System and method for user certificate initiation, distribution, and provisioning in converged WLAN-WWAN interworking networks

US 9,282,455 B2
Filed: 10/01/2004
Issued: 03/08/2016
Est. Priority Date: 10/01/2004
Status: Expired due to Fees

First Claim

Patent Images

1. A method comprising:

generating a security key pair in a personal computer, wherein the security key pair comprises a public key and a private key, the public key stored in a secure storage of the personal computer;

sending the public key from the personal computer to a mobile terminal and sending the public key from the mobile terminal to a cellular operator;

receiving a first instance of a user certificate, from the cellular operator, at the mobile terminal;

sending a second instance of the user certificate from the mobile terminal to the personal computer;

sending a plurality of instances of the user certificate respectively from the mobile terminal to a plurality of personal computers;

utilizing the mobile terminal on a wireless wide-area network (WWAN) based on the first instance while simultaneously utilizing the personal computer on a wireless local-area network (WLAN) based on the second instance and simultaneously utilizing the plurality of personal computers on the WLAN based on the plurality of instances of the user certificate;

wherein the mobile terminal includes the first instance of the user certificate while simultaneously the personal computer includes a second instance of the user certificate and the plurality of personal computers include the plurality of instances of the user certificate;

wherein the user certificate was generated by the cellular operator based on the public key sent from the mobile terminal.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for user certificate initiation, distribution, and provisioning in converged WLAN-WWAN interworking networks. A computing device operable in a wireless local area network sends a public key to a mobile device operable in a wireless cellular wide area network. The mobile device performs a bootstrapping procedure with a cellular operator in the wireless cellular wide area network to obtain a user certificate based on the public key. The mobile device sends the user certificate to the computing device for installation on the computing device. The user certificate may be used for digital signature, verification, and encryption purposes. The user certificate is also used in both the wireless local area network and the wireless wide area network for authenticating a subscriber when accessing services from both networks.

Citations

17 Claims

1. A method comprising:
- generating a security key pair in a personal computer, wherein the security key pair comprises a public key and a private key, the public key stored in a secure storage of the personal computer;
  
  sending the public key from the personal computer to a mobile terminal and sending the public key from the mobile terminal to a cellular operator;
  
  receiving a first instance of a user certificate, from the cellular operator, at the mobile terminal;
  
  sending a second instance of the user certificate from the mobile terminal to the personal computer;
  
  sending a plurality of instances of the user certificate respectively from the mobile terminal to a plurality of personal computers;
  
  utilizing the mobile terminal on a wireless wide-area network (WWAN) based on the first instance while simultaneously utilizing the personal computer on a wireless local-area network (WLAN) based on the second instance and simultaneously utilizing the plurality of personal computers on the WLAN based on the plurality of instances of the user certificate;
  
  wherein the mobile terminal includes the first instance of the user certificate while simultaneously the personal computer includes a second instance of the user certificate and the plurality of personal computers include the plurality of instances of the user certificate;
  
  wherein the user certificate was generated by the cellular operator based on the public key sent from the mobile terminal.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. A method according to claim 1, further comprising:
    - prompting a user at the mobile terminal for a personal identification number (PIN) for authentication with the cellular operator; and
      
      receiving the PIN from the user at the mobile terminal;
      
      wherein storing the first instance in the mobile terminal is performed after receiving the PIN from the user at the mobile terminal.
  - 3. A method according to claim 1, further comprising storing the second instance in a trusted platform module (TPM) in the personal computer.
  - 4. A method according to claim 1, further comprising:
    - prompting a user at the mobile terminal for a personal identification number (PIN) for authentication with the cellular operator; and
      
      receiving the PIN from the user at the mobile terminal;
      
      utilizing the first instance to authenticate the mobile terminal on the WWAN; and
      
      utilizing the first instance to authenticate the user as a subscriber to the WWAN.
  - 5. A method according to claim 1, further comprising:
    - prompting a user at the mobile terminal for a personal identification number (PIN) for authentication with the cellular operator; and
      
      receiving the PIN from the user at the mobile terminal;
      
      utilizing the first instance to authenticate the mobile terminal on the WWAN;
      
      utilizing the first instance to authenticate the user as a subscriber to the WWAN;
      
      utilizing the second instance to authenticate the personal computer on the WLAN; and
      
      utilizing the second instance to authenticate the user as a subscriber to the WLAN.
  - 6. A method according to claim 1, further comprising utilizing the second instance for digital signature purposes.
  - 7. A method according to claim 1, wherein the mobile terminal comprises a mobile device capable of cellular telephone communications.
  - 8. A method according to claim 1, wherein the user certificate includes the public key.
  - 9. A method according to claim 1, wherein neither of the personal computer and the mobile terminal have been authenticated before sending the public key from the mobile terminal to a cellular operator.

