Method and system for a service process to provide a service to a client
First Claim
1. Method for a service process to provide a service to a client, characterized by the following steps:
- a. the client sets up a secure session to an authentication process and sends a client identifier and a service request indicating which service is required;
b. the authentication process verifies the client identifier and sends to an authorization process the verified client identifier and the service request;
c. the authorization process checks whether the service indicated in the service request can and may be provided to the client, and sends the result of the check to the authentication process in the form of an authorized service request that includes a validity period;
d. the authentication process generates a token that is associated with the authorized service request;
e. via the secure session, the authentication process sends to the client the address of the service process concerned and the token;
f. the client contacts the service process and sends the service process the token received from the authentication process;
g. the service process sends the authentication process the token received from the client;
h. the authentication process fetches the authorized service request associated with the token, checks whether the validity period is good, and then sends the authorized service request to the service process;
i. the service process then provides the service required by the client.
1 Assignment
0 Petitions
Accused Products
Abstract
Method and system for a service server to provide a service to a client. The client (C) sets up a secure session to an authentication server (CAP) and sends its identifier and a service request stating the required service. The authentication server verifies the client identifier and sends the service request to a service authorization server (DAP). The authorization server checks whether the required service may be provided and sends the authorized service request to the authentication server. The authentication server generates a token, associated with the authorized service request. Via the secure session, the authentication server sends the address of the relevant service server and the token. The client sends the token to the service server, which then sends the token to the authentication server. The authentication server fetches the service request associated with the token and forwards it to the service server, after which the service server gives the client the required service.
90 Citations
4 Claims
-
1. Method for a service process to provide a service to a client, characterized by the following steps:
-
a. the client sets up a secure session to an authentication process and sends a client identifier and a service request indicating which service is required;
b. the authentication process verifies the client identifier and sends to an authorization process the verified client identifier and the service request;
c. the authorization process checks whether the service indicated in the service request can and may be provided to the client, and sends the result of the check to the authentication process in the form of an authorized service request that includes a validity period;
d. the authentication process generates a token that is associated with the authorized service request;
e. via the secure session, the authentication process sends to the client the address of the service process concerned and the token;
f. the client contacts the service process and sends the service process the token received from the authentication process;
g. the service process sends the authentication process the token received from the client;
h. the authentication process fetches the authorized service request associated with the token, checks whether the validity period is good, and then sends the authorized service request to the service process;
i. the service process then provides the service required by the client. - View Dependent Claims (2)
-
-
3. System for a service server to provide a service to a client, with the characteristic that:
-
a. the client includes means for setting up a secure session to an authentication server and for sending to that authentication server a client identifier and a service request stating which service is required;
b. the authentication server includes means for verifying the client identifier received from the client and for sending the verified client identifier and the service request to an authorization server;
c. the authorization server includes means for checking whether the service stated in the service request can and may be provided to the client, and means for sending back to the authentication server the result of the check in the form of an authorized service request, provided with a validity period determined by the authorization server;
d. the authentication server includes means for generating a token, associated with the authorized service request;
e. the authentication server includes means for sending the client, via the secure session, the address of the relevant service server and the token;
f. the client includes means for sending the received token to the service server;
g. the service server includes means for sending to the authentication server the token received from the client;
h. the authentication server includes means for fetching the authorized service request associated with the token, checking whether the validity period is good, and then sending the authorized service request to the service server;
i. the service server includes means for subsequently providing the required service to the client. - View Dependent Claims (4)
-
Specification