Patent · US Active

Mechanisms to use network session identifiers for software-as-a-service authentication

US8949938B2 · kind B2 · utility

9Cited by

5References

19Claims

0Family size

Assignee

Cisco Technology, Inc. · US

Inventors

Nathan Sowatskey · Madrid, ES
Nancy Cam-Winget · Mountain View, US
Susan E. Thomson · Summit, US
David M. Jones, Jr. · Exnersvej, US
Morteza Ansari · Newark, US
Klaas Wierenga · Utrecht, NL
Joseph Salowey · Seattle, US

Key dates

Filing date	Oct 27, 2011
Grant date	Feb 3, 2015
Priority date	—
Expiry date	Dec 20, 2031

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/08
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Techniques are provided for authenticating a subject of a client device to access a software-as-a-service (SaaS) server. A network access device receives a request from a client device to establish a network session and transfers identity information of the subject, the client device and the network session to a session directory database. A request is sent to access an application on a SaaS server. If it does not contain an identity assertion that identifies the subject, the request is redirected to an identity provider device (IdP), to provide identity assertion services to the subject. A network session identifier is inserted into the request by a network access device and the request is forwarded to the IdP. The IdP uses the network session identifier to query the session directory database for the identity information to be used for a security assertion of the subject to the SaaS server.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.