Processing

Please wait...

PATENTSCOPE will be unavailable a few hours for maintenance reason on Saturday 31.10.2020 at 7:00 AM CET
Settings

Settings

Goto Application

1. WO2012058896 - METHOD AND SYSTEM FOR SINGLE SIGN-ON

Publication Number WO/2012/058896
Publication Date 10.05.2012
International Application No. PCT/CN2011/072124
International Filing Date 24.03.2011
IPC
H04L 9/32 2006.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
9Arrangements for secret or secure communication
32including means for verifying the identity or authority of a user of the system
CPC
G06F 21/41
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
30Authentication, i.e. establishing the identity or authorisation of security principals
31User authentication
41where a single sign-on provides access to a plurality of computers
H04L 63/0815
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
08for supporting authentication of entities communicating through a packet data network
0815providing single-sign-on or federations
H04L 65/1006
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
65Network arrangements or protocols for real-time communications
10Signalling, control or architecture
1003Signalling or session protocols
1006SIP
H04L 65/1016
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
65Network arrangements or protocols for real-time communications
10Signalling, control or architecture
1013Network architectures, gateways, control or user entities
1016IMS
H04L 65/1063
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
65Network arrangements or protocols for real-time communications
10Signalling, control or architecture
1013Network architectures, gateways, control or user entities
1063Application servers
H04W 12/06
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
WWIRELESS COMMUNICATION NETWORKS
12Security arrangements, e.g. access security or fraud detection; Authentication, e.g. verifying user identity or authorisation; Protecting privacy or anonymity ; ; Protecting confidentiality; Key management; Integrity; Mobile application security; Using identity modules; Secure pairing of devices; Context aware security; Lawful interception
06Authentication
Applicants
  • 中兴通讯股份有限公司 ZTE CORPORATION [CN]/[CN] (AllExceptUS)
  • 张孟旺 ZHANG, Mengwang [CN]/[CN] (UsOnly)
  • 田甜 TIAN, Tian [CN]/[CN] (UsOnly)
  • 韦银星 WEI, Yinxing [CN]/[CN] (UsOnly)
Inventors
  • 张孟旺 ZHANG, Mengwang
  • 田甜 TIAN, Tian
  • 韦银星 WEI, Yinxing
Agents
  • 北京康信知识产权代理有限责任公司 KANGXIN PARTNERS, P.C.
Priority Data
201010532908.904.11.2010CN
Publication Language Chinese (ZH)
Filing Language Chinese (ZH)
Designated States
Title
(EN) METHOD AND SYSTEM FOR SINGLE SIGN-ON
(FR) PROCÉDÉ ET SYSTÈME POUR OUVERTURE DE SESSION UNIQUE
(ZH) 单点登录方法及系统
Abstract
(EN)
The present invention discloses a method and system for Single Sign-On (SSO). The method includes: a terminal sends an authentication request with a user identification to an Application Server (AS, which is also known as RP), and the RP redirects the authentication request to an authentication center; the authentication center authenticates the terminal in a Session Initiation Protocol (SIP) Digest manner and redirects the authentication result to the RP through the terminal; the RP provides services for the terminal according to the authentication result. The present invention reduces the resources needed by the operator for deploying General Bootstrapping Architecture (GBA), meanwhile, enables the terminal without a Universal Integrated Circuit Card (UICC) to access an IP Multimedia Subsystem (IMS) network and to access the application services related to the IMS network in the way of SSO.
(FR)
La présente invention concerne un procédé et un système pour une ouverture de session unique (SSO). Le procédé comprend les étapes suivantes : un terminal envoie une demande d'authentification avec une identification utilisateur à un serveur d'application (AS, appelé également RP), et le RP dirige la demande d'authentification vers un centre d'authentification; le centre d'authentification authentifie le terminal à la manière d'un prétraitement de protocole d'ouverture de session (SIP) et redirige le résultat d'authentification vers le RP par l'intermédiaire du terminal; le RP fournit des services pour le terminal conformément au résultat d'authentification. La présente invention permet de réduire les ressources nécessaires à l'opérateur pour déployer une architecture d'amorçage général (GBA) et, en même temps, permet au terminal dépourvu d'une carte de circuit intégré universelle (UICC) d'accéder à un réseau de sous-système multimédia IP et d'accéder aux services d'application liés au réseau IMS à la manière de SSO.
Also published as
Latest bibliographic data on file with the International Bureau