WO2001072009A3 - Web-based single-sign-on authentication mechanism - Google Patents
Web-based single-sign-on authentication mechanism Download PDFInfo
- Publication number
- WO2001072009A3 WO2001072009A3 PCT/US2001/007282 US0107282W WO0172009A3 WO 2001072009 A3 WO2001072009 A3 WO 2001072009A3 US 0107282 W US0107282 W US 0107282W WO 0172009 A3 WO0172009 A3 WO 0172009A3
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- user
- service
- services
- authentication
- access
- Prior art date
Links
- 238000000034 method Methods 0.000 abstract 3
- 238000013475 authorization Methods 0.000 abstract 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Information Transfer Between Computers (AREA)
- Computer And Data Communications (AREA)
- Telephonic Communication Services (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
A method and apparatus are disclosed for a single sign-on method and system for accessing a plurality of services distributed over a network in which authentication-related functionality is separated from the services, and in which authentication need not be renegotiated for access to a new service from the plurality of services during a session. Additional benefits accruing from embodiments of the invention include notification of the plurality of services when a user has terminated a session, and the use of secure, short-lived authentication tokens to verify a user's identity for subsequent access to the plurality of services. The steps in a method embodiment comprise receiving a request from a user for authorization to access a service; transmitting a token corresponding to the service to the user; receiving the token corresponding to the service from the user; determining whether the user is authorized to receive the service based on the token; and connecting the user to the service, if the user is authorized to use the service.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CA002400623A CA2400623C (en) | 2000-03-17 | 2001-03-07 | Web-based single-sign-on authentication mechanism |
| EP01913338A EP1264463A2 (en) | 2000-03-17 | 2001-03-07 | Web-based single-sign-on authentication mechanism |
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US52818900A | 2000-03-17 | 2000-03-17 | |
| US09/528,189 | 2000-03-17 |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| WO2001072009A2 WO2001072009A2 (en) | 2001-09-27 |
| WO2001072009A3 true WO2001072009A3 (en) | 2002-04-11 |
Family
ID=24104602
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| PCT/US2001/007282 WO2001072009A2 (en) | 2000-03-17 | 2001-03-07 | Web-based single-sign-on authentication mechanism |
Country Status (3)
| Country | Link |
|---|---|
| EP (1) | EP1264463A2 (en) |
| CA (1) | CA2400623C (en) |
| WO (1) | WO2001072009A2 (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| RU2393541C2 (en) * | 2008-06-30 | 2010-06-27 | Валерий Иванович Стародубцев | System of orders and sales of goods and services (versions), method for offering for sale and ordering, method for sales of goods and services |
Families Citing this family (39)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| FR2821685A1 (en) * | 2001-03-01 | 2002-09-06 | Couponet S A | Controlling access to web sites by issuing access tokens to regular site users to speed their access, while blocking access to other users, and so encouraging user loyalty |
| US7590859B2 (en) | 2001-08-24 | 2009-09-15 | Secure Computing Corporation | System and method for accomplishing two-factor user authentication using the internet |
| US20030084302A1 (en) * | 2001-10-29 | 2003-05-01 | Sun Microsystems, Inc., A Delaware Corporation | Portability and privacy with data communications network browsing |
| US7100197B2 (en) * | 2001-12-10 | 2006-08-29 | Electronic Data Systems Corporation | Network user authentication system and method |
| JP4303130B2 (en) * | 2002-02-28 | 2009-07-29 | テレフオンアクチーボラゲット エル エム エリクソン(パブル) | System, method and apparatus for single sign-on service |
| US7221935B2 (en) | 2002-02-28 | 2007-05-22 | Telefonaktiebolaget Lm Ericsson (Publ) | System, method and apparatus for federated single sign-on services |
| NO318842B1 (en) * | 2002-03-18 | 2005-05-09 | Telenor Asa | Authentication and access control |
| US7360096B2 (en) * | 2002-11-20 | 2008-04-15 | Microsoft Corporation | Securely processing client credentials used for Web-based access to resources |
| ES2281599T3 (en) * | 2003-06-26 | 2007-10-01 | Telefonaktiebolaget Lm Ericsson (Publ) | APPARATUS AND METHOD FOR UNIQUE IDENTIFICATION AUTHENTICATION THROUGH A NON-RELIABLE ACCESS NETWORK |
