Proxy server security token authorization
First Claim
1. A method of authorizing use of a computer resource comprising:
- (a) issuing, to a user, an authorization token having data;
(b) examining, with a proxy server, the authorization token for authenticity; and
(c) if the authorization token is authentic, said proxy server using said authorization token data to establish a connection with said computer resource on behalf of the user.
25 Assignments
0 Petitions
Accused Products
Abstract
A management server manufactures a secure, tamper-resistant token for a particular user specifying the permissions and authorizations that user possesses. The token may be in the form of a digitally-signed message specifying, for example, a particular computer and associated port number that the user is permitted to access. The management server delivers the token to the user, preferably over a secure communications session. When challenged, the user presents the secure token to the security proxy server. The security proxy server examines the token to be sure it is authentic and has not be tampered with, and then extracts information contained in the token to determine the user'"'"'s authorization to access a particular computer, particular port number and/or other resource. The security proxy server then establishes authorized communication with the authorized computing resource based on the information contained in the user'"'"'s token, and thereafter may act in one embodiment as essentially a passthrough or proxy for permitting the user to access and communicate with the resource.
98 Citations
16 Claims
-
1. A method of authorizing use of a computer resource comprising:
-
(a) issuing, to a user, an authorization token having data;
(b) examining, with a proxy server, the authorization token for authenticity; and
(c) if the authorization token is authentic, said proxy server using said authorization token data to establish a connection with said computer resource on behalf of the user. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A proxy server comprising:
-
means for receiving an authorization token from a user device;
means for examining said token to determine the authenticity thereof; and
means for establishing a proxy server session conditioned on the authenticity of said token, wherein said proxy server acts as an intermediary between said user device and a computing resource the token specifies.
-
-
10. A proxy server comprising:
-
a challenge function that challenges a user device to present a token;
a token validator that validates said token; and
a session controller that intermediates a session between said user device and a computing resource conditioned at least in part on token validation by said token validator. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
Specification