Authentication in secure user plane location (SUPL) systems
First Claim
1. A method comprising:
- receiving, at a secure user plane location (SUPL) server, an indication from a mobile device of one or more transport layer security (TLS) cipher suites supported by the mobile device;
determining whether the one or more TLS cipher suites include a TLS pre-shared key (TLS-PSK) cipher suite that is supported by the SUPL server;
in response to determining that the one or more TLS cipher suites include the TLS-PSK cipher suite that is supported by the SUPL server, performing a generic bootstrapping architecture (GBA)-based authentication process to authenticate the mobile device; and
in response to determining that the one or more TLS cipher suites do not include a TLS-PSK cipher suite that is supported by the SUPL server, determining whether the SUPL server supports a certificate-based authentication method; and
in response to determining that the SUPL server supports the certificate-based authentication method, performing the certificate-based authentication method that includes sending a server certificate to the mobile device and receiving a device certificate from the mobile device.
3 Assignments
0 Petitions
Accused Products
Abstract
A particular method includes receiving, at a secure user plane location (SUPL) server, an indication from a mobile device of one or more transport layer security (TLS) cipher suites supported by the mobile device; determining whether the one or more TLS cipher suites include a TLS pre-shared key (TLS-PSK) cipher suite that is supported by the SUPL server; in response to determining whether the one or more TLS cipher suites include the TLS-PSK cipher suite that is supported by the SUPL server, performing a generic bootstrapping architecture (GBA)-based authentication process to authenticate the mobile device, or determining whether the SUPL server supports a certificate-based authentication method; and in response to determining that the SUPL server supports the certificate-based authentication method, performing the certificate-based authentication method that includes sending a server certificate to the mobile device and receiving a device certificate from the mobile device.
47 Citations
12 Claims
-
1. A method comprising:
-
receiving, at a secure user plane location (SUPL) server, an indication from a mobile device of one or more transport layer security (TLS) cipher suites supported by the mobile device; determining whether the one or more TLS cipher suites include a TLS pre-shared key (TLS-PSK) cipher suite that is supported by the SUPL server; in response to determining that the one or more TLS cipher suites include the TLS-PSK cipher suite that is supported by the SUPL server, performing a generic bootstrapping architecture (GBA)-based authentication process to authenticate the mobile device; and in response to determining that the one or more TLS cipher suites do not include a TLS-PSK cipher suite that is supported by the SUPL server, determining whether the SUPL server supports a certificate-based authentication method; and in response to determining that the SUPL server supports the certificate-based authentication method, performing the certificate-based authentication method that includes sending a server certificate to the mobile device and receiving a device certificate from the mobile device. - View Dependent Claims (2, 3)
-
-
4. An apparatus comprising:
-
a processor; and a memory coupled to the processor, wherein the memory is configured to store instructions; and wherein the instructions are executable by the processor to; receive, at a secure user plane location (SUPL) server, an indication from a mobile device of one or more transport layer security (TLS) cipher suites supported by the mobile device; determine whether the one or more TLS cipher suites include a TLS pre-shared key (TLS-PSK) cipher suite that is supported by the SUPL server; in response to determining that the one or more TLS cipher suites include the TLS-PSK cipher suite that is supported by the SUPL server, perform a generic bootstrapping architecture (GBA)-based authentication process to authenticate the mobile device; and in response to determining that the one or more TLS cipher suites do not include a TLS-PSK cipher suite that is supported by the SUPL server, determine whether the SUPL server supports a certificate-based authentication method; and in response to determining that the SUPL server supports the certificate-based authentication method, perform a certificate-based authentication process that includes sending a server certificate to the mobile device and receiving a device certificate from the mobile device. - View Dependent Claims (5, 6)
-
-
7. An apparatus comprising:
-
means for receiving, at a secure user plane location (SUPL) server, an indication from a mobile device of one or more transport layer security (TLS) cipher suites supported by the mobile device; means for determining whether the one or more TLS cipher suites include a TLS pre-shared key (TLS-PSK) cipher suite that is supported by the SUPL server; in response to determining that the one or more TLS cipher suites include the TLS-PSK cipher suite that is supported by the SUPL server, means for performing a generic bootstrapping architecture (GBA)-based authentication process to authenticate the mobile device; and in response to determining that the one or more TLS cipher suites do not include a TLS-PSK cipher suite that is supported by the SUPL server, means for determining whether the SUPL server supports a certificate-based authentication method; and in response to determining that the SUPL server supports the certificate-based authentication method, means for performing the certificate-based authentication method that includes sending a server certificate to the mobile device and receiving a device certificate from the mobile device. - View Dependent Claims (8, 9)
-
-
10. A non-transitory processor-readable medium comprising instructions that, when executed by a processor, cause the processor to:
-
receive, at a secure user plane location (SUPL) server, an indication from a mobile device of one or more transport layer security (TLS) cipher suites supported by the mobile device; determine whether the one or more TLS cipher suites include a TLS pre-shared key (TLS-PSK) cipher suite that is supported by the SUPL server; in response to determining that the one or more TLS cipher suites include the TLS-PSK cipher suite that is supported by the SUPL server, perform a generic bootstrapping architecture (GBA)-based authentication process to authenticate the mobile device; and in response to determining that the one or more TLS cipher suites do not include a TLS-PSK cipher suite that is supported by the SUPL server, determine whether the SUPL server supports a certificate-based authentication method; and in response to determining that the SUPL server supports the certificate-based authentication method, perform a certificate-based authentication process that includes sending a server certificate to the mobile device and receiving a device certificate from the mobile device. - View Dependent Claims (11, 12)
-
Specification