WO2001072009A3 - Web-based single-sign-on authentication mechanism - Google Patents

Web-based single-sign-on authentication mechanism Download PDF

Info

Publication number
WO2001072009A3
WO2001072009A3 PCT/US2001/007282 US0107282W WO0172009A3 WO 2001072009 A3 WO2001072009 A3 WO 2001072009A3 US 0107282 W US0107282 W US 0107282W WO 0172009 A3 WO0172009 A3 WO 0172009A3
Authority
WO
WIPO (PCT)
Prior art keywords
user
service
services
authentication
access
Prior art date
Application number
PCT/US2001/007282
Other languages
French (fr)
Other versions
WO2001072009A2 (en
Inventor
Igor Balabine
Partha P Dutta
Mahesh M Kumar
Alex Tselovalnikov
Original Assignee
At & T Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by At & T Corp filed Critical At & T Corp
Priority to EP01913338A priority Critical patent/EP1264463A2/en
Priority to CA002400623A priority patent/CA2400623C/en
Publication of WO2001072009A2 publication Critical patent/WO2001072009A2/en
Publication of WO2001072009A3 publication Critical patent/WO2001072009A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Transfer Between Computers (AREA)
  • Computer And Data Communications (AREA)
  • Telephonic Communication Services (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

A method and apparatus are disclosed for a single sign-on method and system for accessing a plurality of services distributed over a network in which authentication-related functionality is separated from the services, and in which authentication need not be renegotiated for access to a new service from the plurality of services during a session. Additional benefits accruing from embodiments of the invention include notification of the plurality of services when a user has terminated a session, and the use of secure, short-lived authentication tokens to verify a user's identity for subsequent access to the plurality of services. The steps in a method embodiment comprise receiving a request from a user for authorization to access a service; transmitting a token corresponding to the service to the user; receiving the token corresponding to the service from the user; determining whether the user is authorized to receive the service based on the token; and connecting the user to the service, if the user is authorized to use the service.
PCT/US2001/007282 2000-03-17 2001-03-07 Web-based single-sign-on authentication mechanism WO2001072009A2 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP01913338A EP1264463A2 (en) 2000-03-17 2001-03-07 Web-based single-sign-on authentication mechanism
CA002400623A CA2400623C (en) 2000-03-17 2001-03-07 Web-based single-sign-on authentication mechanism

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US52818900A 2000-03-17 2000-03-17
US09/528,189 2000-03-17

Publications (2)

Publication Number Publication Date
WO2001072009A2 WO2001072009A2 (en) 2001-09-27
WO2001072009A3 true WO2001072009A3 (en) 2002-04-11

Family

ID=24104602

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2001/007282 WO2001072009A2 (en) 2000-03-17 2001-03-07 Web-based single-sign-on authentication mechanism

Country Status (3)

Country Link
EP (1) EP1264463A2 (en)
CA (1) CA2400623C (en)
WO (1) WO2001072009A2 (en)

