Zero sign-on authentication

摘要

A authenticating system and process for authenticating user devices to a access a media service where access to certain portions of the media service may be limited according to a gateway or other device used by a user device to facilitate interfacing a user with the media service. The authentication may be achieved without directly assessing a trustworthiness of the user devices, and optionally, without requiring a user thereof to complete a sign-on operation.

主权项

1. A method of providing zero sign-on authentication comprising:
identifying a gateway through which a first user device issues a media access request for media services, the media access request being generated through user interaction with a webpage connected to through signaling carried via the gateway; establishing a gateway level of trust for the gateway following issuance of the media access request, the gateway level of trust being determined based on gateway identification information electronically collected from the gateway, at least part of the gateway identification information being unique to the gateway; after establishing the gateway level of trust, authenticating the first user device to access the media service depending on the gateway level of trust, including automatically limiting media services made accessible to the first user device through the gateway to a certain portion of the media services depending on the gateway level of trust; establishing the gateway level of trust with a server in electronic communication with the gateway, the server determining the gateway level of trust based on a comparison of information collected from the gateway to data previously associated with the gateway; granting the first user device limited access to facilitate communications with the server via the gateway prior to determining the gateway level of trust, the limited access allowing the first user device to interact with the webpage; establishing the gateway level of trust to be one of a first, second, and third level of trust depending on whether the server supports Simple Network Management Protocol (SNMP) communications with the gateway, whether the server supports a privacy certificate exchange with the gateway, and whether a Media Access control (MAC) address of the gateway has the same domain name as a domain previously associated with the MAC address; authenticating the first user device to a first tier of the media service if the first user device is determined to have the first level of trust, authenticating the first user device to a second tier of the media service if the first user device is determined to have the second level of trust, and authenticating the first user device to a third tier of the media service if the first user device is determined to have the third level of trust; and authenticating a second user device to access the same certain portion of the media services through the gateway as function of the gateway level of trust regardless of an identity of the second user device and regardless of an identity of a user of the second user device.