Method and system for providing cross-platform access to an internet user in a heterogeneous network environment
First Claim
1. A system for providing cross-platform access to Internet users of a heterogeneous grouping of computers, comprising:
- a plurality of heterogeneous computer systems, comprising a first computer system with a first operating system and a second computer system with a second operating system, the first computer system including a first Internet user identity specific to the first operating system, the second computer system including a second Internet user identity specific to the second operating system; and
an enterprise directory service, the enterprise directory service being shared by the plurality of computer systems, the enterprise directory including at least one enterprise role defined independently of any specific operating system, the at least one enterprise role being associated with the first and second Internet user identities, wherein the first Internet user identity can he mapped to the at least one enterprise role and the at least one enterprise role can he mapped to the second Internet user identity, such that the first computer system can access the second computer system with authorities of the second Internet user identity.
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention provides a method and system for providing cross-platform access to Internet users of a heterogeneous grouping of computers. In a system aspect, the system includes a plurality of heterogeneous computer systems, at least one of the plurality of computer systems including an Internet user identity; and an enterprise directory service, the enterprise directory service being shared by the plurality of computer systems, the enterprise directory including at least one enterprise role which is associated with the Internet user identity, the at least one enterprise role capable of being used to access the plurality of computer systems independently of any specific operating system user identification. By allowing enterprise roles to be defined independently of any specific operating system user identification, flexibility is injected into the network configuration and Internet user aggravation is reduced. Enterprise roles may also be provided in the context of enterprise groups, allowing access to systems in the network by Internet users to be more readily controlled.
64 Citations
15 Claims
-
1. A system for providing cross-platform access to Internet users of a heterogeneous grouping of computers, comprising:
-
a plurality of heterogeneous computer systems, comprising a first computer system with a first operating system and a second computer system with a second operating system, the first computer system including a first Internet user identity specific to the first operating system, the second computer system including a second Internet user identity specific to the second operating system; and
an enterprise directory service, the enterprise directory service being shared by the plurality of computer systems, the enterprise directory including at least one enterprise role defined independently of any specific operating system, the at least one enterprise role being associated with the first and second Internet user identities, wherein the first Internet user identity can he mapped to the at least one enterprise role and the at least one enterprise role can he mapped to the second Internet user identity, such that the first computer system can access the second computer system with authorities of the second Internet user identity. - View Dependent Claims (2, 3, 4, 5)
wherein the second ePDA comprises at least one of a second plurality of API for creating and deleting thee second Internet user identity in the container and mapping between the second Internet user identity and the at least one enterprise role. -
4. The system of claim 1, wherein the enterprise directory service further comprises a container, the container comprising the at least one enterprise role.
-
5. The system of claim 1, wherein the enterprise directory service further comprises an enterprise administrator, the enterprise administrator capable of performing at least one of the following functions:
-
defining one or more enterprise roles;
creating a container, the container comprising the enterprise roles; and
creating an identity for an eDSA for each of the plurality of computer systems.
-
-
-
6. A method for providing cross-platform access to Internet users of a heterogeneous grouping of computers, the menthod comprising:
-
(a) administering a first of a plurality of computer systems operating under a first operating system platform through a first eDSA, the first computer system including a first Internet user identity specific to the first operating system platform;
(b) administering a second of a plurality of computer systems operating under a second operating system platform through a second eDSA, the second computer system including a second Internet user identity specific to the second operating system platform; and
(c) configuring an enterprise directory service to be shared by the first and the second computer systems, the enterprise directory service including at least one enterprise role defined independently of any specific operating system, the at least one enterprise role being associated with the first and second Internet user identities;
(d) invoking a request by the first Internet user identity to he serviced on the second computer system;
(e) mapping the first Internet user identity to the at least one enterprise role by the first eDSA;
(f) mapping the at least one enterprise role to the second Internet user identity by the second eDSA; and
(g) servicing the request by the second computer system, the servicing being authorized based upon the second Internet user identity. - View Dependent Claims (7, 8, 9)
(c1) creating a container in the enterprise directory service, the container comprising the at least one enterprise role; and
(c2) creating an enterprise administrator.
