Pluggable authentication modules for telecommunications management network
First Claim
1. A network management system comprising:
- a client-side authentication library deployed on one or more client computer systems, wherein the client-side authentication library comprises a client-side interface which is operable to retrieve and encrypt a user profile associated with a user, and wherein the client-side library is implemented in accordance with a platform-independent interface specification and implemented for one or more client platforms respectively corresponding to each of the one or more client computer systems; and
a server-side authentication library deployed on a server computer system coupled to the client computer system, wherein the server-side authentication library comprises a server-side interface which is operable to receive the encrypted user profile from the client-side authentication library and decrypt the user profile to authenticate the user for one or more network services, and wherein the server-side library is implemented in accordance with the platform-independent interface specification and implemented for a server platform corresponding to the server computer system.
2 Assignments
0 Petitions
Accused Products
Abstract
A system and method for authenticating users over a network. At least one pluggable authentication module (PAM) is used to authenticate users of network services. Each PAM includes a client-side authentication library and a server-side authentication library which may each be implemented in accordance with a specification expressed in an interface definition language (IDL), wherein the IDL is operable to define interfaces across a plurality of platforms and programming languages. The client-side authentication library is implemented for a particular client platform and deployed on the client computer system to provide a client-side interface to retrieve and encrypt a user profile. The server-side authentication library is implemented for a particular server platform and deployed on the server computer system to provide a server-side interface to receive the encrypted user profile from the client-side authentication library and decrypt the user profile to authenticate the user for network services. The client-side authentication library may be shared by a plurality of management applications and the server-side authentication library may be shared by a plurality of gateway components.
-
Citations
52 Claims
-
1. A network management system comprising:
-
a client-side authentication library deployed on one or more client computer systems, wherein the client-side authentication library comprises a client-side interface which is operable to retrieve and encrypt a user profile associated with a user, and wherein the client-side library is implemented in accordance with a platform-independent interface specification and implemented for one or more client platforms respectively corresponding to each of the one or more client computer systems; and
a server-side authentication library deployed on a server computer system coupled to the client computer system, wherein the server-side authentication library comprises a server-side interface which is operable to receive the encrypted user profile from the client-side authentication library and decrypt the user profile to authenticate the user for one or more network services, and wherein the server-side library is implemented in accordance with the platform-independent interface specification and implemented for a server platform corresponding to the server computer system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A network management system comprising:
-
a gateway which is coupled to one or more managers, wherein the gateway is configured to provide network management services to the one or more managers; and
one or more pluggable authentication modules which are operable to provide authentication of a manager based upon a user profile, wherein the user profile corresponds to a user of one of the managers, and wherein the one or more pluggable authentication modules are accessible by the gateway and the one or more managers through a platform-independent interface; and
wherein the gateway is configurable to authenticate the user to receive the network management services using the pluggable authentication modules through the platform-independent interface. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
-
18. A network management method comprising:
-
implementing a client-side authentication library for a client platform in accordance with a platform-independent interface specification, wherein the client platform corresponds to a client computer system;
installing the client-side authentication library on the client computer system;
implementing a server-side authentication library for a server platform in accordance with the platform-independent interface specification, wherein the server platform corresponds to a server computer system;
installing the server-side authentication library on the server computer system;
encrypting a user profile associated with a user via the client-side authentication library;
receiving the encrypted user profile from the client computer system via the client-side authentication library;
decrypting the user profile to authenticate the user for one or more network services via the server-side authentication library. - View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26)
-
-
27. A network management method comprising:
-
implementing one or more pluggable authentication modules;
a client manager application encrypting a user profile associated with a user of a client manager application via one of the pluggable authentication modules;
a gateway receiving the encrypted user profile from the client manager application;
the gateway decrypting the user profile to authenticate the user for one or more network services via the one of the pluggable authentication modules. - View Dependent Claims (28, 29, 30, 31, 32, 33, 34)
-
-
35. A carrier medium comprising program instructions for network management,
wherein the program instructions are computer-executable to perform: -
encrypting a user profile associated with a user via a client-side authentication library, wherein the client-side authentication library is implemented for a client platform in accordance with a platform-independent interface specification expressed in an interface definition language (IDL), and wherein the client platform corresponds to a client computer system;
receiving the encrypted user profile from the client computer system via the client-side authentication library;
decrypting the user profile to authenticate the user for one or more network services via a server-side authentication library, wherein the server-side authentication library is implemented for a server platform in accordance with the platform-independent interface specification, and wherein the server platform corresponds to a server computer system. - View Dependent Claims (36, 37, 38, 39, 40, 41, 42, 43)
-
-
44. A carrier medium comprising program instructions for network management,
wherein the program instructions are computer-executable to perform: -
implementing one or more pluggable authentication modules;
a client manager application sending a user profile associated with a user of a client manager application via one of the pluggable authentication modules;
a gateway receiving the user profile from the client manager application;
the gateway authenticating the user for one or more network services via the one of the pluggable authentication modules. - View Dependent Claims (45, 46, 47, 48, 49, 50, 51, 52)
-
Specification