Electronic rendezvous-based two stage access control for private networks
First Claim
1. A method for providing access to a private network resource comprising:
- receiving an indication from an electronic rendezvous service that a client application has passed a first set of authentication and authorization processes before the private network resource has been contacted, wherein the indication comprises a time that indicates when the client application passed the first set of authentication and authorization processes;
receiving a request from the client application to access the private network resource;
allowing the client application to attempt to perform a second set of authentication and authorization processes based at least in part on both receiving the indication from the electronic rendezvous service that the client application has passed the first set of authentication and authorization processes and receiving the request from the client application to access the private network resource within a set limited amount of time after the client application passed the first set of authentication and authorization processes;
performing the second set of authentication and authorization processes; and
enabling the client application to access the private network resource based at least in part on a determination that the client application has passed the first set of authentication and authorization processes and the second set of authentication and authorization processes,wherein enabling the client application to access the private network resource comprises enabling the client application to access the private network resource based at least in part on the determination that the client application has passed the first set of authentication and authorization processes and the second set of authentication and authorization processes within a predetermined time frame, andwherein at least one of the receiving allowing, performing, and enabling steps is implemented in hardware.
2 Assignments
0 Petitions
Accused Products
Abstract
A method for providing access to a private network resource comprises receiving an indication from an electronic rendezvous service that a client application has passed a first set of authentication and authorization processes. A request to access the private network resource is received from the client application. The client application is allowed to attempt to perform a second set of authentication and authorization processes based at least in part on receiving the indication from the electronic rendezvous service that the client application has passed the first set of authentication and authorization processes. The second set of authentication and authorization processes are performed, and the client application is allowed to access the private network resource based at least in part on a determination that the client application has passed the first and the second sets of authentication and authorization processes.
7 Citations
10 Claims
-
1. A method for providing access to a private network resource comprising:
-
receiving an indication from an electronic rendezvous service that a client application has passed a first set of authentication and authorization processes before the private network resource has been contacted, wherein the indication comprises a time that indicates when the client application passed the first set of authentication and authorization processes; receiving a request from the client application to access the private network resource; allowing the client application to attempt to perform a second set of authentication and authorization processes based at least in part on both receiving the indication from the electronic rendezvous service that the client application has passed the first set of authentication and authorization processes and receiving the request from the client application to access the private network resource within a set limited amount of time after the client application passed the first set of authentication and authorization processes; performing the second set of authentication and authorization processes; and enabling the client application to access the private network resource based at least in part on a determination that the client application has passed the first set of authentication and authorization processes and the second set of authentication and authorization processes, wherein enabling the client application to access the private network resource comprises enabling the client application to access the private network resource based at least in part on the determination that the client application has passed the first set of authentication and authorization processes and the second set of authentication and authorization processes within a predetermined time frame, and wherein at least one of the receiving allowing, performing, and enabling steps is implemented in hardware. - View Dependent Claims (2, 3, 4, 5)
-
-
6. An apparatus for providing access to a private network resource comprising:
-
an interface configured to receive an indication from an electronic rendezvous service that a client application has passed a first set of authentication and authorization processes before the private network resource has been contacted, wherein the indication comprises a time that indicates when the client application passed the first set of authentication and authorization processes; and a processor configured to perform a second set of authentication and authorization processes and enable the client application to access the private network resource based at least in part on both a determination that the client application has passed the first set of authentication and authorization processes and the second set of authentication and authorization processes within a predetermined time frame and a determination that a request from the client application to access the private network resource has been received within a set limited amount of time after the client application passed the first set of authentication and authorization processes. - View Dependent Claims (7, 8, 9, 10)
-
Specification