×

Cloud service authentication

  • US 9,418,216 B2
  • Filed: 07/21/2011
  • Issued: 08/16/2016
  • Est. Priority Date: 07/21/2011
  • Status: Active Grant
First Claim
Patent Images

1. A method, implemented at a computer system that includes one or more processors, for providing access to a cloud service, the method comprising:

  • receiving a request from an application hosted by an operating system (OS) to access a cloud service;

    sending a token request to an identity provider responsive to the receiving a request, the token request comprising (i) an application identifier (ID) identifying the application, (ii) an OS cloud credential of a user of the OS and that is associated with login credentials of the user for the OS, and (iii) and a cloud service ID that is associated with the cloud service;

    based at least on sending the token request, and based upon the identity provider having authenticated the user and verified that the application ID is a valid application ID for the application, receiving a token from the identity provider, the token comprising (i) the cloud service ID, (ii) the application ID, and (iii) a user assigned ID that is associated with the cloud service, the user assigned ID having been computed by the identity provider based upon the cloud service ID and a user identification associating the user with the identity provider, the token being signed with an identity provider signature;

    providing the token to the application for submission to a cloud service provider for access to the cloud service; and

    obtaining access to the cloud service based at least on the cloud service provider having validated an identity provider signature as a signature of the identity provider.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×