Tokenized authentication across wireless communication networks

US 9,143,482 B1
Filed: 09/21/2009
Issued: 09/22/2015
Est. Priority Date: 09/21/2009
Status: Active Grant

First Claim

Patent Images

1. A method for verifying an authentication status of a wireless communication device having previously been authenticated by a first authentication server associated with a first wireless communication network, the method comprising:

receiving, at a second authentication server associated with a second wireless communication network, a copy of a token associated with the wireless communication device;

in response to receiving the copy of the token associated with the wireless communication device, transmitting, from the second authentication server to an intermediate server that is configured to communicate with the first authentication server and the second authentication server, a request for an identification of the first authentication server based on the received copy of the token, the first authentication server having previously provided the intermediate server with a correlation between the token and the identification of the first authentication server;

receiving at the second authentication server, in response to the request, the identification of the first authentication server based on the correlation that the first authentication server had provided to the intermediate server; and

responsive to receiving at the second authentication server the identification of the first authentication server, transmitting from the second authentication server to the first authentication server a request for a confirmation of an authentication status of the wireless communication device.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods for marking and verifying an authentication status of a wireless communication device are disclosed. When a wireless communication device is authenticated in a first wireless communication network, copies of a token, are stored in memory accessible by the wireless communication device and in memory accessible by a clearinghouse server. The clearinghouse server also stores a correlation between the token and the identity of the server that authenticated the wireless communication device. When the wireless communication device moves from the first network to a second network, the WCD transmits the token to a server in the second network, which can then query the clearinghouse server to determine the identity of the server that authenticated the WCD in the first network, confirm the authentication status of the wireless communication device, and allow the WCD to access a resource in or via the second network.

25 Citations

View as Search Results

11 Claims

1. A method for verifying an authentication status of a wireless communication device having previously been authenticated by a first authentication server associated with a first wireless communication network, the method comprising:
- receiving, at a second authentication server associated with a second wireless communication network, a copy of a token associated with the wireless communication device;
  
  in response to receiving the copy of the token associated with the wireless communication device, transmitting, from the second authentication server to an intermediate server that is configured to communicate with the first authentication server and the second authentication server, a request for an identification of the first authentication server based on the received copy of the token, the first authentication server having previously provided the intermediate server with a correlation between the token and the identification of the first authentication server;
  
  receiving at the second authentication server, in response to the request, the identification of the first authentication server based on the correlation that the first authentication server had provided to the intermediate server; and
  
  responsive to receiving at the second authentication server the identification of the first authentication server, transmitting from the second authentication server to the first authentication server a request for a confirmation of an authentication status of the wireless communication device.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1 wherein transmitting from the second authentication server to the intermediate server the request for the identification of the first authentication server comprises transmitting from the second authentication server to the intermediate server a copy of the token associated with the wireless communication device.
  - 3. The method of claim 2 wherein the intermediate server is a clearinghouse server configured to access memory containing a correlation between the token and the identification of the first authentication server.
  - 4. The method of claim 1 further comprising:
    - receiving at the second authentication server the confirmation of the authentication status of the wireless communication device; and
      
      in response to receiving the confirmation of the authentication status of the wireless communication device, allowing the wireless communication device to access a resource via the second wireless communication network.
  - 5. The method of claim 1 wherein the first authentication server is a first authentication, authorization, and accounting server and the second authentication server is a second authentication, authorization, and accounting server.
  - 6. The method of claim 1 wherein the token associated with the wireless communication device is a binary string of data that identifies the wireless communication device.

7. A method for verifying an authentication status of a wireless communication device having previously been authenticated by a first authentication server associated with a first wireless communication network, the method comprising:
- at an intermediate server configured to communicate with the first authentication server associated and a second authentication server associated with a second wireless communication network, receiving from the first authentication server a token associated with the wireless communication device and an identification of the first authentication server;
  
  in response to receiving the token associated with the wireless communication device and the identification of the first authentication server, the intermediate server storing in memory a correlation between the token and the identification of the first authentication server;
  
  at the intermediate server, after storing the correlation, receiving from the second authentication server a request comprising a copy of the token; and
  
  in response to receiving from the second authentication server the request comprising the copy of the token, (i) the intermediate server using the stored correlation to determine, based on the received copy of the token, the identification of the first authentication server, and (ii) transmitting from the intermediate server to the second authentication server the determined identification of the first authentication server, to enable the second authentication server to query the identified first server to determine an authentication status of the wireless communication device.
- View Dependent Claims (8, 9, 10, 11)
- - 8. The method of claim 7, wherein the intermediate server is a clearinghouse server.
  - 9. The method of claim 8, wherein the first authentication server is a first authentication, authorization, and accounting server and the second authentication server is a second authentication, authorization, and accounting server.
  - 10. The method of claim 7 wherein the token is a binary string of data that identifies the wireless communication device.
  - 11. The method of claim 7, wherein receiving the token associated with the wireless communication device comprises receiving a copy of the token generated by the wireless communication device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sprint Spectrum LP (Deutsche Telekom AG)
Original Assignee
Sprint Spectrum LP (Deutsche Telekom AG)
Inventors
Breau, Jeremy R., Nebergall, Terry D., Rogers, Frederick C., Shojayi, Joseph
Primary Examiner(s)
Siddiqi, Mohammad A

Application Number

US12/563,576
Time in Patent Office

2,192 Days
Field of Search

713/172, 726/2, 726/9, 726/20
US Class Current

1/1
CPC Class Codes

H04L 63/0407   wherein the identity of one...

H04L 63/06   for supporting key manageme...

H04L 63/08   for authentication of entit...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/0892   by using authentication-aut...

H04L 63/18   using different networks or...

H04W 12/062   Pre-authentication

H04W 60/00   Affiliation to network, e.g...

H04W 8/085   involving hierarchical orga...

H04W 88/182   Network node acting on beha...

Tokenized authentication across wireless communication networks

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

25 Citations

11 Claims

Specification

Use Cases

Quick Links

Others

Tokenized authentication across wireless communication networks

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

25 Citations

11 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others