SYSTEM AND METHOD FOR SAFELY RELAYING AND FILTERING KERBEROS AUTHENTICATION AND AUTHORIZATION REQUESTS ACROSS NETWORK BOUNDARIES
A system and method for providing secure access to an organization's internal resources by an application running on an external network. An agent accepts queries from the application which are passed to a relay with a dynamic filter. The relay establishes a secure connection with a connector t...
Gespeichert in:
| Hauptverfasser: | , , , |
|---|---|
| Format: | Patent |
| Sprache: | eng ; fre ; ger |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | |
|---|---|
| container_issue | |
| container_start_page | |
| container_title | |
| container_volume | |
| creator | MCNEELY, David Forest VAN SLIMMING, Clifford JANSEN, Peter Gerardus JANSSEN, Bob |
| description | A system and method for providing secure access to an organization's internal resources by an application running on an external network. An agent accepts queries from the application which are passed to a relay with a dynamic filter. The relay establishes a secure connection with a connector through the organization's firewall and passes requests from the application to an authentication service running on the internal network to confirm that a user of the application is authorized and issue an authentication ticket which is returned to the application. The application then sends a request to access a specific internal resource based on the authentication ticket, which is passed to a ticket granting service running on the internal network, to verify that said user is authorized to access the specific internal resource, and, if so, issue a service ticket to grant access the application for that resource. |
| format | Patent |
| fullrecord | <record><control><sourceid>epo_EVB</sourceid><recordid>TN_cdi_epo_espacenet_EP4358473A1</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>EP4358473A1</sourcerecordid><originalsourceid>FETCH-epo_espacenet_EP4358473A13</originalsourceid><addsrcrecordid>eNqNyjEOgkAQBVAaC6PeYS5gYcBou8CsbIAdnR1isCHErJVREjyARxfQA1j9_P_fPHi72gmWoGwKJUpGKWhicEpjUQNjoWpjD9OtTSHIY8uRY2RyoCrJ0IpJlBiykxonYnP5LoynCp0MMhm8A4tyJs4hpsqmig26ZTC7tffer365CECjJNnad8_G91179Q__avAYhdt9tAvVJvyDfABI6jyH</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>patent</recordtype></control><display><type>patent</type><title>SYSTEM AND METHOD FOR SAFELY RELAYING AND FILTERING KERBEROS AUTHENTICATION AND AUTHORIZATION REQUESTS ACROSS NETWORK BOUNDARIES</title><source>esp@cenet</source><creator>MCNEELY, David Forest ; VAN SLIMMING, Clifford ; JANSEN, Peter Gerardus ; JANSSEN, Bob</creator><creatorcontrib>MCNEELY, David Forest ; VAN SLIMMING, Clifford ; JANSEN, Peter Gerardus ; JANSSEN, Bob</creatorcontrib><description>A system and method for providing secure access to an organization's internal resources by an application running on an external network. An agent accepts queries from the application which are passed to a relay with a dynamic filter. The relay establishes a secure connection with a connector through the organization's firewall and passes requests from the application to an authentication service running on the internal network to confirm that a user of the application is authorized and issue an authentication ticket which is returned to the application. The application then sends a request to access a specific internal resource based on the authentication ticket, which is passed to a ticket granting service running on the internal network, to verify that said user is authorized to access the specific internal resource, and, if so, issue a service ticket to grant access the application for that resource.</description><language>eng ; fre ; ger</language><subject>ELECTRIC COMMUNICATION TECHNIQUE ; ELECTRICITY ; TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><creationdate>2024</creationdate><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20240424&DB=EPODOC&CC=EP&NR=4358473A1$$EHTML$$P50$$Gepo$$Hfree_for_read</linktohtml><link.rule.ids>230,308,776,881,25542,76289</link.rule.ids><linktorsrc>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20240424&DB=EPODOC&CC=EP&NR=4358473A1$$EView_record_in_European_Patent_Office$$FView_record_in_$$GEuropean_Patent_Office$$Hfree_for_read</linktorsrc></links><search><creatorcontrib>MCNEELY, David Forest</creatorcontrib><creatorcontrib>VAN SLIMMING, Clifford</creatorcontrib><creatorcontrib>JANSEN, Peter Gerardus</creatorcontrib><creatorcontrib>JANSSEN, Bob</creatorcontrib><title>SYSTEM AND METHOD FOR SAFELY RELAYING AND FILTERING KERBEROS AUTHENTICATION AND AUTHORIZATION REQUESTS ACROSS NETWORK BOUNDARIES</title><description>A system and method for providing secure access to