Method and system for secure pervasive access

Assignee

• International Business Machines Corporation · US

Inventors

• Horst Henn · Eppelheim, DE
• Dirk Herrendoerfer · Sindelfingen, DE
• Thomas Schaeck · Eppelheim, DE
• Roland Weber · Munich, DE

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L69/329
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

The present invention relates to a client-server system having a security system for controlling access to application functions. The security system separated from the clients and the application functions routes all incoming requests created by various PVC-devices to a centralized security system providing an authentication component and a security component. The authentication component provides several authentication mechanisms which may be selected by information contained in the client's request. The authentication mechanism may be changed or extended without changing conditions on the client as well on the server or application side. The security component provides a security policy describing security requirements for accessing application functions which may be invoked by the security component. If the selected authentication mechanism succeeds and fulfills the security policy associated to that application function then the application function will be invoked by the security component.