-
公开(公告)号:WO03036900A3
公开(公告)日:2003-09-04
申请号:PCT/EP0211416
申请日:2002-10-11
Applicant: ERICSSON TELEFON AB L M , HOLTMANNS SILKE , GERDES MARTIN , SCHUBA MARKO
Inventor: HOLTMANNS SILKE , GERDES MARTIN , SCHUBA MARKO
CPC classification number: H04L63/0407 , H04L63/102
Abstract: For control of access of personal information in accordance with a privacy policy defined for a service provider, a method is disclosed, wherein the method comprises the steps of providing service provider request data from a service provider to an end user device, the service provider request data being indicative of personal information of a user of the end user device to be accessed by the service provider, providing to the service provider first user data including at least one of personal information of the user as requested by the service provider or rejections of personal information requested by the service provider, creating privacy receipt data including the first user data and data being indicative of the service provider, and providing the privacy receipt data to the end user device.
Abstract translation: 为了根据为服务提供商定义的隐私策略来控制个人信息的访问,公开了一种方法,其中该方法包括以下步骤:从服务提供商向终端用户设备提供服务提供商请求数据,服务提供商请求 数据指示要由服务提供者访问的最终用户装置的用户的个人信息,向服务提供者提供第一用户数据,第一用户数据包括服务提供者所请求的用户的个人信息或个人的拒绝中的至少一个 由服务提供商请求的信息,创建包括第一用户数据和指示服务提供商的数据的隐私接收数据,并将隐私接收数据提供给最终用户装置。
-
公开(公告)号:AT343294T
公开(公告)日:2006-11-15
申请号:AT03724957
申请日:2003-04-04
Applicant: ERICSSON TELEFON AB L M
Inventor: BUSBOOM AXEL , HOLTMANNS SILKE , QUINET RAPHAEL , SCHUBA MARKO
IPC: H04L29/06
Abstract: A method for provision of access for a data requesting entity (IRE) to data related to a principal is disclosed, comprising the steps of (i) creating an access granting ticket comprising an access specification specifying a permission for an access to data related to the principal, said data being available at a data providing entity (IPE1), and a principal identifier representing the principal towards the data providing entity (IPE1), (ii) encrypting the access granting ticket with an encryption key of the data providing entity (IPE1), (iii) communicating to the data requesting entity (IRE) the encrypted access granting ticket accompanied by an identifier of the data providing entity (IPE1), (iv) communicating from the data requesting entity (IRE) to the data providing entity (IPE1) a request comprising the encrypted access granting ticket, (v) decrypting the encrypted access granting ticket with a decryption key of the data providing entity (IPE1) corresponding to the encryption key, (vi) providing to the data requesting entity (IRE) access to data related to the principal identifier according to the access specification.
-
公开(公告)号:AU2003293986A1
公开(公告)日:2005-07-21
申请号:AU2003293986
申请日:2003-12-23
Applicant: ERICSSON TELEFON AB L M
Inventor: LEVENSHTEYN ROMAN , HOLTMANNS SILKE
Abstract: A method and a device for taking a policy decision are disclosed. The policy decision device (S 3 ) has access to objects being relatable to each other by relations of one or more relation types. The method comprises the steps of receiving ( 100 ) a request for the policy decision, the request specifying a first object of the objects and request information, obtaining ( 105 ) a policy matching to the request information and being applicable to a second object of the objects, obtaining ( 110 ) at least one propagation rule associated to the policy, the at least one propagation rule specifying at least one relation type of the one or more relation types, verifying if a relation path exits, the relation path linking the first object and the second object and consisting of one or more or the relations, verifying if the one or more relations of the relation path are in accordance with at least one of the at least one specified relation type, and if said the relation path are in accordance, applying the policy to the first object for taking ( 120 ) the policy decision.
