Cookie verification methods and apparatus for use in providing application services to communication devices

US 9,059,979 B2
Filed: 02/27/2009
Issued: 06/16/2015
Est. Priority Date: 02/27/2009
Status: Active Grant

First Claim

Patent Images

1. A method for use in a wireless communication device configured to operate in a wireless network utilizing a communication service provided by a service provider, the method comprising:

storing, at the wireless communication device, a Hypertext Transport Protocol (HTTP) cookie in association with a Web browser application of the wireless communication device, the HTTP cookie including;

an identification of a user of the wireless communication device; and

a message portion which is signed with a digital signature of the user of the wireless communication device;

sending, via the Web browser application, to an application server via the wireless network, an HTTP request message which includes the HTTP cookie; and

in response to sending the HTTP request message;

if verification of the digital signature at the application server is successful, then receiving via the wireless network an HTTP response message and access to an application service of the application server;

wherein a proof-of-work (POW) test is normally requested for accessing the application service; and

wherein the POW test is bypassed for the wireless communication device if the verification at the application server is successful.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one illustrative example, a method in a communication device adapted for communications using Hypertext Transport Protocol (HTTP) involves setting, at the communication device, an HTTP cookie which includes a user identification of a user of the communication device and a message portion which is signed with a digital signature of the user. The communication device sends, to an application server site via the communication network, a request message which includes the HTTP cookie. If verification of the digital signature at the application server site is successful, the communication device will receive access to an application service of the application server site. In one variation, the HTTP cookie is alternatively set with a group identification of a group with which the user is associated, and the message portion is signed with a digital signature of the group. The group may be a plurality of users associated with a service provider which provides the communication device access to a communication service in the communication network. In this case, the HTTP cookie may be set with a token retrieved from the service provider, where the token includes the digital signature of the service provider.

21 Citations

22 Claims

1. A method for use in a wireless communication device configured to operate in a wireless network utilizing a communication service provided by a service provider, the method comprising:
- storing, at the wireless communication device, a Hypertext Transport Protocol (HTTP) cookie in association with a Web browser application of the wireless communication device, the HTTP cookie including;
  
  an identification of a user of the wireless communication device; and
  
  a message portion which is signed with a digital signature of the user of the wireless communication device;
  
  sending, via the Web browser application, to an application server via the wireless network, an HTTP request message which includes the HTTP cookie; and
  
  in response to sending the HTTP request message;
  
  if verification of the digital signature at the application server is successful, then receiving via the wireless network an HTTP response message and access to an application service of the application server;
  
  wherein a proof-of-work (POW) test is normally requested for accessing the application service; and
  
  wherein the POW test is bypassed for the wireless communication device if the verification at the application server is successful.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, further comprising:
    - wherein the digital signature is produced with use of a private key corresponding to the user; and
      
      wherein the verification of the digital signature is performed with use of a public key corresponding to user.
  - 3. The method of claim 1, further comprising:
    - failing to receive access, via the wireless network, to the application service if the verification at the application server is unsuccessful.
  - 4. The method of claim 1, wherein receiving access to the application service comprises at least one of:
    - receiving, via the wireless network, data for rendering in a display at the communication device;
      
      receiving, via the wireless network, web data for rendering a web page in the Web browser application of the communication device;
      
      orreceiving the HTTP response message for access, via the wireless network, to an e-commerce transaction service of the application server for performing an e-commerce transaction via the application server.
  - 5. The method of claim 1, further comprising:
    - receiving display data for the Web browser application in response to the HTTP request message.
  - 6. The method of claim 1, further comprising:
    - accessing the communication service via the wireless network;
      
      receiving a token from a token server of the service provider; and
      
      the token being provided in the HTTP cookie of the HTTP request message for verification at the application server.
  - 7. The method of claim 6, wherein accessing the communication service comprises causing authentication credentials of the wireless communication device to be sent via the wireless network for authentication by the service provider.
  - 8. The method of claim 1, wherein the wireless communication device comprises a cellular telephone device operative in a wireless network comprising a cellular telecommunications network.
  - 9. The method of claim 1, wherein the method is performed by computer instructions stored on a non-transitory computer readable medium, the computer instructions being executable by one or more processors of the wireless communication device.

10. A wireless communication device configured to operate in a wireless network with use of a communication service provided by a service provider, the wireless communication device comprising:
- one or more processors;
  
  memory coupled to the one or more processors;
  
  a radio frequency (RF) transceiver coupled to the one or more processors and being operative for communications in the wireless network;
  
  the one or more processors being configured to;
  
  set store in the memory a Hypertext Transport Protocol (HTTP) cookie in association with a Web browser application of the wireless communication device, the HTTP cookie including;
  
  an identification of a user of the wireless communication device; and
  
  a message portion which is signed with a digital signature of the user of the wireless communication device;
  
  send, via the Web browser application, to an application server via the wireless network, an HTTP request message which includes the HTTP cookie; and
  
  in response to sending the HTTP request message;
  
  if verification of the digital signature at the application server is successful, then receive via the wireless network an HTTP response message and access to an application service of the application server;
  
  wherein a proof-of-work (POW) test is normally requested for accessing the application service; and
  
  wherein the POW test is bypassed for the wireless communication device if the verification at the application server is successful.
- View Dependent Claims (11, 12, 13, 14, 15, 16)
- - 11. The wireless communication device of claim 10, further comprising:
    - wherein the digital signature is produced with use of a private key corresponding to the user; and
      
