Method and apparatus for mutually authenticating a user device of a primary service provider
First Claim
Patent Images
1. A method comprising:
- authenticating a user device with an authentication server of a primary service provider and forming a root certificate at the primary service provider;
communicating the root certificate to the user device from the primary service provider;
authenticating a supplemental service provider by signing a supplemental service provider certificate at an intermediate authentication authority to form a signed supplemental service provider certificate then signing the signed supplemental service provider certificate with the authentication server of the primary service provider and forming a twice-signed supplemental service provider certificate, said supplemental service provider separate from the primary service provider;
communicating the twice-signed supplemental service provider certificate to the supplemental service provider;
mutually authenticating the user device and the supplemental service provider with each other using the root certificate and the twice-signed supplemental service provider certificate; and
after mutually authenticating, communicating directly between the supplemental service provider and the user device.
5 Assignments
0 Petitions
Accused Products
Abstract
A system and method for communicating between a secondary content provider and a user device includes a primary service provider having an authentication server of a primary service provider authenticating the user device. The primary service provider provides primary content to the user device. The system also includes a supplemental service provider. The authentication server authenticates the service provider. The user device and the supplemental service provider mutually authenticate each other. Thereafter, the supplemental service provider communicates supplemental content to the user device.
-
Citations
22 Claims
-
1. A method comprising:
-
authenticating a user device with an authentication server of a primary service provider and forming a root certificate at the primary service provider; communicating the root certificate to the user device from the primary service provider; authenticating a supplemental service provider by signing a supplemental service provider certificate at an intermediate authentication authority to form a signed supplemental service provider certificate then signing the signed supplemental service provider certificate with the authentication server of the primary service provider and forming a twice-signed supplemental service provider certificate, said supplemental service provider separate from the primary service provider; communicating the twice-signed supplemental service provider certificate to the supplemental service provider; mutually authenticating the user device and the supplemental service provider with each other using the root certificate and the twice-signed supplemental service provider certificate; and after mutually authenticating, communicating directly between the supplemental service provider and the user device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method comprising:
-
communicating a root certificate request from a user device to an authentication server; communicating a root certificate from the authentication server to the user device; storing the root certificate in the user device; communicating a supplemental service provider certificate to an intermediate authentication authority to sign to form a signed supplemental service provider certificate and thereafter communicating a request to sign the signed supplemental service provider certificate from a supplemental service provider to a signing module of a primary service provider; signing the signed supplemental service provider certificate at the signing module to form a twice-signed supplemental service provider certificate; communicating the twice-signed supplemental service provider certificate to the supplemental service provider; storing a copy of the twice-signed supplemental service provider certificate at the primary service provider; communicating a request for authentication and the supplemental service provider certificate from the supplemental service provider to the user device; communicating the root certificate from the user device to the supplemental service provider; encrypting a symmetric key at the supplemental service provider with the root certificate or a public key of the user device to form an encrypted symmetric key; communicating the encrypted symmetric key to the user device; communicating an encrypted test message from the supplemental service provider to the user device; communicating a validation signal from the user device to the supplemental service provider. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A system comprising:
-
a user device; a primary service provider having an authentication server authenticating the user device and forming a root certificate, said primary service provider providing primary content to the user device, said primary service provider communicating the root certificate to the user device; a supplemental service provider separate from the primary service provider; an intermediate authentication authority signing a supplemental service provider certificate to form a signed supplemental service provider certificate; said authentication server authenticating the supplemental service provider by signing the signed supplemental service provider certificate to form a twice-signed supplemental service provider certificate and communicating the twice-signed supplemental service provider certificate to the supplemental service provider; said user device and said supplemental service provider mutually authenticating each other using the root certificate and the twice-signed supplemental service provider certificate; and said supplemental service provider communicating supplemental content to the user device through a network. - View Dependent Claims (17, 18, 19, 20, 21, 22)
-
Specification