Processing

Please wait...

Settings

Settings

Goto Application

1. WO2016123336 - SERVICE REQUEST AUTHENTICATION METHOD AND APPARATUS

Publication Number WO/2016/123336
Publication Date 04.08.2016
International Application No. PCT/US2016/015354
International Filing Date 28.01.2016
IPC
H04L 9/32 2006.1
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
9Arrangements for secret or secure communication
32including means for verifying the identity or authority of a user of the system
CPC
G06F 21/00
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
G06F 21/41
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
30Authentication, i.e. establishing the identity or authorisation of security principals
31User authentication
41where a single sign-on provides access to a plurality of computers
H04L 63/029
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
02for separating internal from external traffic, e.g. firewalls
029Firewall traversal, e.g. tunnelling or, creating pinholes
H04L 63/0807
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
08for supporting authentication of entities communicating through a packet data network
0807using tickets, e.g. Kerberos
H04L 63/0815
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
08for supporting authentication of entities communicating through a packet data network
0815providing single-sign-on or federations
H04L 67/14
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
67Network-specific arrangements or communication protocols supporting networked applications
14for session management
Applicants
  • ALIBABA GROUP HOLDING LIMITED
Inventors
  • ZHANG, Xiaochuan
Agents
  • NELSON, Brett L.
Priority Data
201510043786.X28.01.2015CN
Publication Language English (en)
Filing Language English (EN)
Designated States
Title
(EN) SERVICE REQUEST AUTHENTICATION METHOD AND APPARATUS
(FR) PROCÉDÉ ET APPAREIL D'AUTHENTIFICATION DE DEMANDE DE SERVICE
Abstract
(EN) Methods and apparatuses for service request authentication are disclosed to prevent a terminal or a first server that does not sign an agreement with a gateway from bypassing the gateway to directly access a second server. The method includes receiving a service request and determining a session in which the service request is located; determining whether a token corresponding to the session exists, the token corresponding to a session in which a service request from a gateway is located; if the token exists, determining that the authentication of the service request passes and proceeds to process a corresponding service; if the token does not exist, determining that the authentication of the service request fails and the processing of the corresponding service is refused.
(FR) L'invention concerne des procédés et des appareils d'authentification de demande de service, qui empêchent qu'un terminal ou un premier serveur n'ayant pas signé un accord avec une passerelle de contourner la passerelle pour accéder directement à un second serveur. Le procédé consiste à : recevoir une demande de service et déterminer la session dans laquelle la demande de service se trouve; déterminer si un jeton correspondant à la session existe, le jeton correspondant à la session dans laquelle se trouve une demande de service provenant d'une passerelle; si le jeton existe, déterminer que l'authentification de la demande de service a réussi et continuer à traiter un service correspondant; si le jeton n'existe pas, déterminer que l'authentification de la demande de service a échoué et refuser le traitement du service correspondant.
Latest bibliographic data on file with the International Bureau