Security key creation

US 9,154,527 B2
Filed: 03/05/2012
Issued: 10/06/2015
Est. Priority Date: 06/30/2011
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

authenticating, by a calling device, with a network;

obtaining, by the calling device and based on the authenticating, calling security parameters;

communicating, by the calling device, the calling security parameters to a network device;

communicating, by the calling device, an identifier, corresponding to a called device, to the network device to enable the network device to associate the calling security parameters with an identifier corresponding to the calling device;

receiving, by the calling device and from the network device, a calling parameters identifier associated with the calling security parameters;

communicating, by the calling device, the calling parameters identifier to the called device;

receiving, by the calling device, a called parameters identifier from the called device in response to communicating the calling parameters identifier to the called device;

communicating, by the calling device, the called parameters identifier to the network device;

receiving, by the calling device and from the network device, called security parameters in response to communicating the called parameters identifier to the network device;

creating, by the calling device, a security key based on the calling security parameters and the called security parameters; and

communicating, by the calling device, with the called device using the security key.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A device may obtain calling security parameters, may communicate the calling security parameters to a network device, and may receive, from the network device, a calling parameters identifier associated with the calling security parameters. The device may communicate the calling parameters identifier to a called device, may receive a called parameters identifier from the called device, and may communicate the called parameters identifier to the network device. The device may receive called security parameters from the network device, may create a security key based on the calling security parameters and the called security parameters, and may communicate with the called device using the security key.

Citations

20 Claims

1. A method, comprising:
- authenticating, by a calling device, with a network;
  
  obtaining, by the calling device and based on the authenticating, calling security parameters;
  
  communicating, by the calling device, the calling security parameters to a network device;
  
  communicating, by the calling device, an identifier, corresponding to a called device, to the network device to enable the network device to associate the calling security parameters with an identifier corresponding to the calling device;
  
  receiving, by the calling device and from the network device, a calling parameters identifier associated with the calling security parameters;
  
  communicating, by the calling device, the calling parameters identifier to the called device;
  
  receiving, by the calling device, a called parameters identifier from the called device in response to communicating the calling parameters identifier to the called device;
  
  communicating, by the calling device, the called parameters identifier to the network device;
  
  receiving, by the calling device and from the network device, called security parameters in response to communicating the called parameters identifier to the network device;
  
  creating, by the calling device, a security key based on the calling security parameters and the called security parameters; and
  
  communicating, by the calling device, with the called device using the security key.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, where communicating with the called device using the security key, comprises:
    - establishing a communication session with the called device,encrypting communications sent to the called device, anddecrypting communications received from the called device.
  - 3. The method of claim 1, where communicating the calling parameters identifier to the called device comprises:
    - providing the calling parameters identifier in a session invitation message; and
      
      communicating the session invitation message to the called device.
  - 4. The method of claim 3, where receiving the called parameters identifier from the called device comprises:
    - receiving a response, that includes the called parameters identifier, to the session invitation message from the called device.
  - 5. The method of claim 1, where:
    - the calling security parameters comprise at least one of;
      
      a security parameter generated locally by the calling device;
      
      a security parameter received from a network authentication function and associated with the calling device;
      
      ora security parameter received from a bootstrapping authentication function and associated with the calling device.
  - 6. The method of claim 1, wherein the called security parameter comprises at least one of:
    - a security parameter generated locally by the called device;
      
      a security parameter received from a network authentication function and associated with the called device;
      
      ora security parameter received from a bootstrapping authentication function and associated with the called device.
  - 7. The method of claim 1, further comprising:
    - authenticating with the network, via a bootstrapping function, prior to obtaining the calling security parameters; and
      
      authenticating with the network device, via a network application function, prior to communicating the calling security parameters to the network device.

8. A called device, comprising:
- a processor to;
  
  receive a calling parameters identifier from a calling device,authenticate with a network;
  
  obtain, based on the authenticating, called security parameters,provide the called security parameters to a network device in response to receiving the calling parameters identifier,communicate an identifier, corresponding to the called device, to the network device to enable the network device to associate the called security parameters with an identifier corresponding to the calling device,receive a called parameters identifier in response to communicating the called security parameters to the network device,provide the called parameters identifier to the calling device,provide the calling parameters identifier to the network device,receive calling security parameters from the network device in response to communicating the calling parameters identifier to the network device, andproduce a security key based on the called security parameters and the calling security parameters.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The called device of claim 8, where the processor is further to:
    - communicate with the calling device by;
      
