Method and system for managing access to services
First Claim
Patent Images
1. A method for managing access to a service comprising the steps of:
- (A) delegating, to a delegates by a delegator, over at least one ad hoc network in a personal area network, one or more permissions, wherein the one or more permissions comprise authority to access the service and to delegate one or more further permissions to one or more subsequent delegatees and wherein the one or more permissions are represented using a digital signature;
(B) receiving from at least one of said permitted delegatees data representing credential information relating to said one or more permissions via a credential transmission mechanism over a second computer network that is different from the at least one personal area network; and
(C) providing access to the service to at least one of said permitted delegatees over said second computer network.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system manage access to services. Permission relating to the services is delegated over an ad hoc network in a personal area network. The permission is represented using a digital signature. Data representing credential information is received from a permitted delegatee via a credential transmission mechanism, such as a URL, a cookie within an http request, or a header of an http request for a web page, over a second computer network. Access to the services is provided over the second computer network.
166 Citations
18 Claims
-
1. A method for managing access to a service comprising the steps of:
-
(A) delegating, to a delegates by a delegator, over at least one ad hoc network in a personal area network, one or more permissions, wherein the one or more permissions comprise authority to access the service and to delegate one or more further permissions to one or more subsequent delegatees and wherein the one or more permissions are represented using a digital signature;
(B) receiving from at least one of said permitted delegatees data representing credential information relating to said one or more permissions via a credential transmission mechanism over a second computer network that is different from the at least one personal area network; and
(C) providing access to the service to at least one of said permitted delegatees over said second computer network. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system for managing access to a service comprising:
-
a delegation device that delegates to a delegates from a delegator, over at least one ad hoc network in a personal area network, one or more permissions, wherein the one or more permissions comprise authority to delegate one or more further permissions to one or more subsequent delegatees and wherein the one or more permissions are represented using a digital signature;
one or more first servers that receive from at least one of said permitted delegatees data representing credential information relating to said one or more permissions via a credential transmission mechanism over a second computer network that is different from the personal area network; and
that provide access to the service to at least one of said permitted delegatees over said second computer network. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A method for managing access to a service comprising the steps of:
-
(A) delegating, to a delegates by a delegator, one or more permissions, wherein the one or more permissions comprise authority to access the service and to delegate one or more further permissions to one or more subsequent delegatees and wherein the one or more permissions are represented using a digital signature;
(B) receiving from at least one of said permitted delegatees data representing credential information relating to said one or more permissions, wherein said data is included in a header of an http request for a web page, over a second computer network that is different from the at least one personal area network; and
(C) providing access to the service to at least one of said permitted delegatees over said second computer network.
-
-
14. A method for managing access to a service comprising the steps of:
-
(A) delegating, to a delegates by a delegator, one or more permissions, wherein the one or more permissions comprise authority to access the service and to delegate one or more further permissions to one or more subsequent delegatees and wherein the one or more permissions are represented using a digital signature;
(B) receiving from at least one of said permitted delegatees data representing credential information relating to said one or more permissions, wherein said data is included in a URL, over a second computer network that is different from the at least one personal area network; and
(C) providing access to the service to at least one of said permitted delegatees over said second computer network.
-
-
15. A method for managing access to a service comprising the steps of:
-
(A) delegating, to a delegatee by a delegator, one or more permissions, wherein the one or more permissions comprise authority to access the service and to delegate one or more further permissions to one or more subsequent delegatees and wherein the one or more permissions are represented using a digital signature;
(B) receiving from at least one of said permitted delegatees data representing credential information relating to said one or more permissions, wherein said data is included in a cookie within an http request, over a second computer network that is different from the at least one personal area network; and
(C) providing access to the service to at least one of said permitted delegatees over said second computer network.
-
-
16. A system for managing access to a service comprising:
-
a delegation device that delegates to a delegates from a delegator one or more permissions, wherein the one or more permissions comprise authority to delegate one or more further permissions to one or more subsequent delegatees and wherein the one or more permissions are represented using a digital signature;
one or more first servers that receive from at least one of said permitted delegatees data representing credential information relating to said one or more permissions in a header of an http request for a web page over a second computer network that is different from the personal area network; and
that provide access to the service to at least one of said permitted delegatees over said second computer network.
-
-
17. A system for managing access to a service comprising:
-
a delegation device that delegates to a delegatee from a delegator one or more permissions, wherein the one or more permissions comprise authority to delegate one or more further permissions to one or more subsequent delegatees and wherein the one or more permissions are represented using a digital signature;
one or more first servers that receive from at least one of said permitted delegatees data representing credential information relating to said one or more permissions in a URL over a second computer network that is different from the personal area network; and
that provide access to the service to at least one of said permitted delegatees over said second computer network.
-
-
18. A system for managing access to a service comprising:
-
a delegation device that delegates to a delegatee from a delegator one or more permissions, wherein the one or more permissions comprise authority to delegate one or more further permissions to one or more subsequent delegatees and wherein the one or more permissions are represented using a digital signature;
one or more first servers that receive from at least one of said permitted delegatees data representing credential information relating to said one or more permissions in a cookie within an http request over a second computer network that is different from the personal area network; and
that provide access to the service to at least one of said permitted delegatees over said second computer network.
-
Specification