Families Citing this family (38)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2821685A1 (en) * 2001-03-01 2002-09-06 Couponet S A Controlling access to web sites by issuing access tokens to regular site users to speed their access, while blocking access to other users, and so encouraging user loyalty
US7590859B2 (en) 2001-08-24 2009-09-15 Secure Computing Corporation System and method for accomplishing two-factor user authentication using the internet
US20030084302A1 (en) * 2001-10-29 2003-05-01 Sun Microsystems, Inc., A Delaware Corporation Portability and privacy with data communications network browsing
US7100197B2 (en) 2001-12-10 2006-08-29 Electronic Data Systems Corporation Network user authentication system and method
US7221935B2 (en) 2002-02-28 2007-05-22 Telefonaktiebolaget Lm Ericsson (Publ) System, method and apparatus for federated single sign-on services
AU2003217103A1 (en) * 2002-02-28 2003-09-09 Telefonaktiebolaget L M Ericsson System, method and apparatus for federated single sign-on services
NO318842B1 (en) * 2002-03-18 2005-05-09 Telenor Asa Authentication and access control
ES2281599T3 (en) * 2003-06-26 2007-10-01 Telefonaktiebolaget Lm Ericsson (Publ) APPARATUS AND METHOD FOR UNIQUE IDENTIFICATION AUTHENTICATION THROUGH A NON-RELIABLE ACCESS NETWORK
CN100461780C (en) * 2003-07-17 2009-02-11 华为技术有限公司 A safety authentication method based on media gateway control protocol
US20080072301A1 (en) * 2004-07-09 2008-03-20 Matsushita Electric Industrial Co., Ltd. System And Method For Managing User Authentication And Service Authorization To Achieve Single-Sign-On To Access Multiple Network Interfaces
KR100813791B1 (en) * 2004-09-30 2008-03-13 주식회사 케이티 Apparatus and Method for Integrated Authentification Management for Personal Mobility in wire/wireless Integrated Service Network
GB0423301D0 (en) 2004-10-20 2004-11-24 Fujitsu Ltd User authorization for services in a wireless communications network
BRPI0517521B1 (en) 2004-10-26 2019-04-09 Telecom Italia S.P.A. METHOD AND SYSTEM FOR AUTHENTICING A FIRST NETWORK SUBSCRIBER TO ACCESS AN APPLICATION SERVICE THROUGH A SECOND NETWORK
US7748046B2 (en) 2005-04-29 2010-06-29 Microsoft Corporation Security claim transformation with intermediate claims
US7690026B2 (en) 2005-08-22 2010-03-30 Microsoft Corporation Distributed single sign-on service
GB0523871D0 (en) * 2005-11-24 2006-01-04 Ibm A system for updating security data
US8458775B2 (en) 2006-08-11 2013-06-04 Microsoft Corporation Multiuser web service sign-in client side components
US7856104B2 (en) 2007-02-05 2010-12-21 Sony Corporation System and method for ensuring secure communication between TV and set back box
US8539559B2 (en) 2006-11-27 2013-09-17 Futurewei Technologies, Inc. System for using an authorization token to separate authentication and authorization services
GB2445172A (en) * 2006-12-29 2008-07-02 Symbian Software Ltd Use of an interaction object in transactions
US8099597B2 (en) 2007-01-09 2012-01-17 Futurewei Technologies, Inc. Service authorization for distributed authentication and authorization servers
US8510798B2 (en) 2007-04-02 2013-08-13 Sony Corporation Authentication in an audio/visual system having multiple signaling paths
US8429713B2 (en) 2007-04-02 2013-04-23 Sony Corporation Method and apparatus to speed transmission of CEC commands
US8285990B2 (en) 2007-05-14 2012-10-09 Future Wei Technologies, Inc. Method and system for authentication confirmation using extensible authentication protocol
US8806201B2 (en) * 2008-07-24 2014-08-12 Zscaler, Inc. HTTP authentication and authorization management
US8151333B2 (en) 2008-11-24 2012-04-03 Microsoft Corporation Distributed single sign on technologies including privacy protection and proactive updating
US8924569B2 (en) * 2009-12-17 2014-12-30 Intel Corporation Cloud federation as a service
WO2011078723A1 (en) * 2009-12-25 2011-06-30 Starodubtsev Valeriy Ivanovich System for orders for and the sale of goods and services (variants), method for offering for sale and placing orders, and method for the sale of goods and services
US9965614B2 (en) * 2011-09-29 2018-05-08 Oracle International Corporation Mobile application, resource management advice
JP5485246B2 (en) * 2011-11-05 2014-05-07 京セラドキュメントソリューションズ株式会社 Image forming apparatus
US8769651B2 (en) 2012-09-19 2014-07-01 Secureauth Corporation Mobile multifactor single-sign-on authentication
US9479490B2 (en) 2013-06-07 2016-10-25 Apple Inc. Methods and systems for single sign-on while protecting user privacy
EP3008935B1 (en) 2013-06-12 2022-04-20 Telecom Italia S.p.A. Mobile device authentication in heterogeneous communication networks scenario
US10129243B2 (en) * 2013-12-27 2018-11-13 Avaya Inc. Controlling access to traversal using relays around network address translation (TURN) servers using trusted single-use credentials
US9769668B1 (en) 2016-08-01 2017-09-19 At&T Intellectual Property I, L.P. System and method for common authentication across subscribed services
CN113439427B (en) * 2019-07-24 2023-10-27 Oppo广东移动通信有限公司 Resource release method and device
CN111917732B (en) * 2020-07-10 2022-04-26 杭州海康威视数字技术股份有限公司 Big data component access method, device and system and electronic equipment
CN115051809A (en) * 2022-06-15 2022-09-13 道和邦(广州)电子信息科技有限公司 SMG-wscomm-Msession-ECToken dynamic token technology based on encrypted CookieToken login-free authentication