| CN100461780C (en) * | 2003-07-17 | 2009-02-11 | 华为技术有限公司 | A Security Authentication Method Based on Media Gateway Control Protocol |
| KR20070032805A (en) * | 2004-07-09 | 2007-03-22 | 마츠시타 덴끼 산교 가부시키가이샤 | System and method for managing user authentication and authorization to realize single-sign-on for accessing multiple networks |
| KR100813791B1 (en) * | 2004-09-30 | 2008-03-13 | 주식회사 케이티 | Integrated authentication processing device and method for personal mobility in wired / wireless integrated service network |
| GB0423301D0 (en) | 2004-10-20 | 2004-11-24 | Fujitsu Ltd | User authorization for services in a wireless communications network |
| JP4782139B2 (en) | 2004-10-26 | 2011-09-28 | テレコム・イタリア・エッセ・ピー・アー | Method and system for transparently authenticating mobile users and accessing web services |
| US7748046B2 (en) | 2005-04-29 | 2010-06-29 | Microsoft Corporation | Security claim transformation with intermediate claims |
| US7690026B2 (en) | 2005-08-22 | 2010-03-30 | Microsoft Corporation | Distributed single sign-on service |
| GB0523871D0 (en) * | 2005-11-24 | 2006-01-04 | Ibm | A system for updating security data |
| US8458775B2 (en) | 2006-08-11 | 2013-06-04 | Microsoft Corporation | Multiuser web service sign-in client side components |
| US7856104B2 (en) | 2007-02-05 | 2010-12-21 | Sony Corporation | System and method for ensuring secure communication between TV and set back box |
| US8539559B2 (en) | 2006-11-27 | 2013-09-17 | Futurewei Technologies, Inc. | System for using an authorization token to separate authentication and authorization services |
| GB2445172A (en) * | 2006-12-29 | 2008-07-02 | Symbian Software Ltd | Use of an interaction object in transactions |
| US8099597B2 (en) | 2007-01-09 | 2012-01-17 | Futurewei Technologies, Inc. | Service authorization for distributed authentication and authorization servers |
| US8510798B2 (en) | 2007-04-02 | 2013-08-13 | Sony Corporation | Authentication in an audio/visual system having multiple signaling paths |
| US8429713B2 (en) | 2007-04-02 | 2013-04-23 | Sony Corporation | Method and apparatus to speed transmission of CEC commands |
| US8285990B2 (en) | 2007-05-14 | 2012-10-09 | Future Wei Technologies, Inc. | Method and system for authentication confirmation using extensible authentication protocol |
| US8806201B2 (en) * | 2008-07-24 | 2014-08-12 | Zscaler, Inc. | HTTP authentication and authorization management |
| US8151333B2 (en) | 2008-11-24 | 2012-04-03 | Microsoft Corporation | Distributed single sign on technologies including privacy protection and proactive updating |
| US8924569B2 (en) | 2009-12-17 | 2014-12-30 | Intel Corporation | Cloud federation as a service |
| WO2011078723A1 (en) * | 2009-12-25 | 2011-06-30 | Starodubtsev Valeriy Ivanovich | System for orders for and the sale of goods and services (variants), method for offering for sale and placing orders, and method for the sale of goods and services |
| US9965614B2 (en) * | 2011-09-29 | 2018-05-08 | Oracle International Corporation | Mobile application, resource management advice |
| JP5485246B2 (en) | 2011-11-05 | 2014-05-07 | 京セラドキュメントソリューションズ株式会社 | Image forming apparatus |
| US8769651B2 (en) * | 2012-09-19 | 2014-07-01 | Secureauth Corporation | Mobile multifactor single-sign-on authentication |
| US9479490B2 (en) | 2013-06-07 | 2016-10-25 | Apple Inc. | Methods and systems for single sign-on while protecting user privacy |
| US10237732B2 (en) | 2013-06-12 | 2019-03-19 | Telecom Italia S.P.A. | Mobile device authentication in heterogeneous communication networks scenario |
| US10129243B2 (en) * | 2013-12-27 | 2018-11-13 | Avaya Inc. | Controlling access to traversal using relays around network address translation (TURN) servers using trusted single-use credentials |
| US9769668B1 (en) | 2016-08-01 | 2017-09-19 | At&T Intellectual Property I, L.P. | System and method for common authentication across subscribed services |
| WO2021012236A1 (en) * | 2019-07-24 | 2021-01-28 | Oppo广东移动通信有限公司 | Resource publishing method and device |
| CN111917732B (en) * | 2020-07-10 | 2022-04-26 | 杭州海康威视数字技术股份有限公司 | Big data component access method, device and system and electronic equipment |
| CN115051809A (en) * | 2022-06-15 | 2022-09-13 | 道和邦(广州)电子信息科技有限公司 | SMG-wscomm-Msession-ECToken dynamic token technology based on encrypted CookieToken login-free authentication |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5684950A (en) * | 1996-09-23 | 1997-11-04 | Lockheed Martin Corporation | Method and system for authenticating users to multiple computer servers via a single sign-on |
