发明名称 |
Sign-On system with distributed access |
摘要 |
<p>A security system is provided for storing sensitive data and providing access to this data to at least one user (10) having an electronic communication device and using a single-sign-on procedure. A request (101) is directed to a first service provider (20). Based on the request (101) a challenge request (102) comprising the user identification code is sent to the second service provider (30); wherein the second service provider sends an authentication message (103) comprising the user identification code and an user Sign-On key to the first computer system, wherein the user Sign-On key is asymmetrically encrypted with a first service provider's (20) public key. Upon reception of the authentication message (103), the application of the first computer system creates an access ticket (104) comprising the digitally signed Sign-On key of the user, asymmetrically encrypted with a second service provider's (30) public key, wherein the content of said access ticket (104) is transmitted (105) to the user address from which the initial request (101) was initiated for a redirect (106) to the second computer system. The second service provider (30) starts a communication session with said user for accessing data in the data storage facility (31) after having checked the authentication of the user based on the basis of the user Sign-On key and a further part of the Sign-On key.</p> |
申请公布号 |
EP2530618(A1) |
申请公布日期 |
2012.12.05 |
申请号 |
EP20120170543 |
申请日期 |
2012.06.01 |
申请人 |
DSWISS AG |
发明人 |
CHRISTEN, TOBIAS;RENNHARD, MARC;TSCHANNEN, MICHAEL |
分类号 |
G06F21/41;G06F21/33;H04L29/06 |
主分类号 |
G06F21/41 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|