      decrypting, with the security key, information received from the calling device, andencrypting, with the security key, information sent to the calling device.
  - 10. The called device of claim 8, where the processor is further to:
    - receive the calling parameters via a session invitation message received from the calling device.
  - 11. The called device of claim 10, where the processor is further to:
    - provide the called parameters identifier to the calling device by including the called parameters identifier in a response to the session invitation message received from the calling device.
  - 12. The called device of claim 8, where:
    - the calling security parameters comprise at least one of;
      
      a security parameter generated locally by the calling device;
      
      a security parameter received from a network authentication function and associated with the calling device;
      
      ora security parameter received from a bootstrapping authentication function and associated with the calling device.
  - 13. The called device of claim 8, where:
    - the called security parameter comprises at least one of;
      
      a security parameter generated locally by the called device;
      
      a security parameter received from a network authentication function and associated with the called device;
      
      ora security parameter received from a bootstrapping authentication function and associated with the called device.
  - 14. The called device of claim 8, where the processor is further to:
    - authenticate with network, via a bootstrapping function, prior to obtaining the called security parameters; and
      
      authenticate with the network device, via a network application function, prior to communicating the called security parameters to the network device.

15. One or more non-transitory computer-readable storage media, comprising:
- one or more instructions that, when executed by a processor of a network device, cause the processor to;
  
  receive calling security parameters from a calling device,receive an identifier, corresponding to a called device, from the calling device,associate the identifier with the calling security parameters,authenticate the called device, based on the identifier,associate the calling security parameters with a calling parameters identifier,communicate the calling parameters identifier to the calling device in response to receiving the calling security parameters from the calling device,receive the calling parameters identifier from the called device,identify the calling security parameters associated with the calling parameters identifier,communicate the calling security parameters to the called device in response to receiving the calling parameters identifier,receive called security parameters from the called device,associate the called security parameters with a called parameters identifier,communicate the called parameters identifier to the called device in response to receiving the called security parameters from the called device,receive the called parameters identifier from the calling device,identify the called security parameters based on the called parameters identifier, andcommunicate the called security parameters to the calling device in response to receiving the called parameters from the calling device,the calling security parameters and the called security parameters being used to create security keys.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The computer-readable storage media of claim 15, further comprising:
    - one or more instructions that, when executed by the processor of the network device, cause the processor to;
      
      authenticate the calling device with respect to a communication service corresponding to the network device prior to associating the calling security parameters with the calling parameters identifier.
  - 17. The computer-readable storage media of claim 15, further comprising:
    - one or more instructions that, when executed by the processor of the network device, cause the processor to;
      
      authenticate the called device with respect to a communication service corresponding to the network device prior to associating the called security parameters with a called parameters identifier.
  - 18. The computer-readable storage media of claim 15, wherein the calling security parameters comprise at least one of:
    - a security parameter generated locally by the calling device;
      
      a security parameter received from a network authentication function and associated with the calling device;
      
      ora security parameter received from a bootstrapping authentication function and associated with the calling device.
  - 19. The computer-readable storage media of claim 15, wherein the called security parameter comprises at least one of:
    - a security parameter generated locally by the called device;
      
      a security parameter received from a network authentication function and associated with the called device;
      
      ora security parameter received from a bootstrapping authentication function and associated with the called device.
  - 20. The computer-readable storage media of claim 15, further comprising:
    - one or more instructions that, when executed by the processor of the network device, cause the processor to;
      
      store the called security parameters after receiving the called security parameters from the called device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Verizon Patent and Licensing Incorporated (Verizon Communications Inc.)
Original Assignee
Verizon Patent and Licensing Incorporated (Verizon Communications Inc.)
Inventors
Lee, Kwai Yeung, King, William C., Lau, Priscilla
Primary Examiner(s)
ZENATI, AMAL S

Application Number

US13/412,141
Publication Number

US 20130003950A1
Time in Patent Office

1,310 Days
Field of Search

379/93.02, 379/93.03, 379/221, 379/1, 380/279, 380/270, 380/257
US Class Current

1/1
CPC Class Codes

H04L 63/0435   wherein the sending and rec...

H04L 63/061   for key exchange, e.g. in p...

H04L 65/1016   IP multimedia subsystem [IMS]

H04L 65/1073   Registration or de-registra...

Security key creation

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Security key creation

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links