WO2010000298A1 - Appareil, procédé et programme pour une authentification intégrée - Google Patents
Appareil, procédé et programme pour une authentification intégrée Download PDFInfo
- Publication number
- WO2010000298A1 WO2010000298A1 PCT/EP2008/058384 EP2008058384W WO2010000298A1 WO 2010000298 A1 WO2010000298 A1 WO 2010000298A1 EP 2008058384 W EP2008058384 W EP 2008058384W WO 2010000298 A1 WO2010000298 A1 WO 2010000298A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- identity
- user
- item
- provider
- authentication
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/41—User authentication where a single sign-on provides access to a plurality of computers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/102—Entity profiles
Definitions
- a gap between network and application level authentication is bridged, e.g. by extracting a user identity, user ID, for e.g. a valid IP data session.
- the user identity may for example be extracted from that network element that can resolve a mapping between the IP address and a primary identity, ID, (e.g. MSIDN or mobile station international data number, MSISDN, international mobile subscriber identity, IMSI, international mobile equipment identity, IMEI, a globally or at least locally unique identity, and/or permanent identity, or the like) of a user.
- ID e.g. MSIDN or mobile station international data number, MSISDN, international mobile subscriber identity, IMSI, international mobile equipment identity, IMEI, a globally or at least locally unique identity, and/or permanent identity, or the like
- the user identity information may e.g. be retrieved from an authentication server but may also come from a policy and charging rules function, or from a bootstrapping server function, or from any other source, etc.
- the server 5 checks the authorization of the entity indicated by the IP address or other identification indicated in message 10, and returns an authentication response message 11 to the identity provider 7, the authentication response message 11 indicating an identity or primary identity of the user or terminal 1 such as MSISDN or the like.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
Au moins un ou plusieurs modes de réalisation de l'invention portent sur un procédé et sur un appareil pour un mécanisme de fédération dans un environnement de serveur d'authentification, autorisation et comptabilité/gestion d'identité.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/EP2008/058384 WO2010000298A1 (fr) | 2008-06-30 | 2008-06-30 | Appareil, procédé et programme pour une authentification intégrée |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/EP2008/058384 WO2010000298A1 (fr) | 2008-06-30 | 2008-06-30 | Appareil, procédé et programme pour une authentification intégrée |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2010000298A1 true WO2010000298A1 (fr) | 2010-01-07 |
Family
ID=40395883
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/EP2008/058384 WO2010000298A1 (fr) | 2008-06-30 | 2008-06-30 | Appareil, procédé et programme pour une authentification intégrée |
Country Status (1)
Country | Link |
---|---|
WO (1) | WO2010000298A1 (fr) |
Cited By (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20110296518A1 (en) * | 2010-05-28 | 2011-12-01 | Igor Faynberg | Application layer authentication in packet networks |
US20120079569A1 (en) * | 2010-09-24 | 2012-03-29 | Microsoft Corporation | Federated mobile authentication using a network operator infrastructure |
CN101789864B (zh) * | 2010-02-05 | 2012-10-10 | 中国工商银行股份有限公司 | 一种网上银行后台身份认证方法、装置及系统 |
WO2013002886A1 (fr) * | 2011-06-30 | 2013-01-03 | Cisco Technology, Inc. | Identité de réseau pour authentification de logiciel comme service |
CN103139181A (zh) * | 2011-12-01 | 2013-06-05 | 华为技术有限公司 | 一种开放式认证的授权方法、装置和系统 |
WO2013149650A1 (fr) * | 2012-04-03 | 2013-10-10 | Telefonaktiebolaget L M Ericsson (Publ) | Procédés et appareil de fourniture d'une identité d'abonné |
US8949938B2 (en) | 2011-10-27 | 2015-02-03 | Cisco Technology, Inc. | Mechanisms to use network session identifiers for software-as-a-service authentication |
US9152781B2 (en) | 2012-08-09 | 2015-10-06 | Cisco Technology, Inc. | Secure mobile client with assertions for access to service provider applications |
CN106295394A (zh) * | 2016-07-22 | 2017-01-04 | 飞天诚信科技股份有限公司 | 资源授权方法及系统和授权服务器及工作方法 |
US11495749B2 (en) | 2015-04-06 | 2022-11-08 | Universal Display Corporation | Organic electroluminescent materials and devices |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2003073783A1 (fr) * | 2002-02-28 | 2003-09-04 | Telefonaktiebolaget L M Ericsson | Systeme, procede et appareil pour services d'identification unique federes |
WO2006045402A1 (fr) * | 2004-10-26 | 2006-05-04 | Telecom Italia S.P.A. | Procede et systeme permettant d'authentifier de maniere transparente un utilisateur mobile pour acceder a des services web |
-
2008
- 2008-06-30 WO PCT/EP2008/058384 patent/WO2010000298A1/fr active Application Filing
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2003073783A1 (fr) * | 2002-02-28 | 2003-09-04 | Telefonaktiebolaget L M Ericsson | Systeme, procede et appareil pour services d'identification unique federes |
