Internetwork authentication
First Claim
Patent Images
1. A internetwork authentication method comprising:
- receiving, by an internetwork authentication proxy, an authentication request for a station in a first network to access a second network from a first local authoritative user datastore interface in the first network;
determining, by the internetwork authentication proxy, a second local authoritative user datastore interface in the second network as a destination of the authentication request, based on the authentication request and an authentication proxy rule;
upon determining the second local authoritative user datastore interface as the destination, routing, by the internetwork authentication proxy, the authentication request to the second local authoritative user datastore interface in the second network, such that internetwork authentication for the station in the first network is carried out in the second network;
receiving, by the internetwork authentication proxy, an authentication result of the internetwork authentication from the second local authoritative user datastore interface in the second network;
sending, by the internetwork authentication proxy, the authentication result of the internetwork authentication to the first local authoritative user datastore interface in the first network, such that the station in the first network gets access to the second network.
4 Assignments
0 Petitions
Accused Products
Abstract
A technique for network authentication interoperability involves initiating an authentication procedure on a first network, authenticating on a second network, and allowing access at the first network. The technique can include filtering access to a network, thereby restricting access to users with acceptable credentials. Offering a service that incorporates these techniques can enable incorporation of the techniques into an existing system with minimal impact to network configuration.
-
Citations
20 Claims
-
1. A internetwork authentication method comprising:
-
receiving, by an internetwork authentication proxy, an authentication request for a station in a first network to access a second network from a first local authoritative user datastore interface in the first network; determining, by the internetwork authentication proxy, a second local authoritative user datastore interface in the second network as a destination of the authentication request, based on the authentication request and an authentication proxy rule; upon determining the second local authoritative user datastore interface as the destination, routing, by the internetwork authentication proxy, the authentication request to the second local authoritative user datastore interface in the second network, such that internetwork authentication for the station in the first network is carried out in the second network; receiving, by the internetwork authentication proxy, an authentication result of the internetwork authentication from the second local authoritative user datastore interface in the second network; sending, by the internetwork authentication proxy, the authentication result of the internetwork authentication to the first local authoritative user datastore interface in the first network, such that the station in the first network gets access to the second network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. An internetwork authentication proxy system comprising:
-
one or more processors; memory storing instructions, when executed by the one or more processors, configured to cause the one or more processors to; receive an authentication request for a station in a first network to access a second network from a first local authoritative user datastore interface in the first network; determine a second local authoritative user datastore interface in the second network as a destination of the authentication request, based on the authentication request and an authentication proxy rule; upon determining the second local authoritative user datastore interface as the destination, route the authentication request to the second local authoritative user datastore interface in the second network, such that internetwork authentication for the station in the first network is carried out in the second network; receive an authentication result of the internetwork authentication from the second local authoritative user datastore interface in the second network; send the authentication result of the internetwork authentication to the first local authoritative user datastore interface in the first network, such that the station in the first network gets access to the second network. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. An internetwork authentication proxy system comprising:
-
a means for receiving an authentication request for a station in a first network to access a second network from a first local authoritative user datastore interface in the first network; a means for determining a second local authoritative user datastore interface in the second network as a destination of the authentication request, based on the authentication request and an authentication proxy rule; a means for routing, upon determining the second local authoritative user datastore interface as the destination, the authentication request to the second local authoritative user datastore interface in the second network, such that internetwork authentication for the station in the first network is carried out in the second network; a means for receiving an authentication result of the internetwork authentication from the second local authoritative user datastore interface in the second network; a means for sending the authentication result of the internetwork authentication to the first local authoritative user datastore interface in the first network, such that the station in the first network gets access to the second network.
-
Specification