System and/or method for authentication and/or authorization via a network
First Claim
Patent Images
1. A method comprising:
- connecting a computing platform to a network;
communicating with said network via said computing platform to authenticate one or more users attempting to access at least a portion of an application and/or authorize said one or more users to access said at least a portion of said application;
receiving authorization metadata from said network responsive to authentication and/or authorization of said one or more users;
receiving security metadata from said network responsive to the attempt to access the portion of the application, the portion of the application being controlled by a security policy;
locally storing said received authorization metadata at said computing platform to enable said one or more users to access said at least a portion of said application through said computing platform following a disconnection of said computing platform from said network; and
modifying the authorization metadata according to the security metadata without modifying source code of the application.
1 Assignment
0 Petitions
Accused Products
Abstract
The subject matter disclosed herein relates to authenticating an identity of users desiring access to an application program and determining whether an authenticated user is authorized to access one or more aspects of the application program.
-
Citations
68 Claims
-
1. A method comprising:
-
connecting a computing platform to a network; communicating with said network via said computing platform to authenticate one or more users attempting to access at least a portion of an application and/or authorize said one or more users to access said at least a portion of said application; receiving authorization metadata from said network responsive to authentication and/or authorization of said one or more users; receiving security metadata from said network responsive to the attempt to access the portion of the application, the portion of the application being controlled by a security policy; locally storing said received authorization metadata at said computing platform to enable said one or more users to access said at least a portion of said application through said computing platform following a disconnection of said computing platform from said network; and modifying the authorization metadata according to the security metadata without modifying source code of the application. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. An apparatus comprising:
-
a computing platform comprising a communication adapter for communicating with a network, said computing platform being adapted to; host one or more applications; communicate with said network through said communication adapter to authenticate and/or authorize one or more users attempting to access at least a portion of at least one of said applications, and/or authorize said one or more users to access said at least a portion of said at least one of said applications, and to receive authorization metadata responsive to authentication and/or authorization of said one or more users; receive security metadata from said network responsive to the attempt to access the portion of the application, the portion of the application being controlled by a security policy; locally store said received authorization metadata at said computing platform to enable said one or more users to access said at least a portion of said at least one of said applications through said computing platform following a disconnection of said computing platform from said network; and modify the authorization metadata according to the security metadata without modifying source code of the application. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. An apparatus comprising:
-
means for connecting a computing platform to a network; means for communicating with said network via said computing platform to authenticate one or more users attempting to access at least a portion of an application, and/or authorize said one or more users to access said at least a portion of said application; means for receiving authorization metadata from said network responsive to authentication and/or authorization of said one or more users; means for receiving security metadata from said network responsive to the attempt to access the portion of the application, the portion of the application being controlled by a security policy; means for locally storing said received authorization metadata to enable said one or more users to access said at least a portion of said application through said computing platform following a disconnection of said computing platform from said network; and means for modifying the authorization metadata according to the security metadata without modifying source code of the application. - View Dependent Claims (16, 17)
-
-
18. An article comprising:
-
a storage device comprising machine-readable instructions stored thereon which are executable by a computing platform to; communicate with a network to authenticate one or more users attempting to access at least a portion of at least one of one or more applications hosted on said computing platform, and/or authorize said one or more users to access said at least a portion of said at least one of said applications; receive security metadata from said network responsive to the attempt to access the portion of the application, the portion of the application being controlled by a security policy; locally store authorization metadata received responsive to authentication and/or authorization of said one or more users at said computing platform to enable said one or more users to access said at least a portion of said at least one of said applications through said computing platform following a disconnection of said computing platform from said network; and modify the authorization metadata according to the security metadata without modifying source code of the application. - View Dependent Claims (19, 20, 21, 22, 23, 24)
-
-
25. A method comprising:
-
obtaining security metadata through a Web service in response to an attempt by a user to access at least a portion of one or more applications hosted on a computing platform; and locally storing said obtained security metadata on said computing platform for use in response to subsequent attempts to access said at least a portion of said one or more applications through said computing platform; and modifying authorization metadata according to the security metadata without modifying source code of the application, the authorization metadata being received from said Web service in response to authentication and/or authorization of said one or more users. - View Dependent Claims (26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
-
-
36. An apparatus comprising:
-
means for obtaining security metadata through a Web service in response to an attempt by a user to access at least a portion of one or more applications hosted on a computing platform; and means for locally storing said obtained security metadata on said computing platform for use in response to subsequent attempts to access said at least a portion of said one or more applications through said computing platform; and means for modifying authorization metadata according to the security metadata without modifying source code of the application, the authorization metadata being received from said Web service in response to authentication and/or authorization of said one or more users. - View Dependent Claims (37, 38, 39, 40, 41, 42, 43, 44, 45, 46)
-
-
47. A computing platform comprising:
-
one or more processors; a storage medium accessible by said one or more processors and storing instructions executable by said one or more processors to provide; a software component capable of accessing security metadata through a Web service in response to an attempt to access at least a portion of one or more applications; and an agent of said Web service to locally store said security metadata for use in response to subsequent attempts to access said at least a portion of said one or more applications through said computing platform and modify authorization metadata according to the security metadata without modifying source code of the application, the authorization metadata being received from said Web service in response to authentication and/or authorization of said one or more users. - View Dependent Claims (48, 49, 50, 51, 52, 53, 54, 55, 56, 57)
-
-
58. An article comprising:
-
a storage device comprising machine-readable instructions executable by a processor to; obtain security metadata through a Web service in response to an attempt by a user to access at least a portion of one or more applications hosted on a computing platform; locally store said obtained security metadata for use in response to subsequent attempts to access said at least a portion of one or more applications through said computing platform; and modify authorization metadata according to the security metadata without modifying source code of the application, the authorization metadata being received from said Web service in response to authentication and/or authorization of said one or more users. - View Dependent Claims (59, 60, 61, 62, 63, 64, 65, 66, 67, 68)
-
Specification