Unlock instant, AI-driven research and patent intelligence for your innovation.

Single sign-on functionality for a multi-tenant identity and data security management cloud service

An identity management and access management technology, applied in the field of identity management, which can solve the problems of account hijacking, unauthorized access, malicious insiders, etc.

Active Publication Date: 2019-04-16
ORACLE INT CORP
View PDF9 Cites 17 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The rich variety and accessibility of cloud-based applications has led to identity management and access security becoming central issues
Typical security issues in cloud environments are unauthorized access, account hijacking, malicious insiders, etc.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Single sign-on functionality for a multi-tenant identity and data security management cloud service
  • Single sign-on functionality for a multi-tenant identity and data security management cloud service
  • Single sign-on functionality for a multi-tenant identity and data security management cloud service

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0022] Embodiments provide single sign-on ("SSO") functionality within an Identity Cloud Service ("IDCS"), which provides a multi-tenant, cloud-scale, Identity and Access Management ("IAM") platform. In one embodiment, SSO functionality is implemented by providing a global session and then generating a protocol-specific token based on the global session. Embodiments also provide single logout (“SLO”) functionality by using cookies to iteratively log out from multiple applications and using redirection so that security information is not stored on cookies.

[0023] Embodiments provide an identity cloud service that implements a microservices-based architecture and provides multi-tenant identity and data security management and secure access to cloud-based applications. Embodiments support secure access to hybrid cloud deployments (ie, cloud deployments that include a combination of public and private clouds). Embodiments protect applications and data in the cloud and on-premis...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A cloud-based identity and access management system that implements single sign-on ("SO") receives a first request for an identity management service configured to allow for accessing an application.Embodiments send the first request to a first microservice which performs the identity management service by generating a token. The first microservice generates the token at least in part by sendinga second request to a SSO microservice that is configured to provide SSO functionality across different microservices that are based on different protocols. Embodiments then receive the token from thefirst microservice and provide the token to the application, where the token allows for accessing the application.

Description

[0001] This application is entering the national phase of China with an international filing date of September 14, 2017, a national application number of 201780034546.0, and an invention titled "Single sign-on and single sign-out functions for multi-tenant identity and data security management cloud services" Divisional application of the PCT application. [0002] Cross References to Related Applications [0003] This application claims priority to U.S. Provisional Patent Application Serial No. 62 / 394,273, filed September 14, 2016, and U.S. Provisional Patent Application Serial No. 62 / 394,345, filed September 14, 2016. The disclosure of each of these applications is incorporated herein by reference. technical field [0004] One embodiment relates generally to identity management, and more particularly to identity management in cloud systems. Background technique [0005] In general, the use of cloud-based applications (e.g., enterprise public cloud applications, third-part...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/0815H04L63/0884H04L67/02H04L67/14H04L67/146
Inventor J·V·甘咖韦恩B·约瑟夫B·萨恩克萨拉M·P·尤奇尔
Owner ORACLE INT CORP