US Patent 7954139 Arrangements for efficient authentication of service request messages

A server processes a service request message (SRM) including a credential string and information (I) specifying a requested service. The server determines (305) whether or not the received credential string is valid, by comparing the received credential string and a key in an authorization database (FIG. 1 Auth DB; Table 1) that is associated with the server. Records of the authorization database include the key, and zero or more parameters constituting respective restrictions on performing the requested service for the service requester associated with the credential string that matches the key. The server tests (305, and FIG. 4A) any parameter values against the restrictions to judge whether or not the restrictions are met, and causes (322) performance of the requested service if the credential string is determined to be valid and the restrictions are judged to be met. An alternative method involves receiving (352) a credential string, and determining (354) whether or not the received credential string is valid, by comparing the received credential string and an authorization database string from an authorization database (FIG. 1 Auth DB; Table 1) that is associated with the server and that includes a set of records including respective authorization database strings. If the received credential string is determined to be valid, the method further involves receiving (372) the SRM that includes information (I) specifying a requested service, and causing (374) performance of the requested service.