Zero sign-on authentication
First Claim
Patent Images
1. A non-transitory computer-readable medium having a plurality of non-transitory instructions operable with a processor to facilitate authenticating a device for zero sign-on (ZSO) access to media services available through a plurality of access points, the non-transitory instructions being for:
- determining a credential request received from the device through a first access point of the plurality of access points, the credential request being issued to request a trust credential for authenticating access to the media services;
determining whether the first access point is one of trusted and untrusted as a function of identifying information included with the credential request;
facilitating transport of the trust credential through the first access point to the device if the first access point is determined to be trusted;
denying transport of the trust credential through the first access point to the device if the first access point is determined to be untrusted;
determining a media request received from the device through a second access point of the plurality of access points, the media request being issued to request access to the media services through the second access point;
determining whether the second access point is one of trusted and untrusted as a function of identifying information included with the media request;
facilitating ZSO access to the media services through the second access point if the second access point is trusted and the trust credential was transported to the device; and
facilitating ZSO access to the media services through the second access point if the second access point is untrusted and the trust credential is received from the device through the second access point;
determining the first access point to be trusted if the identifying information included with the credential request includes an Internet protocol (IP) address within a trusted domain and to be untrusted if the IP address fails to be within the trusted domain;
determining a home network associated with a user of the device and previously determined to be trusted;
determining the trust credential to be one of expired and unexpired; and
providing the device instructions to return to the home network to re-issue the credential request if transport of the trust credential is denied due to the first access point being untrusted and the trust credential is expired.
1 Assignment
0 Petitions
Accused Products
Abstract
A method of facilitating zero sign-on access to media services depending on trust credentials. The trust credentials may be cookies, certificates, and other data sets operable to be stored on a device used to access the media services such that information included therein may be used to control the zero sign-on capabilities of the user device.
-
Citations
11 Claims
-
1. A non-transitory computer-readable medium having a plurality of non-transitory instructions operable with a processor to facilitate authenticating a device for zero sign-on (ZSO) access to media services available through a plurality of access points, the non-transitory instructions being for:
-
determining a credential request received from the device through a first access point of the plurality of access points, the credential request being issued to request a trust credential for authenticating access to the media services; determining whether the first access point is one of trusted and untrusted as a function of identifying information included with the credential request; facilitating transport of the trust credential through the first access point to the device if the first access point is determined to be trusted; denying transport of the trust credential through the first access point to the device if the first access point is determined to be untrusted; determining a media request received from the device through a second access point of the plurality of access points, the media request being issued to request access to the media services through the second access point; determining whether the second access point is one of trusted and untrusted as a function of identifying information included with the media request; facilitating ZSO access to the media services through the second access point if the second access point is trusted and the trust credential was transported to the device; and facilitating ZSO access to the media services through the second access point if the second access point is untrusted and the trust credential is received from the device through the second access point; determining the first access point to be trusted if the identifying information included with the credential request includes an Internet protocol (IP) address within a trusted domain and to be untrusted if the IP address fails to be within the trusted domain; determining a home network associated with a user of the device and previously determined to be trusted; determining the trust credential to be one of expired and unexpired; and providing the device instructions to return to the home network to re-issue the credential request if transport of the trust credential is denied due to the first access point being untrusted and the trust credential is expired. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory computer-readable medium having a plurality of non-transitory instructions operable with a processor to facilitate authenticating a device for zero sign-on (ZSO) access to media services available through a plurality of access points, the non-transitory instructions being for:
-
determining a credential request received from the device through a first access point of the plurality of access points, the credential request being issued to request a trust credential for authenticating access to the media services; determining whether the first access point is one of trusted and untrusted as a function of identifying information included with the credential request; facilitating transport of the trust credential through the first access point to the device if the first access point is determined to be trusted; denying transport of the trust credential through the first access point to the device if the first access point is determined to be untrusted; determining a media request received from the device through a second access point of the plurality of access points, the media request being issued to request access to the media services through the second access point; determining whether the second access point is one of trusted and untrusted as a function of identifying information included with the media request; facilitating ZSO access to the media services through the second access point if the second access point is trusted and the trust credential was previously transported to the device; facilitating ZSO access to the media services through the second access point if the second access point is untrusted and the trust credential is received from the device through the second access point; determining the first access point to be trusted if the identifying information included with the credential request includes an Internet protocol (IP) address within a trusted domain and to be untrusted if the IP address fails to be within the trusted domain; determining a home network associated with a user of the device and previously determined to be trusted; determining the trust credential to be one of expired and unexpired proximate in time to issuance of the media request; and providing the device instructions to return to the home network to re-issue the credential request if the second access point is untrusted and the trust credential is expired. - View Dependent Claims (9)
-
-
10. A method for authenticating a device for zero sign-on (ZSO) access to media services available through a plurality of access points, the method comprising:
-
determining a credential request received from the device through a first access point of the plurality of access points, the credential request being issued to request a trust credential for authenticating access to the media services; determining whether the first access point is one of trusted and untrusted as a function of identifying information included with the credential request; facilitating transport of the trust credential through the first access point to the device if the first access point is determined to be trusted; denying transport of the trust credential through the first access point to the device if the first access point is determined to be untrusted; determining a media request received from the device through a second access point of the plurality of access points, the media request being issued to request access to the media services through the second access point; determining whether the second access point is one of trusted and untrusted as a function of identifying information included with the media request; facilitating ZSO access to the media services through the second access point if the second access point is trusted and the trust credential was previously transported to the device; facilitating ZSO access to the media services through the second access point if the second access point is untrusted and the trust credential is received from the device through the second access point; determining the first access point to be trusted if the identifying information included with the credential request includes an Internet protocol (IP) address within a trusted domain and to be untrusted if the IP address fails to be within the trusted domain; determining a home network associated with a user of the device and previously determined to be trusted; determining the trust credential to be one of expired and unexpired proximate in time to issuance of the media request; and providing the device instructions to return to the home network to re-issue the credential request if the second access point is untrusted and the trust credential is expired. - View Dependent Claims (11)
-
Specification