Using SSO processes to manage security credentials in a provisioning management system
First Claim
Patent Images
11. A data processing system comprising:
- a bus system;
a communications system connected to the bus system;
a memory connected to the bus system, wherein the memory includes a set of instructions;
an instruction execution unit; and
a processing unit connected to the bus system, wherein the processing unit executes the set of instructions to receive a request from a client, wherein the request includes input parameters and wherein the input parameters define a host domain of a host;
verify the host domain;
verify client credentials in response to the host domain being verified, wherein the client credentials indicate accessibility to the host domain;
check the host accessibility in response to the client credentials being verified; and
return to the client a link to service access protocol credentials of the host in response to the host being accessible.
1 Assignment
0 Petitions
Accused Products
Abstract
A method, apparatus, and computer program product are provided for using single sign-on (SSO) processes to manage security credentials in a provisioning management system. Service access operations are provided that embed credential operations and matching algorithms. Credential operations are treated at different levels of abstraction and define separate services to deal with authentication and authorization aspects. This is performed in order to be able to plug-in an external credential repository, which may be authentication/authorization provided by a third party entity.
75 Citations
23 Claims
-
11. A data processing system comprising:
-
a bus system;
a communications system connected to the bus system;
a memory connected to the bus system, wherein the memory includes a set of instructions;
an instruction execution unit; and
a processing unit connected to the bus system, wherein the processing unit executes the set of instructions to receive a request from a client, wherein the request includes input parameters and wherein the input parameters define a host domain of a host;
verify the host domain;
verify client credentials in response to the host domain being verified, wherein the client credentials indicate accessibility to the host domain;
check the host accessibility in response to the client credentials being verified; and
return to the client a link to service access protocol credentials of the host in response to the host being accessible. - View Dependent Claims (12, 13, 14, 15, 16, 17)
-
-
18. A computer program product for managing security credentials the computer program product comprising:
-
a computer usable medium embodying one or more instructions executable by the computer, the one or more instructions comprising;
first instructions for receiving a request from a client, wherein the request includes input parameters and wherein the input parameters define a host domain of a host;
second instructions for verifying the host domain;
in response to the host domain being verified, third instructions for verifying client credentials, wherein the client credentials indicate accessibility to the host domain;
in response to the client credentials being verified, fourth instructions for checking the host accessibility; and
in response to the host being accessible, fifth instructions for returning to the client a link to service access protocol credentials of the host. - View Dependent Claims (1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 19, 20, 21, 22, 23)
-
-
22-1. The computer program product of claim 18, further comprising:
-
in response the nonexistence of the host domain in the data structure, first sub-instructions for checking for a sub-domain in the data structure; and
in response to the existence of a sub-domain, second sub-instructions for sending an acknowledgement to the client.
-
Specification