Authentication and authorization in proximity based service communication using a group key
US-2024314112-A1 · Sep 19, 2024 · US
Method for communicating between a server and a client and corresponding client, server and system wherein the server controls an open communication session with the client
US9742745B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9742745-B2 |
| Application number | US-201213978302-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jan 4, 2012 |
| Priority date | Jan 5, 2011 |
| Publication date | Aug 22, 2017 |
| Grant date | Aug 22, 2017 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A method, corresponding client, server and system for communicating between a server and a client. The server and the client access at least one session extension key and/or a key associated with the session extension key, as an associated key. The server authorizes to extend an open communication session with the client until an expiration time only if the client sends to the server authentication data allowing the server to authenticate at least the client on a basis of the session extension key. The expiration time is a time at which the communication session is open completed by a predetermined extension time period.
First claim
Opening claim text (preview).
The invention claimed is: 1. A method for communicating between a server and a client, wherein the server and the client access at least one session extension key and/or a key associated with the session extension key, as an associated key, the method comprising: the client sends to the server, during an open communication session having an associated end time, client authentication data, the client authentication data being generated by using the session extension key or the associated key, the client authentication data being related to the client, and the client authentication data allowing the server to authenticate at least the client on a basis of the session extension key or the associated key; once the server authenticates successfully the client based upon the client authentication data and the session extension key: the server generates an expiration time, wherein the expiration time is a time at which the open communication session is completed by a predetermined extension time period; and the server authorizes to extend the end time of the open communication session with the client until the expiration time, wherein the predetermined extension time period is the difference between the expiration time and the end time of the open communication session. 2. Method according to claim 1 , wherein, prior to the authentication of at least the client by the server, the client sends to the server at least one challenge request, and the server sends to the client a challenge, as a response to the challenge request, wherein the server and the client use the challenge to generate the client authentication data. 3. Method according to claim 1 , wherein, prior to the authentication of at least the client by the server, the client and the server use pre-shared secret data and a predetermined algorithm, so as to generate independently a corresponding challenge, wherein the server and the client use the challenge to generate the client authentication data. 4. Method according to claim 2 , wherein the client and the server use contextual information, the session extension key or the associated key, the challenge and a predetermined algorithm, so as to generate the client authentication data. 5. Method according to claim 2 , wherein the server sends to the client a script, the script receives the challenge, the script sends to the authentication application the challenge, the authentication application uses the challenge, the session extension key or the associated key, and a predetermined algorithm to generate the client authentication data, and the authentication application sends to the script the generated client authentication data. 6. Method according to claim 5 , wherein, a token is coupled to a terminal, as the client, the token storing the session extension key and/or the associated key, and the token supports the authentication application. 7. Method according to claim 1 , wherein the client sends to the server, besides the generated client authentication data, data relating to the session extension key. 8. A server for communicating with a client, wherein the server accesses at least one session extension key and/or a key associated with the session extension key, as an associated key, the server is configured to receive, during an open communication session having an associated end time, client authentication data, the client authentication data originating from the client or passing through the client, the client authentication data being related to the client, the client authentication data allowing the server to authenticate at least the client on a basis of the session extension key or the associated key, once the server authenticates successfully the client based upon the client authentication data and the session extension key: the server is configured to generate an expiration time, the expiration time being a time at which the open communication session is completed by a predetermined extension time period, and the server is configured to authorize to extend the end time of the open communication session until the expiration time, wherein the predetermined extension time period is the difference between the expiration time and the end time of the open communication session. 9. A client for communicating with a server, wherein the client accesses at least one session extension key and/or one key associated with one session extension key, as an associated key, the client is configured to send, during an open communication session having an associated end time, to the server client authentication data, the client authentication data being generated by using the session extension key or the associated key, the client authentication data being related to the client, and the client authentication data allowing the server to authenticate at least the client on a basis of the session extension key or the associated key, and the client is authorized, by the server, to continue communication with the server until an expiration time, the expiration time being a time generated by the server at which the open communication session is completed by a predetermined extension time period, wherein the predetermined extension time period is the difference between the expiration time and the end time of the open communication session. 10. A communicating system comprising a server and a client, wherein the server and the client access at least one session extension key and/or one key associated with one session extension key, as an associated key, the client is configured to send to the server during an open communication session having an associated end time, client authentication data, the client authentication data being generated by using the session extension key or the associated key, the client authentication data being related to the client, and the client authentication data allowing the server to authenticate at least the client on a basis of the session extension key or the associated key, once the server authenticates successfully the client based upon the client authentication data and the session extension key: the server is configured to generate an expiration time, the expiration time being a time at which the open communication session is completed by a predetermined extension time period, and the server authorizes to extend the end time of the open communication session with the client until the expiration time, wherein the predetermined extension time period is the difference between the expiration time and the end time of the open communication session.
Assignees
Inventors
Classifications
- H04L63/06Primary
for supporting key management in a packet data network (cryptographic mechanisms or cryptographic arrangements for key management H04L9/08) · CPC title
using challenge-response · CPC title
- H04L63/08Primary
for authentication of entities (cryptographic mechanisms or cryptographic arrangements for entity authentication H04L9/32) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9742745B2 cover?
- A method, corresponding client, server and system for communicating between a server and a client. The server and the client access at least one session extension key and/or a key associated with the session extension key, as an associated key. The server authorizes to extend an open communication session with the client until an expiration time only if the client sends to the server authentica…
- Who is the assignee on this patent?
- Potonniee Olivier, Lu Hongqian Karen, Gemalto Sa
- What technology area does this patent fall under?
- Primary CPC classification H04L63/06. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Aug 22 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).