Zero sign-on authentication
First Claim
Patent Images
1. A method of providing zero sign-on authentication comprising:
- identifying a gateway through which a first user device issues a media access request for media services, the media access request being generated through user interaction with a webpage connected to through signaling carried via the gateway;
establishing a gateway level of trust for the gateway following issuance of the media access request, the gateway level of trust being determined based on gateway identification information electronically collected from the gateway, at least part of the gateway identification information being unique to the gateway;
after establishing the gateway level of trust, authenticating the first user device to access the media service depending on the gateway level of trust, including automatically limiting media services made accessible to the first user device through the gateway to a certain portion of the media services depending on the gateway level of trust;
establishing the gateway level of trust with a server in electronic communication with the gateway, the server determining the gateway level of trust based on a comparison of information collected from the gateway to data previously associated with the gateway;
granting the first user device limited access to facilitate communications with the server via the gateway prior to determining the gateway level of trust, the limited access allowing the first user device to interact with the webpage;
establishing the gateway level of trust to be one of a first, second, and third level of trust depending on whether the server supports Simple Network Management Protocol (SNMP) communications with the gateway, whether the server supports a privacy certificate exchange with the gateway, and whether a Media Access control (MAC) address of the gateway has the same domain name as a domain previously associated with the MAC address;
authenticating the first user device to a first tier of the media service if the first user device is determined to have the first level of trust, authenticating the first user device to a second tier of the media service if the first user device is determined to have the second level of trust, and authenticating the first user device to a third tier of the media service if the first user device is determined to have the third level of trust; and
authenticating a second user device to access the same certain portion of the media services through the gateway as function of the gateway level of trust regardless of an identity of the second user device and regardless of an identity of a user of the second user device.
1 Assignment
0 Petitions
Accused Products
Abstract
A authenticating system and process for authenticating user devices to a access a media service where access to certain portions of the media service may be limited according to a gateway or other device used by a user device to facilitate interfacing a user with the media service. The authentication may be achieved without directly assessing a trustworthiness of the user devices, and optionally, without requiring a user thereof to complete a sign-on operation.
27 Citations
15 Claims
-
1. A method of providing zero sign-on authentication comprising:
-
identifying a gateway through which a first user device issues a media access request for media services, the media access request being generated through user interaction with a webpage connected to through signaling carried via the gateway; establishing a gateway level of trust for the gateway following issuance of the media access request, the gateway level of trust being determined based on gateway identification information electronically collected from the gateway, at least part of the gateway identification information being unique to the gateway; after establishing the gateway level of trust, authenticating the first user device to access the media service depending on the gateway level of trust, including automatically limiting media services made accessible to the first user device through the gateway to a certain portion of the media services depending on the gateway level of trust; establishing the gateway level of trust with a server in electronic communication with the gateway, the server determining the gateway level of trust based on a comparison of information collected from the gateway to data previously associated with the gateway; granting the first user device limited access to facilitate communications with the server via the gateway prior to determining the gateway level of trust, the limited access allowing the first user device to interact with the webpage; establishing the gateway level of trust to be one of a first, second, and third level of trust depending on whether the server supports Simple Network Management Protocol (SNMP) communications with the gateway, whether the server supports a privacy certificate exchange with the gateway, and whether a Media Access control (MAC) address of the gateway has the same domain name as a domain previously associated with the MAC address; authenticating the first user device to a first tier of the media service if the first user device is determined to have the first level of trust, authenticating the first user device to a second tier of the media service if the first user device is determined to have the second level of trust, and authenticating the first user device to a third tier of the media service if the first user device is determined to have the third level of trust; and authenticating a second user device to access the same certain portion of the media services through the gateway as function of the gateway level of trust regardless of an identity of the second user device and regardless of an identity of a user of the second user device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method of authenticating user devices to access a media service available from a service provider when at least a portion of signaling used to support access to the media service is exchanged through a gateway configured to interconnect one or more user devices with the service provider, the method comprising:
-
for each user device requesting access to a media service, determining a level of trust for each gateway used to support signaling therewith; authenticating the user devices requesting access to the media service to access certain portions of the media service depending on the level of trust determined for the gateway used to support signaling therewith such that user devices connected to gateways having greater levels of trust are permitted access to larger portions of the media service than gateways having lesser levels of trust; authenticating each user device connected to the same gateway to the same certain portions of the media service regardless of a user associated therewith; determining the level of trust for each gateway to be one of a first, second, and third level of trust depending on whether the gateway supports Simple Network Management Protocol (SNMP) communications with the gateway, whether the gateway supports a privacy certificate exchange or whether a Media Access Control (MAC) address of the gateway has the same domain name as a domain name previously associated with the MAC address; authenticating a first user device of the user devices to a first tier of the media service if the first user device is determined to be requesting access to the media service through one of the gateways having the first level of trust, authenticating the first user device to a second tier of the media service if the first user device is determined to be requesting access to the media service through one of the gateways having the second level of trust, and authenticating the first user device to a third tier of the media service if the first user device is determined to be requesting access to the media service through one of the gateways having the third level of trust. - View Dependent Claims (11, 12)
-
-
13. A system for supporting zero sign-on authentication to a media service comprising:
-
a provider network used to carry signaling associated with sourcing of the media service; a plurality of gateways configured to interface the signaling of the provider network with one or more of the user devices; and a server computer configured to; electronically query the plurality of gateways for information; determine a level of trust for each of the gateways from the information; determine a media access request for each user device attempting to access the media service, the media access request being transmitted through the gateway connected to each user device attempting to access the media service; authenticate each user device associated with at least one media access request to access certain portions of the media service according to the level of trust of the gateway connected thereto such that at least a first gateway is provided access to more of the certain portion than at least a second gateway due to the level of trust of the second gateway being less than the level of trust of the first gateway, the level of trust for each gateway being determined at least based in part on information included with the corresponding media access request; wherein the server determines the level of trust for each gateway as a trust score, the trust score increasing with each positive metric, the metrics including (i) whether the server supports Simple Network Management Protocol (SNMP) communications with the gateway, (ii) whether the server supports a privacy certificate exchange with the gateway or (iii) whether a Media Access Control (MAC) address of the gateway has the same domain name as a domain previously associated with the MAC address, wherein the first gateway is determined to have more positive metrics than the second gateway; and authenticating a first user device of the user devices to a first tier of the media service if the first user device is determined to be requesting access to the media service through the first gateway having the first level of trust, authenticating the first user device to a second tier of the media service if the first user device is determined to be requesting access to the media service through the second gateways having the second level of trust, and authenticating the first user device to a third tier of the media service if the first user device is determined to be requesting access to the media service through a third gateways having the third level of trust. - View Dependent Claims (14, 15)
-
Specification