Method and apparatus for sharing wireless network subscription services
First Claim
1. A method comprising:
- determining whether a first mobile terminal possesses one or more first credentials that are configured to be issuable to another mobile terminal, wherein at least one of the one or more first credentials comprise a subscription identifier issued by a server and the at least one of the one or more first credentials is configured to grant access to one or more wireless network subscription services;
causing, by a processor, a certificate enrollment procedure to be initiated by the first mobile terminal in an instance in which the first mobile terminal possesses one or more first credentials that are configured to be issuable to the another mobile terminal, wherein the certificate enrollment procedure results in a public key to be transmitted to the first mobile terminal and a first client certificate to be issued to the first mobile terminal that comprises a subscription identifier and a flag indicating whether the first client certificate is able to be shared with the another mobile terminal;
receiving at least one second credential that is distinct from the first credential and is in the form of a client certificate generated by the first mobile terminal, the client certificate comprising the public key of the another mobile terminal signed by a private key of the first mobile terminal and having the subscription identifier; and
accessing the one or more wireless network subscription services with the client certificate based on a verification of the private key and the subscription identifier.
2 Assignments
0 Petitions
Accused Products
Abstract
A method, apparatus and computer program product are provided for enabling multiple mobile terminals to access a subscription service. The method may further include causing a client certificate to be issued to the first mobile terminal as a result of the certificate enrollment procedure. In some example embodiments, the client certificate comprises a subscription identifier and a flag indicating whether the client certificate is to be sharable with a second mobile terminal. The method may further include causing a certificate enrollment procedure to be initiated by a second mobile terminal with the first mobile terminal in an instance in which the first mobile terminal possesses one or more credentials that are configured to be shared with another mobile terminal. The method may further include the second mobile terminal receiving at least one credential in the form of a client certificate from the first mobile terminal.
16 Citations
20 Claims
-
1. A method comprising:
-
determining whether a first mobile terminal possesses one or more first credentials that are configured to be issuable to another mobile terminal, wherein at least one of the one or more first credentials comprise a subscription identifier issued by a server and the at least one of the one or more first credentials is configured to grant access to one or more wireless network subscription services; causing, by a processor, a certificate enrollment procedure to be initiated by the first mobile terminal in an instance in which the first mobile terminal possesses one or more first credentials that are configured to be issuable to the another mobile terminal, wherein the certificate enrollment procedure results in a public key to be transmitted to the first mobile terminal and a first client certificate to be issued to the first mobile terminal that comprises a subscription identifier and a flag indicating whether the first client certificate is able to be shared with the another mobile terminal; receiving at least one second credential that is distinct from the first credential and is in the form of a client certificate generated by the first mobile terminal, the client certificate comprising the public key of the another mobile terminal signed by a private key of the first mobile terminal and having the subscription identifier; and accessing the one or more wireless network subscription services with the client certificate based on a verification of the private key and the subscription identifier. - View Dependent Claims (2, 3, 4, 5)
-
-
6. An apparatus comprising:
-
at least one processor; and at least one memory including computer program code, the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus to at least; determine whether a first mobile terminal possesses one or more credentials that are configured to be issuable to another mobile terminal, wherein at least one of the one or more first credentials comprise a subscription identifier issued by a server and the at least one of the one or more first credentials is configured to grant access to one or more wireless network subscription services; cause a certificate enrollment procedure to be initiated by the first mobile terminal in an instance in which the first mobile terminal possesses one or more first credentials that are configured to be issuable to the another mobile terminal, wherein the certificate enrollment procedure results in a public key to be transmitted to the first mobile terminal and a first client certificate to be issued to the first mobile terminal that comprises a subscription identifier and a flag indicating whether the first client certificate is able to be shared with the another mobile terminal; receive at least one second credential that is distinct from the first credential and is in the form of a client certificate generated by the first mobile terminal, the client certificate comprising the public key of the another mobile terminal signed by a private key of the first mobile terminal and having the subscription identifier; and access the one or more wireless network subscription services with the client certificate based on a verification of the private key and the subscription identifier. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A method comprising:
-
receiving a certificate enrollment procedure request from a first mobile terminal; causing, by a processor, a first client certificate to be issued to the first mobile terminal as a result of the certificate enrollment procedure initiated by the first mobile terminal, wherein the first client certificate comprises a subscription identifier and a flag indicating whether the client certificate is able to be shared with an issuable to at least a second mobile terminal; receiving an authentication request for access to a wireless network subscription service from the second mobile terminal, wherein the authentication request comprises a second client certificate of the second mobile terminal signed by a private key of the first mobile terminal and having the subscription identifier, the second client certificate being distinct from the first client certificate; and causing the second mobile terminal to be authenticated with the second client certificate based upon verification of the private key and the subscription identifier. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification