Some content of this application is unavailable at the moment.
If this situation persist, please contact us atFeedback&Contact
1. (WO2019000092) HYBRID AUTHENTICATION SYSTEMS AND METHODS
Latest bibliographic data on file with the International Bureau    Submit observation

Pub. No.: WO/2019/000092 International Application No.: PCT/CA2018/050791
Publication Date: 03.01.2019 International Filing Date: 27.06.2018
IPC:
H04L 9/32 (2006.01) ,G06F 21/31 (2013.01) ,H04L 12/723 (2013.01)
H ELECTRICITY
04
ELECTRIC COMMUNICATION TECHNIQUE
L
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
9
Arrangements for secret or secure communication
32
including means for verifying the identity or authority of a user of the system
G PHYSICS
06
COMPUTING; CALCULATING; COUNTING
F
ELECTRIC DIGITAL DATA PROCESSING
21
Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
30
Authentication, i.e. establishing the identity or authorisation of security principals
31
User authentication
H ELECTRICITY
04
ELECTRIC COMMUNICATION TECHNIQUE
L
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
12
Data switching networks
70
Packet switching systems
701
Routing or path finding
721
Routing procedures, e.g. shortest path routing, source routing, link state routing or distance vector routing
723
Label or tag based routing, e.g. multi-protocol label switching [MPLS] or generalised multi-protocol label switching [GMPLS]
Applicants:
OPEN TEXT CORPORATION [CA/CA]; 275 Frank Tompa Drive Waterloo, Ontario N2L 0A1, CA
Inventors:
GOPALDAS TOTALE, Sachin; US
AHMED, Muneer; US
RAWAT, Harish; US
THIRUVASAGAM, Rajakumar; IN
NARAYANA PRASAD KAKUMANI, Lakshmi; US
Agent:
ROBIC, LLP; 1001 Square-Victoria, Bloc E - 8th Floor Montréal, Québec H2Z 2B7, CA
Priority Data:
62/527,21330.06.2017US
Title (EN) HYBRID AUTHENTICATION SYSTEMS AND METHODS
(FR) SYSTÈMES ET PROCÉDÉS D'AUTHENTIFICATION HYBRIDE
Abstract:
(EN) Disclosed are hybrid authentication systems and methods that enable users to seamlessly sign-on between cloud-based services and on-premises systems. A cloud-based authentication service receives login credentials from a user and delegates authentication to an on-premises authentication service proxy. The login credentials can be passed by the cloud-based authentication service to the on-premises authentication service proxy, for instance, as an access token in an authentication header. The access token can be a JavaScript Object Notation (JSON) Web Token (JWT) token that is digitally signed using JSON Web Signature. Some embodiments utilize a tunnel connection through which the cloud-based authentication service communicates with the on-premises authentication service proxy. Some embodiments leverage an on-premises identity management system for user management and authentication. In this way, there is no need for a cloud-based system to separately maintain and manage a user identity management system and/or having to sync with an on-premises identity management system.
(FR) L'invention concerne des systèmes et des procédés d'authentification hybride qui permettent à des utilisateurs de s'identifier sans interruption auprès de services en nuage et de systèmes hébergés sur site. Un service d'authentification en nuage reçoit des identifiants d'ouverture de session d'un utilisateur et délègue l'authentification à un mandataire de service d'authentification sur site. Les identifiants d'ouverture de session peuvent être transmis par le service d'authentification en nuage au mandataire de service d'authentification sur site, par exemple, sous forme de jeton d'accès dans un en-tête d'authentification. Le jeton d'accès peut être un jeton de jeton Web (JWT) de notation d'objet JavaScript (JSON) qui est signé numériquement à l'aide de la signature Web JSON. Certains modes de réalisation utilisent une connexion tunnel par l'intermédiaire de laquelle le service d'authentification en nuage communique avec le mandataire de service d'authentification sur site. Certains modes de réalisation tirent profit d'un système de gestion d'identité sur place pour la gestion et l'authentification d'utilisateur. De cette manière, un système en nuage n'a pas besoin de maintenir et de gérer séparément un système de gestion d'identité d'utilisateur et/ou d'avoir à se synchroniser avec un système de gestion d'identité sur site.
front page image
Designated States: AE, AG, AL, AM, AO, AT, AU, AZ, BA, BB, BG, BH, BN, BR, BW, BY, BZ, CA, CH, CL, CN, CO, CR, CU, CZ, DE, DJ, DK, DM, DO, DZ, EC, EE, EG, ES, FI, GB, GD, GE, GH, GM, GT, HN, HR, HU, ID, IL, IN, IR, IS, JO, JP, KE, KG, KH, KN, KP, KR, KW, KZ, LA, LC, LK, LR, LS, LU, LY, MA, MD, ME, MG, MK, MN, MW, MX, MY, MZ, NA, NG, NI, NO, NZ, OM, PA, PE, PG, PH, PL, PT, QA, RO, RS, RU, RW, SA, SC, SD, SE, SG, SK, SL, SM, ST, SV, SY, TH, TJ, TM, TN, TR, TT, TZ, UA, UG, US, UZ, VC, VN, ZA, ZM, ZW
African Regional Intellectual Property Organization (ARIPO) (BW, GH, GM, KE, LR, LS, MW, MZ, NA, RW, SD, SL, ST, SZ, TZ, UG, ZM, ZW)
Eurasian Patent Office (AM, AZ, BY, KG, KZ, RU, TJ, TM)
European Patent Office (EPO) (AL, AT, BE, BG, CH, CY, CZ, DE, DK, EE, ES, FI, FR, GB, GR, HR, HU, IE, IS, IT, LT, LU, LV, MC, MK, MT, NL, NO, PL, PT, RO, RS, SE, SI, SK, SM, TR)
African Intellectual Property Organization (BF, BJ, CF, CG, CI, CM, GA, GN, GQ, GW, KM, ML, MR, NE, SN, TD, TG)
Publication Language: English (EN)
Filing Language: English (EN)