USING AN IP MULTIMEDIA SUBSYSTEM FOR HTTP SESSION AUTHENTICATION
First Claim
1. A method for operating a processor in an Internet Protocol Multimedia Subsystem (IMS) to authenticate a Hypertext Transfer Protocol (HTTP) session between a communication device and an online application, the method comprising:
- receiving a request from a communication device to initiate an HTTP session;
determining whether the communication device is registered on the Internet Protocol Multimedia Subsystem;
in response to determining that the communication device is registered on the Internet Protocol Multimedia Subsystem, generating an initial authentication token and sending the generated initial authentication token to the communication device;
receiving an HTTP session request from the communication device, wherein the HTTP session request includes a copy of the authentication token;
determining whether the copy of the authentication token is valid; and
in response to determining that the authentication token is valid, transmitting the HTTP session request and the authentication token to a Web server to authenticate the communication device to an online application hosted by the Web server.
7 Assignments
0 Petitions
Accused Products
Abstract
Disclosed is a method and system for utilizing an Internet Protocol Multimedia Subsystem (IMS) to authenticate an HTTP session between a communication device and an online application program. The method includes registering a communication device on an IMS, and generating an authorization token which is sent to the communication device. The communication device then embeds the authorization token in HTTP request communication directed to the IMS. The IMS, after verifying the authorization token, forwards the HTTP request and token to a selected Web server that hosts an online application to authenticate an HTTP session.
44 Citations
20 Claims
-
1. A method for operating a processor in an Internet Protocol Multimedia Subsystem (IMS) to authenticate a Hypertext Transfer Protocol (HTTP) session between a communication device and an online application, the method comprising:
-
receiving a request from a communication device to initiate an HTTP session; determining whether the communication device is registered on the Internet Protocol Multimedia Subsystem; in response to determining that the communication device is registered on the Internet Protocol Multimedia Subsystem, generating an initial authentication token and sending the generated initial authentication token to the communication device; receiving an HTTP session request from the communication device, wherein the HTTP session request includes a copy of the authentication token; determining whether the copy of the authentication token is valid; and in response to determining that the authentication token is valid, transmitting the HTTP session request and the authentication token to a Web server to authenticate the communication device to an online application hosted by the Web server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. At least one tangible, computer-readable medium storing instructions, which when executed by at least one processor in an Internet Protocol Multimedia Subsystem (IMS), authenticates a Hypertext Transfer Protocol (HTTP) session between a communication device and an online application, comprising:
-
receiving a request from a communication device to initiate an HTTP session; detecting whether a communication device is registered on the Internet Protocol Multimedia Subsystem; in response to determining that a communication device is registered on the Internet Protocol Multimedia Subsystem, generating an initial authentication token, and causing the generated initial authentication token to be sent to the communication device; receiving an HTTP session request from the communication device; determining whether the received HTTP session request includes an authentication token; in response to determining that that the received HTTP session request does not include an authentication token, requesting an authentication token from the communication device; receiving a copy of the authentication token from the communication device; determining whether the copy of the authentication token is valid; and in response to determining that the copy of the authentication token is valid, causing the HTTP session request and authentication token to be sent to a Web server to authenticate the communication device to an online application hosted by the Web server. - View Dependent Claims (12, 13, 14, 15, 16, 17)
-
-
18. A communication device including a processor configured to execute program instructions to initiate a Hypertext Transfer Protocol (HTTP) session with an online application, comprising:
-
a memory for securely storing a received token; a processor for executing a sequence of stored instructions in order to; register the communication device with an Internet Protocol Multimedia Subsystem; receive a token from the Internet Protocol Multimedia Subsystem; store the received token in the memory; create a request to establish an HTTP session with an online application program; and embed the stored token in the request such that an HTTP session is authenticated with the application program without having to perform a log-in procedure with the application program. - View Dependent Claims (19, 20)
-
Specification