Authentication and Authorization Across Autonomous Network Systems
First Claim
1. An enterprise network architecture, comprising:
- a first network system including one or more first network system domains;
a second network system including one or more second network system domains, the second network system being autonomous from the first network system such that the first network system domains are administratively independent from the second network system domains; and
a trust link between a first network system root domain and a second network system root domain, the trust link configured to provide transitive resource access between the one or more first network system domains and the one or more second network system domains.
1 Assignment
0 Petitions
Accused Products
Abstract
An enterprise network architecture has a trust link established between two autonomous network systems that enables transitive resource access between network domains of the two network systems. The trust link is defined by data structures maintained by each of the respective network systems. The first network system maintains namespaces that correspond to the second network system and a domain controller in the first network system, or a first network system administrator, indicates whether to trust individual namespaces. An account managed by a domain in the second network system can request authentication via a domain controller in the first network system. The first network system determines from the trust link to communicate the authentication request to the second network system. The first network system also determines from the trust link where to communicate authorization requests when administrators manage group memberships and access control lists.
-
Citations
20 Claims
-
1. An enterprise network architecture, comprising:
-
a first network system including one or more first network system domains;
a second network system including one or more second network system domains, the second network system being autonomous from the first network system such that the first network system domains are administratively independent from the second network system domains; and
a trust link between a first network system root domain and a second network system root domain, the trust link configured to provide transitive resource access between the one or more first network system domains and the one or more second network system domains. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A network system domain, comprising:
-
a root domain controller communicatively linked with one or more network system domains in a first network system; and
a trusted domain component configured to define a trust link between the root domain controller and a second network system root domain controller, the second network system root domain controller communicatively linked with one or more second network system domains that are administratively independent from the first network system domains, and the trust link being configured to provide transitive resource access between the first network system domains and the second network system domains. - View Dependent Claims (20)
-
Specification