Secure access to cloud-based services
First Claim
Patent Images
1. A method to provide secure mobile access to a cloud-based service, comprising:
- receiving, at a security proxy, a request from a mobile device to access the cloud-based service, wherein the request includes a security certificate;
using the security certificate associated with the request to synthesize a basic authentication header associated with the request, wherein the basic authentication header includes a hash of information obtained from the security certificate;
sending the synthesized basic authentication header that includes the hash of information obtained from the security certificate to the cloud-based service on behalf of the mobile device, wherein the cloud-based service is configured to extract credential information from the synthesized basic authentication header and to send the extracted credential information to the security proxy;
using the extracted credential information to determine that access to the cloud based service is authorized; and
providing to the cloud based service a security token that indicates the mobile device is authorized to access the cloud-based service.
5 Assignments
0 Petitions
Accused Products
Abstract
Techniques to provide secure mobile access to a cloud-based service are disclosed. In various embodiments, a request to access the cloud-based service is received from a mobile device. A security certificate associated with the request is used to synthesize a basic authentication header associated with the request. The synthesized basic authentication header is sent to the cloud-based service on behalf of the mobile device.
37 Citations
19 Claims
-
1. A method to provide secure mobile access to a cloud-based service, comprising:
-
receiving, at a security proxy, a request from a mobile device to access the cloud-based service, wherein the request includes a security certificate; using the security certificate associated with the request to synthesize a basic authentication header associated with the request, wherein the basic authentication header includes a hash of information obtained from the security certificate; sending the synthesized basic authentication header that includes the hash of information obtained from the security certificate to the cloud-based service on behalf of the mobile device, wherein the cloud-based service is configured to extract credential information from the synthesized basic authentication header and to send the extracted credential information to the security proxy; using the extracted credential information to determine that access to the cloud based service is authorized; and providing to the cloud based service a security token that indicates the mobile device is authorized to access the cloud-based service. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A system to provide secure mobile access to a cloud-based service, comprising:
-
a communication interface; and a processor coupled to the communication interface and configured to; receive, at a security proxy, a request from a mobile device to access the cloud-based service, wherein the request includes a security certificate; use the security certificate associated with the request to synthesize a basic authentication header associated with the request, wherein the basic authentication header includes a hash of information obtained from the security certificate; send the synthesized basic authentication header that includes the hash of information obtained from the security certificate to the cloud-based service on behalf of the mobile device, wherein the cloud-based service is configured to extract credential information from the synthesized basic authentication header and to send the extracted credential information to the security proxy; use the extracted credential information to determine that access to the cloud-based service is authorized; and provide to the cloud based service a security token that indicates the mobile device is authorized to access the cloud-based service. - View Dependent Claims (18)
-
-
19. A computer program product to provide secure mobile access to a cloud-based service, the computer program product being embodied in a non-transitory computer readable medium and comprising computer instructions for:
-
receiving, at a security proxy, a request from a mobile device to access the cloud-based service, wherein the request includes a security certificate; using the security certificate associated with the request to synthesize a basic authentication header associated with the request, wherein the basic authentication header includes a hash of information obtained from the security certificate; sending the synthesized basic authentication header that includes the hash of information obtained from the security certificate to the cloud-based service on behalf of the mobile device, wherein the cloud-based service is configured to extract credential information from the synthesized basic authentication header and to send the extracted credential information to the security proxy; using the extracted credential information to determine that access to the cloud-based service is authorized; and providing to the cloud based service a security token that indicates the mobile device is authorized to access the cloud-based service.
-
Specification