Method and system for using a web service license

US 7,512,782 B2
Filed: 08/15/2002
Issued: 03/31/2009
Est. Priority Date: 08/15/2002
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for implementing a multipurpose license for both authorization and authentication, and which provides flexibility to handle different authentication and authorization purposes and mechanism, the method comprising:

accessing a multipurpose license, the multipurpose license including;

at least one assertion element, wherein each of the at least one assertion elements includes a statement attribute that includes one or more declarative statements describing a key type, and a separate delegate portion identifying one or more conditions under which rights under the multipurpose license can be delegated; and

a plurality of signature elements associated with the at least one assertion element, wherein the plurality of signature elements are from a plurality of different authorities, and wherein each of the plurality of different signature elements includes a reason attribute providing an explicit identification of a reason why the signature element is included in the multipurpose license;

using the at least one assertion element of the multipurpose license for authentication purposes, by verifying an identity of a source of the assertion in the multipurpose license;

using at least one of the signature elements of the multipurpose license for authorization purposes, wherein the multipurpose license is used for a service.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system are provided such that a universal license may be used for authentication and authorization purposes and may include one or more cryptographic keys as well as assertions and related indications of authenticity. In an aspect of the invention, a license may be presented that includes access information, such that authentication and authorization decisions may be made based only on the access information. In other aspects of the invention, rights may be delegated and a trusted party may assert that another party can be trusted.

Citations

9 Claims

1. A computer-implemented method for implementing a multipurpose license for both authorization and authentication, and which provides flexibility to handle different authentication and authorization purposes and mechanism, the method comprising:
- accessing a multipurpose license, the multipurpose license including;
  
  at least one assertion element, wherein each of the at least one assertion elements includes a statement attribute that includes one or more declarative statements describing a key type, and a separate delegate portion identifying one or more conditions under which rights under the multipurpose license can be delegated; and
  
  a plurality of signature elements associated with the at least one assertion element, wherein the plurality of signature elements are from a plurality of different authorities, and wherein each of the plurality of different signature elements includes a reason attribute providing an explicit identification of a reason why the signature element is included in the multipurpose license;
  
  using the at least one assertion element of the multipurpose license for authentication purposes, by verifying an identity of a source of the assertion in the multipurpose license;
  
  using at least one of the signature elements of the multipurpose license for authorization purposes, wherein the multipurpose license is used for a service.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein at least one of the signature elements is included for all of the reasons included in the license.
  - 3. The method of claim 1, wherein at least one of the signature elements is included for multiple, but not all, of the reasons included in the license.
  - 4. The method of claim 1, wherein at least two of the signature elements are each included for a plurality of different reasons and the reasons corresponding to one of the at least two signature elements differ from the reasons corresponding to other(s) of the signature elements.
  - 5. The method of claim 1, wherein at least two of the signature elements are each included for a plurality of same reasons.
  - 6. The method of claim 1, wherein at least two of the signature elements are each included for a plurality of reasons and some of the reasons corresponding to one of the at least two signature elements are identical to the reasons corresponding to other(s) of the signature elements.
  - 7. The method of claim 1, further comprising extending the license without affecting existing ones of the signature elements and the corresponding reasons.
  - 8. The method of claim 1, further comprising adding at least one signature element and a corresponding reason why each of the at least one signature is provided without affecting already existing ones of the signature elements and the corresponding ones of the reasons.

9. A computer-implemented method for implementing a multipurpose license for both authorization and authentication, and which provides flexibility to handle different authentication and authorization purposes and mechanism, the method comprising:
- accessing a schematized multipurpose license governing access to a resource, the schema of the multipurpose license supporting extensible property to value mappings with referencing and nesting, and the multipurpose license including;
  
  at least one addressable portion, each of the at least one addressable portion(s) including at least one assertion element, wherein each of the at least one assertion elements includes a statement attribute that includes one or more declarative statements describing a key type, and a separate delegate portion identifying one or more conditions under which rights under the multipurpose license can be delegated, wherein at least one delegate portion is restricted to a specific number of times the resource may be accessed, a specific time period or window during which access to the resource is allowed, or a specific use for which access to the resource is allowed, and at least one delegate portion including a specification of a number of sub-delegations allowed; and
  
  a plurality of signature elements associated with the at least one assertion element, wherein the plurality of signature elements are from a plurality of different authorities, and wherein each of the plurality of different signature elements includes a reason attribute providing an explicit identification of a reason why the signature element is included in the multipurpose license, wherein at least one of the plurality of signature elements is a countersignature, and the explicit identification of the reason why the countersignature is included is to attest to validity of the multipurpose license;
  
  using the at least one assertion element of the multipurpose license for authentication purposes, by verifying an identity of a source of the assertion in the multipurpose license;
  
  using at least one of the signature elements of the multipurpose license for authorization purposes, wherein the multipurpose license is used for a service.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Shewchuk, John P., Kaler, Christopher G., Atkinson, Robert George, Della-Libera, Giovanni Moises
Primary Examiner(s)
Nguyen; Minh Dieu
Assistant Examiner(s)
Fields; Courtney D

Application Number

US10/218,584
Publication Number

US 20040034770A1
Time in Patent Office

2,420 Days
Field of Search

726/26, 726/10, 726/2, 713/155, 705/59, 705/51
US Class Current

713/155
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 21/31   User authentication

G06Q 30/02   Marketing; Price estimation...

Method and system for using a web service license

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

9 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for using a web service license

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

9 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links