METHOD AND SYSTEM FOR ACCESSING A SERVICE

摘要

To access a service, each user device stores one first key. The user device is connected to a first server. A terminal sends to a second server a connection request. The second server responds with first data relating to a transaction identifier and an associated challenge. The terminal determines a first result depending upon the first data and the first key. The terminal sends to the first server the first result and user device data. The first server identifies a user device based upon the user device data and sends to the device the first result. The device determines the challenge and the transaction identifier based upon the first result and the first key and sends to the second server the challenge and the transaction identifier. The second server verifies whether the data received from the device matches the first data and, if so, authorizes the terminal to connect.

主权项

1. A method for accessing a service,
wherein, each of at least one user device storing at least one first key, at least one user terminal storing or accessing the at least one first key, at least one user device being connected to a first server, the method comprises the following steps:the terminal sends to at least one second server a connection request for connecting to the second server;the second server sends to the first server a data request for receiving a second key and an identifier relating to the second key;the first server determines a second key and an identifier relating to the second key, the second key identifier being associated with the second key;the first server sends to the second server the second key and the second key identifier;the second server determines a challenge, a second result depending upon a transaction identifier and the second key, the challenge being associated with the transaction identifier;the second server sends to the terminal the second result, the second key identifier and the challenge,the terminal determines a third result depending upon the challenge and the first key,the terminal sends to the first server the second result, the third result, the second key identifier and a data item relating to the user device,the first server determines the second key associated with the second key identifier;the first server determines the transaction identifier based upon the second result and the second key,the first server sends, based upon the data item relating to the user device, to the device the transaction identifier and the third result,the device determines the challenge based upon the third result and the first key,the device sends to the second server the transaction identifier and the challenge, as fifth data,the second server verifies whether the fifth data received from the device does or does not match the data assigned to the terminal, andonly if the fifth data matches the data assigned to the terminal, the second server authorizes the terminal to connect to the second server.