Method and apparatus for a security framework that enables identity and access control services
First Claim
Patent Images
1. A method, comprising:
- a step in which a client device attached to a network obtains from a server device hosting a service and also attached to the network an indication of a security mechanism by which the server device limits access to the service;
a step in which the client device obtains from an authenticator proof of identity; and
a step in which the client device presents the proof of identity to a service security module attached to the network and providing security against unauthorized access to the service.
2 Assignments
0 Petitions
Accused Products
Abstract
A method by which access to services of a network are controlled, including a step in which a client device presents proof of identity to a service security module attached to the network and providing security against unauthorized access to the service.
63 Citations
9 Claims
-
1. A method, comprising:
-
a step in which a client device attached to a network obtains from a server device hosting a service and also attached to the network an indication of a security mechanism by which the server device limits access to the service;
a step in which the client device obtains from an authenticator proof of identity; and
a step in which the client device presents the proof of identity to a service security module attached to the network and providing security against unauthorized access to the service. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A device, comprising:
-
means for obtaining from a server device an indication of a security mechanism by which the server device limits access to a service;
means for obtaining from an authenticator proof of identity of the device; and
means for presenting the proof of identity to a service security module. - View Dependent Claims (8)
-
-
9. A network, comprising a client device, a server device offering a service, and a service security module providing security against unauthorized access to the service and either integral with or separate from the server device, wherein the client device includes:
-
means for obtaining from the server device an indication of a security mechanism by which the server device limits access to the service, means for obtaining from an authenticator proof of identity of the client device, and means for presenting the proof of identity to the service security module;
and wherein the server device includes means for determining whether to accept the proof of identity and for granting access to the service if the server device accepts the proof of identity.
-
Specification