Abstract: An ecosystem for managing a public key infrastructure (PKI) includes an electronic device having at least one silicon component, an ecosystem manager configured to create at least one PKI keypair, a root certificate, and a bootstrapping certificate, and a device manufacturer configured to integrate into the electronic device the at least one silicon component. The device manufacturer is further configured to integrate into the at least one silicon component a public key of the at least one PKI keypair and the bootstrapping certificate. The ecosystem further includes an ecosystem approved test lab (ATL) configured to test the electronic device having the integrated silicon component, the public key, and the bootstrapping certificate. The ecosystem ATL is further configured to confirm that the bootstrapping certificate complies with predetermined standards of the ecosystem.

Abstract: A method of facilitating zero sign-on access to media services depending on trust credentials. The trust credentials may be cookies, certificates, and other data sets operable to be stored on a device used to access the media services such that information included therein may be used to control the zero sign-on capabilities of the user device.

Abstract: Authenticating devices utilizing Transport Layer Security (TLS) protocol to facilitate exchange of authentication information or other data to permit or otherwise enable access to services requiring authentication credentials, certificates, tokens or other information. The authentication may utilize Digital Transmission Content Protection (DTCP) certificates, Diffie-Hellman (DH) parameters or other information available to the authenticating devices, optionally without requiring device requesting authentication to obtain an X.509 certificate.

Abstract: Automated provisioning and/or authentication of a device to a wireless access point is contemplated. The automated provisioning may be performed in a manner that enables the device to receive provisioning instructions in accordance with HotSpot 2.0, Passpoint or other Wi-Fi related protocols and standards without having to input identification or other user-specific information like a username and password combination. The authentication may be performed in a manner sufficient to enable service-level differentiation for the provisioned devices and/or other devices desiring wireless access, such as but not necessary limited to facilitating assigning different bandwidth speed/priorities according to a service agreement.

Abstract: A method for automatically attaching a purpose-built electronic device to a provider network includes steps of discovering, by a Wi-Fi module of the purpose-built electronic device, a wireless data network in operable communication with the provider network selecting, by the Wi-Fi module, the wireless data network, transmitting a primary authentication certificate from the Wi-Fi module to an authentication, authorization, and accounting server of the provider network, receiving, by an application server of the provider network, a secondary authentication certificate from a functionality module of the purpose-built electronic device authenticating, by the provider network, the primary and secondary authentication certificates, and attaching the purpose-built device to the provider network.

Abstract: A authenticating system and process for authenticating user devices to a access a media service where access to certain portions of the media service may be limited according to a gateway or other device used by a user device to facilitate interfacing a user with the media service. The authentication may be achieved without directly assessing a trustworthiness of the user devices, and optionally, without requiring a user thereof to complete a sign-on operation.

Abstract: A authenticating system and process for authenticating user devices to a access a media service where access to certain portions of the media service may be limited according to a gateway or other device used by a user device to facilitate interfacing a user with the media service. The authentication may be achieved without directly assessing a trustworthiness of the user devices, and optionally, without requiring a user thereof to complete a sign-on operation.

Abstract: Authenticating devices utilizing Transport Layer Security (TLS) protocol to facilitate exchange of authentication information or other data to permit or otherwise enable access to services requiring authentication credentials, certificates, tokens or other information. The authentication may utilize Digital Transmission Content Protection (DTCP) certificates, Diffie-Hellman (DH) parameters or other information available to the authenticating devices, optionally without requiring device requesting authentication to obtain an X.509 certificate.

Abstract: The ability to connect a device to the Internet or another type of network from various network access points in a convenient manner is contemplated. The device may be conveniently connected to the desired network without requiring user input of a username and password when connecting to the various network access points.

Abstract: Authenticating devices utilizing Transport Layer Security (TLS) protocol to facilitate exchange of authentication information or other data to permit or otherwise enable access to services requiring authentication credentials, certificates, tokens or other information. The authentication may utilize Digital Transmission Content Protection (DTCP) certificates, Diffie-Hellman (DH) parameters or other information available to the authenticating devices, optionally without requiring device requesting authentication to obtain an X.509 certificate.

Abstract: Automated provisioning and/or authentication of a device to a wireless access point is contemplated. The automated provisioning may be performed in a manner that enables the device to receive provisioning instructions in accordance with HotSpot 2.0, Passpoint or other Wi-Fi related protocols and standards without having to input identification or other user-specific information like a username and password combination. The authentication may be performed in a manner sufficient to enable service-level differentiation for the provisioned devices and/or other devices desiring wireless access, such as but not necessary limited to facilitating assigning different bandwidth speed/priorities according to a service agreement.

Abstract: A method of facilitating zero sign-on access to media services depending on trust credentials. The trust credentials may be cookies, certificates, and other data sets operable to be stored on a device used to access the media services such that information included therein may be used to control the zero sign-on capabilities of the user device.

Abstract: A method of facilitating zero sign-on access to media services depending on trust credentials. The trust credentials may be cookies, certificates, and other data sets operable to be stored on a device used to access the media services such that information included therein may be used to control the zero sign-on capabilities of the user device.

Abstract: Providing virtual private network (VPN) sessions or other types of secure or private access to data when a client authorized to access the data travels or otherwise roams from a home network to a partner network is contemplated. The VPN session may be established as part of or as a result of an authentication process undertaken by the client when gaining access to the partner network, such as but not necessarily limited to a home network authentication process undertaken at the partner network to authenticate the client to access partner network services.

Abstract: A authenticating system and process for authenticating user devices to a access a media service where access to certain portions of the media service may be limited according to a gateway or other device used by a user device to facilitate interfacing a user with the media service. The authentication may be achieved without directly assessing a trustworthiness of the user devices, and optionally, without requiring a user thereof to complete a sign-on operation.

Abstract: Provisioning a device with a certificate is contemplated. The certificate may be used to verify whether the device or a user of the device is authorized to access electronic content, services, and signaling. The certificate may be provisioned in relation to the device having successfully completed a two-factor authentication process so that an entity providing the certificate need not have to repeat the two-factor authentication process.

Abstract: Authenticating devices utilizing Transport Layer Security (TLS) protocol to facilitate exchange of authentication information or other data to permit or otherwise enable access to services requiring authentication credentials, certificates, tokens or other information. The authentication may utilize Digital Transmission Content Protection (DTCP) certificates, Diffie-Hellman (DH) parameters or other information available to the authenticating devices, optionally without requiring device requesting authentication to obtain an X.509 certificate.

Abstract: Authorizing an application to access web services or other electronic services is contemplated. Authorization of application may include requiring the application to successfully obtain an appToken and a userToken. The appToken may be provided by an application administrator to attest to an authenticity or level of trust with the application. The userToken may be issued by an identity provider (IdP) attest to an authenticity or level of trust with a user of the application. A service provider sourcing the services may analyze the appToken and userToken to determine content available to application.

Abstract: Providing access to online services is contemplated. The online services authorized for access may be limited or controlled according to a location of an access point used to facilitate access to the online services. This location based authorization may be useful in providing access to online services that have location dependent restraints.

Abstract: A authenticating system and process for authenticating user devices to a access a media service where access to certain portions of the media service may be limited according to a gateway or other device used by a user device to facilitate interfacing a user with the media service. The authentication may be achieved without directly assessing a trustworthiness of the user devices, and optionally, without requiring a user thereof to complete a sign-on operation.