Systems and methods for credentialing of non-local requestors in decoupled systems utilizing a domain local authenticator

US 10,367,801 B2
Filed: 06/12/2018
Issued: 07/30/2019
Est. Priority Date: 10/28/2014
Status: Active Grant

First Claim

Patent Images

1. A system, comprising:

a domain, including;

a processor coupled to a memory,a set of resources,the processor executing instructions implementing a local domain authenticator for;

providing a member credential to use in accessing the set of resources of the domain during a session,authenticating the member credential associated with the domain; and

a remote authenticator, for;

providing the member credential to a non-local requestor which is not a member of the domain by;

receiving an authentication request from the non-local requestor outside the domain, wherein the request is to be authenticated for accessing the set of resources,authenticating the non-local requestor using the authentication request, wherein authenticating the non-local requestor comprises establishing a secure channel with the non-local requester based on a unique previously provisioned domain key associated with both that domain and the non-local requestor,accessing the local domain authenticator to obtain the member credential associated with the domain, andproviding the member credential to the non-local requester, wherein the non-local requester can access the set of resources of the domain during a session maintained between the non-local requester and the domain using the member credential and authentication of an access of the non-local requester to the set of resources during the session is performed using the local domain authenticator and the member credential.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments as disclosed provide systems and methods that use a local authenticator within a domain to provide a credential to access a resource of the domain to a non-local requestor. When a request is received from a non-local requestor at the domain the non-local requestor can be authenticated based on the request. The local authenticator can then be accessed to obtain a credential. This credential may be the same type of credential provided to members of the domain when they authenticate using the local authenticator. The credential is provided to the non-local requestor so the non-local requestor can access the resource of the domain using the credential and authentication of the non-local requestor with respect to these accesses can be accomplished using the local domain authenticator and the credential.

Citations

20 Claims

1. A system, comprising:
- a domain, including;
  
  a processor coupled to a memory,a set of resources,the processor executing instructions implementing a local domain authenticator for;
  
  providing a member credential to use in accessing the set of resources of the domain during a session,authenticating the member credential associated with the domain; and
  
  a remote authenticator, for;
  
  providing the member credential to a non-local requestor which is not a member of the domain by;
  
  receiving an authentication request from the non-local requestor outside the domain, wherein the request is to be authenticated for accessing the set of resources,authenticating the non-local requestor using the authentication request, wherein authenticating the non-local requestor comprises establishing a secure channel with the non-local requester based on a unique previously provisioned domain key associated with both that domain and the non-local requestor,accessing the local domain authenticator to obtain the member credential associated with the domain, andproviding the member credential to the non-local requester, wherein the non-local requester can access the set of resources of the domain during a session maintained between the non-local requester and the domain using the member credential and authentication of an access of the non-local requester to the set of resources during the session is performed using the local domain authenticator and the member credential.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The system of claim 1, wherein the authentication of the non-local requestor using the authentication request is accomplished using the Secure Shell (SSH) protocol.
  - 3. The system of claim 1, wherein authenticating a non-local requestor which is not a member of the domain includes updating session data associated with the non-local requestor to indicate that the non-local requestor has been authenticated.
  - 4. The system of claim 3, wherein authenticating a non-local requestor which is not a member of the domain is done by receiving a credential request from the non-local requestor and, in response to the credential request, accessing the session data for the non-local requestor to determine if the non-local requestor has been authenticated.
  - 5. The system of claim 4, wherein the remote authenticator has a local account with the local domain authenticator and the member credential is associated with the local account.
  - 6. The system of claim 1, wherein the non-local requestor and the remote authenticator are part of a cloud based managed file transfer (MFT) system.
  - 7. The system of claim 6, wherein the non-local requestor is a cloud command center operable for the coordination of MFT instances and the domain is a data center including an MFT Instance.
  - 8. The system of claim 7, wherein the set of resources includes a managed file transfer service for transferring files between servers by:
    - receiving a file transfer request from a sender to send a file to a recipient;
      
      determining a location of the recipient;
      
      determining a location server that is closest to the location of the recipient; and
      
      automatically initiating a server-to-server transfer to move the file to the location server that is closest to the location of the recipient.
  - 9. The system of claim 8, wherein the MFT instance includes a transfer server that is used to provide the remote authenticator and an authentication server is used to provide the local domain authenticator.
  - 10. The system of claim 9, wherein the authentication server uses OpenText Directory Services (OTDS).

11. A method, comprising:
- receiving, at a remote authenticator in a domain with a set of resources, an authentication request from a non-local requestor which is not a member of the domain, wherein the request is to be authenticated for accessing the set of resources;
  
  authenticating the non-local requestor using the authentication request, wherein authenticating the non-local requestor comprises establishing a secure channel with the non-local requestor based on a unique previously provisioned domain key associated with both that domain and the non-local requestor;
  
  accessing a local domain authenticator to obtain a member credential, wherein the member credential is for use in accessing the set of resources of the domain during a session; and
  
  providing the member credential to the non-local requestor, wherein the non-local requestor can access the set of resources of the domain during a session maintained between the non-local requestor and the domain using the member credential and authentication of an access of the non-local requestor to the set of resources during the session is performed using the local domain authenticator to authenticate the member credential.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The method of claim 11, wherein the authentication of the non-local requestor using the authentication request is accomplished using the Secure Shell (SSH) protocol.
  - 13. The method of claim 11, wherein authenticating the non-local requestor which is not a member of the domain includes updating session data associated with the non-local requestor to indicate that the non-local requestor has been authenticated.
  - 14. The method of claim 13, wherein authenticating the non-local requestor which is not a member of the domain is done by receiving a credential request from the non-local requestor and, in response to the credential request, accessing the session data for the non-local requestor to determine if the non-local requestor has been authenticated.
  - 15. The method of claim 14, wherein the remote authenticator has a local account with the local domain authenticator and the member credential is associated with the local account.
  - 16. The method of claim 11, wherein the non-local requestor and the remote authenticator are part of a cloud based managed file transfer (MFT) system.
  - 17. The method of claim 16, wherein the non-local requestor is a cloud command center operable for the coordination of MFT instances and the domain is a data center including an MFT Instance.
  - 18. The method of claim 17, wherein the set of resources includes a managed file transfer service for transferring files between servers by:
    - receiving a file transfer request from a sender to send a file to a recipient;
      
      determining a location of the recipient;
      
      determining a location server that is closest to the location of the recipient; and
      
      automatically initiating a server-to-server transfer to move the file to the location server that is closest to the location of the recipient.
  - 19. The method of claim 18, wherein the MFT instance includes a transfer server that is used to provide the remote authenticator and an authentication server is used to provide the local domain authenticator.
  - 20. The method of claim 19, wherein the authentication server uses OpenText Directory Services (OTDS).

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ip Ot Sub Ulc
Original Assignee
Open Text Sa Ulc (Open Text Corporation)
Inventors
Matthews, Glen, Carroll, Jonathan, Dajani, Aladin
Primary Examiner(s)
Vaughan, Michael R

Application Number

US16/006,394
Publication Number

US 20180332018A1
Time in Patent Office

413 Days
Field of Search

None
US Class Current
CPC Class Codes

H04L 63/08   for authentication of entit...

H04L 63/10   for controlling access to d...

H04L 67/01   Protocols

H04L 67/06   specially adapted for file ...

H04L 67/10   in which an application is ...

H04L 67/14   Session management for real...

Systems and methods for credentialing of non-local requestors in decoupled systems utilizing a domain local authenticator

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for credentialing of non-local requestors in decoupled systems utilizing a domain local authenticator

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links