-
-
8. The method of claim 7, wherein the enterprise administrator is capable of performing at least one of the following functions:
-
defining one or more enterprise roles;
creating a container, the container comprising the one or more enterprise roles; and
creating identities for the first and the second eDSAs.
-
-
9. The method of claim 6, wherein the invoking step (d) comprises:
-
(d1) invoking the request by the first Internet user identity on the first computer system to be serviced on the second computer system;
(d2) determining by the first eDSA that the first Internet user identity is associated with the at least one enterprise role;
(d3) packaging the request by the first eDSA as being invoked by the at least one enterprise role; and
(d4) forwarding the packaged request to the second computer system.
-
-
10. A computer readable medium with program instructions for enabling cross-platform access to Internet users of a heterogeneous grouping of computers, comprising the instructions for:
-
(a) administering a first of a plurality of computer systems operating under a first operating system platform through a first eDSA, the first computer system including a first Internet user identity specific to the first operating system platform;
(b) administering a second of a plurality of computer systems operating under a second operating system platform through a second eDSA, the second computer system including a second Internet user identity specific to the second operating system platform; and
(c) configuring an enterprise directory service to be shared by the first and the second computer systems, the enterprise directory service including at least one enterprise role defined independently of by a specific operating system, the at least one enterprise role being associated with the first and second Internet user identifies;
(d) invoking a request by the first Internet user identity to be serviced on the second computer system;
(e) mapping the first Internet user identity to the at least one enterprise role by the first eDSA;
(f) mapping the at left one enterprise role to the second Internet user identity by the second eDSA;
(g) servicing the request by the second computer system the servicing being authorized based upon the second Internet user identity. - View Dependent Claims (11, 12, 13)
(c1) creating a container in the enterprise directory service, the container comprising the at least one enterprise role; and
(c2) creating an enterprise administrator.
-
-
12. The medium of claim 11, wherein the enterprise administrator is capable of performing at least one of the following functions:
-
defining one or more enterprise roles;
creating a container, the container comprising the one or more enterprise roles; and
creating identities for the first and the second eDSAs.
-
-
13. The medium of claim 10, wherein the invoking instruction (d) comprises instructions for:
-
(d1) invoking the request by the first Internet user identity on the first computer system to be serviced on the second computer system;
(d2) determining by the first eDSA that the first Internet user identity is associated with the at least one enterprise role;
(d3) packaging the request by the first eDSA as being invoked by the at least one enterprise role; and
(d4) forwarding the packaged request to the second computer system.
-
-
14. A method for enabling cross-platform access to Internet users of a heterogeneous grouping of computers, the method comprising:
-
(a) invoking a request by a first Internet user identity Specific to a first operating system on a first of a plurality of computer systems to be serviced on a second of the plurality of computer systems;
(b) determining by a first eDSA on the first computer system that the first Internet user identity is associated with an enterprise role, the enterprise role being defined independently of any specific operating system in an enterprise directory service shared by the first and the second computer systems;
(c) packaging the request by the first eDSA as being invoked by the enterprise role;
(d) forwarding the packaged request to the second computer system;
(e) determining by a second eDSA on the second computer system that the enterprise role is associated with a second Internet user identity specific to a second operating system on the second computer system; and
(f) servicing the packaged request by the second computer system, the servicing being authorized based upon the second Internet user identity.
-
-
15. A computer readable medium with program instructions for enabling cross-platform access to Internet users of a heterogeneous grouping of computers, comprising the instructions for:
-
(a) invoking a request by a first Internet user identity specific to a first operating system on a first of a plurality of computer systems to be serviced on a second of the plurality of computer systems;
(b) determining by a first eDSA on the first computer system that the first Internet user identity is associated with an enterprise role, the enterprise role being defined independently of any specific operating system in an enterprise directory service shared by the first and the second computer systems;
(c) packaging the request by the first eDSA as being invoked by the enterprise role;
(d) forwarding the packaged request to the second computer system;
(e) determining by a second eDSA on the second computer system that the enterprise role is associated with second Internet user identity specific to second operating system on the second computer system; and
(f) servicing the packaged request by the second computer system, the servicing being authorized based upon the second Internet user identity.
-
Specification