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5684950A (en) * 1996-09-23 1997-11-04 Lockheed Martin Corporation Method and system for authenticating users to multiple computer servers via a single sign-on
US6000033A (en) * 1997-11-26 1999-12-07 International Business Machines Corporation Password control via the web

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5684950A (en) * 1996-09-23 1997-11-04 Lockheed Martin Corporation Method and system for authenticating users to multiple computer servers via a single sign-on
US6000033A (en) * 1997-11-26 1999-12-07 International Business Machines Corporation Password control via the web

Also Published As

Publication number Publication date
WO2001072009A2 (en) 2001-09-27
EP1264463A2 (en) 2002-12-11
CA2400623A1 (en) 2001-09-27
CA2400623C (en) 2007-03-20

Similar Documents

Publication Publication Date Title
WO2001072009A3 (en) Web-based single-sign-on authentication mechanism
WO1999060750A3 (en) Preventing unauthorized use of service
US7418727B2 (en) Method for PC client security authentication
US20060070116A1 (en) Apparatus and method for authenticating user for network access in communication system
US8438620B2 (en) Portable device for clearing access
EP2258094B1 (en) Devolved authentication
WO2001095268A3 (en) System and method for secure authentication of a subscriber of network services
SE519072C2 (en) Method of access control in mobile communications
AU2001272575A1 (en) Arrangement for authenticating user and authorizing use of secured system
WO2005064882A3 (en) Apparatuses and method for single sign-on access to a service network through an access network
WO2004061597A3 (en) Method and system for transmitting authentication context information
WO2003038580A3 (en) Enhanced privacy protection in identification in a data communications network
CA2285093A1 (en) Method, system and devices for authenticating persons
WO2003091858A2 (en) Certificate based authentication authorization accounting scheme for loose coupling interworking
WO2002054201A3 (en) System and method for providing authentication and verification services in an enhanced media gateway
WO2004008683A3 (en) Automated network security system and method
WO2004084465A3 (en) Automatic configuration of client terminal in public hot spot
WO2002054663A3 (en) Local authentication in a communication system
US20060183463A1 (en) Method for authenticated connection setup
US9094701B2 (en) Method and telecommunications system for registering a user with an IPTV service
EP1187419A3 (en) User authentication system and method
WO2002093337A3 (en) Method and apparatus for multiple token access to thin client architecture session
WO2002102016A3 (en) Architecture for providing services in the internet
EP1276066A3 (en) Licensing method and license providing system
WO2000000882A3 (en) Apparatus and method for end-to-end authentication using biometric data

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): BR CA MX

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
AK Designated states

Kind code of ref document: A3

Designated state(s): BR CA MX

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR

WWE Wipo information: entry into national phase

Ref document number: 2400623

Country of ref document: CA

WWE Wipo information: entry into national phase

Ref document number: 2001913338

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 2001913338

Country of ref document: EP