Method for realizing an authentication center and an authentication system thereof

US 8,527,762 B2
Filed: 09/15/2009
Issued: 09/03/2013
Est. Priority Date: 01/22/2009
Status: Active Grant

First Claim

Patent Images

1. A method for realizing an authentication center, the method comprising:

(A) a user equipment sending an authentication request to an authentication center and applying for temporary authentication information for logging in an application system, the authentication center assigning a first authentication random code to the user equipment, and the user equipment calculating a first response code according to the first authentication random code and sending the first response code to the authentication center, after authenticating and authorizing the user equipment, the authentication center assigning the temporary authentication information to the user equipment;

(B) the user equipment sending a login request to the application system, and the application system assigning a second authentication random code to the user equipment, the user equipment calculating a second response code according to the second authentication random code and said temporary authentication information, and sending the second response code to the application system;

(C) the application system sending the second response code to the authentication center, and the authentication center performing authentication and authorization; and

(D) the authentication center returning an authentication result to the application system, and the application system returning the authentication result to the user equipment.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for realizing an authentication center (AC) and an authentication system are disclosed. The method comprises: a UE sends an authentication request to an AC and applies for temporary authentication information, the AC assigns a first authentication random code to the UE, then the UE calculates a first response code and sends it to the AC, the AC assigns the temporary authentication information to the UE after authentication and authorization; the UE sends a login request to the application system (AS) which assigns a second authentication random code to the UE, and the UE uses it and the temporary authentication information to calculate a second response code, and sends this code to the AS; the AS sends the second response code to the AC for authentication and authorization; the AC returns the authentication result to the AS which in turn returns the authentication result to the UE.

13 Citations

View as Search Results

19 Claims

1. A method for realizing an authentication center, the method comprising:
- (A) a user equipment sending an authentication request to an authentication center and applying for temporary authentication information for logging in an application system, the authentication center assigning a first authentication random code to the user equipment, and the user equipment calculating a first response code according to the first authentication random code and sending the first response code to the authentication center, after authenticating and authorizing the user equipment, the authentication center assigning the temporary authentication information to the user equipment;
  
  (B) the user equipment sending a login request to the application system, and the application system assigning a second authentication random code to the user equipment, the user equipment calculating a second response code according to the second authentication random code and said temporary authentication information, and sending the second response code to the application system;
  
  (C) the application system sending the second response code to the authentication center, and the authentication center performing authentication and authorization; and
  
  (D) the authentication center returning an authentication result to the application system, and the application system returning the authentication result to the user equipment.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1 wherein said first and said second authentication random codes exist in a form of message-digest algorithm MD5.
  - 3. The method of claim 2 wherein message-digest algorithm MD5 and secure hash algorithm SHA1 combined algorithm are used in the step of calculating the first and the second response codes.
  - 4. The method of claim 1 wherein message-digest algorithm MD5 and secure hash algorithm SHA1 combined algorithm are used in the step of calculating the first and the second response codes.
  - 5. The method of claim 4 wherein said temporary authentication information comprises a user equipment account, an application system identifier and a temporary token.
  - 6. The method of claim 5 wherein said temporary authentication information is unique and has a valid time period.
  - 7. The method of claim 5 wherein, in the step (A), the step of the authentication center assigning the temporary authentication information to the user equipment comprises transmitting the temporary authentication information by way of a symmetrical secure encryption algorithm or a secure socket layer (SSL)/transport layer security (TLS).
  - 8. The method of claim 7 wherein said symmetrical encryption algorithm that is directly used is data encryption standard (DES), triple data encryption standard (3DES) or advanced encryption standard (AES).
  - 9. The method of claim 1 wherein, in the step of the authentication center performing authentication and authorization in said step (C), the authentication center clears said temporary authentication information if the authentication is passed successfully.

10. An authentication center comprising a memory storing the following instructions:
- receiving an authentication request as well as an application for temporary authentication information for logging in an application system from a user equipment;
  
  assigning a first authentication random code to said user equipment;
  
  receiving a first response code calculated according to said first authentication random code and sent by said user equipment;
  
  assigning said temporary authentication information to said user equipment after authentication and authorization;
  
  receiving a second response code from said application system, wherein, said second response code is calculated out by said user equipment according to the second authentication random code assigned by the application system and the temporary authentication information after said user equipment sends a login request to the application system;
  
  performing authentication and authorization; and
  
  returning an authentication result to said application system, so that said application system can return the authentication result to said user equipment; and
  
  at least one processor executing the instructions stored by the memory.
- View Dependent Claims (11, 12, 13)
- - 11. The authentication center of claim 10 wherein said temporary authentication information comprises a user equipment account, an application system identifier and a temporary token.
  - 12. The authentication center of claim 10 wherein said temporary authentication information is featured with uniqueness and timeliness.
  - 13. The authentication center of claim 10 further including memory storing the following instructions:
    - receiving a second response code sent by said application system, andclearing said temporary authentication information if the authentication is passed successfully when performing authentication and authorization.

