Authentication in a globally distributed infrastructure for secure content management
First Claim
1. A method for providing an SCM service to users of IT devices, the method comprising the steps of:
- utilizing an infrastructure that is accessible by the users over an Internet connection, the infrastructure including a plurality of POPs, each POP in the plurality including at least a forward proxy server for forwarding traffic from the IT devices to resource servers that are accessible on the Internet;
authenticating the users of the IT devices to the SCM service; and
redirecting a user to a co-located POP, a POP being co-located when a set of parameters is optimized including network latency compared with non-co-located POPs and localization of a user experience may be implemented.
2 Assignments
0 Petitions
Accused Products
Abstract
Secure content management is enabled as a cloud-based service through which security protection and policy enforcement may be implemented for both on-premise network users and roaming users. The global SCM service integrates the security functionalities—such as anti-virus, spyware, and phishing protection, firewall, intrusion detection, centralized management, and the like—that are typically provided by enterprise network SCM appliance hardware or servers into a cloud-based service that users reach via Internet-based points-of-presence (“POPs”). The POPs are configured with forward proxy servers, and in some implementations, caching and network acceleration components, and coupled to hubs which provide configuration management and identity management services such as active directory services.
-
Citations
20 Claims
-
1. A method for providing an SCM service to users of IT devices, the method comprising the steps of:
-
utilizing an infrastructure that is accessible by the users over an Internet connection, the infrastructure including a plurality of POPs, each POP in the plurality including at least a forward proxy server for forwarding traffic from the IT devices to resource servers that are accessible on the Internet; authenticating the users of the IT devices to the SCM service; and redirecting a user to a co-located POP, a POP being co-located when a set of parameters is optimized including network latency compared with non-co-located POPs and localization of a user experience may be implemented. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method of providing identity management in an SCM service, the method comprising the steps of:
-
utilizing an infrastructure to support the SCM service that is accessible by users over an Internet connection, the infrastructure including a plurality of POPs, each POP in the plurality including at least a forward proxy server for forwarding traffic from IT devices to resource servers that are accessible on the Internet, and further including a hub operatively coupled to one or more POPs, the hub providing i) configuration management for forward proxy servers, and ii) identity management; receiving authentication credentials associated with users of the IT devices; and performing authentication of a user seeking access to the SCM service in accordance with the received authentication credentials. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A method for authenticating users to an SCM service, the method comprising the steps of:
-
providing the SCM service using a cloud-based distributed infrastructure including a plurality of POPs, each POP including a forward proxy through which users access and interact with resources available via an Internet connection; and authenticating the users to the SCM service using pre-existing credentials supported by an identity metasystem. - View Dependent Claims (18, 19, 20)
-
Specification