Method and system for authentication

US 20080141339A1
Filed: 09/21/2007
Published: 06/12/2008
Est. Priority Date: 12/11/2006
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for authentication, the method comprising:

defining a demanded level of security in an authorization service of a server;

providing at least one authentication mechanism comprising at least one instance for at least one client;

providing a policy comprising a security level for the at least one instance;

receiving at least one request from the client to the server;

authenticating the request based on the policy and the demanded level of security by the authentication service; and

permitting the request if the demanded level of security is reached.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

There is provided a computer-implemented method for authentication, the method comprising:

defining a demanded level of security in an authorization service of a server;
providing at least one authentication mechanism comprising at least one instance for at least one client;
providing a policy comprising a security level for the at least one instance;
receiving at least one request from the client to the server;
authenticating the request based on the policy and the demanded level of security by the authentication service; and
permitting the request if the demanded level of security is reached.

Citations

17 Claims

1. A computer-implemented method for authentication, the method comprising:
- defining a demanded level of security in an authorization service of a server;
  
  providing at least one authentication mechanism comprising at least one instance for at least one client;
  
  providing a policy comprising a security level for the at least one instance;
  
  receiving at least one request from the client to the server;
  
  authenticating the request based on the policy and the demanded level of security by the authentication service; and
  
  permitting the request if the demanded level of security is reached.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. A method according to claim 1, further comprising:
    - providingeither a plurality of authentication mechanisms each comprising at least one instanceor at least one authentication mechanism comprising a plurality of instances for the client,wherein the policy further comprises security levels for the instances, respectively.
  - 3. A method according to claim 2, wherein authenticating the request based on the policy and the demanded level of security comprises:
    - combining at least two of the security levels.
  - 4. A method according to claim 1, wherein the security level for the at least one instance is based on a trust opinion.
  - 5. A method according to claim 4, wherein the trust opinion comprises at least an objective criteria and at least a subjective criteria.
  - 6. A method according to claim 4, wherein the trust opinion is expressed in subjective logic.
  - 7. A method according to claim 3, wherein combining at least two of the security levels comprises:
    - applying one or more combining operators on the at least two security levels.
  - 8. A method according to claim 7, wherein the one or more combining operators are operators of subjective logic.
  - 9. A computer-program product comprising computer readable instructions, which when loaded and run in a computer system and/or computer network system, causes the computer system and/or the computer network system to perform operations according to a method of anyone of the preceding claims.

10. A system for authentication comprising:
- a server comprising an authorization service defining a demanded level of security; and
  
  a policy comprising a security level for at least one instance of at least one authentication mechanism;
  
  wherein the authorization service is operable to;
  
  receiving at least one request from a client comprising the at least one instance of the at least one authentication mechanism to the server;
  
  authenticating the request based on the policy and the demanded level of security by the authentication service; and
  
  permitting the request if the demanded level of security is reached.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. A system according to claim 10, wherein the at least one client further comprises:
    - either a plurality of authentication mechanisms each comprising at least one instanceor at least one authentication mechanism comprising a plurality of instances, wherein the policy further comprises security levels for the instances, respectively.
  - 12. A system according to claim 11, wherein the authorization service is further operable to authenticate the request based on the policy and the demanded level of security by combining at least two of the security levels.
  - 13. A system according to claim 10, wherein the security level for the at least one instance is based on a trust opinion.
  - 14. A system according to claim 13, wherein the trust opinion comprises at least an objective criteria and at least a subjective criteria.
  - 15. A system according to claim 13, wherein the trust opinion is expressed in subjective logic.
  - 16. A system according to claim 13, wherein the authorization service is further operable to combine at least two of the security levels by applying one or more combining operators on the at least two security levels.
  - 17. A system according to claim 16, wherein the one or more combining operators are operators of subjective logic.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
SAP SE
Original Assignee
SAP AG (SAP SE)
Inventors
Thomas, Ivonne, Gomez, Laurent Y.

Granted Patent

US 8,490,154 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/1
CPC Class Codes

H04L 63/08   for authentication of entit...

H04L 63/104   Grouping of entities

H04L 63/105   Multiple levels of security

H04L 63/20   for managing network securi...

Method and system for authentication

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for authentication

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links