14. A user equipment comprising a memory storing the following instructions:
- sending an authentication request to an authentication center and applying for temporary authentication information for logging in an application system;
  
  receiving a first authentication random code assigned by said authentication center;
  
  calculating a first response code according to said first authentication random code;
  
  sending said first response code to said authentication center;
  
  receiving said temporary authentication information assigned by the authentication center after authentication and authorization;
  
  sending a login request to said application system;
  
  receiving a second authentication random code assigned by the application system;
  
  calculating said second response code according to said second authentication random code and said temporary authentication information;
  
  sending said second response code to said application system; and
  
  receiving an authentication result returned from said application system, wherein said authentication result is returned by said authentication center to the application system after said application system sends the second response code to the authentication center and said authentication center performs authentication and authorization; and
  
  at least one processor executing the instructions stored by the memory.

15. An application system comprising a memory storing the following instructions:
- responding to a login request sent from a user equipment;
  
  assigning a second authentication random code to said user equipment;
  
  receiving a second response code sent from said user equipment, wherein said second response code is calculated out by said user equipment using said second authentication random code and temporary authentication information, wherein said temporary authentication information is assigned by said authentication center after authentication and authorization based on a first response code calculated by said user equipment according to a first authentication random code assigned by said authentication center and sent by the user equipment after said user equipment sends an authentication request to the authentication center and applies for temporary authentication information for logging in an application system;
  
  sending said second response code to said authentication center;
  
  receiving an authentication result returned from said authentication center after authentication and authorization are performed in said authentication center; and
  
  sending the authentication result to said user equipment; and
  
  at least one processor executing the instructions stored by the memory.

16. An authentication system, comprising an authentication center, a user equipment and an application system wherein,the authentication center comprises:
- a memory storing the following instructions;
  
  receiving an authentication request as well as an application for temporary authentication information for logging in said application system from said user equipment, assigning a first authentication random code to said user equipment, receiving a first response code calculated according to said first authentication random code and sent by said user equipment, and assigning said temporary authentication information to said user equipment after authentication and authorization;
  
  receiving a second response code from said application system and performing authentication and authorization, wherein said second response code is calculated by said user equipment according to the second authentication random code assigned by the application system and the temporary authentication information after said user equipment sends a login request to said application system; and
  
  returning an authentication result to said application system, so that said application system can return the authentication result to said user equipment; and
  
  at least one processor executing the instructions stored by the memory;
  
  the user equipment comprises;
  
  a memory storing following instructions;
  
  sending the authentication request to said authentication center and applying for temporary authentication information for logging in said application system, receiving the first authentication random code assigned by said authentication center, calculating the first response code according to said first authentication random code and send said first response code to said authentication center, receiving said temporary authentication information assigned by the authentication center after authentication and authorization;
  
  sending the login request to said application system, receiving the second authentication random code assigned by said application system, calculating said second response code according to said second authentication random code and said temporary authentication information, and sending said second response code to said application system; and
  
  receiving the authentication result returned from said application system, wherein said authentication result is returned by said authentication center to the application system after said application system sends the second response code to the authentication center and said authentication center performs authentication and authorization; and
  
  one processor executing the instructions stored by the memory; and
  
  the application system comprises;
  
  a memory storing following instructions;
  
  responding the login request sent from said user equipment, assigning the second authentication random code to said user equipment, receiving the second response code sent from said user equipment, wherein said second response code is calculated out by said user equipment using said second authentication random code and temporary authentication information, wherein said temporary authentication information is assigned by said authentication center after authentication and authorization based on the first response code calculated by said user equipment according to the first authentication random code assigned by said authentication center and sent by the user equipment after said user equipment sends the authentication request to the authentication center and applies for temporary authentication information for logging in an application system;
  
  sending said second response code to said authentication center, and after authentication and authorization are performed in said authentication center, receiving the authentication result returned from said authentication center, and sending the authentication result to said user equipment; and
  
  at least one processor executing the instructions stored by the memory.
- View Dependent Claims (17, 18, 19)
- - 17. The authentication system of claim 16 wherein said temporary authentication information comprises a user equipment account, an application system identifier and a temporary token.
  - 18. The authentication system of claim 16 wherein said temporary authentication information is featured with uniqueness and timeliness.
  - 19. The authentication system of claim 16 wherein the authentication center further includes memory storing the following instructions:
    - receiving a second response code sent by said application system, and clearing said temporary authentication information if the authentication is passed successfully when performing authentication and authorization.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
ZTE Corporation
Original Assignee
ZTE Corporation
Inventors
Cui, Zhenfeng, Chen, Xi, Bian, Zhijun
Primary Examiner(s)
Pwu, Jeffrey
Assistant Examiner(s)
AMORIN, CARLOS E

Application Number

US13/145,222
Publication Number

US 20110283106A1
Time in Patent Office

1,449 Days
Field of Search

None
US Class Current

713/168
CPC Class Codes

H04L 63/08 for authentication of entit...

Method for realizing an authentication center and an authentication system thereof

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

13 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Method for realizing an authentication center and an authentication system thereof

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

13 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links