최소 단어 이상 선택하여야 합니다.
최대 10 단어까지만 선택 가능합니다.
다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
NTIS 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
DataON 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Edison 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Kafe 바로가기국가/구분 | United States(US) Patent 등록 |
---|---|
국제특허분류(IPC7판) |
|
출원번호 | US-0163293 (2011-06-17) |
등록번호 | US-8707410 (2014-04-22) |
발명자 / 주소 |
|
출원인 / 주소 |
|
대리인 / 주소 |
|
인용정보 | 피인용 횟수 : 0 인용 특허 : 448 |
A method and system for cross-system authentication or credentialing of clients. Credentials from one system (e.g., system 2) are placed on a client, such as with a cookie on a browser, and the credentials are then extracted by another system (e.g., system 1), and used by system 1 to impersonate the
A method and system for cross-system authentication or credentialing of clients. Credentials from one system (e.g., system 2) are placed on a client, such as with a cookie on a browser, and the credentials are then extracted by another system (e.g., system 1), and used by system 1 to impersonate the client to system 2. If the client's credentials with system 2 are valid, system 2 provides that information to system 1 (which is impersonating the client), and system 1 uses the validity of the credentials from system 2 to grant the client access to protected resources on system 1.
1. A computer implemented method for validating credentials comprising: receiving, using a first computer system, a request to access the first computer system;making a determination, using the first computer system, that a client does not have a valid session credential to access the first computer
1. A computer implemented method for validating credentials comprising: receiving, using a first computer system, a request to access the first computer system;making a determination, using the first computer system, that a client does not have a valid session credential to access the first computer system, wherein the determination further comprises whether the client has a valid session with a second computer system;retrieving, using the first computer system, information from a session token held by the client based at least in part on the determination that the client does not have a valid session credential to access the first computer system, the information corresponding to the valid session credential for the second computer system;transmitting, using the first computer system, at least a portion of the information from the session token to the second computer system; andgranting, using the first computer system, the client access to the first computer system based at least in part on the determination that the client has a valid session credential with the second computer system. 2. The method according to claim 1, further comprising granting a session credential to the client by the first computer system, after determining that the client has a valid session credential granted by the second computer system. 3. The method according to claim 1, further comprising sending a session token to the client, the token corresponding to a session credential granted by the first computer system. 4. The method according to claim 1, wherein retrieving information from the session token held by the client comprises: sending a query to the client from the first computer system. 5. The method according to claim 4, the query including identification as originating from a domain name corresponding to the second computer system; and the method further including the step of receiving a response to the query. 6. The method according to claim 1, further comprising granting a session credential for the second computer system. 7. The method according to claim 1, further comprising associating session credentials for each of the first computer system and the second computer system with the client. 8. The method of claim 1, wherein a protected resource in the first computer system includes content provided on a pay-per-use basis, and wherein a protected resource in the second computer system includes content provided on a pay-per-use basis. 9. The method of claim 1, wherein a protected resource in the first computer system includes content provided on a subscription basis, and wherein a protected resource in the second computer system includes content provided on a subscription basis. 10. The method of claim 1, wherein the request to access the first computer system includes an authentication process. 11. The method of claim 10, the authentication process including a login in which the client enters a user name and password. 12. The method of claim 10, the authentication process including a login in which the client inputs biometric information. 13. The method of claim 10, the authentication process including a login in which the client inputs smartcard information. 14. The method of claim 1, the session token, held by the client, being in the form of a cookie. 15. The method of claim 1, wherein at least one of the first computer system and the second computer system provide a financial related protected resource to the client. 16. The method of claim 1, the method further including the first computer system directing the client to the second computer system in conjunction with said request to access the first computer system. 17. The method of claim 16, the method further including the first computer system directing the client to the second computer system in such a way that the second computer system redirects the client back to the first computer system. 18. The method of claim 17, the second computer system, after authentication by the second computer system, redirecting the client back to a login page of the first computer system. 19. Computer executable software code stored on a non-transitory computer-readable storage medium and transmitted as an information signal, the code for validating credentials, the code comprising: code to input, at first computer system, a request to access the first computer system;code to make a determination, at the first computer system, that a client does not have a valid session credential to access the first computer system, wherein the determination further comprises whether the client has a valid session with a second computer system;code to retrieve, at the first computer system, information from a session token held by the client based at least in part on the determination that the client does not have a valid session credential to access the first computer system, the information corresponding to the valid session credential for the second computer system;code to transmit, at the first computer system, at least a portion of the information from the session token to the second computer system; andcode to grant, at the first computer system, the client access to the first computer system based at least in part on the determination that the client has a valid session credential with the second computer system; and the first computer system having a first protected resource that is accessible upon the client having the access to the first computer system; andthe second computer system having a second protected resource that is accessible upon the client having the access to the first computer system.
Copyright KISTI. All Rights Reserved.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.