Conveyance of configuration information in a network

US 9,397,885 B2
Filed: 09/26/2012
Issued: 07/19/2016
Est. Priority Date: 09/28/2011
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

forwarding credentials from a client device to a first server to satisfy the first server that a user of the client device is an authorized employee of a respective organization, the first server being an authentication server, the respective organization in control of disseminating applications from an application server;

subsequent to forwarding the credentials, from the client device, communicating with the first server to retrieve configuration information assigned to the user of the client device, the configuration information including a group identifier value indicating a group to which the user belongs, the first server providing access to a repository within a firewall of the respective organization to which the user belongs, the repository within the firewall accessed by the first server to retrieve and forward the configuration information to the user;

transmitting the configuration information retrieved from the client device to the application server, the configuration information indicating to the application server of a corresponding set of applications in which to provide the user access, the application server utilizing the configuration information to identify the corresponding set of applications that are accessible to the user; and

in response to transmitting the configuration information to the application server, receiving access to the corresponding set of applications from the application server through the client device;

wherein the client device transmits the configuration information to the application server to indicate that the user is a member of the group as specified by the group identifier value;

wherein a network administrator of the respective organization produces and supplies the configuration information to the repository within the firewall for distribution of the configuration information by the first server;

wherein the network administrator supplies the configuration information to the application server; and

wherein the application server provides the user access to the corresponding set of applications stored in a repository located external to the firewall, the application server providing the user access as specified by the configuration information;

wherein receiving access to the corresponding set of applications further comprises;

at the client device;

receiving identities of the corresponding set of applications available to the user of the client device;

initiating display of the identities on a respective display screen of the client device; and

in response to receiving selection of an identity of a particular application displayed on the respective display screen, communicating with the application server to retrieve the selected application over a communication link between the client device of the application server;

the method further comprising;

subsequent to retrieving the selected application from the application server, installing the selected application on the client device.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

According to example configurations, a user of a client device accesses an authentication server to retrieve configuration information. The user belongs to an organization that receives services from a third party service provider. The client device forwards the configuration information to a server controlled by the third party service provider. The server maintained by the third party service provider provides access to services, resources, data, etc., depending on the configuration information forwarded by the client device.

15 Citations

View as Search Results

11 Claims

1. A method comprising:
- forwarding credentials from a client device to a first server to satisfy the first server that a user of the client device is an authorized employee of a respective organization, the first server being an authentication server, the respective organization in control of disseminating applications from an application server;
  
  subsequent to forwarding the credentials, from the client device, communicating with the first server to retrieve configuration information assigned to the user of the client device, the configuration information including a group identifier value indicating a group to which the user belongs, the first server providing access to a repository within a firewall of the respective organization to which the user belongs, the repository within the firewall accessed by the first server to retrieve and forward the configuration information to the user;
  
  transmitting the configuration information retrieved from the client device to the application server, the configuration information indicating to the application server of a corresponding set of applications in which to provide the user access, the application server utilizing the configuration information to identify the corresponding set of applications that are accessible to the user; and
  
  in response to transmitting the configuration information to the application server, receiving access to the corresponding set of applications from the application server through the client device;
  
  wherein the client device transmits the configuration information to the application server to indicate that the user is a member of the group as specified by the group identifier value;
  
  wherein a network administrator of the respective organization produces and supplies the configuration information to the repository within the firewall for distribution of the configuration information by the first server;
  
  wherein the network administrator supplies the configuration information to the application server; and
  
  wherein the application server provides the user access to the corresponding set of applications stored in a repository located external to the firewall, the application server providing the user access as specified by the configuration information;
  
  wherein receiving access to the corresponding set of applications further comprises;
  
  at the client device;
  
  receiving identities of the corresponding set of applications available to the user of the client device;
  
  initiating display of the identities on a respective display screen of the client device; and
  
  in response to receiving selection of an identity of a particular application displayed on the respective display screen, communicating with the application server to retrieve the selected application over a communication link between the client device of the application server;
  
  the method further comprising;
  
