Please download the dossier by clicking on the dossier button x
×

Secure cross-tenancy federation in software-as-a-service system

  • US 8,978,122 B1
  • Filed: 03/29/2013
  • Issued: 03/10/2015
  • Est. Priority Date: 03/29/2013
  • Status: Active Grant
First Claim
Patent Images

1. A method of operating a computer system hosting a service application and multiple tenant subsystems having respective resources, the computer system including an access control subsystem capable of mutually isolating the tenant subsystems to prevent a given tenant from accessing the resources of another tenant, comprising:

  • establishing a federated relationship between a first tenant subsystem and a user account on a second tenant subsystem, the federated relationship including visibility controls in the first tenant subsystem identifying the user account and specifying resources of the first tenant subsystem that are accessible to an authorized user of the user account in the second tenant subsystem;

    performing a user authentication in the first tenant subsystem when a user of the second tenant subsystem accesses the resources, the user authentication including requesting and receiving from the second tenant subsystem a security assertion that the user has been authenticated by the second tenant subsystem as the authorized user of the user account; and

    wherein each tenant subsystem includes a respective tenant identity store containing authentication information for user accounts of the respective tenant.

View all claims
  • 9 Assignments
Timeline View
Assignment View
    ×
    ×