SYSTEM AND METHOD FOR ACCESSING INTEGRATED APPLICATIONS IN A SINGLE SIGN-ON ENABLED ENTERPRISE SOLUTION
First Claim
1. A method for performing access management to facilitate a user to access one or more applications in a single sign-on enabled enterprise solution, the method comprising the steps of:
- performing data transaction between a server and a client for authenticating the user, wherein the data transaction comprises;
transmitting a challenge token and a response token between the server and the client, wherein the challenge token and the response token comprises one-way hashed data; and
verifying the response token at the server and at the client using the one-way hashed data;
andperforming data transaction between the server and the client for authorizing the user to access one or more applications, wherein the data transaction comprises;
transmitting a request for service token between the server and the client, wherein the request for service token is encrypted at the client and decrypted at the server using a unique session key negotiated between the server and client;
transmitting a service token between the server and the client, wherein the service token is encrypted and decrypted at the server using a secret key to verify the service token; and
rendering the requested one or more applications on a user interface of the client based on the verification.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for performing access management to facilitate a user to access applications in a single sign-on enabled enterprise solution is provided. A challenge token and a response token are transmitted between a server and a client. The challenge token and response token comprises one-way hashed data. The response token is verified at the server and the client to authenticate the user. Further, a request for service token is transmitted between the server and the client. The request for service token is encrypted at the client and decrypted at the server using a unique session key negotiated between the server and client. A service token is generated and transmitted between the server and the client. The service token is encrypted and decrypted at the server using a secret key to verify the service token. Based on the verification, the requested applications are rendered on client based user interface.
41 Citations
16 Claims
-
1. A method for performing access management to facilitate a user to access one or more applications in a single sign-on enabled enterprise solution, the method comprising the steps of:
-
performing data transaction between a server and a client for authenticating the user, wherein the data transaction comprises; transmitting a challenge token and a response token between the server and the client, wherein the challenge token and the response token comprises one-way hashed data; and verifying the response token at the server and at the client using the one-way hashed data; and performing data transaction between the server and the client for authorizing the user to access one or more applications, wherein the data transaction comprises; transmitting a request for service token between the server and the client, wherein the request for service token is encrypted at the client and decrypted at the server using a unique session key negotiated between the server and client; transmitting a service token between the server and the client, wherein the service token is encrypted and decrypted at the server using a secret key to verify the service token; and rendering the requested one or more applications on a user interface of the client based on the verification. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system for performing access management to facilitate a user to access one or more applications in a single sign-on (SSO) enabled enterprise solution, the system comprising:
-
an authentication and authorization module configured to enable the user to access one or more applications via a unified web-based user interface during a user'"'"'s login session, wherein the authentication is challenge-response based user authentication and authorization is token-based authorization; a feature switching module configured to facilitate the user to switch between one or more features provided in the web-based user interface during the user'"'"'s login session; and a context switching module, configured to facilitate one application to access one or more data pertaining to another application during the user'"'"'s login session by invoking a script language instruction via the web-based user interface. - View Dependent Claims (9)
-
-
10. A computer program product for performing access management to facilitate a user to access one or more applications in a single sign-on enabled enterprise solution, the computer program product comprising:
-
program instruction code for performing data transaction between a server and a client for authenticating the user, wherein the data transaction comprises; transmitting a challenge token and a response token between the server and the client, wherein the challenge token and the response token comprises one-way hashed data; and verifying the response token at the server and at the client using the one-way hashed data; and program instruction code for performing data transaction between the server and the client for authorizing the user to access one or more applications, wherein the data transaction comprises; transmitting a request for service token between the server and the client, wherein the request for service token is encrypted at the client and decrypted at the server using a unique session key negotiated between the server and client; transmitting a service token between the server and the client, wherein the service token is encrypted and decrypted at the server using a secret key to verify the service token; and rendering the requested one or more applications on a user interface of the client based on the verification. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
Specification