      wherein the verification of the digital signature is performed with use of a public key corresponding to the user.
  - 12. The wireless communication device of claim 10, wherein the one or more processors are further configured to:
    - access a token server via the wireless network;
      
      receive, from the token server, a token having the digital signature corresponding to the service provider; and
      
      the token being provided in the HTTP cookie of the HTTP request message for verification at the application server.
  - 13. The wireless communication device of claim 10, wherein the one or more processors are further configured to:
    - access a communication service via the wireless network;
      
      receive, via the wireless network, a token from a token server of the service provider; and
      
      the token being provided in the HTTP cookie of the HTTP request message for verification at the application server.
  - 14. The wireless communication device of claim 13, wherein gaining access to the communication service comprises causing authentication credentials of the wireless communication device to be sent via the wireless network for authentication by the service provider.
  - 15. The wireless communication device of claim 10, which comprises a cellular telephone device operative in a wireless network comprising a cellular telecommunications network.
  - 16. The wireless communication device of claim 10, further comprising:
    - wherein the one or more processors are further configured to receive display data for the Web browser application in response to the HTTP request message.

17. A method for use in an application server for permitting access to an application service for a wireless communication device over a wireless network, wherein the wireless communication device is configured to operate in the wireless network with use of a communication service provided by a service provider, the method comprising:
- receiving, via the wireless network, from a Web browser application of the wireless communication device, a Hypertext Transport Protocol (HTTP) request message having an HTTP cookie, the HTTP cookie including;
  
  an identification of a user of the wireless communication device ; and
  
  a message portion which is signed with a digital signature of the user of the wireless communication device;
  
  performing validation of the HTTP cookie, which includes a verification step for verifying the digital signature in the HTTP cookie corresponds to the user of the wireless communication device;
  
  if validation of the HTTP cookie is successful, then granting the wireless communication device access to the application service at the application server, sending an HTTP response message to the wireless communication device via the wireless network, and using the HTTP cookie for session management with the Web browser application; and
  
  denying the wireless communication device access to the application service if validation of the HTTP cookie is unsuccessful;
  
  wherein the application server is further configured to provide a proof-of-work (POW) test for accessing the application service, and wherein the act of granting access to the communication service comprises the further act of bypassing the POW test for the wireless communication device if the validation at the application server is successful.
- View Dependent Claims (18, 19, 20, 21)
- - 18. The method of claim 17, further comprising:
    - wherein the digital signature is produced with use of a private key corresponding to the user; and
      
      wherein the verification of the digital signature is performed with use of a public key corresponding to the user.
  - 19. The method of claim 17, wherein the granting of access to the application service comprises at least one of:
    - sending, via the wireless network, data for rendering in a display at the wireless communication device;
      
      sending, via the wireless network, web data for rendering a web page in the Web browser application of the wireless communication device;
      
      orproviding access, via the wireless network, to an e-commerce transaction service of the application server for performing an e-commerce transaction via the application server.
  - 20. The method of claim 17, further comprising:
    - performing session control and management with use of the HTTP cookie.
  - 21. The method of claim 17, wherein the method is performed by computer instructions stored on a non-transitory computer readable medium, the computer instructions being executable by one or more processors at the application server.

22. An application server configured to permit access to an application service for a wireless communication device via a wireless network, the wireless communication device being configured to operate in the wireless network with use of a communication service provided by a service provider, the application server comprising a processor and memory coupled with the processor;
- the application server being further configured to;
  
  receive, via the wireless network, from a Web browser application of the wireless communication device, a Hypertext Transport Protocol (HTTP) request message having an HTTP cookie, the HTTP cookie including an identification of a user of the wireless communication device , and a message portion which is signed with a digital signature of the user of the wireless communication device;
  
  perform validation of the HTTP cookie, which includes a verification step for verifying the digital signature in the HTTP cookie corresponds to the user;
  
  if validation of the HTTP cookie is successful;
  
  grant the wireless communication device access to the application service at the application server,send an HTTP response message to the wireless communication device via the wireless network, and using the HTTP cookie for session management with the Web browser application; and
  
  deny the wireless communication device access to the application service if validation of the HTTP cookie is unsuccessful;
  
  wherein the application server is further configured to provide a proof-of-work (POW) test for accessing the application service, and wherein the act of granting access to the communication service comprises the further act of bypassing the POW test for the wireless communication device if the validation at the application server is successful.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Malikie Innovations Limited (Key Patent Innovations Limited)
Original Assignee
Blackberry Limited
Inventors
Fresko, Nedim, Franco, Will D., Sherkin, Alexander
Primary Examiner(s)
CHAO, MICHAEL W

Application Number

US12/395,426
Publication Number

US 20100223471A1
Time in Patent Office

2,300 Days
Field of Search

726/5
US Class Current

1/1
CPC Class Codes

H04L 63/08   for authentication of entit...

H04L 63/12   Applying verification of th...

H04L 63/168   above the transport layer

Cookie verification methods and apparatus for use in providing application services to communication devices

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

21 Citations

22 Claims

Specification

Use Cases

Quick Links

Others

Cookie verification methods and apparatus for use in providing application services to communication devices

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

21 Citations

22 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others