-
公开(公告)号:DE60309216T2
公开(公告)日:2007-08-23
申请号:DE60309216
申请日:2003-04-04
Applicant: ERICSSON TELEFON AB L M
Inventor: BUSBOOM AXEL , HOLTMANNS SILKE , QUINET RAPHAEL , SCHUBA MARKO
IPC: H04L29/06
Abstract: A method for provision of access for a data requesting entity (IRE) to data related to a principal is disclosed, comprising the steps of (i) creating an access granting ticket comprising an access specification specifying a permission for an access to data related to the principal, said data being available at a data providing entity (IPE1), and a principal identifier representing the principal towards the data providing entity (IPE1), (ii) encrypting the access granting ticket with an encryption key of the data providing entity (IPE1), (iii) communicating to the data requesting entity (IRE) the encrypted access granting ticket accompanied by an identifier of the data providing entity (IPE1), (iv) communicating from the data requesting entity (IRE) to the data providing entity (IPE1) a request comprising the encrypted access granting ticket, (v) decrypting the encrypted access granting ticket with a decryption key of the data providing entity (IPE1) corresponding to the encryption key, (vi) providing to the data requesting entity (IRE) access to data related to the principal identifier according to the access specification.
-
公开(公告)号:AT367043T
公开(公告)日:2007-08-15
申请号:AT03737969
申请日:2003-05-23
Applicant: ERICSSON TELEFON AB L M
Inventor: BUSBOOM AXEL , QUINET RAPHAEL , SCHUBA MARKO , HOLTMANNS SILKE
Abstract: Methods, devices, and computer programs for an authentication of a user to a service of a service provider are disclosed. Access for the user to the service of the service provider is requested. One or more authentication security profiles are selected by the service provider for specifying an authentication security requirement of the service provider for the authentication of the user to the service. An indication of the one or more selected authentication security profiles and a user identity identifying the user to an identity provider are sent from the service provider to the identity provider for requesting the authentication of the user by the identity provider. The user is authenticated based on the user identity and one of the one or more selected authentication security profiles. An assertion indicating the authentication of the user to the service provider is sent to the service provider.
-
Patent Agency Ranking
公开(公告)号:CA2463952A1
公开(公告)日:2003-05-01
申请号:CA2463952
申请日:2002-10-11
Applicant: ERICSSON TELEFON AB L M
Inventor: SCHUBA MARKO , HOLTMANNS SILKE , GERDES MARTIN
Abstract: For control of access of personal information in accordance with a privacy policy defined for a service provider, a method is disclosed, wherein the method comprises the steps of providing service provider request data from a service provider to an end user device, the service provider request data being indicative of personal information of a user of the end user device to be accessed by the service provider, providing to the service provider first user data including at least one of personal information of the user as requested by the service provider or rejections of personal information requested by the service provider, creating privacy receipt data including t he first user data and data being indicative of the service provider, and providing the privacy receipt data to the end user device.
-
公开(公告)号:AT516650T
公开(公告)日:2011-07-15
申请号:AT02774703
申请日:2002-10-11
Applicant: ERICSSON TELEFON AB L M
Inventor: HOLTMANNS SILKE , GERDES MARTIN , SCHUBA MARKO
Abstract: For control of access of personal information in accordance with a privacy policy defined for a service provider, a method is disclosed, wherein the method comprises the steps of providing service provider request data from a service provider to an end user device, the service provider request data being indicative of personal information of a user of the end user device to be accessed by the service provider, providing to the service provider first user data including at least one of personal information of the user as requested by the service provider or rejections of personal information requested by the service provider, creating privacy receipt data including the first user data and data being indicative of the service provider, and providing the privacy receipt data to the end user device.
