×

Authentication server and method for granting tokens

  • US 8,898,453 B2
  • Filed: 04/29/2010
  • Issued: 11/25/2014
  • Est. Priority Date: 04/29/2010
  • Status: Active Grant
First Claim
Patent Images

1. An authentication server comprising:

  • a receiver;

    a transmitter;

    a memory having stored thereon a secret shared with a service server from which a service is provided; and

    a hardware processor configured to;

    receive, at the receiver, a request from a mobile electronic device through a relay server to negotiate a session key, the relay server being separate from the authentication server and being a trusted entity not requiring authentication by the authentication server;

    negotiate the session key with the mobile electronic device through the relay server, wherein the session key is generated by the mobile device;

    while using the session key to encrypt and decrypt communications with the mobile electronic device through the relay server;

    generate a token in response to receipt, at the receiver, of a request from the relay server, the request originating from the mobile electronic device, the token being generated by the authentication server based on a reliance on the relay server to ensure that the mobile electronic device has authorization to access the service, the token being generated in absence of authentication of the mobile electronic device and the relay server by the authentication server when the request for the token is received; and

    cause the transmitter to transmit the token to the mobile electronic device through the relay server, the token being generated using the shared secret and the token including an indication that the mobile electronic device is authorized to access the service.

View all claims
  • 4 Assignments
Timeline View
Assignment View
    ×
    ×