Mobile device and method for secure on-line sign-up and provisioning for wi-fi hotspots using SOAP-XML techniques
First Claim
1. A method performed by a mobile device for secure on-line sign-up and provisioning for Wi-Fi Hotspot 2.0 networks, the method comprising:
- authenticating with a Wi-Fi access network (AN) through a Wi-Fi Hotspot using Extensible Authentication Protocol (EAP);
performing an initial Simple Object Access Protocol (SOAP) exchange with a subscription server to authenticate the subscription server and to provide an indication of a request reason; and
performing a final SOAP exchange with the subscription server over the Wi-Fi network, wherein, when the subscription server acts as an online sign-up server (OSU), the method includes;
exchanging information with the OSU to establish a subscription with a service provider for Wi-Fi network access and to receive a subscription management object (MO) including provisioned credentials for the subscription;
disassociating with the Wi-Fi Hotspot after the final SOAP exchange; and
re-associating with the Wi-Fi Hotspot to re-establish a Wi-Fi connection, the re-associating using an EAP technique and including;
providing the provisioned credentials to an AAA server over the re-established Wi-Fi connection.
2 Assignments
0 Petitions
Accused Products
Abstract
Embodiments of a mobile device and method for secure on-line sign-up and provisioning of credential for Wi-Fi hotspots using SOAP-XML techniques are generally described herein. Techniques for subscription remediation using SOAP-XML techniques are also generally described herein. In some embodiments, the mobile device may be configured to establish a transport-layer security (TLS) session with a sign-up server through a Wi-Fi Hotspot to receive a certificate of the sign-up server. When the certificate is validated, the mobile device may be configured to exchange device management messages with the sign-up server to sign-up for a Wi-Fi subscription and provisioning of credentials, and retrieve a subscription management object (MO) that includes a reference to the provisioned credentials for storage in a device management tree.
24 Citations
20 Claims
-
1. A method performed by a mobile device for secure on-line sign-up and provisioning for Wi-Fi Hotspot 2.0 networks, the method comprising:
-
authenticating with a Wi-Fi access network (AN) through a Wi-Fi Hotspot using Extensible Authentication Protocol (EAP); performing an initial Simple Object Access Protocol (SOAP) exchange with a subscription server to authenticate the subscription server and to provide an indication of a request reason; and performing a final SOAP exchange with the subscription server over the Wi-Fi network, wherein, when the subscription server acts as an online sign-up server (OSU), the method includes; exchanging information with the OSU to establish a subscription with a service provider for Wi-Fi network access and to receive a subscription management object (MO) including provisioned credentials for the subscription; disassociating with the Wi-Fi Hotspot after the final SOAP exchange; and re-associating with the Wi-Fi Hotspot to re-establish a Wi-Fi connection, the re-associating using an EAP technique and including; providing the provisioned credentials to an AAA server over the re-established Wi-Fi connection. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A device including one or more processors, the one or more processors including circuitry, the circuitry having logic to:
-
authenticate with a Wi-Fi access network (AN) through a Wi-Fi Hotspot using Extensible Authentication Protocol (EAP); perform an initial Simple Object Access Protocol (SOAP) exchange with a subscription server to authenticate the subscription server, and to provide an indication of a request reason; and perform a final SOAP exchange with the subscription server over the Wi-Fi network, wherein, when the subscription server acts as an online sign-up server (OSU), the logic is further to; exchange information with the OSU to establish a subscription with a service provider for Wi-Fi network access and to receive a subscription management object (MO) including provisioned credentials for the subscription. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14)
-
-
15. A method performed by a subscription server to provide secure on-line sign-up and provisioning for Wi-Fi Hotspot 2.0 networks for a mobile device, the method comprising:
-
sending an accept message to a Wi-Fi hotspot from an AAA server to allow a mobile device access to the Wi-Fi network and establish a Wi-Fi connection with the mobile device; performing an initial Simple Object Access Protocol (SOAP) exchange with the mobile device to provision credentials or perform subscription remediation, the initial SOAP exchange including the mobile device authenticating the subscription server; performing a final SOAP exchange with the mobile device over the Wi-Fi network to allow the mobile device to receive a subscription management object (MO); and exchanging information with the mobile device to establish a subscription with a service provider for Wi-Fi network access, to provision credentials for the subscription, and to create the subscription MO for the provisioned credentials. - View Dependent Claims (16, 17)
-
-
18. A non-transitory machine-readable medium that stores instructions for execution by one or more processors to configure a device to:
-
associate with a Wi-Fi network through a Wi-Fi Hotspot using an Extensible Authentication Protocol (EAP) technique; perform an initial Simple Object Access Protocol (SOAP) exchange with a subscription server to authenticate the subscription server, and to provide an indication of a request reason; and perform a final SOAP exchange with the subscription server over the Wi-Fi network, wherein, when the subscription server acts as an online sign-up server (OSU), the instructions further configure the device to; exchange information with the OSU to establish a subscription with a service provider for Wi-Fi network access, and to receive a subscription management object (MO) including provisioned credentials for the subscription; disassociate with the Wi-Fi Hotspot after the final SOAP exchange; and re-associate with the Wi-Fi Hotspot to re-establish a Wi-Fi connection, the re-associating using an EAP technique and including; providing the provisioned credentials to an AAA server over the re-established Wi-Fi connection. - View Dependent Claims (19, 20)
-
Specification