US2014013387A1PendingUtilityA1
Efficient single sign-on and identity provider configuration and deployment in a database system
Est. expiryMar 19, 2030(~3.7 yrs left)· nominal 20-yr term from priority
H04L 63/0815G06F 21/41G06F 21/31
48
PatentIndex Score
0
Cited by
0
References
0
Claims
Abstract
Various techniques and procedures related to user authentication, identity providers, and single sign-on (SSO) are presented here. One approach creates an SSO link between two organizations in a streamlined manner using an internal cross-user systemwide digital certificate, and without processing any user-created, user-uploaded, or user-assigned digital certificates. Another approach presented here configures an identity provider service for an entity or organization by processing a single user command. The identity provider service is automatically configured in the background without processing any additional user commands, user instructions, or user-entered data.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1 . A method of deploying an identity provider service for a computer-implemented system, the method comprising:
receiving a user command; in response to receiving the user command, and without processing any additional user commands, user instructions, or user-entered data at the computer-implemented system, creating the identity provider service at the computer-implemented system; and after creating the identity provider service, and without processing any additional user commands, user instructions, or user-entered data at the computer-implemented system, configuring the identity provider service to allow the computer-implemented system to publish electronic identity information for its users.
2 . The method of claim 1 , further comprising providing a graphical user interface (GUI) element, wherein the user command is issued in response to activation of the GUI element.
3 . The method of claim 2 , further comprising providing a markup language document for presentation to a user, the markup language document defining the GUI element.
4 . The method of claim 3 , wherein the markup language document defines a webpage.
5 . The method of claim 1 , wherein creating the identity provider service comprises:
creating a self-signed digital certificate; and associating the self-signed digital certificate with the identity provider service.
6 . The method of claim 5 , wherein creating the self-signed digital certificate comprises:
retrieving, with the computer-implemented system, descriptive data for an entity hosting the identity provider service; and populating data fields of the self-signed certificate with at least some of the descriptive data.
7 . The method of claim 6 , wherein creating the self-signed digital certificate further comprises constructing a name for the self-signed digital certificate, using at least some of the descriptive data.
8 . A computer-implemented method of publishing electronic identity information for a user, the method comprising:
providing a first markup language document for presentation to the user, the first markup language document defining an active graphical user interface (GUI) element; receiving a user command that indicates activation of the active GUI element; in response to receiving the user command, and without requiring any additional user commands, user instructions, or user-entered data, creating an identity provider service at the computer-implemented system; and thereafter, providing a second markup language document for presentation to the user, the second markup language document confirming successful configuration of the identity provider service.
9 . The method of claim 8 , further comprising authenticating the user before providing the first markup language document.
10 . The method of claim 8 , wherein:
the first markup language document comprises a first web page that includes the active GUI element; and the second markup language document comprises a second web page that includes a confirmation notification.
11 . The method of claim 8 , wherein creating the identity provider service comprises:
retrieving, with the computer-implemented system, descriptive data for an entity hosting the identity provider service; creating a self-signed digital certificate from at least some of the descriptive data; and associating the self-signed digital certificate with the identity provider service.
12 . The method of claim 18 , further comprising operating the identity provider service to assert electronic identity information for the user.
13 . A computer system comprising a processor and a memory, wherein the memory comprises computer-executable instructions that, when executed by the processor, cause the computer system to:
receive a user command; in response to receiving the user command, and without processing any additional user commands, user instructions, or user-entered data at the computer system, create the identity provider service at the computer-implemented system; and after creating the identity provider service, and without processing any additional user commands, user instructions, or user-entered data at the computer system, configure the identity provider service to allow the computer system to publish electronic identity information for its users.
14 . The computer system of claim 13 , wherein, when executed by the processor, the computer-executable instructions cause the computer system to provide a graphical user interface (GUI) element, wherein the user command is issued in response to activation of the GUI element.
15 . The computer system of claim 14 , wherein, when executed by the processor, the computer-executable instructions cause the computer system to provide a markup language document for presentation to a user, the markup language document defining the GUI element.
16 . The computer system of claim 14 , wherein creating the identity provider service comprises:
creating a self-signed digital certificate; and associating the self-signed digital certificate with the identity provider service.
17 . The computer system of claim 16 , wherein creating the self-signed digital certificate comprises:
retrieving, with the computer system, descriptive data for an entity hosting the identity provider service; and populating data fields of the self-signed certificate with at least some of the descriptive data.
18 . The computer system of claim 17 , wherein creating the self-signed digital certificate further comprises constructing a name for the self-signed digital certificate, using at least some of the descriptive data.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.