10. At least one non-transitory storage medium having instructions stored thereon for causing a system to perform operations comprising:
- generating a security key pair in a first computing node, the security key pair comprising a public key and a private key;
  
  sending the public key from the first computing node to a mobile second computing node;
  
  sending the public key from the second computing node to a cellular operator network;
  
  receiving a second instance of a user certificate, from the cellular operator network, at the second computing node;
  
  sending a first instance of the user certificate from the second computing node to the first computing node;
  
  sending a plurality of instances of the user certificate respectively from the second computing node to a plurality of computing nodes;
  
  simultaneously utilizing (a) the second computing node on a wireless wide-area network (WWAN) based on the second instance, (b) the first computing node on a wireless local-area network (WLAN) based on the first instance, and (c) the plurality of computing nodes on the WLAN based on the plurality of instances;
  
  wherein simultaneously the first computing node includes the first instance, the second computing node includes the second instance, and the plurality of computing nodes includes the plurality of instances;
  
  wherein the second instance was generated by the cellular operator based on the public key sent.
- View Dependent Claims (11, 12, 13)
- - 11. The at least one non-transitory storage medium of claim 10, the operations comprising:
    - prompting a user at the second computing node for a personal identification number (PIN) for authentication with the cellular operator; and
      
      receiving the PIN from the user at the second computing node;
      
      wherein storing the second instance in the second computing node is performed after receiving the PIN from the user at the second computing node.
  - 12. The at least one non-transitory storage medium of claim 10, the operations comprising storing the first instance in a trusted platform module (TPM) in the first computing node.
  - 13. The at least one non-transitory storage medium of claim 10, the operations comprising:
    - prompting a user at the second computing node for a personal identification number (PIN) for authentication with the cellular operator; and
      
      receiving the PIN from the user at the second computing node;
      
      utilizing the second instance to authenticate the second computing node on the WWAN;
      
      utilizing the second instance to authenticate the user as a subscriber to the WWAN;
      
      utilizing the first instance to authenticate the first computing node on the WLAN; and
      
      utilizing the first instance to authenticate the user as a subscriber to the WLAN.

14. At least one non-transitory storage medium having instructions stored thereon for causing a system to perform operations comprising:
- sending a public key from a first computing node (node) to a cellular operator network;
  
  receiving an instance of a user certificate, from the cellular operator network, at the first node;
  
  sending a plurality of instances of the user certificate from the first node to a plurality of nodes;
  
  simultaneously utilizing (a)(i) the first node on a wireless wide-area network (WWAN) based on the instance, and (a)(ii) a first plurality of the plurality of nodes on a wireless local-area network (WLAN) based on the plurality of instances;
  
  wherein simultaneously the first node includes the instance while the plurality of nodes include the plurality of instances.
- View Dependent Claims (15, 16, 17)
- - 15. The at least one non-transitory storage medium of claim 14, the operations comprising receiving the public key at the first node from one of the plurality of nodes.
  - 16. The at least one non-transitory storage medium of claim 15, wherein the instance was generated by the cellular operator based on the public key sent.
  - 17. The at least one non-transitory storage medium of claim 14, the operations comprising simultaneously utilizing (b)(i) the first node on the WWAN based on the instance, (b)(ii) the first plurality of the plurality of nodes on the WLAN based on the plurality of instances, and (b)(iii) a second plurality of the plurality of nodes on the WWAN based on the plurality of instances.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Aissi, Selim, Yelamanchi, Mrudula, Dharmadhikari, Abhay, Matasar, Benjamin, Dashevsky, Jane
Primary Examiner(s)
AJIBADE AKONAI, OLUMIDE

Application Number

US10/956,765
Publication Number

US 20060075242A1
Time in Patent Office

4,176 Days
Field of Search

455/410, 455/411, 455/418, 455/419, 455 411- 413, 455/11.1, 455/556.1, 455/556.2, 455/558, 455/552.1, 455/553.1, 380/247, 713/155, 713/156, 713168-172, 713/180, 713/175, 726/10, 370247-250, 370/270
US Class Current

1/1
CPC Class Codes

H04L 63/062   for key distribution, e.g. ...

H04L 63/0823   using certificates cryptogr...

H04W 12/04   Key management, e.g. using ...

H04W 12/0431   Key distribution or pre-dis...

H04W 12/06   Authentication

H04W 12/08   Access security

H04W 48/16   Discovering, processing acc...

H04W 84/12   WLAN [Wireless Local Area N...

System and method for user certificate initiation, distribution, and provisioning in converged WLAN-WWAN interworking networks

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for user certificate initiation, distribution, and provisioning in converged WLAN-WWAN interworking networks

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links