CENTRALIZED PLUGGABLE AUTHENTICATION AND AUTHORIZATION

US 20160234196A1
Filed: 06/17/2015
Published: 08/11/2016
Est. Priority Date: 02/11/2015
Status: Active Grant

First Claim

Patent Images

1. A method comprising, by a first computing device of an infrastructure:

receiving a request from a second computing device to access a first entity of the infrastructure, the second computing device being coupled to the first computing device, wherein the request comprises a first ticket previously assigned by the first computing device, and wherein the first ticket authenticates and authorizes the second computing device for access to at least a second entity of the infrastructure;

determining an eligibility of the second computing device to access at least the first entity of the infrastructure based at least on the first ticket and the first entity; and

if the second computing device is determined to be eligible to access the first entity, assigning a second ticket to the second computing device responsive to the received request, wherein the second ticket authenticates and authorizes the second computing device for access to at least the first entity of the infrastructure.

View all claims

14 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In particular embodiments, a first computing device may receive a request from a second computing device to access a first entity of an infrastructure, the second computing device being coupled to the first computing device, then determining an eligibility of the second computing device to access as least the first entity of the infrastructure, and if the second computing device is determined to be eligible to access the first entity, then assigning a second ticket to the second computing device responsive to the received request.

Citations

20 Claims

1. A method comprising, by a first computing device of an infrastructure:
- receiving a request from a second computing device to access a first entity of the infrastructure, the second computing device being coupled to the first computing device, wherein the request comprises a first ticket previously assigned by the first computing device, and wherein the first ticket authenticates and authorizes the second computing device for access to at least a second entity of the infrastructure;
  
  determining an eligibility of the second computing device to access at least the first entity of the infrastructure based at least on the first ticket and the first entity; and
  
  if the second computing device is determined to be eligible to access the first entity, assigning a second ticket to the second computing device responsive to the received request, wherein the second ticket authenticates and authorizes the second computing device for access to at least the first entity of the infrastructure.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein the first computing device comprises a third-party pluggable authentication and authorization (PAA) ticket server.
  - 3. The method of claim 1, wherein assigning the second ticket to the second computing device comprises:
    - nullifying the first ticket previously assigned by the first computing device; and
      
      sending the second ticket to the second computing device.
  - 4. The method of claim 1, wherein an entity comprises one or more of a computing device, a data, or software.
  - 5. The method of claim 1, wherein the infrastructure comprises an enterprise infrastructure.
  - 6. The method of claim 1, wherein the first computing device is associated with a third-party encryption service, and wherein accessibility of the second computing device to pre-determined entities of the infrastructure is provided by the third-party encryption service.
  - 7. The method of claim 6, wherein the assigned second ticket comprises one or more keys for the second computing device to access at least the first entity of the infrastructure, the first entity being associated with the pre-determined entities of the infrastructure.
  - 8. The method of claim 1, wherein determining the eligibility of the second computing device to access at least the first entity of the infrastructure comprises determining an eligibility of a user of the second computing device to access at least the first entity of the infrastructure.
  - 9. The method of claim 1, wherein the second entity comprises a remote desktop gateway of the infrastructure.
  - 10. The method of claim 1, wherein the access to the first entity comprises a modification to the first entity.

11. One or more computer-readable non-transitory storage media embodying logic that is operable when executed to:
- by a first computing device of an infrastructure;
  
  receiving a request from a second computing device to access a first entity of the infrastructure, the second computing device being coupled to the first computing device, wherein the request comprises a first ticket previously assigned by the first computing device, and wherein the first ticket authenticates and authorizes the second computing device for access to at least a second entity of the infrastructure;
  
  determining an eligibility of the second computing device to access at least the first entity of the infrastructure based at least on the first ticket and the first entity; and
  
  if the second computing device is determined to be eligible to access the first entity, assigning a second ticket to the second computing device responsive to the received request, wherein the second ticket authenticates and authorizes the second computing device for access to at least the first entity of the infrastructure.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The media of claim 11, wherein the first computing device comprises a third-party pluggable authentication and authorization (PAA) ticket server.
  - 13. The media of claim 11, wherein the first computing device is associated with a third-party encryption service, and wherein accessibility of the second computing device to pre-determined entities of the infrastructure is provided by the third-party encryption service.
  - 14. The media of claim 13, wherein the assigned second ticket comprises one or more keys for the second computing device to access at least the first entity of the infrastructure, the first entity being associated with the pre-determined entities of the infrastructure.
  - 15. The media of claim 11, wherein the second entity comprises a remote desktop gateway of the infrastructure.

16. An information handling system comprising:
- one or more processors; and
  
  a memory coupled to the processors comprising instructions executable by the processors, the processors being operable when executing the instructions to;
  
  by a first computing device of an infrastructure;
  
  receiving a request from a second computing device to access a first entity of the infrastructure, the second computing device being coupled to the first computing device, wherein the request comprises a first ticket previously assigned by the first computing device, and wherein the first ticket authenticates and authorizes the second computing device for access to at least a second entity of the infrastructure;
  
  determining an eligibility of the second computing device to access at least the first entity of the infrastructure based at least on the first ticket and the first entity; and
  
  if the second computing device is determined to be eligible to access the first entity, assigning a second ticket to the second computing device responsive to the received request, wherein the second ticket authenticates and authorizes the second computing device for access to at least the first entity of the infrastructure.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The information handling system of claim 16, wherein the first computing device comprises a third-party pluggable authentication and authorization (PAA) ticket server.
  - 18. The information handling system of claim 16, wherein the first computing device is associated with a third-party encryption service, and wherein accessibility of the second computing device to pre-determined entities of the infrastructure is provided by the third-party encryption service.
  - 19. The information handling system of claim 18, wherein the assigned second ticket comprises one or more keys for the second computing device to access at least the first entity of the infrastructure, the first entity being associated with the pre-determined entities of the infrastructure.
  - 20. The information handling system of claim 16, wherein the second entity comprises a remote desktop gateway of the infrastructure.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Dell Products LP (Dell Technologies Inc.)
Original Assignee
Dell Products LP (Dell Technologies Inc.)
Inventors
Fausak, Andrew T., Rombakh, Oleg

Granted Patent

US 9,935,789 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 12/4641   Virtual LANs, VLANs, e.g. v...

H04L 12/4679   Arrangements for the regist...

H04L 63/0272   Virtual private networks

H04L 63/08   for authentication of entit...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/10   for controlling access to d...

H04L 63/102   Entity profiles

H04L 67/01   Protocols

H04L 67/025   for remote control or remot...

H04L 67/08   specially adapted for termi...

H04L 67/1001   for accessing one among a p...

H04L 67/131   Protocols for games, networ...

H04L 67/141   Setup of application sessio...

H04L 67/142   Managing session states for...

H04L 67/148   Migration or transfer of se...

H04L 67/563   Data redirection of data ne...

H04L 69/04   Protocols for data compress...

H04L 69/14   Multichannel or multilink p...

H04L 9/3213   using tickets or tokens, e....

Y02D 30/50   in wire-line communication ...

CENTRALIZED PLUGGABLE AUTHENTICATION AND AUTHORIZATION

First Claim

14 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

CENTRALIZED PLUGGABLE AUTHENTICATION AND AUTHORIZATION

First Claim

14 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links