Method and system for maintaining secure access to web server services using permissions

US 20030172299A1
Filed: 03/05/2002
Published: 09/11/2003
Est. Priority Date: 03/05/2002
Status: Abandoned Application

First Claim

Patent Images

1. A method of providing secure access to a service on a service web server comprising:

(a) providing a first user access to a label service on a permission web server;

(b) allowing said first user to determine, using the label service, a label related to said service;

(c) creating a first permission link at said permission web server, wherein said first permission link comprises the label and a digital signature of the permission web server;

(d) providing said first permission link to said first user;

(e) receiving at the service web server from a second user a permission comprising the first permission link and a second permission link, wherein said second permission link is created by said first user and comprises a digital signature of the first user;

(f) verifying the digital signatures in the permission;

(g) providing the second user access to the service if an analysis of the permission produces a positive result.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for manipulating permissions are disclosed. A label relating to a service accessible on a web server is determined by a first user on a web server. The label is returned to the first user and, in some cases, may be included in a permission. The label or permission can be delegated to a second user to enable the second user to obtain access to the service. The permission may be further delegated by the second or subsequent users.

Citations

14 Claims

1. A method of providing secure access to a service on a service web server comprising:
- (a) providing a first user access to a label service on a permission web server;
  
  (b) allowing said first user to determine, using the label service, a label related to said service;
  
  (c) creating a first permission link at said permission web server, wherein said first permission link comprises the label and a digital signature of the permission web server;
  
  (d) providing said first permission link to said first user;
  
  (e) receiving at the service web server from a second user a permission comprising the first permission link and a second permission link, wherein said second permission link is created by said first user and comprises a digital signature of the first user;
  
  (f) verifying the digital signatures in the permission;
  
  (g) providing the second user access to the service if an analysis of the permission produces a positive result.
- View Dependent Claims (2, 3, 4, 5, 6, 11)
- - 2. The method of claim 1 wherein said first user transmits said permission to said second user using electronic mail.
  - 3. The method of claim 1 wherein said first user transmits said permission to said second user using instant messaging.
  - 4. The method of claim 1 wherein said first user transmits said permission to said second user using a personal area network.
  - 5. The method of claim 1 wherein said permission and service web servers are the same.
  - 6. The method of claim 1 wherein the first and second users are the same.
  - 11. The method of claim 1, 7, or 10 wherein the label comprises a URL for identifying the service.

7. A method of providing secure access to a service on a service web server comprising:
- (a) providing a first user access to a label service on a label web server;
  
  (b) allowing said first user to determine, using the label service, a label related to said service;
  
  (c) providing said label to said first user;
  
  (d) receiving at the service web server from a second user a permission, wherein said permission is created by said first user and comprises a digital signature of the first user and the label;
  
  (e) verifying the digital signature in the permission; and
  
  (f) providing access to the service to the second user if an analysis of the permission produces a positive result.
- View Dependent Claims (8, 9)
- - 8. The method of claim 7 further comprising:
    - (g) before step (f), verifying that the first user had authority to delegate access to the service.
  - 9. The method of claim 8 wherein step (f) is performed using an access control list.

10. A method of providing secure access to a service on a service web server comprising:
- (a) providing a first user access to a label service on a permission web server;
  
  (b) allowing said first user to determine, using the label service, a label related to said service;
  
  (c) creating a first permission link at said permission web server, wherein said first permission link comprises the label and a digital signature of the permission web server;
  
  (d) providing said first permission link to said first user;
  
  (e) receiving at the service web server from a subsequent user a subsequent permission, wherein said subsequent permission comprises the first permission link, a second permission link comprising a digital signature of the first user, and at least one intervening permission link comprising a digital signature of at least one intervening user;
  
  (f) verifying the digital signature ofthe permission web server, the digital signature of the first user and each digital signature of each intervening user in the subsequent permission; and
  
  (g) providing the subsequent user access to the service if an analysis of the subsequent permission produces a positive result.

12. A system for providing secure access to a service on a service web server comprising:
- a permission web server that maintains a label service and allows a first user to determine, using the label service, a label related to the service;
  
  that creates a first permission link, wherein said first permission link comprises the label and a digital signature of the permission web server; and
  
  that provides the first permission link to the first user; and
  
  the service web server that receives from a second user a permission comprising the first permission link and a second permission link, wherein said second permission link is created by said first user and comprises a digital signature of the first user;
  
  that verifies the digital signatures in the permission; and
  
  that provides the second user access to the service if an analysis of the permission produces a positive result.

13. A system for providing secure access to a service on a service web server comprising:
- a permission web server that maintains a label service and that allows a first user to determine, using the label service, a label related to the service; and
  
  that provides the label to the first user; and
  
  the service web server that receives from a second user a permission, wherein said permission is created by the first user and comprises a digital signature of the first user and the label;
  
  that verifies the digital signature in the permission; and
  
  that provides the second user access to the service if an analysis of the permission produces a positive result.

14. A system for providing secure access to a service on a service web server comprising:
- a permission web server that maintains a label service and allows a first user to determine, using the label service, a label related to said service;
  
  that creates a first permission link, wherein the first permission link comprises the label and a digital signature of the permission web server; and
  
  that provides the first permission link to the first user; and
  
  the service web server that receives from a subsequent user a subsequent permission, wherein said subsequent permission comprises the first permission link, a second permission link comprising a digital signature of the first user, and at least one intervening permission link comprising a digital signature of at least one intervening user;
  
  that verifies the digital signature of the permission web server, the digital signature of the first user and each digital signature of each intervening user in the subsequent permission; and
  
  that provides the subsequent user access to the service if an analysis of the subsequent permission produces a positive result.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Probaris Technologies, Inc.
Original Assignee
Probaris Technologies, Inc.
Inventors
Gunter, Carl A.

Application Number

US10/090,689
Publication Number

US 20030172299A1
Time in Patent Office

Days
Field of Search
US Class Current

713/201
CPC Class Codes

G06F 21/6218   to a system of files or obj...

G06F 2221/2115   Third party

H04L 63/0823   using certificates cryptogr...

H04L 63/12   Applying verification of th...

H04L 67/02   based on web technology, e....

Method and system for maintaining secure access to web server services using permissions

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for maintaining secure access to web server services using permissions

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links