Method and system for providing third party authentication of authorization
First Claim
1. A communication authorization method, comprising:
- a third party server receiving a request for access information to access content;
generating the access information and session rights to access the desired content from a first application server;
generating authentication of the access information and session rights using a first service ticket to the first application server, wherein the first service ticket is obtained from a key distribution center (KDC), wherein the KDC is a separate entity from the first application server; and
sending the access information, session rights and authentication to a client, whereby the client presents the access information, session rights and authentication to the first application server to be authorized to receive the desired content from the first application server;
the method further comprising;
the first application server receiving a key request including the access information and authentication;
extracting the access information and authentication;
verifying the authentication of the access information using the first service ticket, and client authorization; and
issuing a key reply if the authentication of the access information and client authorization are verified.
4 Assignments
0 Petitions
Accused Products
Abstract
A method and system (100) for providing third party authentication when requesting content and/or services from an application server (106). The method is applicable to key management protocols that utilize the concept of tickets. The method and system include a client (102) being coupled with a third party application server (107), wherein the client submits a request for content from the third party application server and the third party application server returns requested information and corresponding authentication. The client further couples with a first application server (106), wherein the client submits a key request (KEY_REQ) including the third party server information and corresponding authentication to the first application server. The first application server authenticates the third party server information and verifies client authorization based on third party information. The first application server returns a key reply (KEY_REP) if the third party server information is authenticated and client authorization is verified.
-
Citations
17 Claims
-
1. A communication authorization method, comprising:
-
a third party server receiving a request for access information to access content; generating the access information and session rights to access the desired content from a first application server; generating authentication of the access information and session rights using a first service ticket to the first application server, wherein the first service ticket is obtained from a key distribution center (KDC), wherein the KDC is a separate entity from the first application server; and sending the access information, session rights and authentication to a client, whereby the client presents the access information, session rights and authentication to the first application server to be authorized to receive the desired content from the first application server; the method further comprising; the first application server receiving a key request including the access information and authentication; extracting the access information and authentication; verifying the authentication of the access information using the first service ticket, and client authorization; and issuing a key reply if the authentication of the access information and client authorization are verified. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for verifying authorization for a client to gain access to content and/or services, comprising:
-
receiving a key request from a client; extracting third party server access information, session rights and third party server authentication from the key request; verifying an authentication of the third party access information, session rights and a client authorization; issuing a key reply directly to the client if the authentication of the third party access information, session rights and the client authorization are verified; receiving, in a key distribution center (KDC), wherein the KDC is a separate entity from an application server, a second service ticket request from a client for the application server; issuing a second service ticket for the application server; and the step of the application server receiving a key request from a client wherein the key request includes the second service ticket. - View Dependent Claims (10, 11, 12, 13)
-
-
14. A method for providing secure communication when distributing services, comprising:
-
a third party server receiving a selection for services; issuing access information and session rights for the services; issuing authentication of the access information and the session rights; an application server receiving a key request from a client, the key request including the access information and authentication; extracting the access information and authentication; verifying an authentication of the access information, session rights and a client authorization utilizing, at least in part, a first service ticket; and issuing a key reply directly to a client if the authentication of the access information, session rights and the client authorization are verified. - View Dependent Claims (15, 16, 17)
-
Specification