Method and communication device for accessing to devices in security

US 8,826,404 B2
Filed: 08/29/2012
Issued: 09/02/2014
Est. Priority Date: 03/02/2010
Status: Active Grant

First Claim

Patent Images

1. A method for securely accessing a device, comprising:

obtaining access authentication information via an out-band channel, the access authentication information being used for access authentication between a service request device and a service providing device, the service request device and the service providing device sharing the same management device, and forming the out-band channel with the management device respectively;

authenticating the access authentication information;

providing, by the service providing device, when an authentication result indicates that the access authentication information is authenticated, service for the service request device via an in-band data channel, the service providing device and the service request device forming the in-band data channel via a service network, andprior to obtaining the access authentication information via the out-band channel, generating and storing, by the service request device, the access authentication information, andsending, by the service request device, a service request to the service providing device via the in-band data channel, the service request comprising the access authentication information;

wherein obtaining the access authentication information via the out-band channel comprises;

receiving, by the service request device via the out-band channel, the access authentication information from the service providing device; and

wherein authenticating the access authentication information comprises;

performing, by the service request device, validity authentication on the received access authentication information according to the stored access authentication information, and sending the authentication result to the service providing device via the out-band channel.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for a communication device for securely accessing a device includes obtaining accessing authentication information via an out-band channel, the accessing authentication information being used for accessing authentication between a service request device and a service providing device, the service request device and the service providing device sharing the same management device, and forming the out-band channel with the management device respectively (11); and authenticating the accessing authentication information, and providing, by the service providing device, when an authentication result indicates that the authentication of the accessing authentication information is passed, service for the service request device via an in-band data channel, the service providing device and the service request device forming the in-band data channel via a service network (12).

9 Citations

12 Claims

1. A method for securely accessing a device, comprising:
- obtaining access authentication information via an out-band channel, the access authentication information being used for access authentication between a service request device and a service providing device, the service request device and the service providing device sharing the same management device, and forming the out-band channel with the management device respectively;
  
  authenticating the access authentication information;
  
  providing, by the service providing device, when an authentication result indicates that the access authentication information is authenticated, service for the service request device via an in-band data channel, the service providing device and the service request device forming the in-band data channel via a service network, andprior to obtaining the access authentication information via the out-band channel, generating and storing, by the service request device, the access authentication information, andsending, by the service request device, a service request to the service providing device via the in-band data channel, the service request comprising the access authentication information;
  
  wherein obtaining the access authentication information via the out-band channel comprises;
  
  receiving, by the service request device via the out-band channel, the access authentication information from the service providing device; and
  
  wherein authenticating the access authentication information comprises;
  
  performing, by the service request device, validity authentication on the received access authentication information according to the stored access authentication information, and sending the authentication result to the service providing device via the out-band channel.
- View Dependent Claims (2, 3)
- - 2. The method according to claim 1, wherein the access authentication information is a random access code;
    - andprior to authenticating the access authentication information, the method further comprises determining whether the random access code is in a preset valid period; and
      
      wherein authenticating the access authentication information comprises;
      
      authenticating the random access code when it is determined that the random access code is in the preset valid period.
  - 3. The method according to claim 1, further comprising, after the access authentication information is authenticated, maintaining, by the service request device and the service providing device via the in-band data channel, access connection between the service request device and the service providing device in a long connection mode.

4. A communication device, comprising:
- a processor coupled to a memory configured to obtain access authentication information via an out-band channel, the access authentication information being used for accessing access authentication between a service request device and a service providing device, the service request device and the service providing device sharing the same management device, and forming the out-band channel with the management device respectively; and
  
  authenticate the access authentication information, and provide, by the service providing device, when an authentication result indicates that access authentication information is authenticated, service for the service request device via an in-band data channel, the service providing device and the service request device forming the in-band data channel via a service network,wherein the processor is further configured to generate and store the access authentication information;
  
  wherein the communication device further comprises a sender configured to send a service request to the service providing device via the in-band data channel, the service request comprising the access authentication information;
  
  wherein the processor is further configured to receive, via the out-band channel, the access authentication information from the service providing device; and
  
  perform validity authentication on the received access authentication information according to the access authentication information stored by the processor, and send the authentication result to the service providing device via the out-band channel.
- View Dependent Claims (5, 6)
- - 5. The communication device according to claim 4, wherein the access authentication information is a random access code;
    - and the processoris further configured to determine whether the random access code is in a preset valid period; and
      
      authenticate the random access code when it is determined that the random access code is in the preset valid period.
  - 6. The communication device according to claim 4, wherein the processor is further configured tomaintain, after the access authentication information is authenticated, via the in-band data channel, access connection between the service request device and the service providing device in a long connection mode.

7. A method for securely accessing a device, comprising:
- obtaining access authentication information via an out-band channel, the access authentication information being used for access authentication between a service request device and a service providing device, the service request device and the service providing device sharing the same management device, and forming the out-band channel with the management device respectively;
  
  authenticating the access authentication information;
  
  providing, by the service providing device, when an authentication result indicates that the authentication of the access authentication information is authenticated, service for the service request device via an in-band data channel, the service providing device and the service request device forming the in-band data channel via a service network;
  
  prior to obtaining the access authentication information via the out-band channel, receiving, by the service providing device via the out-band channel, an access information obtaining request from the service request device;
  
  wherein obtaining the access authentication information via the out-band channel comprises;
  
  generating and storing, by the service providing device, the access authentication information according to the access information obtaining request, and sending the access authentication information to the service request device via the out-band channel;
  
  wherein prior to authenticating the access authentication information, the method further comprises receiving, by the service providing device via the in-band data channel, a service request sent by the service request device, the service request comprising the access authentication information; and
  
  wherein authenticating the access authentication information comprises;
  
  performing, by the service providing device, validity authentication on the received access authentication information according to the stored access authentication information.

