Identity management for application access
First Claim
1. A computer implemented method of identity management for application access, comprising:
- identifying types of access enabling information needed for users of applications on a first enterprise network to access applications on a second enterprise network, wherein the first enterprise network is being integrated with the second enterprise network, wherein identifying the types of access enabling information for the users of the applications on the first enterprise network to access the applications on the second enterprise network comprises aggregating the types of access enabling information from each of the applications on the second enterprise network, and wherein the types of access enabling information needed to access a first application of the applications on the second enterprise network is different from the types of access enabling information needed to access a second application of the applications on the second enterprise network;
obtaining access enabling information for each of the identified types of access enabling information for the users in a one-time collection from the first enterprise network;
storing the access enabling information in an identity data store; and
provisioning the access enabling information from the identity data store to one or more applications on the second enterprise network to enable the users of the applications on the first enterprise network to access the one or more applications on the second enterprise network.
3 Assignments
0 Petitions
Accused Products
Abstract
A computer implemented method of identity management for application access. The method includes identifying access enabling information for users. The access enabling information related to users of a first enterprise network to enable the users to access applications on a second enterprise network. The method includes obtaining the identified access enabling information from the first enterprise network, and storing the access enabling information in an identity data store. The method also includes provisioning the access enabling information from the identity data store to one or more applications on the second enterprise network to enable the users of the first enterprise network to access the one or more applications on the second enterprise network.
-
Citations
18 Claims
-
1. A computer implemented method of identity management for application access, comprising:
-
identifying types of access enabling information needed for users of applications on a first enterprise network to access applications on a second enterprise network, wherein the first enterprise network is being integrated with the second enterprise network, wherein identifying the types of access enabling information for the users of the applications on the first enterprise network to access the applications on the second enterprise network comprises aggregating the types of access enabling information from each of the applications on the second enterprise network, and wherein the types of access enabling information needed to access a first application of the applications on the second enterprise network is different from the types of access enabling information needed to access a second application of the applications on the second enterprise network; obtaining access enabling information for each of the identified types of access enabling information for the users in a one-time collection from the first enterprise network; storing the access enabling information in an identity data store; and provisioning the access enabling information from the identity data store to one or more applications on the second enterprise network to enable the users of the applications on the first enterprise network to access the one or more applications on the second enterprise network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 18)
-
-
8. A system of identity management for application access, comprising:
-
a first enterprise network having a plurality of applications; a second enterprise network having a plurality of applications, wherein the first enterprise network is being integrated with the second enterprise network; an identity data store; an information manager operable to obtain in a one-time collection access enabling information for each type of access enabling information needed for a plurality of users of the plurality of applications on the first enterprise network to access the plurality of applications on the second enterprise network, the information manager further operable to store the access enabling information in the identity data store, and promote provisioning the access enabling information from the identity data store to at least some of the applications on the second enterprise network to enable each of the plurality of users of the plurality of applications on the first enterprise network to access the at least some applications on the second enterprise network, wherein the information manager is further operable to multiple load the access enabling information from the identity data store to the at least some applications on the second enterprise network. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A computer implemented method of identity management for application access, comprising:
-
identifying types of access enabling information needed for users of applications on a first enterprise network to access applications on a second enterprise network, wherein the first enterprise network is being integrated with the second enterprise network; obtaining access enabling information for each of the identified types of access enabling information for the users in a one-time collection from the first enterprise network; storing the obtained access enabling information in an identity data store; provisioning the access enabling information from the identity data store to one or more applications on the second enterprise network to provide access for the users of the applications on the first enterprise network to the one or more applications on the second enterprise network, wherein provisioning the access enabling information from the identity data store to the one or more applications on the second enterprise network includes multiple loading the access enabling information from the identity data store to the one or more applications on the second enterprise network; obtaining a usage history of the applications on the first enterprise network for each of the users from a first enterprise network data store; obtaining a usage history of the applications on the second enterprise network for each of the users from the identity data store; combining the obtained usage history of the applications on the first enterprise network for each of the users from the first enterprise network data store with the obtained usage history of the applications on the second enterprise network for each of the users from the identity data store to form a combined usage history for each of the users; and storing the combined usage history for each of the users in a second enterprise network data store.
-
Specification