Authentication and authorization across autonomous network systems
First Claim
1. An enterprise network architecture, comprising:
- a first network system including one or more first network system domains;
a second network system including one or more second network system domains, the second network system being autonomous from the first network system such that the first network system domains are administratively independent from the second network system domains; and
a trust link between a first network system root domain and a second network system root domain, the trust link configured to provide transitive resource access between the one or more first network system domains and the one or more second network system domains;
wherein the first network system is configured to determine from the trust link where to communicate a request for a resource, the request received from an account managed in the first network system and the resource maintained by the second network system.
1 Assignment
0 Petitions
Accused Products
Abstract
An enterprise network architecture has a trust link established between two autonomous network systems that enables transitive resource access between network domains of the two network systems. The trust link is defined by data structures maintained by each of the respective network systems. The first network system maintains namespaces that correspond to the second network system and a domain controller in the first network system, or a first network system administrator, indicates whether to trust individual namespaces. An account managed by a domain in the second network system can request authentication via a domain controller in the first network system. The first network system determines from the trust link to communicate the authentication request to the second network system. The first network system also determines from the trust link where to communicate authorization requests when administrators manage group memberships and access control lists.
-
Citations
13 Claims
-
1. An enterprise network architecture, comprising:
-
a first network system including one or more first network system domains; a second network system including one or more second network system domains, the second network system being autonomous from the first network system such that the first network system domains are administratively independent from the second network system domains; and a trust link between a first network system root domain and a second network system root domain, the trust link configured to provide transitive resource access between the one or more first network system domains and the one or more second network system domains; wherein the first network system is configured to determine from the trust link where to communicate a request for a resource, the request received from an account managed in the first network system and the resource maintained by the second network system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
Specification