an organization's internal resources by an application running on an external network. An agent accepts queries from the application which are passed to a relay with a dynamic filter. The relay establishes a secure connection with a connector through the organization's firewall and passes requests from the application to an authentication service running on the internal network to confirm that a user of the application is authorized and issue an authentication ticket which is returned to the application. The application then sends a request to access a specific internal resource based on the authentication ticket, which is passed to a ticket granting service running on the internal network, to verify that said user is authorized to access the specific internal resource, and, if so, issue a service ticket to grant access the application for that resource.</description><subject>ELECTRIC COMMUNICATION TECHNIQUE</subject><subject>ELECTRICITY</subject><subject>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><fulltext>true</fulltext><rsrctype>patent</rsrctype><creationdate>2024</creationdate><recordtype>patent</recordtype><sourceid>EVB</sourceid><recordid>eNqNyjEOgkAQBVAaC6PeYS5gYcBou8CsbIAdnR1isCHErJVREjyARxfQA1j9_P_fPHi72gmWoGwKJUpGKWhicEpjUQNjoWpjD9OtTSHIY8uRY2RyoCrJ0IpJlBiykxonYnP5LoynCp0MMhm8A4tyJs4hpsqmig26ZTC7tffer365CECjJNnad8_G91179Q__avAYhdt9tAvVJvyDfABI6jyH</recordid><startdate>20240424</startdate><enddate>20240424</enddate><creator>MCNEELY, David Forest</creator><creator>VAN SLIMMING, Clifford</creator><creator>JANSEN, Peter Gerardus</creator><creator>JANSSEN, Bob</creator><scope>EVB</scope></search><sort><creationdate>20240424</creationdate><title>SYSTEM AND METHOD FOR SAFELY RELAYING AND FILTERING KERBEROS AUTHENTICATION AND AUTHORIZATION REQUESTS ACROSS NETWORK BOUNDARIES</title><author>MCNEELY, David Forest ; VAN SLIMMING, Clifford ; JANSEN, Peter Gerardus ; JANSSEN, Bob</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-epo_espacenet_EP4358473A13</frbrgroupid><rsrctype>patents</rsrctype><prefilter>patents</prefilter><language>eng ; fre ; ger</language><creationdate>2024</creationdate><topic>ELECTRIC COMMUNICATION TECHNIQUE</topic><topic>ELECTRICITY</topic><topic>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</topic><toplevel>online_resources</toplevel><creatorcontrib>MCNEELY, David Forest</creatorcontrib><creatorcontrib>VAN SLIMMING, Clifford</creatorcontrib><creatorcontrib>JANSEN, Peter Gerardus</creatorcontrib><creatorcontrib>JANSSEN, Bob</creatorcontrib><collection>esp@cenet</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>MCNEELY, David Forest</au><au>VAN SLIMMING, Clifford</au><au>JANSEN, Peter Gerardus</au><au>JANSSEN, Bob</au><format>patent</format><genre>patent</genre><ristype>GEN</ristype><title>SYSTEM AND METHOD FOR SAFELY RELAYING AND FILTERING KERBEROS AUTHENTICATION AND AUTHORIZATION REQUESTS ACROSS NETWORK BOUNDARIES</title><date>2024-04-24</date><risdate>2024</risdate><abstract>A system and method for providing secure access to an organization's internal resources by an application running on an external network. An agent accepts queries from the application which are passed to a relay with a dynamic filter. The relay establishes a secure connection with a connector through the organization's firewall and passes requests from the application to an authentication service running on the internal network to confirm that a user of the application is authorized and issue an authentication ticket which is returned to the application. The application then sends a request to access a specific internal resource based on the authentication ticket, which is passed to a ticket granting service running on the internal network, to verify that said user is authorized to access the specific internal resource, and, if so, issue a service ticket to grant access the application for that resource.</abstract><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | |
| ispartof | |
| issn | |
| language | eng ; fre ; ger |
| recordid | cdi_epo_espacenet_EP4358473A1 |
| source | esp@cenet |
| subjects | ELECTRIC COMMUNICATION TECHNIQUE ELECTRICITY TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION |
| title | SYSTEM AND METHOD FOR SAFELY RELAYING AND FILTERING KERBEROS AUTHENTICATION AND AUTHORIZATION REQUESTS ACROSS NETWORK BOUNDARIES |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-06T19%3A15%3A36IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-epo_EVB&rft_val_fmt=info:ofi/fmt:kev:mtx:patent&rft.genre=patent&rft.au=MCNEELY,%20David%20Forest&rft.date=2024-04-24&rft_id=info:doi/&rft_dat=%3Cepo_EVB%3EEP4358473A1%3C/epo_EVB%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |