established via a generic authentication server architecture component on the mobile terminal and a generic authentication client architecture component on the personal computer, wherein the generic bootstrapping architecture credentials specific to the service provider are based upon at least one parameter representative of a universal subscriber identity module vector contained in the mobile terminal; and accessing means for accessing the service provider with the personal computer using the generic bootstrapping architecture credentials transferred from the mobile terminal, wherein the accessing means causes the personal computer to; attempt to access the service provider; receive an authentication request from the service provider in response to the access attempt; and query, with the generic authentication client architecture component in the personal computer, the generic authentication server architecture component in the mobile terminal for the generic bootstrapping architecture credentials, wherein the local link comprises one or more of a cable, an infrared connection, and a wireless connection, wherein query further causes the personal computer to; send a message from the generic authentication client architecture component in the personal computer to the generic authentication server architecture component in the mobile terminal containing an identification for the service provider; request, with the generic authentication server architecture component in the mobile terminal, from a bootstrapping server function, to establish the credentials; establish the generic bootstrapping architecture credentials between the bootstrapping server function and the generic authentication server architecture component in the mobile terminal; and send the credentials from the generic authentication server architecture component in the mobile terminal to the generic authentication client architecture component in the personal computer.
-
-
20. A system, comprising:
-
a mobile terminal in communication with a personal computer, wherein the communication between the mobile terminal and the personal computer is established via a generic authentication server architecture component on the mobile terminal and a generic authentication client architecture component on the personal computer; and a bootstrapping security function operating on the mobile terminal in communication with the generic authentication architecture server component; wherein the generic authentication architecture server component is configured to conduct bootstrapping with the bootstrapping security function to generate using only authentication information provided from the identity module in the mobile terminal and transmit a generic bootstrapping architecture credential to the generic authentication architecture client in the personal computer for use in accessing a network application function, wherein the generic bootstrapping architecture credentials are based upon at least one parameter representative of a universal subscriber identity module vector contained in the mobile terminal; wherein the personal computer further; attempts to access the service provider; receives an authentication request from the service provider in response to the access attempt; and query, with the generic authentication client architecture component in the personal computer, the generic authentication server architecture component in the mobile terminal for the generic bootstrapping architecture credentials, wherein the local link comprises one or more of a cable, an infrared connection, and a wireless connection, wherein query further causes the personal computer to; send a message from the generic authentication client architecture component in the personal computer to the generic authentication server architecture component in the mobile terminal containing an identification for the service provider; request, with the generic authentication server architecture component in the mobile terminal, from a bootstrapping server function, to establish the credentials; establish the generic bootstrapping architecture credentials between the bootstrapping server function and the generic authentication server architecture component in the mobile terminal; and send the credentials from the generic authentication server architecture component in the mobile terminal to the generic authentication client architecture component in the personal computer.
-
-
21. An apparatus, comprising:
-
a determiner configured to determine generic bootstrapping architecture credentials needed for an application running on a computing device, and to request, by the application and through a generic bootstrapping architecture application programming interface that incorporates a wireless communication medium, the generic bootstrapping architecture credentials using only authentication information provided from the identity module in the mobile terminal from a mobile terminal, wherein a communication between the mobile terminal and a personal computer is established via a generic authentication server architecture component on the mobile terminal and a generic authentication client architecture component on the personal computer, wherein the generic bootstrapping architecture credentials are based upon at least one parameter representative of a universal subscriber identity module vector contained in the mobile terminal; a processor configured to bootstrap the mobile terminal with a bootstrapping server function to establish the bootstrapping architecture credentials, which are transmitted to the application running on the computing device from the mobile terminal, and to process, by the application running on the computing device, the bootstrapping architecture credentials to run the application; wherein the application running on the computing device causes the computing device to; attempt to access the service provider; receive an authentication request from the service provider in response to the access attempt; query, with the generic authentication client architecture component in the personal computer, the generic authentication server architecture component in the mobile terminal for the generic bootstrapping architecture credentials, wherein the local link comprises one or more of a cable, an infrared connection, and a wireless connection, wherein query further causes the personal computer to; send a message from the generic authentication client architecture component in the personal computer to the generic authentication server architecture component in the mobile terminal containing an identification for the service provider; request, with the generic authentication server architecture component in the mobile terminal, from a bootstrapping server function, to establish the credentials; establish the generic bootstrapping architecture credentials between the bootstrapping server function and the generic authentication server architecture component in the mobile terminal; and send the credentials from the generic authentication server architecture component in the mobile terminal to the generic authentication client architecture component in the personal computer.
-
-
22. An apparatus, comprising:
-
an authenticator configured to authenticate, with a mobile terminal, to a service provider with an identity module associated with the mobile terminal to obtain credentials specific to the service provider using only authentication information provided from the identity module in the mobile terminal; a transmitter configured to transmit the credentials specific to the service provider from the mobile terminal to a personal computer, wherein a communication between the mobile terminal and the personal computer is established via a generic authentication server architecture component on the mobile terminal and a generic authentication client architecture component on the personal computer, wherein the credentials specific to the service provider are based upon at least one parameter representative of a universal subscriber identity module vector contained in the mobile terminal; and an accessor configured to access the service provider with the personal computer using the credentials transferred from the mobile terminal, wherein the accessor causes the personal computer to; attempt to access the service provider; receive an authentication request from the service provider in response to the access attempt; query, with the generic authentication client architecture component in the personal computer, the generic authentication server architecture component in the mobile terminal for the generic bootstrapping architecture credentials, wherein the local link comprises one or more of a cable, an infrared connection, and a wireless connection, wherein query further causes the personal computer to; send a message from the generic authentication client architecture component in the personal computer to the generic authentication server architecture component in the mobile terminal containing an identification for the service provider; request, with the generic authentication server architecture component in the mobile terminal, from a bootstrapping server function, to establish the credentials; establish the generic bootstrapping architecture credentials between the bootstrapping server function and the generic authentication server architecture component in the mobile terminal; and send the credentials from the generic authentication server architecture component in the mobile terminal to the generic authentication client architecture component in the personal computer. - View Dependent Claims (23, 24, 25, 26, 27, 28)
-
Specification