-
公开(公告)号:ES2296693T3
公开(公告)日:2008-05-01
申请号:ES01121164
申请日:2001-09-04
Applicant: ERICSSON TELEFON AB L M
Inventor: SCHUBA MARKO , GERDES MARTIN , HARTUNG FRANK , HOLTMANNS SILKE
Abstract: Un método para la autenticación de un usuario a un proveedor de servicios (SP - service provider), en el que un dispositivo de aplicación (ApD - application device) solicita un servicio del proveedor de servicios (SP) para el usuario y el proveedor de servicios (SP) solicita una autenticación del usuario por un servidor de autenticación (AS - authentication server) antes de conceder el acceso al servicio solicitado, en el que se realizan las siguientes etapas: - desde el dispositivo de aplicación (ApD), transmisión de una identidad de usuario (S10) que permite al proveedor de servicios (SP) identificar al usuario, - desde el proveedor de servicios (SP), transmisión de una petición de confirmación de la identidad de usuario (S20) a un servidor de autenticación (AS) cuya petición comprende una identidad de usuario que permite al servidor de autenticación (AS) identificar al usuario y una identidad de servicio que permite al servidor de autenticación (AS) identificar el servicio solicitado, cuya identidad de usuario que permite al servidor de autenticación (AS) identificar al usuario es idéntica a la identidad de usuario recibida o se obtiene a partir de la identidad de usuario recibida mediante una conversión realizada por el proveedor de servicios (SP), - verificando el servidor de autenticación (AS) las identidades recibidas, - obteniendo el servidor de autenticación (AS) una identidad de servicio para que un dispositivo de autenticación (AuD - authentication device) identifique el servicio solicitado a partir de la identidad de servicio recibida realizando una conversión, - desde el servidor de autenticación (AS), transmisión de una petición de autenticación de servicio (S50) al dispositivo de autenticación (AuD) del usuario cuya petición de autenticación de servicio (S50) comprende la identidad de servicio obtenida que indica al dispositivo de autenticación (AuD) el servicio solicitado, - generación de una confirmación de autenticación de servicio (S60) que confirma la petición de autenticación de servicio (S50), - desde el dispositivo de autenticación (AuD), transmisión (S70) de la confirmación de autenticación de servicio al servidor de autenticación (AS), - análisis (S80) de la confirmación de autenticación de servicio, - confirmación de la identidad de usuario (S90) al proveedor de servicios (SP) según el resultado del análisis (S80), - concesión de acceso al servicio (S100) al usuario por el proveedor de servicios (SP) según la confirmación de la identidad de usuario (S90).
-
公开(公告)号:DE60131534D1
公开(公告)日:2008-01-03
申请号:DE60131534
申请日:2001-09-04
Applicant: ERICSSON TELEFON AB L M
Inventor: SCHUBA MARKO , GERDES MARTIN , HARTUNG FRANK , HOLTMANNS SILKE
Abstract: A universal authentication mechanism for authenticating a user to a service provider (SP) is disclosed. An application device (ApD) requests a service for the user from the service provider (SP) and performs a transmission of a user identity (S10) identifying the user to the service provider (SP). The service provider sends a request for confirmation of the user identity (S20) to an authentication server (AS). The request comprises the user identity and a service identity identifying the requested service. The authentication server (AS) sends a request for service authentication (S50) to the authentication device (AuD) for confirmation. Based on the result of an analysis (S80) of a service authentication confirmation (S60) received from the authentication device (AuD), the authentication server (AS) sends a confirmation of the user identity (S90) confirming the identity of the user to the service provider (SP), which grants service access (S100).
-
公开(公告)号:DE60309216D1
公开(公告)日:2006-11-30
申请号:DE60309216
申请日:2003-04-04
Applicant: ERICSSON TELEFON AB L M
Inventor: BUSBOOM AXEL , HOLTMANNS SILKE , QUINET RAPHAEL , SCHUBA MARKO
IPC: H04L29/06
Abstract: A method for provision of access for a data requesting entity (IRE) to data related to a principal is disclosed, comprising the steps of (i) creating an access granting ticket comprising an access specification specifying a permission for an access to data related to the principal, said data being available at a data providing entity (IPE1), and a principal identifier representing the principal towards the data providing entity (IPE1), (ii) encrypting the access granting ticket with an encryption key of the data providing entity (IPE1), (iii) communicating to the data requesting entity (IRE) the encrypted access granting ticket accompanied by an identifier of the data providing entity (IPE1), (iv) communicating from the data requesting entity (IRE) to the data providing entity (IPE1) a request comprising the encrypted access granting ticket, (v) decrypting the encrypted access granting ticket with a decryption key of the data providing entity (IPE1) corresponding to the encryption key, (vi) providing to the data requesting entity (IRE) access to data related to the principal identifier according to the access specification.
-
-
-
-
-
-
-
-
-
Search Results
21
records
(took 0.024 seconds)
