Who is the assignee on this patent?

Interdigitial Patent Holdings Inc, Interdigital Patent Holdings Inc

What technology area does this patent fall under?

Primary CPC classification H04L63/0876. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue Jul 31 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Characteristics of security associations

US10038692B2 · US · B2

Patent metadata
Field	Value
Publication number	US-10038692-B2
Application number	US-201615356762-A
Country	US
Kind code	B2
Filing date	Nov 21, 2016
Priority date	Jul 13, 2012
Publication date	Jul 31, 2018
Grant date	Jul 31, 2018

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

Authentication of a user or a wireless transmit/receive unit may be based on an obtained measure of authentication strength, which may referred to as an assurance level. For example, a user, via a WTRU, may request access to a service controlled by an access control entity (ACE). The user may be authenticated with a user authenticator and assertion function (UAAF), producing a result. A user assertion may be provided that includes the user authentication result, a user assurance level, and/or a user freshness level. The WTRU may be authenticated with a device authenticator and assertion function (DAAF), producing an associated result. A device assertion may be provided that may include the device authentication result, a device assurance level, and/or a device freshness level. The assertions may be bound together to receive access to a service or resource.

First claim

Opening claim text (preview).

What is claimed: 1. A method of authenticating a subscription for access to a service from a service provider, the method comprising: sending an access request to the service provider from a user device; in response to the access request, receiving, from the service provider, a request for a subscription authentication; in response to the request for the subscription authentication, generating an authentication response, wherein the authentication response comprises a subscription identity associated with the subscription; and sending the authentication response to the service provider to receive access to the service via the user device, wherein the authentication response comprises an indication of a freshness of the subscription authentication, and an indication of a strength of the subscription authentication, the indication of the freshness based on a time that the authentication of the subscription occurred. 2. The method as recited in claim 1 , wherein the user device comprises an universal integrated circuit card (UICC), and generating the authentication response further comprises: performing, by the UICC, an authentication of the user device; based on the authentication of the user device, generating an assertion comprising a result of the authentication of the user device; generating a response associated with the request for the subscription authentication; and sending the assertion and the response associated with the request for the subscription authentication. 3. The method as recited in claim 1 , wherein generating the authentication response comprises: performing an authentication of the subscription associated with the subscription identity; based on the authentication of the subscription, generating an assertion comprising a result of the authentication of the subscription; generating a response associated with a request for a device authentication; and sending the assertion and the response associated with the request for the device authentication. 4. The method as recited in claim 1 , wherein the request for the subscription authentication comprises a request for a service subscription authentication. 5. The method as recited in claim 2 , wherein the subscription authentication and the authentication of the user device are bound together. 6. The method as recited in claim 2 , the method further comprising: receiving a request for a user authentication; and in response to the request for the user authentication, performing an authentication of a user of the user device. 7. The method as recited in claim 6 , wherein the subscription authentication, the authentication of the user device, and the user authentication are bound together. 8. The method as recited in claim 1 , the method further comprising: obtaining an assurance level associated with a device authentication strength that is required to access the service; and generating the authentication response based on the assurance level that is obtained. 9. The method as recited in claim 2 , wherein the authentication response comprises an indication of a freshness of the authentication of the user device, and an indication of a strength of the authentication of the user device, the indication of the freshness based on a time that the authentication of the user device occurred. 10. A wireless transmit/receive unit (WTRU), the WTRU comprising: a memory comprising executable instructions; and a processor in communications with the memory, the instructions, when executed by the processor, cause the processor to effectuate operations comprising: sending an access request to access a service from a service provider; in response to the access request, receiving, from the service provider, a request for an authentication of a subscription; in response to the request for the subscription authentication, generating an authentication response, wherein the authentication response comprises a subscription identity associated with the subscription; and sending the authentication response to the service provider to receive access to the service via the WTRU, wherein the authentication response comprises an indication of a freshness of the subscription authentication, and an indication of a strength of the subscription authentication, the indication of the freshness based on a time that the authentication of the subscription occurred. 11. The WTRU as recited in claim 10 , wherein the WTRU further comprises an universal integrated circuit card (UICC), and generating the authentication response further comprises: performing, by the UICC, an authentication of the WTRU; based on the authentication of the WTRU, generating an assertion comprising a result of the authentication of the WTRU; generating a response associated with the request for the subscription authentication; and sending the assertion and the response associated with the request for the subscription authentication. 12. The WTRU as recited in claim 10 , wherein generating the authentication response further comprises: performing an authentication of the subscription associated with the subscription identity; based on the authentication of the subscription, generating an assertion comprising a result of the authentication of the subscription; generating a response associated with a request for a WTRU authentication; and sending the assertion and the response associated with the request for the WTRU authentication. 13. The WTRU as recited in claim 10 , wherein the request for the subscription authentication comprises a request for a service subscription authentication. 14. The WTRU as recited in claim 11 , wherein the subscription authentication and the authentication of the WTRU are bound together. 15. The WTRU as recited in claim 11 , wherein the processor is further configured to execute the instructions to perform further operations comprising: receiving a request for a user authentication; and in response to the request for the user authentication, performing an authentication of a user of the WTRU. 16. The WTRU as recited in claim 15 , wherein the subscription authentication, the authentication of the user device, and the user authentication are bound together. 17. The WTRU as recited in claim 10 , wherein the processor is further configured to execute the instructions to perform further operations comprising: obtaining an assurance level associated with a WTRU authentication strength that is required to access the service; and generating the authentication response based on the assurance level that is obtained. 18. The WTRU as recited in claim 10 , wherein the subscription authentication is carried out using an asymmetric key based authentication mechanism or a symmetric key based authentication mechanism.

Assignees

Inventors

Classifications

H04L63/205
involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved (negotiation of communication capabilities H04L69/24) · CPC title
H04L63/0876Primary
based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint · CPC title
H04W12/06
Authentication · CPC title
H04L2463/081
applying self-generating credentials, e.g. instead of receiving credentials from an authority or from another peer, the credentials are generated at the entity itself · CPC title
H04L63/0807Primary
using tickets, e.g. Kerberos (cryptographic mechanisms or cryptographic arrangements for entity authentication using tickets or tokens H04L9/3213) · CPC title

Patent family

Related publications grouped by family.

View patent family 48875772

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US10038692B2 cover?: Authentication of a user or a wireless transmit/receive unit may be based on an obtained measure of authentication strength, which may referred to as an assurance level. For example, a user, via a WTRU, may request access to a service controlled by an access control entity (ACE). The user may be authenticated with a user authenticator and assertion function (UAAF), producing a result. A user as…
Who is the assignee on this patent?: Interdigitial Patent Holdings Inc, Interdigital Patent Holdings Inc
What technology area does this patent fall under?: Primary CPC classification H04L63/0876. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue Jul 31 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).