HYBRID SINGLE SIGN-ON FOR SOFTWARE APPLICATIONS AND SERVICES USING CLASSIC AND MODERN IDENTITY PROVIDERS

HYBRID SINGLE SIGN-ON FOR SOFTWARE APPLICATIONS AND SERVICES USING CLASSIC AND MODERN IDENTITY PROVIDERS

An authentication management system receives a resource request directed to a software service, which may require password-based authentication. The system redirects the resource request to an authentication identity provider (IdP), and receives an authentication token generated by the authenticatio...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Al-Hilali, Hilal, Downing, David K, Badwe, Ashutosh, Dalzell, Javier, Balakrishnan, Anilkumar, Peruvemba, Ramakrishnan
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page
container_issue
container_start_page
container_title
container_volume
creator Al-Hilali, Hilal
Downing, David K
Badwe, Ashutosh
Dalzell, Javier
Balakrishnan, Anilkumar
Peruvemba, Ramakrishnan
description An authentication management system receives a resource request directed to a software service, which may require password-based authentication. The system redirects the resource request to an authentication identity provider (IdP), and receives an authentication token generated by the authentication IdP. The redirecting of the resource request comprises transmission of an authentication request, which includes user identity information that can be authenticated by the IdP but does not include a password for the software service. In response to receiving the authentication token, the system causes a shadow account to be created with the software service. For password-based authentication, this may include setting a temporary, random password for the shadow account. The system is then able to generate authenticated connection information (e.g., an authentication cookie) for the software service and transmit it to a client device, which enables the client device to access the software service via an authenticated connection.
format Patent
fullrecord <record><control><sourceid>epo_EVB</sourceid><recordid>TN_cdi_epo_espacenet_US2019068578A1</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>US2019068578A1</sourcerecordid><originalsourceid>FETCH-epo_espacenet_US2019068578A13</originalsourceid><addsrcrecordid>eNqNi8EKgkAURd20iOofHrQWtKhsOY2jPbA38t5ouBKJiRZRgv0_WfQBrQ6He-40uB2bA2MKgpQXZkROoSXILIPYzJ0VG1BlWaBWDi0JKBpjwzVqI1B9bqALJYL6O51sapgAU0MOXQMl23oUlnkwuXb3wS9-nAXLzDh9DH3_bP3Qdxf_8K-2klUU76NtstklKl7_V70BCx021g</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>patent</recordtype></control><display><type>patent</type><title>HYBRID SINGLE SIGN-ON FOR SOFTWARE APPLICATIONS AND SERVICES USING CLASSIC AND MODERN IDENTITY PROVIDERS</title><source>esp@cenet</source><creator>Al-Hilali, Hilal ; Downing, David K ; Badwe, Ashutosh ; Dalzell, Javier ; Balakrishnan, Anilkumar ; Peruvemba, Ramakrishnan</creator><creatorcontrib>Al-Hilali, Hilal ; Downing, David K ; Badwe, Ashutosh ; Dalzell, Javier ; Balakrishnan, Anilkumar ; Peruvemba, Ramakrishnan</creatorcontrib><description>An authentication management system receives a resource request directed to a software service, which may require password-based authentication. The system redirects the resource request to an authentication identity provider (IdP), and receives an authentication token generated by the authentication IdP. The redirecting of the resource request comprises transmission of an authentication request, which includes user identity information that can be authenticated by the IdP but does not include a password for the software service. In response to receiving the authentication token, the system causes a shadow account to be created with the software service. For password-based authentication, this may include setting a temporary, random password for the shadow account. The system is then able to generate authenticated connection information (e.g., an authentication cookie) for the software service and transmit it to a client device, which enables the client device to access the software service via an authenticated connection.</description><language>eng</language><subject>CALCULATING ; COMPUTING ; COUNTING ; ELECTRIC COMMUNICATION TECHNIQUE ; ELECTRIC DIGITAL DATA PROCESSING ; ELECTRICITY ; PHYSICS ; TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><creationdate>2019</creationdate><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&amp;date=20190228&amp;DB=EPODOC&amp;CC=US&amp;NR=2019068578A1$$EHTML$$P50$$Gepo$$Hfree_for_read</linktohtml><link.rule.ids>230,308,776,881,25543,76293</link.rule.ids><linktorsrc>$$Uhttps://worldwide.espacenet.com/publicationDetails/biblio?FT=D&amp;date=20190228&amp;DB=EPODOC&amp;CC=US&amp;NR=2019068578A1$$EView_record_in_European_Patent_Office$$FView_record_in_$$GEuropean_Patent_Office$$Hfree_for_read</linktorsrc></links><search><creatorcontrib>Al-Hilali, Hilal</creatorcontrib><creatorcontrib>Downing, David K</creatorcontrib><creatorcontrib>Badwe, Ashutosh</creatorcontrib><creatorcontrib>Dalzell, Javier</creatorcontrib><creatorcontrib>Balakrishnan, Anilkumar</creatorcontrib><creatorcontrib>Peruvemba, Ramakrishnan</creatorcontrib><title>HYBRID SINGLE SIGN-ON FOR SOFTWARE APPLICATIONS AND SERVICES USING CLASSIC AND MODERN IDENTITY PROVIDERS</title><description>An authentication management system receives a resource