Please download the dossier by clicking on the dossier button x
×

Trusted third party authentication for web services

  • US 20060206932A1
  • Filed: 03/14/2005
  • Published: 09/14/2006
  • Est. Priority Date: 03/14/2005
  • Status: Active Grant
First Claim
Patent Images

1. At a computer system, a method of authenticating a web services:

  • component, the method comprising;

    an act of sending an authentication request to an authentication service;

    an act of receiving an authentication response from the authentication service, the authentication response including two instances of a first symmetric session key for securing communication between the Web services component and an access granting service, the first instance of the first symmetric session key secured for delivery to the Web services client and included in a first proof token, the second instance of the first symmetric session key encrypted with a secret symmetric key of the security token service and included in a token granting token;

    an act of sending an access request for access to a Web service to the access granting service, the access request including the token granting token; and

    an act of receiving an access granting response from the access granting service, the access granting response including two instances of a second symmetric session key for securing communication between the Web services component and the Web service, the first instance of the second symmetric session key being encrypted with the first symmetric session key and included in a second proof token, the second instance of the second symmetric session key being encrypted with a public key from a public/private key pair corresponding to the Web service and included in a service token.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×