×

Identity proxy to provide access control and single sign on

  • US 10,003,600 B2
  • Filed: 01/26/2016
  • Issued: 06/19/2018
  • Est. Priority Date: 01/26/2015
  • Status: Active Grant
First Claim
Patent Images

1. A method of providing secure access to a cloud-based service, comprising:

  • receiving a request associated with a client app on a device to connect to a security proxy associated with the cloud-based service, wherein the security proxy is remote from the cloud-based service; and

    determining whether a security posture associated with the device is compliant;

    establishing, by a tunnel server associated with the security proxy, a secure tunnel between the device and the security proxy in response to determining that the security posture associated with the device is compliant;

    determining by the security proxy that the requesting client app is authorized to access the cloud-based service from the device based on information associated with the device;

    obtaining, by the security proxy from an identity provider associated with the cloud-based service, a security token signed by the identity provider;

    providing, by the tunnel server, the security token to the client app, wherein the security token is to be used by the client app to authenticate to the cloud-based service; and

    monitoring, by the tunnel server, a compliance posture of the device and blocking access to the cloud-based service based at least in part on an indication that the compliance posture of the device has changed.

View all claims
  • 4 Assignments
Timeline View
Assignment View
    ×
    ×