Single-sign-on method based on markup language and system using the method
First Claim
1. A single-sign-on method based on a markup language, the method comprising:
- requesting user authentication by transmitting information required for authentication of a user using wireless Internet to an authentication message generator;
generating authentication domain location information including location information of a current domain and information required for processing a user authentication message and transmitting the authentication domain location information to the user; and
receiving the user authentication message, which has a markup language format, from the authentication message generator, and permitting or rejecting access of the user to resources based on the user authentication message.
1 Assignment
0 Petitions
Accused Products
Abstract
A single-sign-on method in a wired/wireless hybrid environment and a system using the method are provided. The single-sign-on method includes: requesting user authentication by transmitting information required for authentication of a user using wireless Internet to an authentication message generator; generating authentication domain location information including location information of a current domain and information required for processing a user authentication message and transmitting the generated authentication domain location information to the user; and if an authentication message of a markup language format is received from the authentication message generator, analyzing the user authentication message and permitting or rejecting access of the user to resources.
-
Citations
42 Claims
-
1. A single-sign-on method based on a markup language, the method comprising:
-
requesting user authentication by transmitting information required for authentication of a user using wireless Internet to an authentication message generator;
generating authentication domain location information including location information of a current domain and information required for processing a user authentication message and transmitting the authentication domain location information to the user; and
receiving the user authentication message, which has a markup language format, from the authentication message generator, and permitting or rejecting access of the user to resources based on the user authentication message. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A single-sign-on method based on a security assertion markup language (SAML), the method comprising:
-
requesting user authentication by transmitting information required for authentication of a user using wireless Internet to an authentication message generator;
generating an SAML artifact including location information of a current domain and information required for processing a user authentication message and transmitting the SAML artifact which is generated to the user; and
receiving an SAML authentication assertion from the user authentication message generator, and permitting or rejecting access of the user to resources based on the SAML authentication assertion. - View Dependent Claims (10, 11, 12, 13)
-
-
14. A method of a single-sign-on based on a markup language, the method comprising:
-
transmitting information required for authentication and information required for processing a user authentication message in order to access service resources of a first domain providing a wired Internet service through wireless Internet;
receiving authentication domain location information including location information of the first domain; and
receiving the authentication domain location information and accessing service resources of the first domain. - View Dependent Claims (15, 16, 17)
-
-
18. A single-sign-on method based on a security assertion markup language (SAML), the method comprising:
-
transmitting information required for authentication in order to access service resources of a first domain providing a wired Internet service through wireless Internet;
receiving an SAML artifact including location information of the first domain and information required for processing a user authentication message; and
receiving the SAML artifact and accessing service resources of the first domain. - View Dependent Claims (19, 20, 21)
-
-
22. A single-sign-on method based on a markup language, the method comprising:
-
receiving authentication domain location information including location information of a domain, which has authenticated a user using wireless Internet, and information required for processing a user authentication message;
requesting authentication information of the user by transmitting the received authentication domain location information to the domain, which has authenticated the user; and
receiving an authentication message which has a markup language format from the domain, which has authenticated the user, and permitting or rejecting access of the user to resources based on the user authentication message. - View Dependent Claims (23, 24, 25, 26)
-
-
27. A single-sign-on method based on a security assertion markup language (SAML), the method comprising:
-
receiving an SAML artifact including location information of a domain, which has authenticated a user using wireless Internet, and information required for processing a user authentication message;
requesting authentication information of the user by transmitting the received SAML artifact to the domain, which has authenticated the user; and
receiving an SAML authentication assertion from the domain, which has authenticated the user, and permitting or rejecting access of the user to resources based on the SAML authentication assertion. - View Dependent Claims (28, 29, 30, 31)
-
-
32. A single-sign-on system based on a markup language, the system comprising:
-
a plurality of domains which provide service resources to a user using wireless Internet through a gateway performing wired or wireless protocol transformation; and
an authentication message generator which receives information required for user authentication from a first domain of the plurality of domains, authenticates the user, generates an authentication message which has a markup language format, and transmits the authentication message to the first domain, wherein the first domain, which has received the authentication message, permits or rejects access of the user to service resources based on the user authentication message, generates authentication domain location information including its own location information and information required for processing the user authentication message, transmits the generated authentication domain location information to the user, and transmits the authentication message to a second domain of the plurality of domains if a request for authentication information of the user is received from the second domain. - View Dependent Claims (33, 34, 35, 36)
-
-
37. A single-sign-on system based on a security assertion markup language (SAML), the system comprising:
-
a plurality of domains which provide service resources to a user using wireless Internet through a gateway performing wired or wireless protocol transformation; and
an authentication message generator which receives information required for user authentication from first domain of the plurality of domains, authenticates the user, generates an SAML authentication assertion, and transmits the SAML authentication assertion to the first domain, wherein the first domain, which has received the SAML authentication assertion, permits or rejects access of the user to service resources based on the SAML authentication assertion, generates an SAML artifact including its own location information and information required for processing the user authentication message, transmits the generated authentication domain location information to the user, and if a request for the user authentication is received from a second domain using the SAML artifact, transmits the SAML authentication assertion to the second domain of the plurality of domains only if it determined that the SAML artifact is neither counterfeited nor altered as a result of checking an integrity of the SAML artifact. - View Dependent Claims (38, 39, 40, 41)
-
-
42. A computer-readable recording medium having recorded thereon a computer-readable program for performing a single-sign-on method based on a markup language, the method comprising:
-
requesting user authentication by transmitting information required for authentication of a user using wireless Internet to an authentication message generator;
generating authentication domain location information including location information of a current domain and information required for processing a user authentication message and transmitting the authentication domain location information to the user; and
receiving an authentication message which has a markup language format from the authentication message generator, and permitting or rejecting access of the user to resources based on the user authentication message.
-
Specification