Processing

Please wait...

Settings

Settings

Goto Application

1. WO2015134554 - AUTOMATIC DETECTION OF AUTHENTICATION METHODS BY A GATEWAY

Publication Number WO/2015/134554
Publication Date 11.09.2015
International Application No. PCT/US2015/018559
International Filing Date 04.03.2015
Chapter 2 Demand Filed 13.10.2015
IPC
H04L 29/06 2006.1
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
29Arrangements, apparatus, circuits or systems, not covered by a single one of groups H04L1/-H04L27/136
02Communication control; Communication processing
06characterised by a protocol
CPC
H04L 63/0281
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
02for separating internal from external traffic, e.g. firewalls
0281Proxies
H04L 63/08
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
08for supporting authentication of entities communicating through a packet data network
H04L 63/0807
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
08for supporting authentication of entities communicating through a packet data network
0807using tickets, e.g. Kerberos
H04L 63/0884
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
08for supporting authentication of entities communicating through a packet data network
0884by delegation of authentication, e.g. a proxy authenticates an entity to be authenticated on behalf of this entity vis-à-vis an authentication entity
H04L 63/105
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
10for controlling access to network resources
105Multiple levels of security
H04L 63/20
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
63Network architectures or network communication protocols for network security
20for managing network security; network security policies in general
Applicants
  • MICROSOFT TECHNOLOGY LICENSING, LLC [US]/[US]
Inventors
  • LAIVAND, Sharon
  • MENDELOVICH, Meir
  • KARIV, Shai
  • DOLEV, Ran
Agents
  • Grunecker Patent- und Rechtsanwalte PartG mbB
Priority Data
14/201,78007.03.2014US
Publication Language English (en)
Filing Language English (EN)
Designated States
Title
(EN) AUTOMATIC DETECTION OF AUTHENTICATION METHODS BY A GATEWAY
(FR) PROCÉDÉS DE DÉTECTION AUTOMATIQUE D'AUTHENTIFICATION PAR UNE PASSERELLE
Abstract
(EN) A system and method for allowing access to secure resources through a gateway without having to pre-configure the gateway with each specific URL that access is to be granted as well as maintaining the list of resources that are exposed. The gateway is configured to take incoming requests from client devices, such as the URL, and determine from the URL itself what type of authentication is required to gain access to the resource as opposed to comparing the URL with a managed list of URL's. Once the authentication process is identified by the gateway that process is implemented. The gateway analyzes the responses from the resources that may include denials or user authentication requests from the resource to determine the authentication process to use to gain access to the resource. Once the user is authenticated the communications traffic between the client/user and the resource is permitted through the gateway.
(FR) La présente invention concerne un système et un procédé permettant d'accéder à des ressources sécurisées par le biais d'une passerelle sans devoir configurer au préalable la passerelle avec chaque URL spécifique dont l'accès doit être accordé ni même conserver la liste des ressources qui sont accessibles. La passerelle est configurée pour considérer des demandes entrantes de dispositifs clients, telles que l'URL, et déterminer, à partir de l'URL elle même, le type d'authentification nécessaire pour accéder à la ressource contrairement au fait de comparer l'URL avec une liste gérée d'URL. C'est lorsque le processus d'authentification a été identifié par la passerelle que le procédé est mis en œuvre. La passerelle analyse les réponses des ressources qui peuvent comprendre des refus ou des demandes d'authentification d'utilisateur à partir de la ressource pour déterminer le processus d'authentification à utiliser pour accéder à la ressource. Dès que l'utilisateur est authentifié, le trafic des communications entre le client/l'utilisateur et la ressource est autorisé par le biais de la passerelle.
Related patent documents
BR112016019097This application is not viewable in PATENTSCOPE because the national phase entry has not been published yet or the national entry is issued from a country that does not share data with WIPO or there is a formatting issue or an unavailability of the application.
Latest bibliographic data on file with the International Bureau