SINGLE SIGN ON FOR CLOUD

US 20140013409A1
Filed: 07/06/2012
Published: 01/09/2014
Est. Priority Date: 07/06/2012
Status: Abandoned Application

First Claim

Patent Images

1. A system for single sign on to a cloud, the system comprising:

a cloud service provider comprising;

a consumer unit that provides an interface for a user to connect to the cloud service provider; and

a portal that provides a cloud service to the user, the portal comprising a first authentication system that issues a security token request, and the first authentication system is connected to the consumer unit; and

a tenant comprising;

the user; and

a second authentication system that signs the security token request, whereinthe consumer unit is adapted to communicate with the first authentication system using a first protocol and adapted to communicate with the second authentication system using a second protocol.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for single sign on to a cloud. The system includes a cloud service provider and a tenant. The cloud service provider has a consumer unit and a portal. The consumer unit provides an interface for a user to connect to the cloud service provider. The portal providing a cloud service to the user, the portal has a first authentication system that issues a security token request and that is connected to the consumer unit. The tenant includes the user and a second authentication system. The second authentication system signs the security token request. The consumer unit is adapted to communicate with the first authentication system using a first protocol and adapted to communicate with the second authentication system using a second protocol.

Citations

20 Claims

1. A system for single sign on to a cloud, the system comprising:
- a cloud service provider comprising;
  
  a consumer unit that provides an interface for a user to connect to the cloud service provider; and
  
  a portal that provides a cloud service to the user, the portal comprising a first authentication system that issues a security token request, and the first authentication system is connected to the consumer unit; and
  
  a tenant comprising;
  
  the user; and
  
  a second authentication system that signs the security token request, whereinthe consumer unit is adapted to communicate with the first authentication system using a first protocol and adapted to communicate with the second authentication system using a second protocol.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The system according to claim 1, wherein the consumer unit is adapted to request the cloud service from the portal based on a request for the cloud service from the user.
  - 3. The system according to claim 1, whereinthe consumer unit is adapted to translate a security token request in the first protocol to a security token request in the second protocol;
    - andthe consumer unit is adapted to translate a signed security token in the second protocol to a signed security token in the first protocol.
  - 4. The system according to claim 3, whereinthe consumer unit is adapted to receive the security token request in the first protocol from the first authentication system based on a request for the cloud service from the user;
    - andthe consumer unit is adapted to send the security token request in the second protocol to the second authentication system.
  - 5. The system according to claim 1, the portal comprising a plurality of portlets, and the portal adapted to assign the user to a one of the plurality of portlets to provide the cloud service.
  - 6. The system according to claim 1, wherein the second authentication system is adapted to authenticate the user.

7. A system for single sign on to a cloud, the system comprising:
- a cloud service provider comprising;
  
  a consumer unit that provides an interface for a user to connect to the cloud service provider;
  
  a portal that provides a cloud service to the user, the portal comprising a first authentication system connected to the consumer unit; and
  
  a second authentication system connected to the consumer unit; and
  
  a tenant comprising;
  
  the user; and
  
  a third authentication system connected to the user,wherein the consumer unit is adapted to communicate with the first authentication system using a first protocol and adapted to communicate with the second authentication system using a second protocol; and
  
  wherein the second authentication system is federated with the third authentication system.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The system according to claim 7, wherein the consumer unit is adapted to request the cloud service from the portal based on a request for the cloud service from the user.
  - 9. The system according to claim 7, whereinthe consumer unit is adapted to translate a security token request in the first protocol to a security token request in the second protocol;
    - andthe consumer unit is adapted to translate a signed security token in the second protocol to a signed security token in the first protocol.
  - 10. The system according to claim 9, whereinthe consumer unit is adapted to receive the security token request in the first protocol from the first authentication system based on a request for the cloud service from the user;
    - andthe consumer unit is adapted to send the security token request in the second protocol to the second authentication system.
  - 11. The system according to claim 7, the portal comprising a plurality of portlets, and the portal adapted to assign the user to a one of the portlets to provide the cloud service.
  - 12. The system according to claim 7, wherein the third authentication system is adapted to authenticate the user.

13. A method for single sign on to a cloud system, the method comprising:
- receiving, by a consumer unit of a cloud provider, a request from a user for a cloud service;
  
  requesting, by the consumer unit, a portal to provide access to the cloud service based on the request from the user;
  
  requesting, by a first authentication system of the portal, a security token from the consumer unit using a first protocol, the request by the first authentication system based on the request by the consumer unit;
  
  translating, by the consumer unit, the security token request from the first protocol to a second protocol;
  
  requesting, by the consumer unit, a second authentication system to sign the requested security token using the second protocol;
  
  receiving, by the consumer unit, the signed security token;
  
  translating, by the consumer unit, the signed security token from the second protocol to the first protocol;
  
  sending, by the consumer unit, the signed security token to the portal using the first protocol; and
  
  providing, by the portal, the cloud service to the user based on the signed security token.
- View Dependent Claims (14, 15, 16)
- - 14. The method of claim 13, wherein the second authentication system is an authentication system of a tenant of the user that authenticated the user.
  - 15. The method of claim 13, wherein the second authentication system is an authentication system of the cloud provider and the second authentication system is federated with an authentication system of a tenant of the user that authenticated the user.
  - 16. The method of claim 13, wherein if the signed security token is not valid then the user is denied access to the cloud service.

17. A machine-readable tangible and non-transitory medium with information recorded thereon, wherein the information, when read by a machine, causes the machine to perform the following steps:
- receive, by a consumer unit of a cloud provider, a request from a user for a cloud service;
  
  request, by the consumer unit of the cloud provider, a portal to provide access to the cloud service based on the request by the user;
  
  request, by a first authentication system of the portal, a security token from the consumer unit using a first protocol based on the request from the consumer unit;
  
  translate, by the consumer unit, the security token request from the first protocol to a second protocol;
  
  request, by the consumer unit, a second authentication system to sign the requested security token using the second protocol;
  
  translate, by the consumer unit, the signed security token from the second protocol to the first protocol;
  
  send, by the consumer unit, the signed security token to the portal using the first protocol; and
  
  provide, by the portal, the cloud service to the user based on the signed security token.
- View Dependent Claims (18, 19, 20)
- - 18. The machine-readable medium of claim 17, wherein the second authentication system is an authentication system of a tenant of the user that authenticated the user.
  - 19. The machine-readable medium of claim 17, wherein the second authentication system is an authentication system of the cloud provider and the second authentication system is federated with an authentication system of a tenant of the user that authenticated the user.
  - 20. The machine-readable medium of claim 17, wherein if the signed security token is not valid then the user is denied access to the cloud service.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Unisys Corporation
Original Assignee
Unisys Corporation
Inventors
Halageri, Milind I.

Application Number

US13/542,953
Publication Number

US 20140013409A1
Time in Patent Office

Days
Field of Search
US Class Current

726/8
CPC Class Codes

H04L 63/0815 providing single-sign-on or...

SINGLE SIGN ON FOR CLOUD

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SINGLE SIGN ON FOR CLOUD

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links