Single sign-on with common access card
First Claim
1. A computer system comprising:
- a module that verifies information supplied by a user attempting to gain access to a computer system;
a token generator coupled to the module, the token generator creating a token for the user after the information is verified;
a portal coupled to the token generator and receiving the token, the portal presenting application information to the user for applications that the user is allowed to access and allowing the user to select an application;
a first application interface coupled to the portal and accessing the token, the application interface validating the token;
a web-based application coupled to the application interface, the application providing the user access to the application after the application interface validates the token;
a second application interface coupled to the portal and accessing the token, the second application interface validating the token; and
a non-web-based application coupled to the second application interface, the second application providing the user access to the second application after the second application interface validates the token.
2 Assignments
0 Petitions
Accused Products
Abstract
A mechanism eliminates the number of times a user must login to individual services after initially logging into a computer system. A user only logs once into a computer system, and subsequent login requests by multiple services are handled automatically and transparently by the system. In one implementation, a user need only present a card to a card reader and enter a PIN, and the user is logged-in after presenting the card and a valid PIN. The system generates a token that is valid for this particular login session of the user, and when the user accesses a permissioned service, the system automatically logs-in the user to the application using the token. The system can perform the automatic login the user to a variety of applications including legacy applications, web-enabled applications, and commercial, off-the-shelf applications.
-
Citations
16 Claims
-
1. A computer system comprising:
-
a module that verifies information supplied by a user attempting to gain access to a computer system;
a token generator coupled to the module, the token generator creating a token for the user after the information is verified;
a portal coupled to the token generator and receiving the token, the portal presenting application information to the user for applications that the user is allowed to access and allowing the user to select an application;
a first application interface coupled to the portal and accessing the token, the application interface validating the token;
a web-based application coupled to the application interface, the application providing the user access to the application after the application interface validates the token;
a second application interface coupled to the portal and accessing the token, the second application interface validating the token; and
a non-web-based application coupled to the second application interface, the second application providing the user access to the second application after the second application interface validates the token.
-
-
2. A method comprising:
-
accessing user information pertaining to a user;
logging-in a user to a computer system based on the user information;
receiving a request from the user to access an application on the computer system, the application ordinarily requiring users to login in order to access the application; and
providing the user access to the application in an automated manner such that the user does not have to enter login information in order to access the application. - View Dependent Claims (3, 4, 5, 6, 7, 8)
-
-
9. A computer system comprising:
-
a module that verifies information supplied by a user attempting to gain access to a computer system;
a token generator coupled to the module, the token generator creating a token for the user after the information is verified;
a portal coupled to the token generator and receiving the token, the portal presenting application information to the user for applications that the user is allowed to access and allowing the user to select an application;
an application interface coupled to the portal and accessing the token, the application interface validating the token; and
an application coupled to the application interface, the application interface dynamically providing the user access to the application in real time after the application interface validates the token. - View Dependent Claims (10, 11, 12, 13)
-
-
14. A system comprising one or more computer-readable media, the media collectively having instructions that when executed on one or more machines result in at least the following:
-
accessing user information pertaining to a user;
verifying the user information;
logging-in the user to a computer system based on the verified user information;
creating a token for the user after logging-in the user; and
providing, based on the token, the user access to an application in an automated manner such that the user does not have to enter login information in order to access the application. - View Dependent Claims (15, 16)
-
Specification