×

System, method and apparatus for federated single sign-on services

  • US 7,221,935 B2
  • Filed: 06/19/2002
  • Issued: 05/22/2007
  • Est. Priority Date: 02/28/2002
  • Status: Active Grant
First Claim
Patent Images

1. A telecommunication system providing Single Sign-On services to a user accessing selected Service Providers, the user having a subscription with a first mobile network operator, the system comprising:

  • a first mobile network and at least one second mobile network;

    at least one of a plurality of Service Providers for providing services to subscribers of said mobile networks once said subscribers have been authenticated for the at least one Service Provider by an authentication authority, wherein said authentication authority comprises;

    a cellular Federation of mobile network operators, the cellular Federation including the first mobile network and the at least one second mobile network;

    an Authentication Provider belonging to the first mobile network as the only member of said Federation entitled to authenticate said user toward the at least one Service Provider; and

    an Authentication Broker belonging to a particular one of said second mobile networks and arranged to act as the entry point to said Federation from those Service Providers respectively having entry point agreements with the operator of said particular second mobile network;

    wherein said Authentication Provider belonging to the first mobile network operator may be directly accessed, without involving an Authentication Broker, from the Service Providers respectively having entry point agreements with said first mobile network operator;

    means for redirecting said user, when said user is accessing a Service Provider, toward an Authentication Provider of said user'"'"'s Home mobile network operator, without involving an Authentication Broker, when said accessed Service Provider has an entry point agreement with said user'"'"'s Home mobile network operator;

    wherein a Service Provider that has an agreement with said first mobile network operator may request validation of an authentication assertion for a user to an Authentication Provider of said first mobile network operator without involving an Authentication Broker.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×