ENTERPRISE AUTHENTICATION SERVER
First Claim
1. A computer-implemented authentication method, comprising:
- performing operations as follows by a processor of an authentication server;
receiving, at the authentication server from a first machine, a first authentication request comprising an identification of a second machine that is to provide a requested service;
generating, at the authentication server, an authentication token comprising client-specific and server-specific portions, responsive to receiving the first authentication request from the first machine;
transmitting, from the authentication server to the second machine, an authentication identifier and the server-specific portion of the authentication token, responsive to receiving the first authentication request from the first machine;
receiving, at the authentication server from the second machine, a second authentication request comprising the authentication identifier, the server-specific portion of the authentication token, and the client-specific portion of the authentication token; and
determining, at the authentication server, an authentication status for the requested service, responsive to receiving the second authentication request from the second machine.
1 Assignment
0 Petitions
Accused Products
Abstract
In a computer-implemented authentication method, a first authentication request from a first machine is received at an authentication server. The first authentication request includes an identification of a second machine that is to provide a requested service. An authentication token including client-specific and server-specific portions is generated at the authentication server, responsive to receiving the first authentication request from the first machine. An authentication identifier and the server-specific portion of the authentication token are transmitted from the authentication server to the second machine, responsive to receiving the first authentication request from the first machine. A second authentication request, including the authentication identifier and both the server-specific and the client-specific portions of the authentication token, is received at the authentication server from the second machine. An authentication status for the requested service is determined at the authentication server, responsive to receiving the second authentication request from the second machine.
-
Citations
20 Claims
-
1. A computer-implemented authentication method, comprising:
-
performing operations as follows by a processor of an authentication server; receiving, at the authentication server from a first machine, a first authentication request comprising an identification of a second machine that is to provide a requested service; generating, at the authentication server, an authentication token comprising client-specific and server-specific portions, responsive to receiving the first authentication request from the first machine; transmitting, from the authentication server to the second machine, an authentication identifier and the server-specific portion of the authentication token, responsive to receiving the first authentication request from the first machine; receiving, at the authentication server from the second machine, a second authentication request comprising the authentication identifier, the server-specific portion of the authentication token, and the client-specific portion of the authentication token; and determining, at the authentication server, an authentication status for the requested service, responsive to receiving the second authentication request from the second machine. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer system, comprising:
-
a processor; and a memory coupled to the processor, the memory comprising computer readable program code embodied therein that, when executed by the processor, causes the processor to perform operations comprising; generating an authentication token comprising client-specific and server-specific portions responsive to receiving, from a first machine, a first authentication request comprising an identification of a second machine that is to provide a requested service; transmitting, to the second machine, an authentication identifier and the server-specific portion of the authentication token, responsive to receiving the first authentication request from the first machine; and determining an authentication status for the requested service responsive to receiving, from the second machine, a second authentication request comprising the authentication identifier, the server-specific portion of the authentication token, and the client-specific portion of the authentication token. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A computer program product comprising:
-
a computer readable storage medium comprising computer readable program code embodied in the medium, which, when executed by a processor, causes the processor to perform operations comprising; generating an authentication token comprising client-specific and server-specific portions responsive to receiving, from a first machine, a first authentication request comprising an identification of a second machine that is to provide a requested service; transmitting, to the second machine, an authentication identifier and the server-specific portion of the authentication token, responsive to receiving the first authentication request from the first machine; and determining an authentication status for the requested service responsive to receiving, from the second machine, a second authentication request comprising the authentication identifier, the server-specific portion of the authentication token, and the client-specific portion of the authentication token. - View Dependent Claims (17, 18, 19, 20)
-
Specification