Proxy server security token authorization
US7836493B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Apr 24, 2003 |
| Grant date | Nov 16, 2010 |
| Priority date | — |
| Expiry date | Jul 3, 2025 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/0807
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A management server manufactures a secure, tamper-resistant token for a particular user specifying the permissions and authorizations that user possesses. The token may be in the form of a digitally-signed message specifying, for example, a particular computer and associated port number that the user is permitted to access. The management server delivers the token to the user, preferably over a secure communications session. When challenged, the user presents the secure token to the security proxy server. The security proxy server examines the token to be sure it is authentic and has not be tampered with, and then extracts information contained in the token to determine the user's authorization to access a particular computer, particular port number and/or other resource. The security proxy server then establishes authorized communication with the authorized computing resource based on the information contained in the user's token, and thereafter may act in one embodiment as essentially a passthrough or proxy for permitting the user to access and communicate with the resource.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.