Information security – Access control or authentication – Network
Reexamination Certificate
2008-05-06
2008-05-06
Jung, David (Department: 2134)
Information security
Access control or authentication
Network
C726S005000, C726S004000
Reexamination Certificate
active
07370351
ABSTRACT:
Two identity spaces form a federation by agreeing to use a secret key to facilitate secure access of resources between them. When one identity space receives a request for a resource from a user in the other identity space, the first identity space checks to see if the resource is protected. If the resource is protected, the first identity space requests that a mediator in the second identity space authenticate the external user. The mediator verifies the external user's authenticity. Once the external user is authenticated, the mediator securely informs the first identity space, using the secret key, that the external user is authenticated to access the resource. The identity space then grants the user access to the resource if the user is allowed access as per the access control policy of the identity space.
REFERENCES:
http://www.microsoft.com/windowsxp/home/using/productdoc/en/default.asp?url=/windowsxp/home/using/productdoc/en/AuthIntro.asp.
www.comptechdoc.org/os/windows/win2k/win2kauthentication.html.
http://en.wikipedia.org/wiki/Single—sign-on.
http://en.wikipedia.org/wiki/Federated—identity.
David P. Kormann and Aviel D. Rubin, Risks of the Passport Single Signon Protocol, Computer Networks, Elsevier Science Press, vol. 33, pp. 51-58, Jun. 2000.
Birgit Pfitzmann, Michael Waidner: Federated Identity-Management Protocols; 11th International Workshop on Security Protocols (2003), LNCS 3364, Springer-Verlag, Berlin 2005, 153-174.
Michael Kaminsky. User Authentication and Remote Execution Across Administrative Domains. Ph.D. Thesis, MIT, Sep. 2004.
Multi-domain federation policies in open distributed service architectures; Lambrou, M.A.; Anagnostou, M.E.; Protonotarios, E.N.; Engineering and Technology Management, 1998. Pioneering New Technologies: Management Issues and Challenges in the Third Millennium. IEMC '98 Proceedings. International Conference on Oct. 11-13, 1998 pp. 71-76.
A strategy for application-transparent integration of nomadic computing domains Cotroneo, D.; di Flora, C.; Ficco, M.; Russo, S.; Software Technologies for Future Embedded and Ubiquitous Systems, 2005. SEUS 2005. Third IEEE Workshop on May 16-17, 2005 pp. 50-57.
X-Federate: a policy engineering framework for federated access management Bhatti, R.; Bertino, E.; Ghafoor, A.; Software Engineering, IEEE Transactions on vol. 32, Issue 5, May 2006 pp. 330-346.
http://www.microsoft.com/windowsxp/home/using/productdoc/en/default.asp?url=/windowsxp/home/using/productdoc/en/AuthIntro.asp, as printed on Sep. 8, 2004.
www.comptechdoc.org/os/windows/win2k/win2kauthentication.html, as accessed on Sep. 8, 2004.
http://en.wikipedia.org/wiki/Single—sign-on, as accessed on Jan. 7, 2007.
http://en.wikipedia.org/wiki/Federated—identity, as accessed on Jan. 7, 2007.
Doshi Kshitij Arun
Ramachandran Viyyokaran Raman
Sitaram Dinkar
Jung David
Marger & Johnson & McCollom, P.C.
Novell Inc.
LandOfFree
Cross domain authentication and security services using... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Cross domain authentication and security services using..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Cross domain authentication and security services using... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2759781