Secure application bridge server
First Claim
1. A method comprising:
- receiving, at a bridge server, a login request from one of a plurality of users, wherein each of said plurality of users are associated with a same entity and each have respective user credentials;
validating, by said bridge server, user credentials of said user requesting said login;
identifying, by said bridge server, a secure application account of said entity that is associated with at least one secure application;
determining, by said bridge server, entity credentials that grant the entity certain rights to said entity'"'"'s secure application account;
mapping, by said bridge server, said user credentials to said entity credentials; and
managing, by said bridge server, interaction of said user with said at least one secure application for performing activity involving use of the secure application account on behalf of said entity, wherein said managing comprises providing at least one value-added service not available from unmapped use of the entity credentials, and said managing further comprises storing status data indicating current usage by said plurality of users of the secure application account.
5 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods are provided which implement a bridge server to provide user access to one or more secure applications. A bridge server of embodiments is disposed between a user and a secure application and invokes bridge server security protocols with respect to the user and secure application security protocols with respect to the secure application. In operation according to embodiments, client applications will link into a bridge server, the user will be authenticated by the bridge server, and a valid user will be correlated to an account of the secure application by the bridge server. Bridge servers of embodiments facilitate providing features with respect to secure application user access unavailable using the secure application security protocols.
317 Citations
47 Claims
-
1. A method comprising:
-
receiving, at a bridge server, a login request from one of a plurality of users, wherein each of said plurality of users are associated with a same entity and each have respective user credentials; validating, by said bridge server, user credentials of said user requesting said login; identifying, by said bridge server, a secure application account of said entity that is associated with at least one secure application; determining, by said bridge server, entity credentials that grant the entity certain rights to said entity'"'"'s secure application account; mapping, by said bridge server, said user credentials to said entity credentials; and managing, by said bridge server, interaction of said user with said at least one secure application for performing activity involving use of the secure application account on behalf of said entity, wherein said managing comprises providing at least one value-added service not available from unmapped use of the entity credentials, and said managing further comprises storing status data indicating current usage by said plurality of users of the secure application account. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A system comprising:
-
a bridge server disposed in a communication path between at least one client device and at least one secure application; wherein said bridge server is communicatively coupled to a bridge database containing information mapping, for each of a plurality of users who each have respective user credentials and are associated with a same entity having entity credentials that grant the entity certain rights to a secure application account of said entity, said user credentials to said entity credentials; and wherein said bridge server is configured to facilitate access by said plurality of users to said at least one secure application for conducting activity involving use of the secure application account through use of said entity credentials, while maintaining unique identification of each of said users who are so accessing the at least one secure application; wherein said bridge server is configured to receive a login request from one of said plurality of users using said at least one client device, validate user credentials of said user requesting said login, and determine said mapping of said user credentials to said entity credentials; wherein said bridge server is configured to manage interaction of said user with said at least one secure application through use of said entity credentials for performing activity involving use of the secure application account on behalf of said entity; wherein said bridge server is configured to provide at least one value-added service not available from use of the entity credentials unmapped to said user credentials; and wherein said bridge server is configured to store status data indicating current usage by said plurality of users of the secure application account. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38)
-
-
39. A method comprising:
-
receiving, at a bridge server, a login request from one of a plurality of users, wherein each of said plurality of users are associated with a same entity and each have respective user credentials; validating, by said bridge server, user credentials of said user requesting said login; identifying, by said bridge server, a secure application account of said entity that is associated with at least one secure application; determining, by said bridge server, entity credentials that grant the entity certain rights to said entity'"'"'s secure application account; mapping, by said bridge server, said user credentials to said entity credentials, wherein said mapping comprises determining what of said certain rights that are granted to the entity are granted to said user; and managing, by said bridge server, interaction of said user with said at least one secure application for performing activity involving use of the secure application account on behalf of said entity consistent with the determined rights that the user is granted, wherein said managing comprises providing at least one value-added service not available from unmapped use of the entity credentials, and said managing further comprises storing status data indicating current usage by said plurality of users of the secure application account. - View Dependent Claims (40, 41, 42, 43, 44, 45, 46, 47)
-
Specification