349 results about "Authorization certificate" patented technology

A digital work may be annotated using an eBook reader device. Upon receiving an annotation relating to a specific portion of the digital work, an invariant location reference identifier corresponding to the specified portion of the digital work may be appended to the annotation. The annotation may then be stored in association with the digital work for later reference. In some instances, an annotation may be presented on an eBook reader device upon receipt of a valid authorization credential granting access to the annotation.

The present invention includes a client computer, a first server computer, and a second server computer. The first server provides an authorization ticket containing a time stamp to the client computer when the client computer is authorized to access the first server. An elapsed time counter is started at the client computer when access is provided to the first server. When a request is received at the client computer to access the second server, the client computer determines the session length based upon the elapsed time counter. The client computer calculates a hash value for the authorization ticket, the session length, and a secret shared with the second server computer. The client computer transmits a login request to the second server including the authorization ticket, the session length, and the hash. The second server decrypts the authorization ticket and retrieves a copy of the shared secret. The second server executes a hash function on the authorization ticket, the session length, and the shared secret. The second server then compares the computed hash to the hash value received from the second client application. If the two hash values are identical, the second server retrieves the time stamp from the authorization ticket and adds the session length to the time stamp. The second server then compares the resulting value to the current time. If the resulting value and the current time are within a preset threshold value, the client computer is provided.

Systems and methods are provided for securely providing a place-shifted media stream from a place shifting device to a remote player via a communications network. A request for a connection is received from the remote player at the place shifting device via the communications network. In response to the request for the connection, an authorization credential is requested from a central server via the communications network. Further, in response to the authorization credential received from the central server, the place-shifted media stream between the place shifting device and the remote player can be established over the communications network. At least a portion of the place-shifted media stream may be encrypted based upon the authorization credential.

The invention discloses a copyright authorization method based on a block chain. The method comprises steps of: 1, uploading a work to a client so as to enable the work to become a multi-level hash value code identification document; 2, generating a self identity identifier in a copyright block chain database; 3, enabling a digital copyright gateway server to store the generated multi-level hash value code identification document uploaded by an applicant in self identity into a copyright block chain database; 4, enabling the applicant to fill in a copyright application agreement in detail through a digital copyright application website; 5, enabling the digital copyright application website system to search the duplicate records of various levels of digital identification codes in the block chain database, and to give a copyright authorization conclusion; 6, determining the ownership of copyright according to the copyright authorization conclusion, and sending to the applicant a copyright authorization certificate or an electronic copyright authorization certificate; and 7, enabling two copyright traders to apply for authorization and an authorization transaction at the digital copyright application website system. The method solves the shortcomings of conventional copyright authorization and ensures the high security and reliability of the copyright.

The embodiment of the invention discloses an open authorization method, an open authorization system and an authentication and authorization server. The method comprises the following steps: receiving a call request initiated by a third party application for resource contained in a resource server; authenticating the identity of a user using the third party application; allocating an authorization license code to the third party application in response to the success of identity authentication and calling of the third party application on the resource contained in the resource server under authorization of a resource user; receiving a request of the third party application for an authorization certificate, and generating an authorization certificate in a private key encryption method based on an authorized resource identifier, the identity information of the user using the third party application, and the authorization license code and a timestamp which are contained in the authorization certificate request; and sending the authorization certificate to the third party application to enable the third party application to carry the authorization certificate and directly access the resource authorized by the resource server. According to the embodiment of the invention, the success rate of user authorization of a distributed system architecture is improved.

A system for enabling a user to communicate on a virtual private network through a public communication network, the possibility of communicating on the private network depending on the availability to the user of at least one enabling credential sent to the user in encrypted form. The system includes at least one SIM type module available to the user and bearing an encryption mechanism and it is configured to decrypt the enabling credential at the user exploiting the encryption mechanism home by the SIM type module, the SIM type module being able to interact with at least one additional communication network to activate the encryption mechanism.

Systems and methods are provided for controlling the authentication or authorization of a mobile device user for enabling access to the resources or functionality associated with an application or service executable at the user's mobile device. The user or user's mobile device may be automatically authenticated or authorized to access application or system resources at the device when the current geographic location of the user's mobile device is determined to be within a preauthorized zone, e.g., based on a predetermined geo-fence corresponding to the preauthorized zone. A security level or amount of authorization credentials required to authorize a user for data access may be varied according any of a plurality of security levels, when the current or last known geographic location of the user's mobile device is determined to be outside the preauthorized zone.

A system and method for securely streaming media. The system includes a gateway server that receives requests for access to a secured data resource from an end users. The request include an authorization ticket and a referring website. The gateway server validates the authorization ticket using a secret key shared with the referring website, and validates the referring website by verifying that referring website is on a white-list for the secured data resource. The gateway server selects a data server to service the request, and formats a data server access request containing the data server location and data server request parameter data and transmits the data server access request to the end users. When end users transmit the data server access requests to a data server, the data server validates the request and transmits it to the end user.

