Method and system for maintaining secure access to web server services using server-delegated permissions
First Claim
1. A method of providing secure access to a service on a service web server comprising:
- (a) maintaining at a permission web server a first permission, wherein the first permission comprises a label related to the service and a digital signature of a first user;
(b) providing access to the first permission to a second user upon said second user authenticating to said permission web server;
(c) providing the second user a permission comprising the first permission and a permission link comprising the label and a digital signature of the permission web server;
(d) receiving at the service web server from said second user a request to access the service;
(e) receiving the permission from the second user at the service web server;
(f) verifying the digital signature of the permission web server and the digital signature of the first user in the permission; and
(g) providing the second user access to the service if step (f) produces a positive result.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system for manipulating permissions are disclosed. A first permission, including a label related to a service accessible via a service web server, is maintained at a permission web server. A second user is provided access to the first permission upon his authenticating to the permission web server and is provided a permission to access the service. The second user will be given access to the service, upon his requesting access to the service and supplying the permission, if the digital signatures in the permission are positively verified. The second user may, instead of seeking access to the service himself, delegate permission to do so to a subsequent user.
-
Citations
8 Claims
-
1. A method of providing secure access to a service on a service web server comprising:
-
(a) maintaining at a permission web server a first permission, wherein the first permission comprises a label related to the service and a digital signature of a first user;
(b) providing access to the first permission to a second user upon said second user authenticating to said permission web server;
(c) providing the second user a permission comprising the first permission and a permission link comprising the label and a digital signature of the permission web server;
(d) receiving at the service web server from said second user a request to access the service;
(e) receiving the permission from the second user at the service web server;
(f) verifying the digital signature of the permission web server and the digital signature of the first user in the permission; and
(g) providing the second user access to the service if step (f) produces a positive result. - View Dependent Claims (2, 3)
-
-
4. A system for providing secure access to a service on a service web server comprising:
-
a permission web server that maintains a first permission, wherein the first permission comprises a label related to the service and a digital signature of a first user;
that provides a second user access to the first permission upon the second user authenticating to the permission web server; and
that provides the second user a permission comprising the first permission and a permission link comprising the label and a digital signature of the permission web server; and
the service web server that receives from the second user a request to access the service and the permission;
that verifies the digital signature of the permission web server and the digital signature of the first user in the permission; and
that provides the second user access to the service if the verification produces a positive result.
-
-
5. A method of providing secure access to a service on a service web server comprising:
-
(a) maintaining at a permission web server a first permission, wherein the first permission comprises a label related to the service and a digital signature of a first user;
(b) providing access to the first permission to a second user upon said second user authenticating to said permission web server;
(c) providing the second user a permission comprising the first permission and a permission link comprising the label and a digital signature of the permission web server;
(d) receiving at the service web server from a subsequent user a request to access the service, the subsequent user having been delegated a subsequent permission comprising the permission;
(e) receiving the subsequent permission from the subsequent user at the service web server;
(f) verifying at least the digital signature of the permission web server and the digital signature of the first user in the permission; and
(g) providing the subsequent user access to the service if step (f) produces a positive result. - View Dependent Claims (6, 7)
-
-
8. A system for providing secure access to a service on a service web server comprising:
-
a permission web server that maintains a first permission, wherein the first permission comprises a label related to the service and a digital signature of a first user;
that provides a second user access to the first permission upon the second user authenticating to the permission web server; and
that provides to the second user a permission comprising the first permission and a permission link comprising the label and a digital signature of the permission web server; and
the service web server that receives from a subsequent user a request to access the service and a subsequent permission, comprising the permission, the subsequent user having been delegated the subsequent permission;
that verifies at least the digital signature of the permission web server and the digital signature of the first user in the permission; and
that provides the subsequent user access to the service if the verification produces a positive result.
-
Specification