User Authentication Based on Network Context
First Claim
1. A method, comprising:
- receiving, in response to a request transmitted from a computing device to access a computing solution, a command to authenticate a user of the computing device;
determining, in response to receiving the command, whether a network address corresponding to the request matches at least one network address associated with a protected network;
initiating, in response to the network address corresponding to the request not matching the at least one network address associated with the protected network, authentication of the user at an identity provider corresponding to the computing solution; and
delegating, in response to the network address corresponding to the request matching the at least one network address associated with the protected network, the authentication of the user to an identity management system located within the protected network.
2 Assignments
0 Petitions
Accused Products
Abstract
Example systems and methods of user authentication based on network context are presented. In one example, a command to authenticate a user of a computing device is received in response to a request transmitted from the computing device to access a computing solution. In response to the command, a determination is made whether a network address corresponding to the request matches at least one network address associated with a protected network. Based on the network address corresponding to the request not matching the at least one network address associated with the protected network, authentication of the user is initiated at an identity provider corresponding to the computing solution. Otherwise, based on the network address corresponding to the request matching the at least one network address associated with the protected network, authentication of the user is delegated to an identity management system located within the protected network.
-
Citations
20 Claims
-
1. A method, comprising:
-
receiving, in response to a request transmitted from a computing device to access a computing solution, a command to authenticate a user of the computing device; determining, in response to receiving the command, whether a network address corresponding to the request matches at least one network address associated with a protected network; initiating, in response to the network address corresponding to the request not matching the at least one network address associated with the protected network, authentication of the user at an identity provider corresponding to the computing solution; and delegating, in response to the network address corresponding to the request matching the at least one network address associated with the protected network, the authentication of the user to an identity management system located within the protected network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system comprising:
-
at least one processor; and memory comprising modules including instructions that are to be executed by the at least one processor, the modules comprising; a user location determination module configured to; receive, in response to a request transmitted from a computing device to access a computing solution, a command to authenticate a user of the computing device; and determine, in response to receiving the command, whether a network address corresponding to the request matches at least one network address associated with a protected network; an authentication module configured to authenticate the user in response to the network address corresponding to the request not matching the at least one network address associated with the protected network; and a delegation module configured to delegate, in response to the network address corresponding to the request matching the at least one network address associated with the protected network, the authentication of the user to an identity management system located within the protected network. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A non-transitory computer-readable storage medium including instructions that, when executed by at least one processor of a machine, cause the machine to perform operations comprising:
-
receiving, from a computing solution in response to a request transmitted from a computing device to access the computing solution, a command to authenticate a user of the computing device, the command including a network address of a communication device from which the request was received at the computing solution; determining whether the network address corresponding to the request matches at least one network address associated with a protected network; initiating, in response to the network address corresponding to the request not matching the at least one network address associated with the protected network, authentication of the user via an identity provider corresponding to the computing solution; and in response to the network address corresponding to the request matching the at least one network address associated with the protected network, delegating the authentication of the user to an identity management system located within the protected network.
-
Specification