Method of authentication by token
First Claim
1. A method of authentication by token for accessing a service from a terminal, wherein the method comprises, on receipt of a service access authorization request including at least one unique identifier of the terminal, the following acts:
- determining an access network context of the terminal, said access network context referring to a datum relating to the access network used by the terminal, the datum being suitable for identifying a user associated with the access to that access network,checking validity of the service access rights, comprising at least;
checking an access right associated with the access network context of the terminal,determining a number of valid tokens simultaneously associated with the access network context,comparing the number of tokens simultaneously associated with the access network context with a predetermined maximum number of tokens, said maximum number of tokens being greater than one, anddetermining the validity of the rights according to the result of the comparison,after checking the validity, if said access rights are valid;
generating a valid authentication token on the basis of the unique identifier of the terminal and the access network context, andtransmitting the token to the terminal.
1 Assignment
0 Petitions
Accused Products
Abstract
A method is provided for authentication by token for accessing a service from a terminal. The method includes, on receipt of a service access authorization request including at least one unique identifier of the terminal, steps of determining a network access context of the terminal; checking validity of the service access rights, including at least checking an access right associated with the network access context of the terminal; and, if the access rights are valid, generating a valid authentication token on the basis of the unique identifier of the terminal and the network access context, and transmitting the token to the terminal.
-
Citations
12 Claims
-
1. A method of authentication by token for accessing a service from a terminal, wherein the method comprises, on receipt of a service access authorization request including at least one unique identifier of the terminal, the following acts:
-
determining an access network context of the terminal, said access network context referring to a datum relating to the access network used by the terminal, the datum being suitable for identifying a user associated with the access to that access network, checking validity of the service access rights, comprising at least; checking an access right associated with the access network context of the terminal, determining a number of valid tokens simultaneously associated with the access network context, comparing the number of tokens simultaneously associated with the access network context with a predetermined maximum number of tokens, said maximum number of tokens being greater than one, and determining the validity of the rights according to the result of the comparison, after checking the validity, if said access rights are valid; generating a valid authentication token on the basis of the unique identifier of the terminal and the access network context, and transmitting the token to the terminal. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. An apparatus comprising a device for authentication by token for accessing a service from a terminal, wherein the device comprises:
-
means for receiving a service access authorization request including at least one unique identifier of the terminal, means for determining an access network context of the terminal, means for checking validity of the service access rights, comprising at least; checking an access right associated with the access network context of the terminal, determining a number of valid tokens simultaneously associated with the access network context, comparing the number of tokens simultaneously associated with the access network context with a predetermined maximum number of tokens, said maximum number of tokens being greater than one, and determining the validity of the rights according to the result of the comparison, means for generating a valid authentication token on the basis of the unique identifier of the terminal and the access network context, after checking the validity, and means for transmitting the token to the terminal. - View Dependent Claims (9)
-
-
10. A non-transitory computer-readable information medium on which a computer program is recorded, including instructions for carrying out a method of authentication by token for accessing a service from a terminal, when the instructions are executed by a processor, wherein the method comprises, on receipt of a service access authorization request including at least one unique identifier of the terminal, the following acts:
-
determining an access network context of the terminal, said access context referring to a datum relating to the access network used by the terminal, the datum being suitable for identifying a user associated with the access, checking validity of the service access rights, comprising at least; checking an access right associated with the access network context of the terminal, determining a number of valid tokens simultaneously associated with the access network context, comparing the number of tokens simultaneously associated with the access network context with a predetermined maximum number of tokens, said maximum number of tokens being greater than one, and determining the validity of the rights according to the result of the comparison, after checking the validity, if said access rights are valid; generating a valid authentication token on the basis of the unique identifier of the terminal and the access network context, and transmitting the token to the terminal.
-
-
11. A method for accessing a service from a terminal, wherein the method comprises the following acts:
-
obtaining a unique identifier of the terminal, transmitting a service access request including the unique identifier, receiving an authentication token generated on the basis of the unique identifier of the terminal and an access network context, when the service access request is transmitted from an authorized network access, said access network context referring to a datum relating to the access network used by the terminal, the datum being suitable for identifying a user associated with the access, said token being generated if the number of tokens associated with the access network context does not exceed a predetermined maximum number of tokens, said maximum number of tokens being greater than one, and transmitting a service access request including the unique identifier of the terminal and the authentication token.
-
-
12. A communication terminal having a unique identifier, wherein the terminal comprises:
a communication unit configured to; transmit a service access request including the unique identifier, receive an authentication token generated on the basis of the unique identifier of the terminal and an access network context, when the service access request is transmitted from an authorized network access, said access network context referring to a datum relating to the access network used by the terminal, the datum being suitable for identifying a user associated with the access, said token being generated if the number of tokens associated with the access network context does not exceed a predetermined maximum number of tokens, said maximum number of tokens being greater than one, and transmit a service access request including the unique identifier of the terminal and the authentication token.
Specification