System and method for managing user authentication and service authorization to achieve single-sign-on to access multiple network interfaces
A technology for single sign-on and user management, which is applied in user identity/authority verification, transmission system, digital data authentication, etc. It can solve problems such as large delays, and achieve the effect of facilitating switching and reducing processing overhead
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
Method used
Image
Examples
no. 1 example
[0064] Figure 1 illustrates an example embodiment of the invention for obtaining global authentication in a federated web services environment. It will be obvious to anyone of ordinary skill in the art that the present invention can be applied to any service with a similar authentication structure.
[0065] Each terminal (1.3) has a unique user identity within its home domain (1.1). The ID is globally unique and includes information about the home domain. Distribute it to the user when the user is associated with the domain. For example, when a user subscribes to an operator, the identification is placed in the SIM / USIM card provided to the user. When a user needs to authenticate himself to the home domain, he can use a different device, such as a laptop with a SIM reader, a handset, etc. The user can also perform simultaneous authentication using several devices. Thus, in order to uniquely identify the user's authentication session, another authentication session identifi...
no. 2 example
[0127] The subscription capability (3.3, 7.4) embedded in the return message by the AAA server includes the authorized interface type information and the QoS level information of each interface type granted by the AAA server to the terminal of the visiting domain.
[0128] The authorized interface type information includes a list of network interface types that the terminal is authorized to use in the access domain. The AAA server will only include the network interface type provided by the access domain that initiated the "authentication confirmation query" and the network interface type subscribed by the user. For example, for the system structure in Fig. 2, the subscription capability information returned to the access domain (1.2) will include "Bluetooth, WLAN, UMTS", although this user can also subscribe to the GPRS above the above three network interfaces, this is for It is agnostic to the visiting domain (1.2). This is because the access domain (1.2) only provides thes...
no. 3 example
[0139] In accessing multiple domain services, a user may have multiple subscriptions. In this case, the user terminal will need to meet multiple home domain situations, especially network sharing. For example, a domain federated with a user's home domain 1 may own a WLAN hotspot, but it may also be shared by the user's home domain 2 . Thus, the user terminal must be able to select which subscriptions are to be authenticated.
[0140]A solution to this problem is for the user's home domain to provide the relevant information to the user as part of the subscription profile, eg saving it to the USIM card given to the user. The user terminal will maintain a list of home domains. When a user terminal needs to access a network, it will obtain domain information related to the network, and compare it with the information in the home domain list. If one of its home domains owns the network, the user terminal will attempt to authenticate using the corresponding subscription from tha...
PUM
Abstract
Description
Claims
Application Information
- R&D Engineer
- R&D Manager
- IP Professional
- Industry Leading Data Capabilities
- Powerful AI technology
- Patent DNA Extraction
Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.
© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com