Single sign-on process
First Claim
Patent Images
1. A smart-card for use in a mobile equipment connected to a first communication network for authenticating a user of said mobile equipment connected to a second communication network in order to remote-access a remote location, said smart card comprising processing means for delivering a plurality of authenticators each for authenticating the user in one or more of a plurality of intermediate equipment connected to both the first network and the second network between the mobile equipment and the remote location in order to establish a plurality of successive communication layers between the mobile equipment and the remote location.
9 Assignments
0 Petitions
Accused Products
Abstract
Single sign-on process allowing a mobile user with a mobile phone or with a laptop to remote-access a remote server, comprising the steps of:
- (1) sending a first authenticator over a first communication layer to a first intermediate equipment between said mobile equipment and said remote server,
- (2) verifying in said first intermediate equipment said first authenticator sent by said mobile equipment,
- (3) if said first authenticator is accepted by said first intermediate equipment, completing the communication layer between said mobile equipment and said intermediate equipment,
- (4) repeating steps (1) to (3) with a plurality of successive intermediate equipment and over a plurality of successive communication layers, until a communication has been completed at the last requested communication layer between said mobile equipment and said remote server,
- wherein at least a plurality of said authenticators are furnished by a smart-card in said mobile equipment.
70 Citations
23 Claims
- 1. A smart-card for use in a mobile equipment connected to a first communication network for authenticating a user of said mobile equipment connected to a second communication network in order to remote-access a remote location, said smart card comprising processing means for delivering a plurality of authenticators each for authenticating the user in one or more of a plurality of intermediate equipment connected to both the first network and the second network between the mobile equipment and the remote location in order to establish a plurality of successive communication layers between the mobile equipment and the remote location.
-
12. A smart-card comprising:
-
a synchronization private key for decrypting an old and a new secret encrypted with a corresponding synchronization public key, comparison means for comparing said old decrypted secret with the secret stored in said mobile equipment, and comparing said decrypted new secret with a new secret entered in said mobile equipment, means for replacing said secret stored in said mobile equipment with said decrypted new secret when both comparisons are positive. - View Dependent Claims (13)
-
-
14. A smart-card for use in a mobile device communicating with a remote device through an intermediate device connected to the mobile device via a first communication network, said intermediate device connected to the remote device via a second communication network, said smart card comprising:
-
processing means; and a memory for providing data to said processing means, wherein an authenticator is provided by said processing means to the intermediate device for authenticating the mobile equipment in the intermediate device to establish a communication layer between the mobile device and the intermediate device, and wherein communication between the mobile device and the remote device is established when the mobile device has been authenticated in the intermediate device. - View Dependent Claims (15, 16, 17, 18)
-
-
19. A smart-card for use in a mobile device communicating with a remote device through a plurality of intermediate equipment between the mobile device and the remote device, said smart card comprising:
-
processing means; and a means for storing a plurality of authenticators, wherein each of said authenticators is provided by said processing means to a corresponding one of the plurality of intermediate equipment for authenticating said mobile equipment in the corresponding one of the intermediate equipment to establish a corresponding communication layer between the mobile device and the corresponding one of the intermediate equipment, and wherein communication between the mobile device and the remote device is established when the mobile device has been authenticated in each of the plurality of intermediate equipment thereby resulting in a communication channel including the plurality of the corresponding communication layers each between said mobile device and the corresponding one of the intermediate equipment. - View Dependent Claims (20, 21, 22, 23)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeVL Collective IP, LLC (VideoLabs, Inc.)
-
Original AssigneeSwisscom Mobile AG (Government of Switzerland)
-
InventorsLauper, Eric, Ferchichi, Azim
-
Primary Examiner(s)Barrón, Jr., Gilberto
-
Assistant Examiner(s)Gurshman, Grigory
-
Application NumberUS10/207,513Publication NumberTime in Patent Office1,408 DaysField of Search380/247, 713/185, 713/172US Class Current380/247CPC Class CodesG06F 21/34 involving the use of extern...G06F 21/41 where a single sign-on prov...H04L 63/0442 wherein the sending and rec...H04L 63/062 for key distribution, e.g. ...H04L 63/08 for authentication of entit...H04L 63/0815 providing single-sign-on or...H04L 63/0853 using an additional device,...H04L 63/164 at the network layerH04L 67/04 specially adapted for termi...H04L 67/14 Session management for real...H04W 12/02 Protecting privacy or anony...H04W 12/04 Key management, e.g. using ...H04W 12/06 AuthenticationH04W 12/082 using revocation of authori...H04W 8/265 for initial activation of n...
