Browse Prior Art Database

A system and method of switching among multiple SSO accounts based on context information analysis

IP.com Disclosure Number: IPCOM000245575D
Publication Date: 2016-Mar-18
Document File: 7 page(s) / 156K

Publishing Venue

The IP.com Prior Art Database

Abstract

Single sign-on(SSO) enables a user to log in multiple related, but independent systems using a single ID. In some situations, a user might own several SSO IDs, each is specifically for accessing a partial set of the application systems in that network. For example, a user located in quality team might have several SSO IDs, one for his daily work use (access mail system, company HR system, defect reporting system, etc...), and the other is specifically for testing purpose (access various testing applications). In a normal working day, it's likely the user will switch back and forth across various applications. In order to have proper system access right, the user might need to switch among the SSO IDs constantly, which is time consuming and annoying. With respect to the issue mentioned above, this invention proposes a system to efficiently switch SSO IDs that are owned by a single user.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 52% of the total text.

Page 01 of 7

A system and method of switching among multiple SSO accounts based on context information analysis

The novelty of the invention could be summarized as below:

The system collects and saves historical SSO login account and corresponding context data and utilize Big Data Rule Engine to build up


1.

a prediction model. For subsequent log in, the system will feed the prediction model with current context info. The system performs context analysis on the data and then output a prediction SSO ID list sorted by confidence level.

The system also provides a configurable setting called "Automatically Switching SSO IDs", which will automatically switch SSO ID


2.

account for the user if confidence level of that SSO ID is above a certain level.

The primary advantage of the proposed invention would be improving efficiency as user would spend much less time on switching SSO IDs .

The invention can be considered as a plug-in in the original SSO architecture. The innovation points are highlighted in orange.

Component Diagram:

1



Page 02 of 7

The system will work this way:

Whenever the user logs in with a SSO account, the Context Information Collector will record the account info and collect various contextual data. The contextual data will included but not limited to:

Current log in SSO ID: gets the input from UI Module (Account Selection) and Account Determination Module.


1.

Target service site: the website the user intends to log in with this SSO ID.


2.

Time (Local device): record when the user logs in with this SSO ID.


3.

Location (Local device): record the geographic location the user logs in with this SSO ID.


4.

Recently running apps: recent running apps might have some correlations with this SSO ID.


5.

Browser type/mode: the browser type or mode used for this SSO.


6.

Info from wearable device: data on the wearable (ex: GPS location) device might suggest which SSO ID should be used.


7.

Other collectable info.


8.

These accounts and historical contextual data accumulated in Context&Account Info DB will be passed to Big Data Engine to build up an account prediction model. For subsequent SSO re-authentications, Big Data Engine will take current contextual data, run the prediction

2



Page 03 of 7

model and output a prediction list. The prediction list will be sorted by confidence level and be passed to Account Determination Module.

If the confidence level is high (above the pre-defined threshold), Account Determination Module will further check the newly added browser setting "Automatically Switching SSO IDs". If the setting is 'ON', t...