WHITELIST CONSTRUCTION

US 20170118167A1
Filed: 08/26/2016
Published: 04/27/2017
Est. Priority Date: 10/22/2015
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, by a computing system executing an access manager application, a request to log out a user from an application executing on a device;

determining, by the access manager application, a redirection address for the application;

validating, by the access manager application, the redirection address; and

based on the validation, causing, by the access manager application, the application to perform one of redirecting the user to the redirection address and determining whether to add the redirection address to a list of valid redirection addresses.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques are provided for of constructing a whitelist of redirection uniform resource locators (URLs). A method can include receiving, by a computing system executing an access manager application, a request to log out a user from an application executing on a device; determining, by the access manager application, a redirection address for the application; validating, by the access manager application, the redirection address; and based on the validation, causing, by the access manager application, the application to perform one of redirecting the user to the redirection address and determining addition of the redirection address to a list of valid redirection addresses.

Citations

20 Claims

1. A method comprising:
- receiving, by a computing system executing an access manager application, a request to log out a user from an application executing on a device;
  
  determining, by the access manager application, a redirection address for the application;
  
  validating, by the access manager application, the redirection address; and
  
  based on the validation, causing, by the access manager application, the application to perform one of redirecting the user to the redirection address and determining whether to add the redirection address to a list of valid redirection addresses.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method according to claim 1, wherein the application redirects the user to the redirection address in response to the redirection address being on the list of valid redirection addresses.
  - 3. The method according to claim 2, wherein the list of valid redirection addresses comprises one or more approved redirection addresses.
  - 4. The method according to claim 2, wherein the list of valid redirection addresses comprises one of a machine-learned address based on learned previous activity and a user-based address that is based on a user activity.
  - 5. The method according to claim 1, wherein the determining the addition of the redirection address to the list of valid redirection addresses comprises:
    - determining that the redirection address corresponds to a predetermined event; and
      
      in response to the determining that the redirection address corresponds to the predetermined event, adding the redirection address to the list of valid redirection addresses.
  - 6. The method according to claim 5, wherein the predetermined event comprises one of application registration during which the application is registered with the access manager application, product integration during which one or more products are added to operate with the access manager application, and log-in page addition in which a new log-in page for the application is added.
  - 7. The method according to claim 1, wherein the determining the addition of the redirection address to the list of valid redirection addresses comprises:
    - determining that the redirection address corresponds to a predetermined user action; and
      
      in response to the determining that the redirection address corresponds to the predetermined user action, adding the redirection address to the list of valid redirected addresses.
  - 8. The method according to claim 7, wherein the predetermined user action comprises user confirmation of the redirection address.
  - 9. The method according to claim 1, wherein the list of valid redirection addresses comprises at least one of a system-level list that applies to users of the access management system and a user-level list that applies to particular users of the access management system.
  - 10. The method according to claim 9, wherein the system-level list comprises end URLs that are applicable to all access management system users.
  - 11. The method according to claim 9, wherein the user-level list comprises one or more end URLs that are applicable to a particular access management system user.
  - 12. The method according to claim 1, wherein the redirection address is a Uniform Resource Locator (URL).
  - 13. The method according to claim 1, wherein the redirection address comprises a logout Uniform Resource Locator (URL) and an end URL.

14. A non-transitory computer-readable storage medium storing a plurality of instructions executable by one or more processors to cause the one or more processors to perform operations, comprising:
- receiving, by a computing system executing an access manager application, a request to log out a user from an application executing on a device;
  
  determining, by the access manager application, a redirection address for the application;
  
  validating, by the access manager application, the redirection address; and
  
  based on the validation, causing, by the access manager application, the application to perform one of redirecting the user to the redirection address, and determining addition of the redirection address to a list of valid redirection addresses.
- View Dependent Claims (15, 16, 17)
- - 15. The computer-readable storage medium according to claim 14, wherein the application redirects the user to the redirection address in response to the redirection address being on the list of valid redirection addresses.
  - 16. The computer-readable storage medium according to claim 15, wherein the list of valid redirection addresses comprises one or more approved redirection addresses.
  - 17. The method according to claim 15, wherein the list of valid redirection addresses comprises one of a machine-learned address based on learned previous activity and a user-based address that is based on a user activity.

18. A system comprising:
- a memory; and
  
  one or more processors coupled to the memory and configured to;
  
  receive, by a computing system executing an access manager application, a request to log out a user from an application executing on a device;
  
  determine, by the access manager application, a redirection address from the application;
  
  determine, by the access manager application, validity of the redirection address; and
  
  based on the validation, cause, by the access manager application, the application to perform one of redirecting the user to the redirection address, and determining addition of the redirection address to a list of valid redirection addresses.
- View Dependent Claims (19, 20)
- - 19. The computer-readable storage medium according to claim 18, wherein the application redirects the user to the redirection address in response to the redirection address being on the list of valid redirection addresses.
  - 20. The computer-readable storage medium according to claim 18, wherein the list of valid redirection addresses comprises at least one of a system-level list that applies to users of the access management system and a user-level list that applies to particular users of the access management system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Oracle International Corporation (Oracle Corporation)
Inventors
Subramanya, Ramya, Martin, Madhu, Uppalapati, Venkatesh

Granted Patent

US 10,643,149 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 16/958   Organisation or management ...

G06N 20/00   Machine learning

H04L 2101/35   containing special prefixes

H04L 41/0806   for initial configuration o...

H04L 41/0895   Configuration of virtualise...

H04L 41/40   using virtualisation of net...

H04L 43/0876   Network utilisation, e.g. v...

H04L 43/20   the monitoring system or th...

H04L 63/0815   providing single-sign-on or...

H04L 63/101   Access control lists [ACL]

H04L 63/20   for managing network securi...

WHITELIST CONSTRUCTION

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

WHITELIST CONSTRUCTION

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links