| US6000033A (en) * | 1997-11-26 | 1999-12-07 | International Business Machines Corporation | Password control via the web |
-
2001
- 2001-03-07 WO PCT/US2001/007282 patent/WO2001072009A2/en active Application Filing
- 2001-03-07 CA CA002400623A patent/CA2400623C/en not_active Expired - Fee Related
- 2001-03-07 EP EP01913338A patent/EP1264463A2/en not_active Withdrawn
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5684950A (en) * | 1996-09-23 | 1997-11-04 | Lockheed Martin Corporation | Method and system for authenticating users to multiple computer servers via a single sign-on |
| US6000033A (en) * | 1997-11-26 | 1999-12-07 | International Business Machines Corporation | Password control via the web |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| RU2393541C2 (en) * | 2008-06-30 | 2010-06-27 | Валерий Иванович Стародубцев | System of orders and sales of goods and services (versions), method for offering for sale and ordering, method for sales of goods and services |
Also Published As
| Publication number | Publication date |
|---|---|
| CA2400623C (en) | 2007-03-20 |
| EP1264463A2 (en) | 2002-12-11 |
| CA2400623A1 (en) | 2001-09-27 |
| WO2001072009A2 (en) | 2001-09-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| WO2001072009A3 (en) | Web-based single-sign-on authentication mechanism | |
| WO1999060750A3 (en) | Preventing unauthorized use of service | |
| US7418727B2 (en) | Method for PC client security authentication | |
| EP1655921A1 (en) | Apparatus and method for authenticating user for network access in communication system | |
| CN100438381C (en) | Ofdm signal transmission system, mobile terminal and electronic commerce system | |
| US6259909B1 (en) | Method for securing access to a remote system | |
| US8800013B2 (en) | Devolved authentication | |
| WO2001095268A3 (en) | System and method for secure authentication of a subscriber of network services | |
| SE519072C2 (en) | Method of access control in mobile communications | |
| WO2004061597A3 (en) | Method and system for transmitting authentication context information | |
| WO2003038580A3 (en) | Enhanced privacy protection in identification in a data communications network | |
| CA2285093A1 (en) | Method, system and devices for authenticating persons | |
| EP1500298A2 (en) | Certificate based authentication authorization accounting scheme for loose coupling interworking | |
| WO2004008683A3 (en) | Automated network security system and method | |
| WO2002054663A3 (en) | Local authentication in a communication system | |
| WO2004027588A3 (en) | Certificate based authorized domains | |
| WO2002019593A3 (en) | End-user authentication independent of network service provider | |
| WO1998054869A3 (en) | Method and apparatus for providing security in a star network connection using public key cryptography | |
| US20060183463A1 (en) | Method for authenticated connection setup | |
| US8438620B2 (en) | Portable device for clearing access | |
| US9094701B2 (en) | Method and telecommunications system for registering a user with an IPTV service | |
| EP1187419A3 (en) | User authentication system and method | |
| WO2002093337A3 (en) | Method and apparatus for multiple token access to thin client architecture session | |
| WO2002102016A3 (en) | Architecture for providing services in the internet | |
| EP1276066A3 (en) | Licensing method and license providing system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| AK | Designated states |
Kind code of ref document: A2 Designated state(s): BR CA MX |
|
| AL | Designated countries for regional patents |
Kind code of ref document: A2 Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR |
|
| 121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
| DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
| AK | Designated states |
Kind code of ref document: A3 Designated state(s): BR CA MX |
|
| AL | Designated countries for regional patents |
Kind code of ref document: A3 Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR |
|
| WWE | Wipo information: entry into national phase |
Ref document number: 2400623 Country of ref document: CA |
|
| WWE | Wipo information: entry into national phase |
Ref document number: 2001913338 Country of ref document: EP |
|
| WWP | Wipo information: published in national office |
Ref document number: 2001913338 Country of ref document: EP |