Use of certificate authority to control a device's access to services

US 9,112,703 B2
Filed: 02/03/2014
Issued: 08/18/2015
Est. Priority Date: 03/15/2010
Status: Active Grant

First Claim

Patent Images

1. A mobile communications device comprising:

a transmitter;

a processor;

a receiver;

a memory including a certificate certifying the authenticity of the mobile communications device, the certificate includingdevice-specific data,a unique identifier for the mobile communications device,information of a carrier on which the mobile communications device is authorized to operate anda digital signature signed by an authority having control of the authenticity of the mobile communications device; and

a computer readable medium having computer readable instructions stored thereon that when executed configure the processor to;

instruct the transmitter to transmit a copy of the certificate to a service provider in response to a request to authenticate the mobile communications device with the service provider; and

receive, through the receiver, a response from the service provider, the response including an indication that the certificate and carrier are valid.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A mobile communications device having a digital certificate authenticating the device itself is proposed. A server for authenticating the device and a method of authenticating the device are also disclosed. The device comprises a transmitter, a processor, a memory and a computer readable medium. The memory includes a certificate certifying the authenticity of the mobile communications device, the certificate comprising device-specific data and a digital signature signed by an authority having control of the authenticity of the mobile communications device. The computer readable medium has computer readable instructions stored thereon that when executed configure the processor to instruct the transmitter to transmit a copy of the certificate to a service provider in response to a request to authenticate the mobile communications device with the service provider.

54 Citations

View as Search Results

20 Claims

1. A mobile communications device comprising:
- a transmitter;
  
  a processor;
  
  a receiver;
  
  a memory including a certificate certifying the authenticity of the mobile communications device, the certificate includingdevice-specific data,a unique identifier for the mobile communications device,information of a carrier on which the mobile communications device is authorized to operate anda digital signature signed by an authority having control of the authenticity of the mobile communications device; and
  
  a computer readable medium having computer readable instructions stored thereon that when executed configure the processor to;
  
  instruct the transmitter to transmit a copy of the certificate to a service provider in response to a request to authenticate the mobile communications device with the service provider; and
  
  receive, through the receiver, a response from the service provider, the response including an indication that the certificate and carrier are valid.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The mobile device of claim 1, wherein the digital signature is signed by the authority using a private key and is verifiable using a corresponding public key.
  - 3. The mobile communications device of claim 1, wherein the processor is configured to cause the copy of the certificate to be transmitted in response to a challenge from the service provider.
  - 4. The mobile communications device of claim 1, wherein the processor is further configured to encrypt the certificate prior to transmitting the certificate to the service provider.
  - 5. The mobile communications device of claim 1, further comprising a user interface, through which a request to access a service offered by the service provider is received, the service only being available to mobile communications devices that have been authenticated.
  - 6. The mobile communications device of claim 1, wherein the processor is further configured to cause the copy to be transmitted to a server controlled by the service provider.
  - 7. The mobile communications device of claim 1, wherein the certificate comprises information of a location where the mobile communications device was built.
  - 8. The mobile communications device of claim 1, wherein the processor is further configured to disable the mobile communications device if an attempt to alter the certificate without using the private key of the authority is detected.
  - 9. The mobile communications device of claim 1, wherein the memory is at least one of a read only memory (ROM), a flash memory, or a random access memory (RAM).

10. A method of authenticating a mobile communications device with a service provider, the method comprising:
- the mobile communications device receiving a request to authenticate the mobile communications device with the service provider;
  
  the mobile communications device transmitting a copy of a certificate certifying the authenticity of the mobile communications device to the service provider in response to the request, the certificate being stored in memory on the mobile communications device and including device-specific data, a unique identifier for the mobile communications device, information of a carrier on which the mobile communications device is authorized to operate and a digital signature of an authority having control of the authenticity of the mobile communications device; and
  
  the mobile communications device receiving a response from the service provider including an indication that the certificate and carrier are valid.
- View Dependent Claims (11)
- - 11. The method of claim 10, wherein receiving the request comprises receiving a challenge from the service provider.

12. A server configured to authenticate mobile communication devices attempting to access services of a service provider, the server comprising:
- a receiver for receiving a copy of a certificate stored on a mobile communications device attempting to access a service of the service provider, the certificate certifying the authenticity of the mobile communications device and including device-specific data, a unique identifier for the mobile communications device, information of a carrier on which the mobile communications device is authorized to operate and a digital signature of an authority having control of the authenticity of the mobile communications device;
  
  a transmitter;
  
  a processor; and
  
  a memory storing computer readable instructions that, when executed, configure the processor to;
  
  determine that the digital signature on the certificate is authentic, in response to receiving the certificate, and the carrier is valid; and
  
  cause the transmitter to transmit an indication that the digital signature is authentic and the carrier is valid to a sender of the copy.
- View Dependent Claims (13, 14, 15, 16, 17, 18)
- - 13. The server of claim 12, wherein the memory comprises a public key corresponding to a private key used to generate the digital signature and the processor is configured to use the public key to determine if the digital signature is authentic.
  - 14. The server of claim 12, wherein the processor is further configured to cause the transmitter to transmit an indication that the mobile communications device is not authentic if the digital signature or carrier is determined to be invalid.
  - 15. The server of claim 12, comprising a database of information related to a list of mobile communications devices, the information comprising an indication of whether or not each mobile communications device listed is authorized to access a respective service.
  - 16. The server of claim 12, wherein the receiver receives the copy of the certificate from a network element of the service provider and the processor causes the transmitter to transmit the indication that the mobile communications device is authentic to the network element.
  - 17. The server of claim 12, wherein the copy of certificate is received from the mobile communications device.
  - 18. The server of claim 12, wherein the server comprises at least one of a content server, applications server or a messaging server.

19. A non-transitory computer-readable medium containing computer-executable instructions that, when performed by a processor in a mobile communications device, cause said processor to:
- receive a request to authenticate the mobile communications device with a service provider;
  
  transmit a copy of a certificate certifying the authenticity of the mobile communications device to the service provider in response to the request, the certificate being stored in memory on the mobile communications device and including device-specific data, a unique identifier for the mobile communications device, information of a carrier on which the mobile communications device is authorized to operate and a digital signature of an authority having control of the authenticity of the mobile communications device; and
  
  receive a response from the service provider including an indication that the certificate and carrier are valid.
- View Dependent Claims (20)
- - 20. The non-transitory computer-readable medium of claim 19, wherein the instructions further cause said processor to receive the request by receiving a challenge from the service provider.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Malikie Innovations Limited (Key Patent Innovations Limited)
Original Assignee
Blackberry Limited
Inventors
Wood, Robert Henderson, Bowman, Roger Paul, Bender, Christopher Lyle, Robertson, Ian Michael, Vandeputte, Casey Jonathan
Primary Examiner(s)
Rashid, Harunur
Assistant Examiner(s)
HOLMES, ANGELA R

Application Number

US14/171,389
Publication Number

US 20140149739A1
Time in Patent Office

561 Days
Field of Search

713175-176, 713/156, 455/411, 380/30, 380/44
US Class Current

1/1
CPC Class Codes

H04L 63/0823   using certificates cryptogr...

H04L 9/3263   involving certificates, e.g...

H04W 12/069   using certificates or pre-s...

Use of certificate authority to control a device's access to services

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

54 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Use of certificate authority to control a device's access to services

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

54 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links