Browse Prior Art Database

Unified authentication mechanism in Cloud environment.

IP.com Disclosure Number: IPCOM000244468D
Publication Date: 2015-Dec-15
Document File: 6 page(s) / 79K

Publishing Venue

The IP.com Prior Art Database

Abstract

An authentication controller module is used to compute the set of command that should be used for a specific client authentication. The information of the commands is stored in a datastore. From the command information, it should be identified of the store location of the command. One or more command servers provide the command used to authenticate against different authentication servers. At a client side, an engine is deployed to retrieve the command information from the authentication controller and then download the command from the command server and run the command to proceed with the authentication.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 28% of the total text.

Page 01 of 6

Unified authentication mechanism in Cloud environment

Unified authentication mechanism in Cloud environment. .

SaaS(Software as a service) offering is popular and important in the cloud computing environment today. The SaaS service can be provided to enterprises. In most enterprises, multiple applications are used in an enterprise. Some of those applications are SaaS applications provided by SaaS vendors that runs on cloud. Some are applications running on-prem systems inside the enterprise, which are owned and managed by the enterprise. Centralized authentication is a strategy in many enterprises. This eases the management of the identify in a centralized location. So, all the applications(cloud applications and on-prem applications) used by an enterprise need to authenticate against a central server in the enterprise.

For a SaaS application running on cloud, it need to provide service to different enterprises, and need to authenticate users from different enterprises. The authentication schema from different enterprises varies widely. For example, some enterprise may use simple user/password authentication, some enterprise may use SAML sso, some enterprise may use OAuth, some enterprise may use more complex multi-factor authentication to increase security. Some of those authentication service types are web based and can provide GUI pages in browsers to proceed with authentication interactively. But there are some other types which are not web based and does not provide any GUI page. Even for those that provide GUI pages in browsers, that does not benefit non-browser clients like mobile clients and desktop clients.

A unified and flexible solution is required to ease the authentication against different types of services from different enterprises for a SaaS offering.

A unified and flexible authentication system include:

1) An authentication controller module computes the set of command that should be used for a specific client authentication
2) One or more command servers provide the commands used to authenticate against different authentication servers.

3) (Optional)An command transformation module transforms command to unified format

4) An engine in the client side download and runs the command to complete the authentication

I


I.

.. Detailed description of the modules in the invention Detailed description of the modules in the invention

Detailed description of the modules in the invention(

((Take Fig Take Fig

Take Fig.

..111 as reference

as reference

as reference): ):

1) An authentication controller module computes the set of command that should be used for a specific client authentication

The authentication controller module accepts parameters from client, which may include client type, user name, email, location, etc. With these parameters, the authentication controller module compute and get a set of command that should be used. The result could be a list of name/URL/path that points to the command locations. The compute may...