  subsequent to retrieving the selected application from the application server, installing the selected application on the client device.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method as in claim 1, wherein the application server utilizes a copy of the configuration information as provided by the network administrator to map the group identifier value to the corresponding set of applications which are available to members in the group as specified by the group identifier value.
  - 3. The method as in claim 1, wherein the client device communicates over a wireless communication link with the first server to retrieve the group identifier value, the user being a member of the respective organization that configures the first server and the application server.
  - 4. The method as in claim 1, wherein communicating with the first server to retrieve the group identifier value includes:
    - receiving, at the client device, credentials inputted by the user.
  - 5. The method as in claim 4, wherein the network administrator of the respective organization:
    - i) configures the first server to provide, to the client device, the group identifier value indicating the group to which the user belongs, andii) configures the application server with the access rights information indicating the set of at least one application to which members assigned the group identifier value have been granted access rights.
  - 6. The method as in claim 1, wherein the client device receives the group identifier value over a first secured link from the first server, the first secured link extending between the first server and the client device;
    - andwherein the client device transmits the group identifier value over a second secured link between the client device and the application server that provides access to the corresponding set of applications.
  - 7. The method as in claim 1 further comprising:
    - receiving metadata associated with the user from the first server over a first secured communication link between the client device and the first server; and
      
      conveying the metadata over a second secured communication link between the client device and the application server to update configuration information associated with the user at the application server.

8. Non-transitory computer-readable storage media having instructions stored thereon for processing data information, such that the instructions, when carried out by computer processor hardware, cause the computer processor hardware to perform operations of:
- forwarding credentials from a client device to a first server to satisfy the first server that a user of the client device is an authorized employee of a respective organization, the first server being an authentication server, the respective organization in control of disseminating applications from an application server;
  
  subsequent to forwarding the credentials, communicating with the first server to retrieve configuration information assigned to the user of the client device, the configuration information including a group identifier value indicating a group to which the user belongs, the first server providing access to a repository within a firewall of the respective organization to which the user belongs, the repository within the firewall accessed by the first server to retrieve and forward the configuration information to the user;
  
  transmitting the retrieved configuration information from the client device to the application server, the configuration information indicating to the application server of a corresponding set of applications in which to provide the user access, the application server utilizing the configuration information to identify the corresponding set of applications that are accessible to the user;
  
  in response to transmitting the configuration information to the application server, receiving access to the corresponding set of applications from the application server through the client device;
  
  wherein the client device transmits the configuration information to the application server to indicate that the user is a member of the group as specified by the group identifier value;
  
  wherein a network administrator of the respective organization produces and supplies the configuration information to the repository within the firewall for distribution of the configuration information by the first server;
  
  wherein the network administrator supplies the configuration information to the application server; and
  
  wherein the application server provides the user access to the corresponding set of applications stored in a repository located external to the firewall, the application server providing the user access as specified by the configuration information;
  
  wherein receiving access to the corresponding set of applications further comprises;
  
  at the client device;
  
  receiving identities of the corresponding set of applications available to the user of the client device;
  
  initiating display of the identities on a respective display screen of the client device; and
  
  in response to receiving selection of an identity of a particular application displayed on the respective display screen, communicating with the application server to retrieve the selected application over a communication link between the client device of the application server;
  
  the computer processor hardware further performing operations of;
  
  subsequent to retrieving the selected application from the application server, installing the selected application on the client device.
- View Dependent Claims (9, 10, 11)
- - 9. Non-transitory computer-readable storage media as in claim 8, wherein the application server utilizes the configuration information provided by the network administrator to map the group identifier value to the corresponding set of applications which are available to members in the group as specified by the group identifier value.
  - 10. Non-transitory computer-readable storage media as in claim 8, wherein communicating with the first server to retrieve the group identifier value includes:
    - receiving, at the client device, credentials inputted by the user.
  - 11. Non-transitory computer-readable storage media as in claim 8, wherein the network administrator of the respective organization:
    - i) configures the first server to provide, to the client device, the group identifier value indicating the group to which the user belongs, andii) configures the application server with the access rights information indicating the set of at least one application to which members assigned the group identifier value have been granted access rights.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Apperian, Inc (Digital.ai Software, Inc.)
Original Assignee
Apperian, Inc (Digital.ai Software, Inc.)
Inventors
Friedman, Robert U, Craver, Shawn P., Martin, Glenn R.
Primary Examiner(s)
Parry, Chris
Assistant Examiner(s)
Hlaing, Soe M

Application Number

US13/627,533
Publication Number

US 20130080636A1
Time in Patent Office

1,392 Days
Field of Search

None
US Class Current

1/1
CPC Class Codes

H04L 41/08 Configuration management of...

Conveyance of configuration information in a network

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

15 Citations

11 Claims

Specification

Solutions

Use Cases

Quick Links

Conveyance of configuration information in a network

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

15 Citations

11 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links