Method and system for maintaining secure access to web server services using permissions
First Claim
Patent Images
1. A method of providing secure access to a service on a service web server comprising:
- (a) providing a first user access to a label service on a permission web server;
(b) allowing said first user to determine, using the label service, a label related to said service;
(c) creating a first permission link at said permission web server, wherein said first permission link comprises the label and a digital signature of the permission web server;
(d) providing said first permission link to said first user;
(e) receiving at the service web server from a second user a permission comprising the first permission link and a second permission link, wherein said second permission link is created by said first user and comprises a digital signature of the first user;
(f) verifying the digital signatures in the permission;
(g) providing the second user access to the service if an analysis of the permission produces a positive result.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system for manipulating permissions are disclosed. A label relating to a service accessible on a web server is determined by a first user on a web server. The label is returned to the first user and, in some cases, may be included in a permission. The label or permission can be delegated to a second user to enable the second user to obtain access to the service. The permission may be further delegated by the second or subsequent users.
-
Citations
14 Claims
-
1. A method of providing secure access to a service on a service web server comprising:
-
(a) providing a first user access to a label service on a permission web server;
(b) allowing said first user to determine, using the label service, a label related to said service;
(c) creating a first permission link at said permission web server, wherein said first permission link comprises the label and a digital signature of the permission web server;
(d) providing said first permission link to said first user;
(e) receiving at the service web server from a second user a permission comprising the first permission link and a second permission link, wherein said second permission link is created by said first user and comprises a digital signature of the first user;
(f) verifying the digital signatures in the permission;
(g) providing the second user access to the service if an analysis of the permission produces a positive result. - View Dependent Claims (2, 3, 4, 5, 6, 11)
-
-
7. A method of providing secure access to a service on a service web server comprising:
-
(a) providing a first user access to a label service on a label web server;
(b) allowing said first user to determine, using the label service, a label related to said service;
(c) providing said label to said first user;
(d) receiving at the service web server from a second user a permission, wherein said permission is created by said first user and comprises a digital signature of the first user and the label;
(e) verifying the digital signature in the permission; and
(f) providing access to the service to the second user if an analysis of the permission produces a positive result. - View Dependent Claims (8, 9)
-
-
10. A method of providing secure access to a service on a service web server comprising:
-
(a) providing a first user access to a label service on a permission web server;
(b) allowing said first user to determine, using the label service, a label related to said service;
(c) creating a first permission link at said permission web server, wherein said first permission link comprises the label and a digital signature of the permission web server;
(d) providing said first permission link to said first user;
(e) receiving at the service web server from a subsequent user a subsequent permission, wherein said subsequent permission comprises the first permission link, a second permission link comprising a digital signature of the first user, and at least one intervening permission link comprising a digital signature of at least one intervening user;
(f) verifying the digital signature ofthe permission web server, the digital signature of the first user and each digital signature of each intervening user in the subsequent permission; and
(g) providing the subsequent user access to the service if an analysis of the subsequent permission produces a positive result.
-
-
12. A system for providing secure access to a service on a service web server comprising:
-
a permission web server that maintains a label service and allows a first user to determine, using the label service, a label related to the service;
that creates a first permission link, wherein said first permission link comprises the label and a digital signature of the permission web server; and
that provides the first permission link to the first user; and
the service web server that receives from a second user a permission comprising the first permission link and a second permission link, wherein said second permission link is created by said first user and comprises a digital signature of the first user;
that verifies the digital signatures in the permission; and
that provides the second user access to the service if an analysis of the permission produces a positive result.
-
-
13. A system for providing secure access to a service on a service web server comprising:
-
a permission web server that maintains a label service and that allows a first user to determine, using the label service, a label related to the service; and
that provides the label to the first user; and
the service web server that receives from a second user a permission, wherein said permission is created by the first user and comprises a digital signature of the first user and the label;
that verifies the digital signature in the permission; and
that provides the second user access to the service if an analysis of the permission produces a positive result.
-
-
14. A system for providing secure access to a service on a service web server comprising:
-
a permission web server that maintains a label service and allows a first user to determine, using the label service, a label related to said service;
that creates a first permission link, wherein the first permission link comprises the label and a digital signature of the permission web server; and
that provides the first permission link to the first user; and
the service web server that receives from a subsequent user a subsequent permission, wherein said subsequent permission comprises the first permission link, a second permission link comprising a digital signature of the first user, and at least one intervening permission link comprising a digital signature of at least one intervening user;
that verifies the digital signature of the permission web server, the digital signature of the first user and each digital signature of each intervening user in the subsequent permission; and
that provides the subsequent user access to the service if an analysis of the subsequent permission produces a positive result.
-
Specification