| 摘要 |
The present invention relates to a system (SYS) for managing access to resources (Re) of a first application (App1) of a first electronic device (D1) stored on a remote server (RS), said system (SYS) comprising said first electronic device (D1), a second electronic device (D2) comprising a second application (App2) and said remote server (RS) providing services (Sv), wherein: said second electronic device (D2) is adapted to: receive from said first electronic device (D1) via a secured communication link (Ls) second credentials (Cr2) comprising an identifier (Id1) for said second application (App2) and a derived key (Dk) based on a first credential (Cr1) comprising a master key (Mk1) provided by said remote server (RS) to said first electronic device (D1); and send to said remote server (RS) a first access request (Rq1) to access to said resources (Re), said first access request (Rq1) comprising said identifier (Id1); said remote server (RS) is adapted to: receive from said second electronic device (D2) said first access request (Rq1); - perform a challenge-response authentication of said second electronic device (D2), said challenge (Ch) being a random or non- predictable number and said response (Rp) comprising a signature (Sg1) computed with said derived key (Dk); if said second electronic device (D2) is authenticated, grant access for said second application (App2) of said second electronic device (D2) to said resources (Re). |