request directed to a software service, which may require password-based authentication. The system redirects the resource request to an authentication identity provider (IdP), and receives an authentication token generated by the authentication IdP. The redirecting of the resource request comprises transmission of an authentication request, which includes user identity information that can be authenticated by the IdP but does not include a password for the software service. In response to receiving the authentication token, the system causes a shadow account to be created with the software service. For password-based authentication, this may include setting a temporary, random password for the shadow account. The system is then able to generate authenticated connection information (e.g., an authentication cookie) for the software service and transmit it to a client device, which enables the client device to access the software service via an authenticated connection.</description><subject>CALCULATING</subject><subject>COMPUTING</subject><subject>COUNTING</subject><subject>ELECTRIC COMMUNICATION TECHNIQUE</subject><subject>ELECTRIC DIGITAL DATA PROCESSING</subject><subject>ELECTRICITY</subject><subject>PHYSICS</subject><subject>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</subject><fulltext>true</fulltext><rsrctype>patent</rsrctype><creationdate>2019</creationdate><recordtype>patent</recordtype><sourceid>EVB</sourceid><recordid>eNqNi8EKgkAURd20iOofHrQWtKhsOY2jPbA38t5ouBKJiRZRgv0_WfQBrQ6He-40uB2bA2MKgpQXZkROoSXILIPYzJ0VG1BlWaBWDi0JKBpjwzVqI1B9bqALJYL6O51sapgAU0MOXQMl23oUlnkwuXb3wS9-nAXLzDh9DH3_bP3Qdxf_8K-2klUU76NtstklKl7_V70BCx021g</recordid><startdate>20190228</startdate><enddate>20190228</enddate><creator>Al-Hilali, Hilal</creator><creator>Downing, David K</creator><creator>Badwe, Ashutosh</creator><creator>Dalzell, Javier</creator><creator>Balakrishnan, Anilkumar</creator><creator>Peruvemba, Ramakrishnan</creator><scope>EVB</scope></search><sort><creationdate>20190228</creationdate><title>HYBRID SINGLE SIGN-ON FOR SOFTWARE APPLICATIONS AND SERVICES USING CLASSIC AND MODERN IDENTITY PROVIDERS</title><author>Al-Hilali, Hilal ; Downing, David K ; Badwe, Ashutosh ; Dalzell, Javier ; Balakrishnan, Anilkumar ; Peruvemba, Ramakrishnan</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-epo_espacenet_US2019068578A13</frbrgroupid><rsrctype>patents</rsrctype><prefilter>patents</prefilter><language>eng</language><creationdate>2019</creationdate><topic>CALCULATING</topic><topic>COMPUTING</topic><topic>COUNTING</topic><topic>ELECTRIC COMMUNICATION TECHNIQUE</topic><topic>ELECTRIC DIGITAL DATA PROCESSING</topic><topic>ELECTRICITY</topic><topic>PHYSICS</topic><topic>TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION</topic><toplevel>online_resources</toplevel><creatorcontrib>Al-Hilali, Hilal</creatorcontrib><creatorcontrib>Downing, David K</creatorcontrib><creatorcontrib>Badwe, Ashutosh</creatorcontrib><creatorcontrib>Dalzell, Javier</creatorcontrib><creatorcontrib>Balakrishnan, Anilkumar</creatorcontrib><creatorcontrib>Peruvemba, Ramakrishnan</creatorcontrib><collection>esp@cenet</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Al-Hilali, Hilal</au><au>Downing, David K</au><au>Badwe, Ashutosh</au><au>Dalzell, Javier</au><au>Balakrishnan, Anilkumar</au><au>Peruvemba, Ramakrishnan</au><format>patent</format><genre>patent</genre><ristype>GEN</ristype><title>HYBRID SINGLE SIGN-ON FOR SOFTWARE APPLICATIONS AND SERVICES USING CLASSIC AND MODERN IDENTITY PROVIDERS</title><date>2019-02-28</date><risdate>2019</risdate><abstract>An authentication management system receives a resource request directed to a software service, which may require password-based authentication. The system redirects the resource request to an authentication identity provider (IdP), and receives an authentication token generated by the authentication IdP. The redirecting of the resource request comprises transmission of an authentication request, which includes user identity information that can be authenticated by the IdP but does not include a password for the software service. In response to receiving the authentication token, the system causes a shadow account to be created with the software service. For password-based authentication, this may include setting a temporary, random password for the shadow account. The system is then able to generate authenticated connection information (e.g., an authentication cookie) for the software service and transmit it to a client device, which enables the client device to access the software service via an authenticated connection.</abstract><oa>free_for_read</oa></addata></record>
fulltext fulltext_linktorsrc
identifier
ispartof
issn
language eng
recordid cdi_epo_espacenet_US2019068578A1
source esp@cenet
subjects CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
title HYBRID SINGLE SIGN-ON FOR SOFTWARE APPLICATIONS AND SERVICES USING CLASSIC AND MODERN IDENTITY PROVIDERS
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-26T10%3A07%3A55IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-epo_EVB&rft_val_fmt=info:ofi/fmt:kev:mtx:patent&rft.genre=patent&rft.au=Al-Hilali,%20Hilal&rft.date=2019-02-28&rft_id=info:doi/&rft_dat=%3Cepo_EVB%3EUS2019068578A1%3C/epo_EVB%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true