What technology area does this patent fall under?

Primary CPC classification H04L63/08. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue Jun 05 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).

Using an IP multimedia subsystem for HTTP session authentication

US9992183B2 · US · B2

Patent metadata
Field	Value
Publication number	US-9992183-B2
Application number	US-201314051448-A
Country	US
Kind code	B2
Filing date	Oct 11, 2013
Priority date	Mar 15, 2013
Publication date	Jun 5, 2018
Grant date	Jun 5, 2018

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

Disclosed is a method and system for utilizing an Internet Protocol Multimedia Subsystem (IMS) to authenticate an HTTP session between a communication device and an online application program. The method includes registering a communication device on an IMS, and generating an authorization token which is sent to the communication device. The communication device then embeds the authorization token in HTTP request communication directed to the IMS. The IMS, after verifying the authorization token, forwards the HTTP request and token to a selected Web server that hosts an online application to authenticate an HTTP session.

First claim

Opening claim text (preview).

I claim: 1. A method for operating a processor in an Internet Protocol Multimedia Subsystem (IMS) to authenticate a Hypertext Transfer Protocol (HTTP) session between a communication device and an online application, the method comprising: receiving a request from a communication device to initiate an HTTP session with an online application that is hosted by a Web server on a public network; determining whether the communication device is registered on the Internet Protocol Multimedia Subsystem, wherein the Internet Protocol Multimedia Subsystem and the Web server are operated by different network organizations; in response to determining that the communication device is registered on the Internet Protocol Multimedia Subsystem: generating an initial authentication token, wherein the generating is performed in the Internet Protocol Multimedia Subsystem; and sending the generated initial authentication token to the communication device, wherein the initial authentication token is sent prior to receiving an HTTP session request from the communication device; receiving an HTTP session request from the communication device; determining whether the received HTTP session request includes a copy of the authentication token; in response to determining that the received HTTP session request does not include a copy of the authentication token, requesting a copy of the authentication token, and receiving the copy of the authentication token in response to the request; determining whether the copy of the authentication token is valid; and in response to determining that the authentication token is valid, transmitting the HTTP session request and the authentication token to the Web server to authenticate the communication device to the online application hosted by the Web server without an additional login from the communication device. 2. The method of claim 1 , wherein the HTTP session request is received from the communication device using a Session Initiation Protocol (SIP). 3. The method of claim 1 , further comprising: receiving an HTTP response from the Web server, the response being addressed to the communication device; and transmitting the received HTTP response to the communication device. 4. The method of claim 1 , further comprising assigning an expiration time to the initial authentication token. 5. The method of claim 4 , wherein determining whether the copy of the authentication token is valid comprises determining whether the assigned expiration time to the initial authentication token has expired. 6. The method of claim 1 , further comprising storing a copy of the initial authentication token. 7. The method of claim 6 , wherein determining whether the copy of the authentication token is valid comprises comparing the copy of the authentication token with the copy of the initial authentication token to confirm that the copy of the authentication token and the initial authentication token are the same. 8. The method of claim 1 , wherein determining whether the copy of the authentication token is valid comprises comparing the copy of the authentication component to an access control list. 9. The method of claim 1 , wherein determining whether the copy of the authentication token is valid comprises comparing the copy of the authentication component to subscriber settings associated with the communication device. 10. The method of claim 1 , further comprising: determining whether the initial authentication token has expired; and in response to determining that the initial authentication token has expired: generating a new replacement token; assigning a new expiration time; and sending the new replacement token to the communication device. 11. At least one non-transitory computer-readable medium storing instructions, which when executed by at least one processor in an Internet Protocol Multimedia Subsystem (IMS), authenticates a Hypertext Transfer Protocol (HTTP) session between a communication device and an online application, comprising: receiving a request from a communication device to initiate an HTTP session with an online application that is hosted by a Web server on a public network; detecting whether a communication device is registered on the Internet Protocol Multimedia Subsystem, wherein the Internet Protocol Multimedia Subsystem and the Web server are operated by different network organizations; in response to determining that a communication device is registered on the Internet Protocol Multimedia Subsystem: generating an initial authentication token, wherein the initial authentication token is generated in the Internet Protocol Multimedia Subsystem; and causing the generated initial authentication token to be sent to the communication device, wherein the generated initial authentication token is sent to the communication device before an HTTP session request is received from the communication device; receiving an HTTP session request from the communication device; determining whether the received HTTP session request includes an authentication token; in response to determining that that the received HTTP session request does not include an authentication token, requesting an authentication token from the communication device; receiving a copy of the authentication token from the communication device; determining whether the copy of the authentication token is valid; and in response to determining that the copy of the authentication token is valid, causing the HTTP session request and authentication token to be sent to the Web server to authenticate the communication device to the online application hosted by the Web server without an additional login from the communication device. 12. The non-transitory computer-readable medium of claim 11 , further comprising assigning an expiration time to the initial authentication token. 13. The non-transitory computer-readable medium of claim 12 , wherein determining whether the copy of the authentication token is valid comprises determining whether the copy of the initial authentication token has expired. 14. The non-transitory computer-readable medium of claim 11 , further comprising storing a copy of the initial authentication token. 15. The non-transitory computer-readable medium of claim 14 , wherein determining whether the copy of the authentication token is valid comprises comparing the copy of the authentication token with the copy of the initial authentication token to confirm that the copy of the authentication token and the initial authentication token are the same. 16. The non-transitory computer-readable medium of claim 11 , wherein determining whether the copy of the authentication token is valid comprises comparing the copy of the authentication component to an access control list. 17. The non-transitory computer-readable medium of claim 11 , wherein determining whether the copy of the authentication token is valid comprises comparing the copy of the authentication component to subscriber settings associated with the communication device. 18. A communication device including a processor configured to execute program instructions to initiate a Hypertext Transfer Protocol (HTTP) session with an online application, comprising: a memory for securely storing a received token; a processor for executing a sequence of stored instructions in order to: register the communication device with an Internet Protocol Multimedia Subsystem; receive a token from the Internet Protocol Multimedia Subsystem, wherein the received token was generated in the In

Assignees

T Mobile Usa Inc

Inventors

Engelhart Robert L

Classifications

H04L67/02
based on web technology, e.g. hypertext transfer protocol [HTTP] · CPC title
H04L63/08Primary
for authentication of entities (cryptographic mechanisms or cryptographic arrangements for entity authentication H04L9/32) · CPC title
H04L67/141
Setup of application sessions (admission control or resource allocation in data switching networks H04L47/70) · CPC title
H04L63/0807Primary
using tickets, e.g. Kerberos (cryptographic mechanisms or cryptographic arrangements for entity authentication using tickets or tokens H04L9/3213) · CPC title

Patent family

Related publications grouped by family.

View patent family 51535058

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US9992183B2 cover?: Disclosed is a method and system for utilizing an Internet Protocol Multimedia Subsystem (IMS) to authenticate an HTTP session between a communication device and an online application program. The method includes registering a communication device on an IMS, and generating an authorization token which is sent to the communication device. The communication device then embeds the authorization to…
Who is the assignee on this patent?: T Mobile Usa Inc
What technology area does this patent fall under?: Primary CPC classification H04L63/08. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue Jun 05 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).