System and method for authorization of access to a resource
First Claim
1. A computer program product for use in conjunction with a computer system having a server and a client, the computer program product comprising a computer readable storage medium and a computer program mechanism embedded therein, the computer program mechanism, comprising:
- a program module that directs the computer system and/or components thereof including at least one or the client or server, to function in a specified manner to provide message communications, the message communications occurring in a computer system hardware architecture neutral and operating system neutral and network transport protocol neutral manner for a resource owner authorizing a specific user the right to access a particular resource, the program module including instructions for;
A. sending a resource tag to a specified user;
B. receiving, back from the specified user, the resource tag sent earlier and a user credential information;
C. verifying the user credential information;
D. comparing a first cryptographic transformation of a first information item to a second cryptographic transformation of a second information item; and
E. granting access to the particular resource only if the first cryptographic transformation of the first information item has a predetermined relationship with the second cryptographic transformation of the second information items, and otherwise denying access to the particular resource.
1 Assignment
0 Petitions
Accused Products
Abstract
System, method, signal, operating model, and computer program for electronic messaging. Systems and method for providing security for communication of electronic messages, interactive sessions, software downloads, software upgrades, and other content from a source to a receiving device as well as signals used for such communications. Systems, methods, signals, device architectures, data formats, and computer program structures for providing authentication, integrity, confidentiality, non-repudiation, replay protection, and other security properties while minimizing the network bandwidth, computational resources, and manual user interactions required to install, enable, deploy and utilize these security properties. System, device, method, computer program, and computer program product for searching and selecting data and control elements in message procedural/data sets for automatic and complete portrayal of message to maintain message intent. System, device, method, computer program, and computer program product for adapting content for sensory and physically challenged persons using embedded semantic elements in a procedurally based message file.
216 Citations
54 Claims
-
1. A computer program product for use in conjunction with a computer system having a server and a client, the computer program product comprising a computer readable storage medium and a computer program mechanism embedded therein, the computer program mechanism, comprising:
- a program module that directs the computer system and/or components thereof including at least one or the client or server, to function in a specified manner to provide message communications, the message communications occurring in a computer system hardware architecture neutral and operating system neutral and network transport protocol neutral manner for a resource owner authorizing a specific user the right to access a particular resource, the program module including instructions for;
A. sending a resource tag to a specified user;
B. receiving, back from the specified user, the resource tag sent earlier and a user credential information;
C. verifying the user credential information;
D. comparing a first cryptographic transformation of a first information item to a second cryptographic transformation of a second information item; and
E. granting access to the particular resource only if the first cryptographic transformation of the first information item has a predetermined relationship with the second cryptographic transformation of the second information items, and otherwise denying access to the particular resource.
- a program module that directs the computer system and/or components thereof including at least one or the client or server, to function in a specified manner to provide message communications, the message communications occurring in a computer system hardware architecture neutral and operating system neutral and network transport protocol neutral manner for a resource owner authorizing a specific user the right to access a particular resource, the program module including instructions for;
-
2. A hardware architecture neutral and operating system neutral and network transport neutral method for a resource owner authorizing a specific user the right to access a particular resource, said method comprising:
-
A. sending a first information item to a specified user;
B. receiving, back from the specified user, the resource tag sent earlier and a user second information item;
C. verifying the user second information item; and
D. comparing a first cryptographic transformation of the first information item to a second cryptographic transformation of the second information item; and
E. granting access to the particular resource only if the first cryptographic transformation of the first information item has a predetermined relationship with the second cryptographic transformation of the second information items, and otherwise denying access to the particular resource. - View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53)
-
-
54. A method for authorizing a user access a resource, said method comprising:
-
sending a resource tag to the user;
receiving the resource tag and a user credential information from the user;
verifying the user credential information;
comparing a first cryptographic transformation of the resource tag to a second cryptographic transformation of some portion or all of the User Credential Information and one or more selected portions of the Server'"'"'s or Resource Owner'"'"'s Credential Information; and
granting access to the resource only if the first cryptographic transformation of the resource tag matches with the second cryptographic transformation of the selected portion or all of the User Credential Information and one or more portions of the Server'"'"'s or Resource Owner'"'"'s Credential Information, and otherwise denying access to the resource.
-
Specification