Authentication method and system

摘要

An authenticating method including establishing trust between an authentication provider and service provider; establishing trust between the authentication provider and authentication application installed in a terminal. The authentication provider, for each session, receives an access code request and connection information from the terminal; generates and stores the access code; sends the access code to the terminal; receives the access code from the authentication application; indicates verification of the access code to the authentication application and terminal; receives from the authentication application a request to grant access to the terminal; instructs the service provider to grant access; and sends a confirmation of the granted access to the terminal. An authenticated session between the terminal and the service provider is setup for providing services to the terminal.

主权项

1. A method, comprising:
establishing a first trust relationship between an authentication provider and at least one service provider; and establishing a second trust relationship between the authentication provider and at least one authentication application installed in a first user terminal; the method further comprising the following steps for each authenticated session between a second user terminal and the at least one service provider, wherein the steps are performed by an authentication provider distinct from the at least one service provider and the at least one authentication application: receiving a request for an access code from the second user terminal, along with connection information of the second user terminal; generating the requested access code and storing the generated access code and the connection information of the second user terminal; sending the generated access code to the second user terminal; receiving the access code from the authentication application with which the authentication provider has the second trust relationship and which is installed in the first user terminal, wherein the first user terminal is distinct from the second user terminal to which the authentication provider generated and sent the access code; indicating a positive verification of the access code to the authentication application installed in the first user terminal and to the second user terminal; receiving, from the authentication application, a request to grant access to the second user terminal; instructing the service provider to grant the requested access to the second user terminal; and sending a confirmation of the granted access to the second user terminal; wherein an authenticated session between the second user terminal and the at least one service provider can be set up for providing the set of services to the second user terminal.