Authentication and binding of multiple devices

US 8,732,475 B2
Filed: 08/17/2011
Issued: 05/20/2014
Est. Priority Date: 08/17/2011
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, at a first device that is preregistered with a content provider and that has a first security profile, a first content registration request including a first digital signature;

determining, by a processor of the first device, that a second device, having a second security profile lower than the first security profile, is authorized to receive content from the content provider;

digitally signing, by the processor, the first content registration request with a second digital signature;

transmitting the first content registration request with the first digital signature and the second digital signature to the content provider; and

receiving, at the first device, a first response that includes access authorization credentials and identity information that associates the second device with a user account.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods are described that relate to authentication and/or binding of multiple devices with varying security profiles. In one aspect, a first device with a higher security profile may vouch for the authenticity of a second device with a lower security profile when the second device requests access for content from a content provider. The vouching process may be implemented by allowing the first device to overlay its digital signature on a registration request that has been signed and transmitted by the second device. The second device with the lower security profile may access content from the content provider or source for a predetermined time period, even when the second device does not access content through the first device.

Citations

16 Claims

1. A method comprising:
- receiving, at a first device that is preregistered with a content provider and that has a first security profile, a first content registration request including a first digital signature;
  
  determining, by a processor of the first device, that a second device, having a second security profile lower than the first security profile, is authorized to receive content from the content provider;
  
  digitally signing, by the processor, the first content registration request with a second digital signature;
  
  transmitting the first content registration request with the first digital signature and the second digital signature to the content provider; and
  
  receiving, at the first device, a first response that includes access authorization credentials and identity information that associates the second device with a user account.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein the receiving the first content registration request comprises receiving the first content registration request from a mobile phone.
  - 3. The method of claim 1, further comprising:
    - determining, at the processor, a time period for which the second device is authorized to receive the content.
  - 4. The method of claim 3, further comprising:
    - receiving, at an end of the time period, a second content registration request that comprises a request for extending the time period for access to the content from the content provider.
  - 5. The method of claim 4, further comprising:
    - determining, at the processor, that the second device is authorized for the extension of the time period.
  - 6. The method of claim 5, further comprising:
    - determining, at the processor, that the second device is authorized for the extension of the time period in less time than the determining that the second device is authorized to receive the content.
  - 7. The method of claim 5, further comprising:
    - digitally signing, at the processor, the second content registration request with a second digital signature so that the second content registration request includes both a first digital signature and a second digital signature before transmitting the second content registration request to the content provider.
  - 8. The method of claim 7, further comprising:
    - receiving a second response in response to the second content registration request from the content provider.
  - 9. The method of claim 8, further comprising:
    - transmitting the second response to the second device.
  - 10. The method of claim 1, further comprising:
    - associating, at the processor, the first device with the user account.

11. A first device comprising:
- memory; and
  
  a processor configured to;
  
  receive, at the first device that is preregistered with a content provider and that has a first security profile, a first content registration request including a first digital signature;
  
  determine that a second device, having a second security profile lower than the first security profile, is authorized to receive content from the content provider;
  
  digitally sign the first content registration request with a second digital signature;
  
  transmit the first content registration request with the first digital signature and the second digital signature to the content provider; and
  
  receive a first response that includes access authorization credentials and identity information that associates the second device with a user account.
- View Dependent Claims (12, 13, 14)
- - 12. The first device of claim 11, wherein the processor is further configured to:
    - transmit the first response to the second device.
  - 13. The first device of claim 12, wherein the processor is further configured to:
    - at an end of a predetermined time period, receive a second content registration request from the second device, wherein the second content registration request comprises a request for re-registering with the content provider and wherein the second content registration request has been digitally signed by the second device with the first digital signature.
  - 14. The first device of claim 13, wherein the processor is further configured to:
    - determine a time at which the first device is authorized for the re-registration.

15. A method comprising:
- receiving, at a first device that is preregistered with a content provider and that has a first security profile, a first content registration request including a first digital signature;
  
  determining, by a processor of the first device, that a second device, having a second security profile lower than the first security profile, is authorized to receive content from the content provider;
  
  digitally signing, by the processor, the first content registration request with a second digital signature;
  
  transmitting the first content registration request with the first digital signature and the second digital signature to the content provider;
  
  receiving, at the first device, a first response that includes access authorization credentials and identity information that associates the second device with a user account; and
  
  transmitting the first response to the second device.
- View Dependent Claims (16)
- - 16. The method of claim 15 further comprising:
    - associating the first device with the user account.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Comcast Cable Communications LLC (Comcast Corporation)
Original Assignee
Comcast Cable Communications LLC (Comcast Corporation)
Inventors
Fahrny, James W., Park, Kyong
Primary Examiner(s)
Dada, Beemnet
Assistant Examiner(s)
BELL, KALISH K

Application Number

US13/211,603
Publication Number

US 20130046990A1
Time in Patent Office

1,007 Days
Field of Search

713/176, 726 2- 4, 726 16- 17, 726/21, 726 26- 29
US Class Current

713/176
CPC Class Codes

H04L 63/08   for authentication of entit...

H04L 63/0884   by delegation of authentica...

H04L 63/102   Entity profiles

H04L 63/105   Multiple levels of security

H04L 63/126   the source of the received ...

H04L 9/3247   involving digital signatures

Authentication and binding of multiple devices

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Authentication and binding of multiple devices

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links