Automatic, connection-based terminal or user authentication in communication networks
First Claim
1. Method for automatically identifying an access right to protected areas in a first network using a unique connection identifier of a second network, with the following procedural steps:
- dynamic or static assignment of a unique identifier of the first network for a terminal, during or prior to the latter'"'"'s connection to the first network by means of the second network;
storage of a combination of at least the unique connection identifier of the second network by means of which the connection was made, and the unique identifier of the first network in an authentication unit;
the provider of the protected area requesting the authentication unit to determine the unique connection identifier of the second network using the unique identifier of the first network when the terminal would like access to the protected area;
authentication and/or communication exclusively of the unique identifier of the second network to the provider of the protected area by means of the authentication unit;
checking whether an access right for the protected area exists for the unique connection identifier of the second network.
1 Assignment
0 Petitions
Accused Products
Abstract
The aim of the invention is to permit the automatic identification of access rights to protected areas in networks, in particular on the Internet. This is achieved by a method for automatically identifying access rights to protected areas in a first network (2) using a unique connection identifier of a second network (1), in particular in the interconnection of networks that constitutes the Internet. According to the invention: a unique identifier of the first network (2) is dynamically or statically assigned to a terminal, during or prior to the latter'"'"'s connection to the first network (2); a combination of at least the unique connection identifier of the second network (1) and the unique identifier of the first network (2), said combination being stored in an authentication unit (16), is polled when the terminal requests access to the protected area, in order to determine the unique connection identifier of the second network (1) using the unique identifier of the first network (2); and the existence of access rights to the protected area for the unique connection identifier of the second network (1) is then verified.
130 Citations
23 Claims
-
1. Method for automatically identifying an access right to protected areas in a first network using a unique connection identifier of a second network, with the following procedural steps:
-
dynamic or static assignment of a unique identifier of the first network for a terminal, during or prior to the latter'"'"'s connection to the first network by means of the second network;
storage of a combination of at least the unique connection identifier of the second network by means of which the connection was made, and the unique identifier of the first network in an authentication unit;
the provider of the protected area requesting the authentication unit to determine the unique connection identifier of the second network using the unique identifier of the first network when the terminal would like access to the protected area;
authentication and/or communication exclusively of the unique identifier of the second network to the provider of the protected area by means of the authentication unit;
checking whether an access right for the protected area exists for the unique connection identifier of the second network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 22, 23)
-
-
16. Method for providing data for automatic identification of access rights to protected areas in networks, with the following procedural steps:
-
provision of at least one unique identifier respectively from at least two different networks while a connection to both networks exists, whereby the connection to one of the networks happens by means of the other network;
storage of a combination of the different identifiers in an authentication unit;
authentication and/or issue exclusively of one of the unique identifiers when a corresponding enquiry is made regarding the other unique identifiers;
deletion of the data from the authentication unit as soon as a connection with at least one of the two networks has ended. - View Dependent Claims (17, 18, 19, 20, 21)
-
Specification