Method and apparatus for trusted federated identity management and data access authorization

Abstract

Systems, methods, and instrumentalities are disclosed that may provide for integration of trusted OpenID (TOpenID) with OpenID. The authentication may be accomplished, in part, via Communications between a trusted ticket server on a UE and a network application function. The UE may retrieve platform validation data (e.g., from a trusted platform module on the UE). The UE may receive a platform verification in response to the platform validation data. The platform verification may indicate that the network application function has verified the platform validation data and the user. The platform verification may indicate that the platform validation data matches a previously generated reference value.

Description

[0001] Cross References to Related Applications

[0002] This application is based upon and claims the benefit of priority from US Provisional Patent Application No. 61 / 297,446, filed January 22, 2010, the entire contents of which are hereby incorporated by reference. Background technique

[0003] A basic use of Trusted Computing (TC) for authentication may be to provide credentials for authentication to a Trusted System (TS) protected by eg a hardware Trusted Platform Module (TPM). As a primary security feature, this can bind credentials to a specific TS. Application of such authentication in wireless networks may be via Extensible Authorization Procedure-Transport Layer Security (EAP-TLS). Using single sign-on (SSO) for TS may present potential security issues. Contents of the invention

[0004] Systems, methods and means are disclosed that can provide Trusted Open ID (TOpenID) (as disclosed herein) integration with Open ID (OpenID).

[0005] A user of a wireless device...

Images