SYSTEMS AND METHODS FOR SECURITY TOKEN MANAGEMENT SERVICE HOSTED IN APPLICATION SERVER

US 20130086141A1
Filed: 09/29/2011
Published: 04/04/2013
Est. Priority Date: 09/29/2011
Status: Active Grant

First Claim

Patent Images

1. A method of managing access to token services, comprising:

receiving a request for at least one token service from a requesting service supporting a set of clients;

validating the request for the at least one token service;

identifying a corresponding token provider for the at least one token service via a security token management service;

acquiring at least one token from a corresponding token provider associated with the at least one token service; and

deploying the at least one token service to the requesting service.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for a security token management service hosted in an application server. A set of services and/or associated applications can be served from an application server to one or more clients. The set of services may require one or more token services in order to deliver their intended functionalities, so that for instance an email client may require the use and presentation of a token or other object incorporating user ID, password, or other authentication information for the user to access and retrieve their email messages. Different served applications and/or services may require the installation of various different token types or services, conventionally requiring manually configuration. A centralized security token management service can be installed and configured in the application server itself, which interfaces to requesting services and automatically locates and acquires diverse token types and/or associated token services to support served applications or services.

Citations

20 Claims

1. A method of managing access to token services, comprising:
- receiving a request for at least one token service from a requesting service supporting a set of clients;
  
  validating the request for the at least one token service;
  
  identifying a corresponding token provider for the at least one token service via a security token management service;
  
  acquiring at least one token from a corresponding token provider associated with the at least one token service; and
  
  deploying the at least one token service to the requesting service.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein the requesting service comprises at least one application served from an application server to a client in the set of clients.
  - 3. The method of claim 2, wherein the at least one application comprises at least one of a messaging application, an email application, a media application, a database application, a social networking application, or an e-commerce application.
  - 4. The method of claim 3, wherein the security token management service is hosted in the application server.
  - 5. The method of claim 1, wherein the at least one token comprises at least one of a Kerberos token, a SAML (security assertion markup language) assertion, a WS (web services) trust claim, an Open ID token, or a custom token.
  - 6. The method of claim 1, further comprising serving the requesting service to at least one client in the set of clients via a network.
  - 7. The method of claim 6, further comprising monitoring the usage history of the at least one token service by the set of clients.
  - 8. The method of claim 7, further comprising at least one of updating or terminating the at least one token service based on the usage history.
  - 9. The method of claim 1, wherein the request for at least one token service comprises a request for a plurality of token services.
  - 10. The method of claim 1, wherein the corresponding token provider is selected from a plurality of token providers registered with the security token management service.

11. A system for managing access to token services, comprising:
- an interface to a set of clients; and
  
  a processor, communicating with the set of clients via the interface, the processor being configured to—
  
  receive a request for at least one token service from a requesting service supporting the set of clients,validate the request for the at least one token service,identify a corresponding token provider for the at least one token service via a security token management service,acquire at least one token from a corresponding token provider associated with the at least one token service, anddeploy the at least one token service to the requesting service.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The system of claim 11, wherein the requesting service comprises at least one application served from an application server to a client in the set of clients.
  - 13. The system of claim 12, wherein the at least one application comprises at least one of a messaging application, an email application, a media application, a database application, a social networking application, or an e-commerce application.
  - 14. The system of claim 13, wherein the security token management service is hosted in the application server.
  - 15. The system of claim 11, wherein the at least one token comprises at least one of a Kerberos token, a SAML (security assertion markup language) assertion, a WS (web services) trust claim, an Open ID token, or a custom token.
  - 16. The system of claim 11, wherein the processor is further configured to serve the requesting service to at least one client in the set of clients via a network.
  - 17. The method of claim 16, wherein the processor is further configured to monitor the usage history of the at least one token service by the set of clients.
  - 18. The method of claim 17, wherein the processor is further configured to perform at least one of updating or terminating the at least one token service based on the usage history.
  - 19. The system of claim 11, wherein the request for at least one token service comprises a request for a plurality of token services.
  - 20. The system of claim 11, wherein the corresponding token provider is selected from a plurality of token providers registered with the security token management service.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Red Hat, Inc. (International Business Machines Corporation)
Original Assignee
Red Hat, Inc. (International Business Machines Corporation)
Inventors
Saldhana, Anil

Granted Patent

US 9,407,626 B2
Time in Patent Office

Days
Field of Search
US Class Current

709/203
CPC Class Codes

G06F 21/335   for accessing specific reso...

G06F 2221/2119   Authenticating web pages, e...

H04L 63/0815   providing single-sign-on or...

SYSTEMS AND METHODS FOR SECURITY TOKEN MANAGEMENT SERVICE HOSTED IN APPLICATION SERVER

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEMS AND METHODS FOR SECURITY TOKEN MANAGEMENT SERVICE HOSTED IN APPLICATION SERVER

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links