Patent application number | Description | Published |
20090312003 | Method for Selecting an S-CSCF Unit Within an IMS-Based Service Communication System - A serving call session control function unit (S-CSCF) is provided within an IMS-based service communication system in order to register a user of a mobile communication terminal for communication service in a mobile communication system. The IMS-based service communication system has several call session control function units and at least one interrogation call session control function unit (I-CSCF). The mobile communication system is equipped with at least one policy decision point unit (PDP). To select a suitable S-CSCF unit, user information is first determined using a user context server unit that is assigned to the policy decision point unit and network information is determined using a network context server unit. The user information and network information are interlinked in the policy decision point unit (PDP) and user-specific and/or network-specific selection criteria are derived from said information and are taken into consideration to select a suitable S-CSCF unit. | 12-17-2009 |
20110202987 | SERVICE ACCESS CONTROL - An arrangement for providing users with access to services is described. Access requests received from users are monitored by a gateway and, where appropriate, user credentials for a service that is being accessed are inserted by the gateway. The gateway monitors packets of data in order to check user credentials. The gateway is also able to modify packets of data to insert user credentials, if necessary. | 08-18-2011 |
20110265169 | USER-DEPENDENT CONTENT DELIVERY - A gateway is provided between an application and a server. The gateway is used to modify content sent from the server to the application via the gateway. The modification may include adding, removing or modifying content. The modification process is user-dependent and an identity management system is used for identifying the user. | 10-27-2011 |
20110289567 | SERVICE ACCESS CONTROL - A USB memory stick, or similar device, is provided having software installed thereon to enable a user to access restricted applications without a user device needing to handle user credential data. In use, the stick receives a request from the user device for access to an application, obtains first user identification information from the user device, uses the first user identification information and the application information to obtain user credentials from an identity management system, which user credentials are required by the application in order to grant the user access to the application, and provides the user credentials to the application without the user credentials needing to be provided to the user device. | 11-24-2011 |
20110289573 | AUTHENTICATION TO AN IDENTITY PROVIDER - An arrangement for authenticating a user at a service provider is described. The arrangement makes use of the fact that a user of a mobile communication device can be readily and securely identified by a telecommunications provider and re-uses that authentication to identify the same user when accessing the service provider from a different client. The client instructs the mobile communication device to contact an identity provider at the telecommunications provider and shared secrets are exchanged between the identity provider, mobile communication device and client to confirm that the same user is at the client and the mobile communication device. | 11-24-2011 |
20120106399 | IDENTITY MANAGEMENT SYSTEM - A local identity management module is described that is able to identify each of a plurality of user devices. The user devices communicate with the outside world via a network address translation device that converts an internal address of the user devices to a single internet protocol address, typically the internet protocol address of the network address translation device. An external identity management system can communicate with the local identity management module in order to identify which of said plurality of user devices made a particular request and, in some embodiments, to identify a user of said user device. | 05-03-2012 |
20120110677 | SYSTEM FOR PROTECTING PERSONAL DATA - A method of providing data in response to a search request comprises the steps of a social networking website receiving the search request to provide a pseudonym associated with the real name; the social networking website determining that the search request is for a pseudonym which, within its database, is not associated with the real name; the social networking website referring the search request to a identity management server which contains an association between the pseudonym and the real name; the identity management server determining the pseudonym which is associated with the real name; and the identity management server providing an information item which is related to the pseudonym. | 05-03-2012 |
20120240210 | SERVICE ACCESS CONTROL - The invention enables a user to use single-sign-on methodologies to obtain access to a service where that user has more than one account. In addition to querying an identity provider to obtain user credentials in the usual way, the invention enables an application to request and obtain further credentials for that user in order to enable the user to gain access to the desired user account. The user may then be prompted to select which of the available accounts should be used at the application. | 09-20-2012 |
20120311663 | IDENTITY MANAGEMENT - The present invention relates to an improved identity management in which a first authentication request is received from a service provider where the first authentication request requests authentication attributes relating to a user. A second authentication request is transmitted to an identity provider and a first authentication response is received from the identity provider wherein the first authentication response includes at least one authentication attribute relating to said user. At least one predefined policy is applied to the first authentication response to generate a second authentication response and the second authentication response is transmitted to the service provider. | 12-06-2012 |
20130019093 | CERTIFICATE AUTHORITYAANM Seidl; RobertAACI KonigsdorfAACO DEAAGP Seidl; Robert Konigsdorf DEAANM Goetze; NorbertAACI EichenauAACO DEAAGP Goetze; Norbert Eichenau DEAANM Bauer-Hermann; MarkusAACI MunichAACO DEAAGP Bauer-Hermann; Markus Munich DE - A protocol for issuing and controlling digital certificates is described in which an identity management system is used to identify a user requesting a digital certificate and is also used to issue the digital certificate itself. Accordingly, an IDM-based PKI system is provided. | 01-17-2013 |
20130031180 | VIRTUAL IDENTITIES - A template is described that can be applied to user attribute data in order to generate a pseudonym/virtual identity for the user. The pseudonym includes a subset of the user's overall user attributes. The invention also enables a user to determine whether a particular pseudonym meets the requirements of a template by checking the pseudonym against a template provided, for example, by a service provider. | 01-31-2013 |
20140237351 | APPLICATION PROGRAM CONTROL - The present invention relates to application program control, in which a browser | 08-21-2014 |
20140245412 | LINKING CREDENTIALS IN A TRUST MECHANISM - A system is described in which a user is able to generate multiple credentials, each of which includes one or more anchor attributes. Since all credentials contain the anchor attribute(s), the user can offer credentials to a relying party even if he has lost his original secret key. In this way, if a user loses a private key used to sign a credential, then he can use a credential signed by a different private key and still have that credential accepted at a relying party that knows the first credential. Furthermore, the invention enables a user to distribute his identity over multiple identity management systems. | 08-28-2014 |