US 12,177,253 B2
Method and system for authenticating application program interface (API) invokers
Rajavelsamy Rajadurai, Bangalore (IN); Narendranath Durga Tangudu, Bangalore (IN); and Nishant Gupta, Bangalore (IN)
Assigned to Samsung Electronics Co., Ltd., Suwon-si (KR)
Filed by Samsung Electronics Co., Ltd., Suwon-si (KR)
Filed on Mar. 24, 2022, as Appl. No. 17/703,531.
Application 17/703,531 is a continuation of application No. 16/192,069, filed on Nov. 15, 2018, granted, now 11,303,676.
Claims priority of application No. 2017 41041088 (IN), filed on Nov. 16, 2017; and application No. 201741041088 (IN), filed on Nov. 5, 2018.
Prior Publication US 2022/0217178 A1, Jul. 7, 2022
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 21/00 (2013.01); G06F 9/54 (2006.01); H04L 9/40 (2022.01); H04L 29/06 (2006.01)
CPC H04L 63/166 (2013.01) [G06F 9/54 (2013.01); H04L 63/0823 (2013.01); H04L 63/0869 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method performed by a first entity implementing an authenticating application program interface (API) exposing function (AEF), the method comprising:
receiving, from a second entity implementing an API invoker, an authentication request message;
transmitting, to a third entity implementing a common application program interface framework (CAPIF) core function (CCF), a security information request for authentication between the first entity and the second entity;
receiving, from the third entity, security information associated with a security method for authentication between the first entity and the second entity, wherein the security information includes a pre-shared key (PSK) bound to an identity of the first entity; and
establishing a transport layer security (TLS) session between the first entity and the second entity using the PSK.