Patent · US Active

Authenticating and communicating verifiable authorization between disparate network domains

US8499339B2 · kind B2 · utility

53Cited by

18References

20Claims

0Family size

Assignee

International Business Machines Corporation · US

Inventors

Li-Lung Chao · Bedford, US
Brian D. Goodman · New Haven, US
James Kebinger · Somerville, US

Key dates

Filing date	Aug 17, 2007
Grant date	Jul 30, 2013
Priority date	—
Expiry date	Oct 18, 2030

Classification

Technology area (CPC H)Electricity
CPC primaryH04L2209/68
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Verifiable authentication credentials are provided to foreign systems without passing an id and password to the protected resource. A user wishing to access a secure remote site is prompted for credentials, the credentials are authenticated locally and a digitally signed token is created. The token is redirected to the secure remote site by the user's browser using HTTP redirection. The digital signature is verified by the secure remote site preferably by a digital signature web service. The remote site establishes communications with the user if the digital signature is valid.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.