| 摘要 |
A method for controlling access to protected computer resources provided via an Internet Protocol network that includes registering identity data of a subscriber identity module associated with at least one client computer device; storing (i) identity data of at least one access server, (ii) the identity data of a subscriber identity module, and (iii) authorization data regarding the protect computer resources; receiving the identity data of a subscriber identity module, and a request for the protected computer resources; authenticating (i) the identity data of the at least one access server, and (ii) the identity data of a subscriber identity module; authorizing the at least one client computer device to receive at least a portion of the protected computer resources; and permitting access to the at least the portion of the protected computer resources (i) upon successfully authenticating the identity data of the at least one access server and the identity data of a subscriber identity module associated with the at least one client computer device, and (ii) upon successfully authorizing the at least one client computer device. |
| 主权项 |
1. A method for controlling access to protected computer resources provided via a network utilizing at least one Internet Protocol, the method comprising:
registering, by at least one authentication server, identity data of a subscriber identity module associated with at least one client computer device; storing, by the at least one authentication server in an associated database, (i) identity data of at least one access server, (ii) the identity data of a subscriber identity module associated with the at least one client computer device, and (iii) authorization data associated with the protected computer resources; receiving, by the at least one access server, (i) the identity data of a subscriber identity module associated with the at least one client computer device and (ii) a request for the protected computer resources from the at least one client computer device; receiving, by the at least one client computer device, an acknowledgement for the request for the protected computer resources from the at least one access server; forwarding, by the at least one access server, (i) the identity data of the at least one access server and (ii) the identity data of a subscriber identity module received from the at least one client computer device to the at least one authentication server; authenticating, by the at least one authentication server, (i) the identity data of the at least one access server and (ii) the identity data of a subscriber identity module associated with the at least one client computer device responsive to the request for the protected computer resources by the at least one client computer device; authorizing, by the at least one authentication server, the at least one client computer device to receive at least a portion of the protected computer resources, based on the stored authorization data associated with the protected computer resources; permitting access, by the at least one authentication server, to the at least the portion of the protected computer resources (i) upon successfully authenticating the identity data of the at least one access server and the identity data of a subscriber identity module associated with the at least one client computer device, and (ii) upon successfully authorizing the at least one client computer device; and acquiring, by at least one of the at least one access server and a server associated with the at least one authentication server, for billing purposes, usage data of the at least the portion of the protected computer resources provided to the at least one client computer device. |
