Security framework data scheme
First Claim
1. A security database that stores, retrieves, and updates selected security information in response to application program interface calls of an authentication and authorization system to authenticate user identities and authorize access to resources, wherein the selected security information is stored as a data structure, the data structure comprising:
- a primary authentication structure containing primary authentication information, wherein the primary authentication structure is superior to all other structures in the security database;
an alternate authentication structure containing general alternate authentication information, wherein the alternate authentication structure is subordinate to the primary authentication structure;
a legacy authentication structure containing legacy authentication information, wherein the legacy authentication structure is subordinate to the primary authentication structure;
an administrative structure containing administrative information for administrative activity within the components of the overall data structure, wherein the administrative structure is subordinate to the primary authentication structure; and
at least one cross-reference structure that breaks down many to many relationships between the primary authentication structure and a subordinate structure into any of a one to many, many to one, or one to one relationship, wherein the cross-reference structure is subordinate to the primary authentication structure and superior to the subordinate structure.
1 Assignment
0 Petitions
Accused Products
Abstract
The present disclosure is a method for bridging requests for access to resources between requestors in a distributed network and an authenticator servicing the distributed network. The bridging mechanism has security features including a naming service for machine authentication and machine process rules to authorize what process machines can perform. The security proxy bridge intercepts an access request, and checks the IP address for machine authentication as well as the machine process rules and if both verifications are successful, the bridge then forwards the request for access to the authenticator. The security proxy framework utilizes a data structure that provides a method for storing selected security information stored as data records supporting an authentication and authorization system for users to access resources on multiple components of a distributed network supporting multiple business units of an enterprise. Primary authentication information stored herein includes general user information, security information, and contact information.
44 Citations
14 Claims
-
1. A security database that stores, retrieves, and updates selected security information in response to application program interface calls of an authentication and authorization system to authenticate user identities and authorize access to resources, wherein the selected security information is stored as a data structure, the data structure comprising:
-
a primary authentication structure containing primary authentication information, wherein the primary authentication structure is superior to all other structures in the security database; an alternate authentication structure containing general alternate authentication information, wherein the alternate authentication structure is subordinate to the primary authentication structure; a legacy authentication structure containing legacy authentication information, wherein the legacy authentication structure is subordinate to the primary authentication structure; an administrative structure containing administrative information for administrative activity within the components of the overall data structure, wherein the administrative structure is subordinate to the primary authentication structure; and at least one cross-reference structure that breaks down many to many relationships between the primary authentication structure and a subordinate structure into any of a one to many, many to one, or one to one relationship, wherein the cross-reference structure is subordinate to the primary authentication structure and superior to the subordinate structure. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
Specification