| 发明名称 |
Mutually Authenticated Communication |
| 摘要 |
A method and system for securing an electronic communications session between a mobile device and a network server is provided. The method includes requesting, from the mobile device, a unique session identifier from an authentication server. The authentication server in turn requesting the session identifier from the network server on behalf of the mobile device and, upon receipt thereof, communicating it to the mobile device over a secure communication channel between the mobile device and the authentication server, established using a unique digital certificate on the mobile device which was previously issued to it by a trusted certification authority. The session identifier being useable by the mobile device and network server to secure, mutually validate and authenticate the electronic communication session between them conducted by means of a conventional electronic communications protocol. |
| 申请公布号 |
US2014359741(A1) |
申请公布日期 |
2014.12.04 |
| 申请号 |
US201214362307 |
申请日期 |
2012.11.30 |
| 申请人 |
Entersekt International Limited |
发明人 |
Kistner Christoph Albrecht;Maritz Gert Stephanus Herman |
| 分类号 |
H04L29/06;H04W12/06 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method of securing an electronic communication session between a mobile device and a network server, the mobile device being uniquely associated with a user and the method being carried out at an authentication server and comprising the steps of:
receiving a request for a unique session identifier from the mobile device wishing to establish the communication session with the network server, the mobile device being identified by the authentication server by means of a unique digital certificate which was issued to it by a trusted certification authority; requesting a session identifier from an issuing server, the request including a unique device identifier for the mobile device; receiving a unique session identifier for the requesting mobile device from the issuing server; establishing a secure, encrypted connection with the mobile device using the digital certificate; and transmitting the unique session identifier to the mobile device over the secure, encrypted connection, the session identifier being useable by the mobile device and network server to secure, mutually validate and authenticate the electronic communication session conducted by means of a conventional electronic communications protocol. |
| 地址 |
Ebene MU |