A system that incorporates the subject disclosure may perform, for example, operations including receiving a request from a first device to access information content of a second device. The process further includes determining that the first device is authorized to access the information content according to authorization credentials, and determining a token associated with the request in response to determining that the first device is authorized to access the information content. The token is forwarded to the first device, and it is confirmed that the token was received at the first device. Access to the information content of the second device is authorized in response to confirming that the token was received at the first device. Other embodiments are disclosed.

A method and system for providing a first network resource with secure but limited access to a second network resource. A method embodying the invention includes receiving, from a client, a request to access the first resource. The client is then directed to an authorization service. The authorization service generates an authorization ticket and provides the authorization ticket to the first resource. On behalf of the first resource, the authorization ticket is presented to the second resource with a request to access the second resource. The request is granted only if it can be verified that the authorization ticket was generated by a source trusted by the second resource.

A novel system for utilizing an authorization token to separate authentication and authorization services. The system authenticates a client to an authenticating server; generates an authorization token with the authenticating server and the client; and authorizes services for the client using the generated authorization token.

A method of authenticating an authorized entity via the telephone network is disclosed. A telephone call is placed from a telecommunications terminal to a server that comprises a valuable resource and that only provides the resource to authorized entities. When the terminal has already demonstrated its authorization to the server, the server indicates to the terminal that the terminal need not provide its authorization credentials. In contrast, when the terminal has not yet demonstrated its authorization to the server, the server indicates to the terminal that the terminal does need to provide its authorization credentials. The server indicates to the terminal whether or not it needs to provide its authorization credentials by deliberating waiting to establish the call with the terminal, wherein in the length of the wait is indicative of whether or not the terminal needs to provide its authorization credentials.

A smart network host device automatically registers a device or service with a wireless network using identification information and an authorization credential associated with the device or service. The smart network host device obtains the requisite identification information and authorization credential from a network association apparatus associated with the specific device or service to be registered with the wireless network. The smart network host device performs the registration automatically once the smart network host device confirms that the device or service has been associated with the wireless network and a secure password authentication protocol is successfully performed by the smart network host device and the device or service. The network association apparatus may comprise an RFID tag.

A system and method for controlling access to digital content, including streaming media. The system includes a web server, media server and end user processor, such as a personal computer, coupled to a network. The web server cryptographically generates a ticket in response to an end user's request for access to a file. The ticket is based, at least in part, on a time at or near when the ticket is generated. The media server generates an authorization ticket, preferably using the same cryptographic algorithm as the web server. The media server authorization ticket is based, at least in part, on a time at or near when the media server receives the request for access to the file. The media server determines whether to grant access to the file by comparing the ticket, as generated by the web server, to the ticket, as generated by the media server.

The invention is suitable for the field of information security, and provides a user data protection method for a secure computer. The method comprises the following steps: establishing a secure storage space, and controlling the access right of the secure storage space; and enciphering instructions related to the secure storage space, and performing certification processing and decipherment on the instructions on the receiving end of the instruments. The method effectively prevents hacker interception software from intercepting transmitted instructions by enciphering and deciphering user data information of the secure storage space and the transmitted instructions for various times and performing validity certification by issuing credible authorization certificates between a transmitting part and a receiving part of the instructions, so as to guarantee the security of the user data information.

The invention discloses a method, a device and an electronic device for obtaining and feeding back user resources. The method for obtaining user resources can send an authorization request for obtaining access rights of preset resources of the target user to a target user. The preset resources are stored in a resource server of a preset social application. Authorization credentials fed back by thetarget user are received after confirming the granting of the access right; it is applied for obtaining authorization information of the preset resources from an authentication server of the preset social application based on the authorization certificate, the authorization information comprises a token and an identity of the target user; the resource server is accessed to obtain the preset resource based on the token and the identity.

The invention discloses a method for realizing authorization management of a vehicle networking device, a device and systems. The method includes the following steps: the vehicle networking device sends an authentication certificate application to an authentication system when determining that a device authentication certificate needs to be applied by the vehicle networking device, wherein the authentication certificate application carries identification information of the vehicle networking device; after the device authentication certificate issued by the authentication system for the vehicle networking device is received, according to the device authentication certificate, a registration certificate application is sent to a registration system, wherein the registration certificate application carries the device authentication certificate; and after a device registration certificate issued by the registration system for the vehicle networking device is received, according to the device registration certificate, an authorization certificate application is sent to an authorization system and a device authorization certificate issued by the authorization system for the vehicle networking device is received, wherein the authorization certificate application carries the device registration certificate.