WO2006045402A1 (fr) * | 2004-10-26 | 2006-05-04 | Telecom Italia S.P.A. | Procede et systeme permettant d'authentifier de maniere transparente un utilisateur mobile pour acceder a des services web |
Non-Patent Citations (1)
Title |
---|
"Digital cellular telecommunications system (Phase 2+); Universal Mobile Telecommunications System (UMTS); Liberty Alliance and 3GPP security interworking; Interworking of Liberty Alliance Identity Federation Framework (ID-FF), Identity Web Services Framework (ID-WSF) and Generic Authentication Archi", 1 October 2007, ETSI STANDARDS, LIS, SOPHIA ANTIPOLIS CEDEX, FRANCE, ISSN: 0000-0001, XP014039738 * |
Cited By (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101789864B (zh) * | 2010-02-05 | 2012-10-10 | 中国工商银行股份有限公司 | 一种网上银行后台身份认证方法、装置及系统 |
WO2011149704A1 (fr) * | 2010-05-28 | 2011-12-01 | Alcatel-Lucent Usa Inc. | Authentification de couche d'application dans des réseaux à commutation de paquets |
US8973125B2 (en) | 2010-05-28 | 2015-03-03 | Alcatel Lucent | Application layer authentication in packet networks |
US20110296518A1 (en) * | 2010-05-28 | 2011-12-01 | Igor Faynberg | Application layer authentication in packet networks |
US8881247B2 (en) | 2010-09-24 | 2014-11-04 | Microsoft Corporation | Federated mobile authentication using a network operator infrastructure |
US20120079569A1 (en) * | 2010-09-24 | 2012-03-29 | Microsoft Corporation | Federated mobile authentication using a network operator infrastructure |
WO2013002886A1 (fr) * | 2011-06-30 | 2013-01-03 | Cisco Technology, Inc. | Identité de réseau pour authentification de logiciel comme service |
US8949938B2 (en) | 2011-10-27 | 2015-02-03 | Cisco Technology, Inc. | Mechanisms to use network session identifiers for software-as-a-service authentication |
US9356928B2 (en) | 2011-10-27 | 2016-05-31 | Cisco Technology, Inc. | Mechanisms to use network session identifiers for software-as-a-service authentication |
CN103139181A (zh) * | 2011-12-01 | 2013-06-05 | 华为技术有限公司 | 一种开放式认证的授权方法、装置和系统 |
CN103139181B (zh) * | 2011-12-01 | 2016-03-30 | 华为技术有限公司 | 一种开放式认证的授权方法、装置和系统 |
WO2013149650A1 (fr) * | 2012-04-03 | 2013-10-10 | Telefonaktiebolaget L M Ericsson (Publ) | Procédés et appareil de fourniture d'une identité d'abonné |
US20150043430A1 (en) * | 2012-04-03 | 2015-02-12 | Telefonaktiebolaget L M Ericsson (Publ) | Methods and apparatus for providing a subscriber identity |
US9503885B2 (en) | 2012-04-03 | 2016-11-22 | Telefonaktiebolaget Lm Ericsson (Publ) | Methods and apparatus for providing a subscriber identity |
US9152781B2 (en) | 2012-08-09 | 2015-10-06 | Cisco Technology, Inc. | Secure mobile client with assertions for access to service provider applications |
US9876799B2 (en) | 2012-08-09 | 2018-01-23 | Cisco Technology, Inc. | Secure mobile client with assertions for access to service provider applications |
US11495749B2 (en) | 2015-04-06 | 2022-11-08 | Universal Display Corporation | Organic electroluminescent materials and devices |
CN106295394A (zh) * | 2016-07-22 | 2017-01-04 | 飞天诚信科技股份有限公司 | 资源授权方法及系统和授权服务器及工作方法 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2010000298A1 (fr) | Appareil, procédé et programme pour une authentification intégrée | |
CN111385100B (zh) | 用于访问资源的方法、计算机可读介质以及移动设备 | |
EP3251324B1 (fr) | Accès sécurisé à des services basés sur le nuage | |
US8472388B2 (en) | Gateway apparatus, authentication server, control method thereof and computer program | |
EP3120591B1 (fr) | Dispositif sur la base d'un identifiant d'utilisateur, système de gestion d'identité et d'activité | |
JP4782139B2 (ja) | モバイルユーザーをトランスペアレントに認証してウェブサービスにアクセスする方法及びシステム | |
US8166129B2 (en) | Method and system for providing media content to a user | |
EP2572527B1 (fr) | Utilisation d'une architecture de démarrage générique avec des applications web et des pages web | |
EP1871065A1 (fr) | Procédés, dispositif et système pour le contrôle d'accès à un réseau | |
US20120204231A1 (en) | User identity management for permitting interworking of a bootstrapping architecture and a shared identity service | |
EP3395037A1 (fr) | Authentification de signature automatique par le biais d'un navigateur pour une application client | |
KR20130004598A (ko) | 패킷 네트워크들에서 애플리케이션 층 인증 | |
US10812536B2 (en) | Method and apparatus for providing quality of service for web-based real-time communication | |
CN105721479A (zh) | 一种网址过滤方法及装置 | |
CN107040389B (zh) | 用于认证、授权和计费协议的结果报告 | |
WO2004075512A1 (fr) | Decouverte d'un serveur d'application dans un reseau ip | |
US8274985B2 (en) | Control of cellular data access | |
CN103023856A (zh) | 单点登录的方法、系统和信息处理方法、系统 | |
CN112087412B (zh) | 一种基于唯一令牌的服务访问处理方法及装置 | |
US9326141B2 (en) | Internet protocol multimedia subsystem (IMS) authentication for non-IMS subscribers | |
US11490255B2 (en) | RCS authentication | |
US11405764B2 (en) | Multiple parallel WebRTC accesses to IMS | |
US20160234685A1 (en) | Methods and Devices for Processing Identification Information | |
US20160183083A1 (en) | User equipment and method for dynamic internet protocol multimedia subsystem (ims) registration | |
CN114339760A (zh) | 通信网络中的授权 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 08774537 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 08774537 Country of ref document: EP Kind code of ref document: A1 |