8. A method for securely accessing a device, comprising:
- obtaining access authentication information via an out-band channel, the access authentication information being used for access authentication between a service request device and a service providing device, the service request device and the service providing device sharing the same management device, and forming the out-band channel with the management device respectively;
  
  authenticating the access authentication information; and
  
  providing, by the service providing device, when an authentication result indicates that the authentication of the access authentication information is authenticated, service for the service request device via an in-band data channel, the service providing device and the service request device forming the in-band data channel via a service network,wherein obtaining the access authentication information via the out-band channel comprises;
  
  receiving the access authentication information from the service providing device via the out-band channel, the access authentication information being generated by the service request device; and
  
  sending, by the service providing device via the out-band channel, a feedback message indicating that the access authentication information has been stored to the service request device, and receiving, via the in-band data channel, the service request sent by the service request device, the service request comprising the access authentication information; and
  
  wherein authenticating the access authentication information comprises;
  
  performing, by the service providing device, validity authentication on the received access authentication information according to the stored access authentication information.

9. A method for securely accessing a device, comprising:
- obtaining access authentication information via an out-band channel, the access authentication information being used for access authentication between a service request device and a service providing device, the service request device and the service providing device sharing the same management device, and forming the out-band channel with the management device respectively;
  
  authenticating the access authentication information; and
  
  providing, by the service providing device, when an authentication result indicates that the authentication of the access authentication information is authenticated, service for the service request device via an in-band data channel, the service providing device and the service request device forming the in-band data channel via a service network,wherein prior to obtaining the access authentication information via the out-band channel, the method further comprises, generating and storing, by the service request device, the access authentication information, and sending, by the service request device, a service request to the service providing device via the in-band data channel, the service request comprising the access authentication information;
  
  wherein obtaining the access authentication information via the out-band channel comprises;
  
  receiving via the out-band channel and storing, by the management device, the access authentication information sent by the service providing device, and obtaining the access authentication information via the out-band channel from the service request device; and
  
  wherein authenticating the access authentication information comprises;
  
  performing, by the management device, validity authentication on the stored access authentication information according to the access authentication information obtained from the service request device, and sending the authentication result via the out-band channel to the service providing device.

10. A communication device, comprising:
- a processor coupled to a memory configured to obtain access authentication information via an out-band channel, the access authentication information being used for access authentication between a service request device and a service providing device, the service request device and the service providing device sharing the same management device, and forming the out-band channel with the management device respectively; and
  
  authenticate the access authentication information, and provide, by the service providing device, when an authentication result indicates that the authentication of the access authentication information is authenticated, service for the service request device via an in-band data channel, the service providing device and the service request device forming the in-band data channel via a service network,wherein the processor is further configured to receive, via the out-band channel, an access information obtaining request from the service request device, and generate and store the access authentication information according to the access information obtaining request;
  
  wherein the communication device further comprises a sender configured to send the access authentication information to the service request device via the out-band channel;
  
  wherein the processor is further configured to receive, via the in-band data channel, a service request from the service request device, the service request comprising the access authentication information; and
  
  perform validity authentication on the received access authentication information according to the stored access authentication information.

11. A communication device, comprising:
- a processor coupled to a memory configured to obtain access authentication information via an out-band channel, the access authentication information being used for access authentication between a service request device and a service providing device, the service request device and the service providing device sharing the same management device, and forming the out-band channel with the management device respectively; and
  
  authenticate the access authentication information, and provide, by the service providing device, when an authentication result indicates that the authentication of the access authentication information is authenticated, service for the service request device via an in-band data channel, the service providing device and the service request device forming the in-band data channel via a service network,wherein the processor is further configured to receive the access authentication information via the out-band channel, the access authentication information being generated by the service request device;
  
  send, via the out-band channel, a feedback message indicating that the access authentication information has been stored to the service request device, and receive, via the in- band data channel, a service request from the service request device, the service request comprising the access authentication information; and
  
  perform validity authentication on the received access authentication information according to the stored access authentication information.

12. A communication device, comprising:
- a processor coupled to a memory configured to obtain access authentication information via an out-band channel, the access authentication information being used for access authentication between a service request device and a service providing device, the service request device and the service providing device sharing the same management device, and forming the out-band channel with the management device respectively; and
  
  authenticate the access authentication information, and provide, by the service providing device, when an authentication result indicates that the authentication of the access authentication information is authenticated, service for the service request device via an in-band data channel, the service providing device and the service request device forming the in-band data channel via a service network,wherein the processor is further configured to receive, via the out-band channel, and store the access authentication information from the service providing device, and obtain the access authentication information via the out-band channel from the service request device, the access authentication information sent by the service providing device being generated by the service request device and sent to the service providing device via the in-band data channel; and
  
  perform validity authentication on the stored access authentication information according to the access authentication information obtained from the service request device, and send the authentication result via the out-band channel to the service providing device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Huawei Technologies Co., Ltd. (Huawei Investment & Holding Co., Ltd.)
Original Assignee
Huawei Technologies Co., Ltd. (Huawei Investment & Holding Co., Ltd.)
Inventors
Yuan, Lelin, Yan, Shuai
Primary Examiner(s)
Truong, Thanhnga B
Assistant Examiner(s)
VICTORIA, NARCISO F

Application Number

US13/598,236
Publication Number

US 20120331538A1
Time in Patent Office

734 Days
Field of Search

726/7
US Class Current

726/7
CPC Class Codes

H04L 63/08   for authentication of entit...

H04L 63/18   using different networks or...

H04L 9/3215   using a plurality of channe...

Method and communication device for accessing to devices in security

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

9 Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Method and communication device for accessing to devices in security

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

9 Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links