Secured Authentication Method for Providing Services on a Data Transmisson Network
First Claim
1. A method for accessing a service on a data transmission network, by means of a user terminal (30) connected to said network, characterised in that it includes:
- a) a phase for subscribing to said service, wherein;
an information container (TOKEN) associated with the user is generated, including a first set of authentication data (X0, X1, X2, X3) for accessing the service and a second set of useful data relating to said user (SID/PN) and to access rights to said service (RBF, UBF, TBF), said first and second sets of data being encrypted, and wherein,said container is transmitted (d) securely on said user terminal (30), andb) a phase for accessing said terminal whereinsaid container is transmitted (e) securely from said user terminal (30) to at least one management server (40) connected to the network during a request to access said service, and wherein,after decryption of the constituent data of said container, the server (40) verifies (g) the validity of said first set of authentication data and, in the event that verification is successful, authorises (h) access to the service for its execution, based on said access rights for the second set of data.
0 Assignments
0 Petitions
Accused Products
Abstract
The invention relates to a method for accessing to a network service by means of a user'"'"'s terminal (30) involving an application phase which consists in generating a container (TOKEN) containing a first authentication data set (X0, X1, X2 X3) for accessing to a service and a second useful data set related to access rights for said service (RBF, UBF, TBF), in securely transmitting (d) said container to said terminal and an access phase which consists in securely transmitting (e) the container from said terminal to a managing server (40) which is connected to the network while an access request, after deciphering (f) data of said container, in verifying (g) the validity of the first data set by the server and, following the successful verification, in authorising (h) the access to the service for performing it according to said access rights.
38 Citations
23 Claims
-
1. A method for accessing a service on a data transmission network, by means of a user terminal (30) connected to said network, characterised in that it includes:
-
a) a phase for subscribing to said service, wherein; an information container (TOKEN) associated with the user is generated, including a first set of authentication data (X0, X1, X2, X3) for accessing the service and a second set of useful data relating to said user (SID/PN) and to access rights to said service (RBF, UBF, TBF), said first and second sets of data being encrypted, and wherein, said container is transmitted (d) securely on said user terminal (30), and b) a phase for accessing said terminal wherein said container is transmitted (e) securely from said user terminal (30) to at least one management server (40) connected to the network during a request to access said service, and wherein, after decryption of the constituent data of said container, the server (40) verifies (g) the validity of said first set of authentication data and, in the event that verification is successful, authorises (h) access to the service for its execution, based on said access rights for the second set of data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
-
Specification