DELEGATING AUTHENTICATION USING A CHALLENGE/RESPONSE PROTOCOL
First Claim
Patent Images
1. A method performed by a server application for delegating authentication of a client application using a challenge/response protocol, the method comprising:
- determining that authentication of a client application is required and transmitting an authentication request to the client application;
receiving a challenge/response request from the client application;
authenticating the client application to the server application in accordance with the challenge response protocol;
transmitting an access request to a second server application;
receiving an authentication request from the second server application and transmitting the authentication request to the client application;
receiving a second challenge/response request from the client application and transmitting the second challenge/response request to the second server application; and
authenticating the server application to the second server application based on the second challenge/response request on behalf of the client application in accordance with the challenge/response protocol.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for delegating authentication using a challenge/response protocol is provided. The method may initiate with a challenge/response sequence between a client application and a server application to authenticate the client application. Then the server application authenticates to a second server application using the credentials associated with the client application by acting as a conduit between the client application and the second server application.
-
Citations
16 Claims
-
1. A method performed by a server application for delegating authentication of a client application using a challenge/response protocol, the method comprising:
-
determining that authentication of a client application is required and transmitting an authentication request to the client application; receiving a challenge/response request from the client application; authenticating the client application to the server application in accordance with the challenge response protocol; transmitting an access request to a second server application; receiving an authentication request from the second server application and transmitting the authentication request to the client application; receiving a second challenge/response request from the client application and transmitting the second challenge/response request to the second server application; and authenticating the server application to the second server application based on the second challenge/response request on behalf of the client application in accordance with the challenge/response protocol. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for authenticating a client application to a first server application and a second server application by delegation using a challenge/response protocol, the method comprising:
-
establishing a data transfer link between the client application and the first server application; requesting the client application to authenticate to the first server application; authenticating the client application using a challenge/response sequence between the client application and the first server application; establishing a data transfer link between the first server application and the second server application; requesting the first server application to authenticate to the second server application; transmitting the request to authenticate from the first server application to the client application; and authenticating the first server to the second server on behalf of the client application using a second challenge/response sequence between the client application and the first server application. - View Dependent Claims (11, 12, 13)
-
-
14. A delegation apparatus for delegating authentication of a client application using a challenge/response protocol with a server application, the delegation apparatus comprising:
-
a determinating unit configured to determine if the client application is to be authenticated to the server application or a second server application; a receiving unit configured to receive a first challenge/response request and a second challenge/response request from the client application; a transmitting unit configured to transmit an access request from the server application to the second server application; and an authentication unit configured to authenticate the client application to the server application in response to the first challenge/response request in accordance with the challenge/response protocol, wherein the authentication unit authenticates the server application to the second server application on behalf of the client application in response to the server application receiving the second challenge/response request from the client application.
-
-
16. A computer-readable storage medium which stores computer-executable instructions for causing a computer to execute a method for delegating authentication of a client application using a challenge/response protocol with a server application, the method comprising:
-
determining that authentication of a client application is required and transmitting an authentication request to the client application; receiving a challenge/response request from the client application; authenticating the client application to the server application in accordance with the challenge/response protocol; transmitting an access request to a second server application; receiving an authentication request from the second server application and transmitting the authentication request to the client application; receiving a second challenge/response request from the client application and transmitting the second challenge/response request to the second server application; and authenticating the server application to the second server application based on the second challenge/response request on behalf of the client application in accordance with the challenge/response protocol.
-
Specification