System, method and computer program product for authenticating and authorizing an external entity
First Claim
Patent Images
1. A computer program product embodied on a non-transitory computer readable medium, the computer program product including instructions which, when executed by a processor, cause the processor to perform a method comprising:
- identifying the creation of a remote access object for an entity external to a system, where the creation of the remote access object is identified within the system, and where the remote access object enables remote access of the system by the entity;
in response to the identification of the creation of the remote access object, generating within the system both a key identifying the entity and security information associated with the entity, where the key and the security information are separate from the remote access object;
receiving at a first instance of the system a request from the entity for user data of the user of the system, wherein the user data is stored in the system, and where the system includes a plurality of instances;
authenticating and authorizing the entity by;
receiving authorization from the user for the entity to access the user data,wherein the authorization is received at the system via a device of the user;
in response to receiving the authorization from the user, providing the security information associated with the entity from the system to the entity; and
authenticating the entity using the security information supplied by the entity to the system;
globally replicating the key and the security information to all of the instances within the system;
routing the request from the first instance of the system where it is received to a second instance of the system where an organization associated with the user is present for responding to the request; and
returning the user data to the entity, based on receiving from the user the authorization for the entity to access the user data, and authenticating the entity using the security information supplied by the entity.
1 Assignment
0 Petitions
Accused Products
Abstract
In accordance with embodiments, there are provided mechanisms and methods for authenticating and authorizing an external entity. These mechanisms and methods for authenticating and authorizing an external entity can enable improved data security, more efficient data transfer, improved data access channels, etc.
-
Citations
13 Claims
-
1. A computer program product embodied on a non-transitory computer readable medium, the computer program product including instructions which, when executed by a processor, cause the processor to perform a method comprising:
-
identifying the creation of a remote access object for an entity external to a system, where the creation of the remote access object is identified within the system, and where the remote access object enables remote access of the system by the entity;
in response to the identification of the creation of the remote access object, generating within the system both a key identifying the entity and security information associated with the entity, where the key and the security information are separate from the remote access object;receiving at a first instance of the system a request from the entity for user data of the user of the system, wherein the user data is stored in the system, and where the system includes a plurality of instances; authenticating and authorizing the entity by; receiving authorization from the user for the entity to access the user data, wherein the authorization is received at the system via a device of the user; in response to receiving the authorization from the user, providing the security information associated with the entity from the system to the entity; and authenticating the entity using the security information supplied by the entity to the system; globally replicating the key and the security information to all of the instances within the system; routing the request from the first instance of the system where it is received to a second instance of the system where an organization associated with the user is present for responding to the request; and returning the user data to the entity, based on receiving from the user the authorization for the entity to access the user data, and authenticating the entity using the security information supplied by the entity. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method, comprising:
-
identifying the creation of a remote access object for an entity external to a system, where the creation of the remote access object is identified within the system, and where the remote access object enables remote access of the system by the entity;
in response to the identification of the creation of the remote access object, generating within the system both a key identifying the entity and security information associated with the entity, where the key and the security information are separate from the remote access object;receiving at a first instance of the system a request from the entity for user data of the user of the system, wherein the user data is stored in the system, and where the system includes a plurality of instances; authenticating and authorizing the entity by; receiving authorization from the user for the entity to access the user data, wherein the authorization is received at the system via a device of the user; in response to receiving the authorization from the user, providing the security information associated with the entity from the system to the entity; and authenticating the entity using the security information supplied by the entity to the system; globally replicating the key and the security information to all of the instances within the system; routing the request from the first instance of the system where it is received to a second instance of the system where an organization associated with the user is present for responding to the request; and returning the user data to the entity, based on receiving from the user the authorization for the entity to access the user data, and authenticating the entity using the security information supplied by the entity.
-
-
13. An apparatus, comprising:
a hardware processor for; identifying the creation of a remote access object for an entity external to a system, where the creation of the remote access object is identified within the system, and where the remote access object enables remote access of the system by the entity; in response to the identification of the creation of the remote access object, generating within the system both a key identifying the entity and security information associated with the entity, where the key and the security information are separate from the remote access object; receiving at a first instance of the system a request from the entity for user data of the user of the system, wherein the user data is stored in the system, and where the system includes a plurality of instances, authenticating and authorizing the entity by; receiving authorization from the user for the entity to access the user data, wherein the authorization is received at the system via a device of the user; in response to receiving the authorization from the user, providing the security information associated with the entity from the system to the entity; and authenticating the entity using the security information supplied by the entity to the system, globally replicating the key and the security information to all of the instances within the system; routing the request from the first instance of the system where it is received to a second instance of the system where an organization associated with the user is present for responding to the request; and returning the user data to the entity, based on receiving from the user the authorization for the entity to access the user data, and authenticating the entity using the security information supplied by the entity.
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeSalesforce.com, Inc.
-
Original AssigneeSalesforce.com, Inc.
-
InventorsLee, Jong
-
Primary Examiner(s)Dada, Beemnet
-
Assistant Examiner(s)BELL, KALISH K
-
Application NumberUS12/947,760Publication NumberTime in Patent Office1,176 DaysField of Search726 2- 7, 726 9- 10, 726 16- 21, 726 27- 28US Class Current726/4CPC Class CodesG06F 21/31 User authenticationG06F 21/6218 to a system of files or obj...G06F 21/6245 Protecting personal data, e...H04L 63/08 for authentication of entit...H04L 63/0807 using tickets, e.g. Kerbero...H04L 63/083 using passwords cryptograph...H04L 63/0884 by delegation of authentica...H04L 63/10 for controlling access to d...
