WO2001027709A3 - Access control of a service - Google Patents

Access control of a service Download PDF

Info

Publication number
WO2001027709A3
WO2001027709A3 PCT/FI2000/000875 FI0000875W WO0127709A3 WO 2001027709 A3 WO2001027709 A3 WO 2001027709A3 FI 0000875 W FI0000875 W FI 0000875W WO 0127709 A3 WO0127709 A3 WO 0127709A3
Authority
WO
WIPO (PCT)
Prior art keywords
service
user
server
terminal device
telecommunication network
Prior art date
Application number
PCT/FI2000/000875
Other languages
French (fr)
Other versions
WO2001027709A2 (en
WO2001027709A8 (en
Inventor
Ismo Heikkonen
Kimmo Pitkaenen
Original Assignee
Sonera Oyj
Ismo Heikkonen
Kimmo Pitkaenen
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sonera Oyj, Ismo Heikkonen, Kimmo Pitkaenen filed Critical Sonera Oyj
Priority to EP00967941A priority Critical patent/EP1248971A2/en
Priority to AU77930/00A priority patent/AU7793000A/en
Publication of WO2001027709A2 publication Critical patent/WO2001027709A2/en
Publication of WO2001027709A3 publication Critical patent/WO2001027709A3/en
Publication of WO2001027709A8 publication Critical patent/WO2001027709A8/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0272Virtual private networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/164Implementing security features at a particular protocol layer at the network layer

Abstract

The invention relates to a method and a system for the access control of a service (S2) in a telecommunication system comprising a telecommunication network, a first server (1) on which a service (S2) has been arranged and which has been connected to the telecmmunication network, a terminal device (TE) by means of which the user has been connected to the telecommunication network, a directory (3) which has been connected to the telecommunication network and which comprises information about the user's rights in the telecommunication network, and a control component (5) which has been arranged on the first server (1); in which method a connection is established between the terminal device (TE) and the first server (1) and the user is identified by means of a certificate while the terminal device (TE) is establishing a connection with the first server (1). In the method, the certificate used in the authentication is transmitted to the control component (5), a directory inquiry about the user's rights to the service (S2) is generated in response to the aforementioned certificate, and the terminal device (TE) is connected to the service (S2), if the user's rights are sufficient.
PCT/FI2000/000875 1999-10-12 2000-10-11 Access control of a service WO2001027709A2 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP00967941A EP1248971A2 (en) 1999-10-12 2000-10-11 Access control of a service
AU77930/00A AU7793000A (en) 1999-10-12 2000-10-11 Access control of a service

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FI992196A FI108184B (en) 1999-10-12 1999-10-12 Service access control
FI19992196 1999-10-12

Publications (3)

Publication Number Publication Date
WO2001027709A2 WO2001027709A2 (en) 2001-04-19
WO2001027709A3 true WO2001027709A3 (en) 2002-08-01
WO2001027709A8 WO2001027709A8 (en) 2004-04-22

Family

ID=8555436

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/FI2000/000875 WO2001027709A2 (en) 1999-10-12 2000-10-11 Access control of a service

Country Status (4)

Country Link
EP (1) EP1248971A2 (en)
AU (1) AU7793000A (en)
FI (1) FI108184B (en)
WO (1) WO2001027709A2 (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7277953B2 (en) 2001-04-18 2007-10-02 Emc Corporation Integrated procedure for partitioning network data services among multiple subscribers
GB2400268B (en) * 2001-04-18 2005-03-23 Emc Corp Integrated procedure for partitioning network data services among multiple subscribers
NL1018494C2 (en) * 2001-07-09 2003-01-10 Koninkl Kpn Nv Method and system for delivering a service to a client through a service process.
CN100454921C (en) 2006-03-29 2009-01-21 华为技术有限公司 Digital copyright protecting method and system

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0813327A2 (en) * 1996-06-14 1997-12-17 Canon Kabushiki Kaisha Access control system and method
EP0862105A2 (en) * 1997-02-28 1998-09-02 Xcert Software, Inc. Method of and apparatus for providing secure distributed directory services and public key infrastructure
WO1998058473A2 (en) * 1997-06-18 1998-12-23 Alfred Nickles Network security and integration method and system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0813327A2 (en) * 1996-06-14 1997-12-17 Canon Kabushiki Kaisha Access control system and method
EP0862105A2 (en) * 1997-02-28 1998-09-02 Xcert Software, Inc. Method of and apparatus for providing secure distributed directory services and public key infrastructure
WO1998058473A2 (en) * 1997-06-18 1998-12-23 Alfred Nickles Network security and integration method and system

Also Published As

Publication number Publication date
WO2001027709A2 (en) 2001-04-19
FI108184B (en) 2001-11-30
EP1248971A2 (en) 2002-10-16
FI19992196A (en) 2001-04-13
WO2001027709A8 (en) 2004-04-22
AU7793000A (en) 2001-04-23

Similar Documents

Publication Publication Date Title
CA2294722A1 (en) Procedure for setting up a secure service connection in a telecommunication system
WO2003014860A8 (en) System and method for managing network service access and enrollment
CA2264866A1 (en) Network access methods, including direct wireless to internet access
WO1999060750A3 (en) Preventing unauthorized use of service
WO2001097014A3 (en) System for controlling a display of the user interface of a software application
WO2001065770A3 (en) Network resource access system
CA2280869A1 (en) System for providing secure remote command execution network
CA2347244A1 (en) Device communication and control in a home network connected to an external network
CA2479527A1 (en) System and method for supporting multiple certificate status providers on a mobile communication device
WO1998057501A3 (en) Electronic communications manager
EP0998091A3 (en) System and method for web server user authentication
WO2000021242A3 (en) Adaptive communication system enabling dissimilar devices to exchange information over a network
CA2361444A1 (en) Order entry system for changing communication service
WO1998000951A3 (en) Method and arrangement for distributing service programs in a network environment
WO2001050292A8 (en) Proxy methods for ip address assignment and universal access mechanism
AU2001246578A1 (en) Billing in mobile communications system employing wireless application protocol
AU7792800A (en) A method and system for protecting a user identifier
WO2001062016A3 (en) Method for establishing the authenticity of a service user and device for carrying out the method
WO1998034414A3 (en) Method for accessing an information network from a radio communication system
WO2001091444A3 (en) Cost control management in telecommunication systems
WO1998031173A3 (en) Method and apparatus for providing switch capability mediation in a mobile telephone system
CA2268059A1 (en) Method and system for ensuring the security of service supplies broadcast on a computer network of the internet type
WO2002102016A3 (en) Architecture for providing services in the internet
WO2003083733A8 (en) System of setting up a connection between two users of a telecommunication network
WO2002047350A3 (en) Communication security system

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ CZ DE DE DK DK DM DZ EE EE ES FI FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
WWE Wipo information: entry into national phase

Ref document number: 2000967941

Country of ref document: EP

AK Designated states

Kind code of ref document: A3

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

WWP Wipo information: published in national office

Ref document number: 2000967941

Country of ref document: EP

CFP Corrected version of a pamphlet front page
CR1 Correction of entry in section i

Free format text: IN PCT GAZETTE 16/2001 DUE TO A TECHNICAL PROBLEMAT THE TIME OF INTERNATIONAL PUBLICATION, SOME INFORMATION WAS MISSING UNDER (81). THE MISSING INFORMATION NOW APPEARS IN THE CORRECTED VERSION

NENP Non-entry into the national phase

Ref country code: JP

WWR Wipo information: refused in national office

Ref document number: 2000967941

Country of ref document: EP

WWW Wipo information: withdrawn in national office

Ref document number: 2000967941

Country of ref document: EP