IDENTITY MANAGEMENT SUITE

US 20090126007A1
Filed: 11/08/2007
Published: 05/14/2009
Est. Priority Date: 11/08/2007
Status: Abandoned Application

First Claim

Patent Images

1. A server platform hosting an integrated software-based identity management suite comprising:

an administration console for domain administration;

an authentication services module for user authentication;

an activity intelligence engine for monitoring user activity;

an open-source-based virtual layer for mapping fields of a legacy user directory to fields within said server platform; and

an internal interface using an open communication protocol adapted to provide communication between said open-source-based virtual layer and at least said authentication services module within said server platform.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A server platform hosting an integrated software-based identity management suite used in a system for authenticating users with respect to a legacy application. The identity management suite includes an administration console for domain administration, an authentication services module for user authentication, an activity intelligence engine for monitoring user activity, an open-source-based virtual layer for mapping fields of a legacy user directory to fields within the server platform, and an internal interface using an open communication protocol adapted to provide communication between the open-source-based virtual layer and at least the authentication services module within the server platform.

62 Citations

View as Search Results

25 Claims

1. A server platform hosting an integrated software-based identity management suite comprising:
- an administration console for domain administration;
  
  an authentication services module for user authentication;
  
  an activity intelligence engine for monitoring user activity;
  
  an open-source-based virtual layer for mapping fields of a legacy user directory to fields within said server platform; and
  
  an internal interface using an open communication protocol adapted to provide communication between said open-source-based virtual layer and at least said authentication services module within said server platform.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The server platform of claim 1 wherein said open-source-based virtual layer comprises a virtual LDAP layer.
  - 3. The server platform of claim 2 wherein said open communication protocol comprises an LDAP communication protocol.
  - 4. The server platform of claim 1 further comprising a legacy user directory.
  - 5. The server platform of claim 4 further comprising an application program interface (API) capable of facilitating access to said legacy user directory.
  - 6. The server platform of claim 1 wherein said administration console includes an administrator user interface adapted to provide user-friendly web-based communication between said server platform and an external administrator computer-based platform.
  - 7. The server platform of claim 1 wherein said identity management suite includes an XML-based protocol interface to communicate with an external legacy server hosting a legacy application.
  - 8. The server platform of claim 1 wherein said administration console further supports HOTP provisioning.
  - 9. The server platform of claim 1 further comprising a wireless network interface supporting HOTP provisioning.

10. A computer readable medium having stored thereon an integrated software suit for identity management, said integrated software suite comprising:
- an administration console for domain administration;
  
  an authentication services module for user authentication;
  
  an activity intelligence engine for monitoring user activity;
  
  an application program interface (API) capable of facilitating access to a legacy user directory;
  
  a virtual LDAP layer for mapping fields of said legacy user directory to defined fields within said software suit; and
  
  an internal LDAP communication protocol interface adapted to provide communication between said virtual LDAP layer and said authentication services module.
- View Dependent Claims (11, 12)
- - 11. The integrated software suite of claim 10 wherein said administration console includes an administrator user interface adapted to provide user-friendly web-based communication between a server platform hosting said software suite and an external administrator computer-based platform.
  - 12. The integrated software suite of claim 10 further comprising an XML-based protocol interface to communicate with an external legacy server hosting a legacy application.

13. A server platform hosting an integrated software-based identity management suite comprising:
- means for providing domain administration services;
  
  means for providing authentication services;
  
  means for providing activity intelligence services;
  
  means for facilitating access to a legacy user directory;
  
  means for mapping legacy user directory fields to server platform fields; and
  
  means for communicating said server platform fields to said means for providing authentication services.
- View Dependent Claims (14, 15)
- - 14. The server platform of claim 13 further comprising means for providing user-friendly communication between said server platform and an external administrator computer-based platform.
  - 15. The server platform of claim 13 further comprising means for communicating with an external legacy server hosting a legacy application.

16. A system providing identity management with respect to a legacy application, said system comprising:
- a first server platform hosting an integrated software-based identity management suite;
  
  at least one administrator computer-based platform operationally interfacing to said first server platform; and
  
  a second server platform hosting a legacy application and operationally interfacing to said first server platform via a secure web-based connection.
- View Dependent Claims (17, 18, 19, 20, 21)
- - 17. The system of claim 16 wherein said first server platform includes at least one legacy user directory.
  - 18. The system of claim 16 wherein said second server platform includes at least one legacy user directory.
  - 19. The system of claim 16 further comprising at least one wireless device wirelessly interfacing to said first server platform to provide HOTP provisioning to said wireless device.
  - 20. The system of claim 16 further comprising at least one user computer-based platform operationally interfacing to said first server platform to provide HOTP provisioning to said computer-based platform.
  - 21. The system of claim 16 wherein said software-based integrated identity management suite comprises:
    - an administration console for domain administration;
      
      an authentication services module for user authentication;
      
      an activity intelligence engine for monitoring user activity;
      
      a virtual LDAP layer for mapping fields of a legacy user directory to defined fields within said software suit; and
      
      an internal LDAP communication protocol interface adapted to provide communication between said virtual LDAP layer and said authentication services module.

22. A method to authenticate a user for use of a legacy application hosted on a legacy server, said method comprising:
- sending an application request from a user browser to a legacy server of a service provider of a legacy application;
  
  said legacy server redirecting said application request to an identity management server via said user browser;
  
  said identity management server sending a user login form to said user browser in response to receiving said redirected application request;
  
  said user browser sending user login information to said identity management server in response to a user of said user browser filling out said user login form;
  
  said identity management server authenticating said user with respect to said legacy application in response to said user login information;
  
  said identity management server sending encoded security assertion information to said legacy server via said user browser in response to a successful authentication of said user;
  
  said legacy server validating said security assertion information; and
  
  said legacy server sending application data corresponding to said legacy application to said user browser in response to validating said security assertion information.
- View Dependent Claims (23, 24, 25)
- - 23. The method of claim 22 wherein said user login information includes a user name, a user password, and a HOTP user pass code.
  - 24. The method of claim 22 wherein said security assertion information includes user directory information obtained from a legacy user directory on said identity management server as part of said authenticating step.
  - 25. The method of claim 22 wherein said security assertion information includes user directory information obtained from a legacy user directory on said legacy server as part of said authenticating step.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Avantia, Inc.
Original Assignee
Avantia, Inc.
Inventors
STANLEY, Anthony, JIMERSON, Brian, ZAMBERLAN, Jennie

Application Number

US11/936,966
Publication Number

US 20090126007A1
Time in Patent Office

Days
Field of Search
US Class Current

726/19
CPC Class Codes

H04L 63/104 Grouping of entities

H04W 12/068 using credential vaults, e....

IDENTITY MANAGEMENT SUITE

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

62 Citations

25 Claims

Specification

Use Cases

Quick Links

Others

IDENTITY MANAGEMENT SUITE

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

62 Citations

25 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others