Proxy certificate management for nfv environment (pcs)
US-2024275775-A1 · Aug 15, 2024 · US
System for managing multi-user sign-on in a segmented network
US9521139B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9521139-B2 |
| Application number | US-201514634472-A |
| Country | US |
| Kind code | B2 |
| Filing date | Feb 27, 2015 |
| Priority date | Feb 27, 2015 |
| Publication date | Dec 13, 2016 |
| Grant date | Dec 13, 2016 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Disclosed is a system for providing multi-user management for personal computing devices over an entity network. The system is typically configured to (i) receive a first request from the personal computing device to receive first user-specific information, (ii) authenticate the user identifier associated with the first user, (iii) associate the user identifier associated with the first user with the device identifier, (iv) communicate a first response to the personal computing device based on authenticating the user identifier, (v) receiving a second request from the personal computing device to receive second user-specific information associated with the first user for a second application, (vi) determining that the device identifier is associated with the user identifier associated with the first user, (vii) and communicating a second response to the personal computing device based on determining that the device identifier is associated with the user identifier associated with the first user.
First claim
Opening claim text (preview).
What is claimed is: 1. A system for providing a multi-user experience on a mobile device, the system comprising: a processor; a memory; a communication interface in communication with an entity network and with the mobile device; and a multi-user management module stored in the memory, executable by the processor and configured for: receiving a security certificate from the mobile device; authenticating the security certificate; based on authenticating the security certificate, establishing network communication between the mobile device and a secured network segment; receiving a first request from the mobile device to receive first user-specific information for a first application executed by the mobile device from the secured network segment in communication with the entity network, wherein the first request comprises a device identifier and a user identifier associated with a first user; authenticating the user identifier associated with the first user; associating the user identifier associated with the first user with the device identifier; communicating a first response to the mobile device based on authenticating the user identifier associated with the first user, the first response including the first user-specific information; receiving a second request from the mobile device to receive second user-specific information associated with the first user for a second application executed by the mobile device from the secured network segment, wherein the second request comprises the device identifier; determining that the device identifier is associated with the user identifier associated with the first user; communicating a second response to the mobile device based on determining that the device identifier is associated with the user identifier associated with the first user, the second response including the second user-specific information; receiving a third request from the mobile device, wherein the third request comprises the device identifier and a second user identifier associated with a second user; disassociating the user identifier associated with the first user and the device identifier based on receiving the third request; associating the second user identifier with the device identifier based on receiving the third request; determining that a pre-defined time period has elapsed after receiving the third request; determining that the mobile device has not communicated a subsequent request before the pre-defined period has elapsed; and disassociating the second user identifier associated with the second user and the device identifier based on determining that the mobile device has not communicated a subsequent request before the pre-defined period has elapsed. 2. The system of claim 1 , wherein the device identifier is the security certificate. 3. The system of claim 1 , wherein the entity network further comprises a private network segment, and wherein the multi-user management module is further configured for blocking communications between the mobile device and the private network segment. 4. The system of claim 1 , wherein the mobile device is a tablet computer. 5. The system of claim 1 , wherein the multi-user management module is further configured for (i) receiving a fourth request, wherein the fourth request comprises a third user identifier, (ii) determining that the third user identifier is not authorized to make requests using the mobile device, (iii) blocking the fourth request based on determining that the third user identifier is not authorized to make requests using the mobile device. 6. The system of claim 5 , wherein blocking the fourth request is further based on the device identifier. 7. A computer program product for providing a multi-user experience on a mobile device in communication with an entity network, the computer program product comprising a non-transitory computer-readable storage medium having computer-executable instructions for: receiving a security certificate from the mobile device; authenticating the security certificate; based on authenticating the security certificate, establishing network communication between the mobile device and a secured network segment; receiving a first request from the mobile device to receive first user-specific information for a first application executed by the mobile device from a secured network segment in communication with the entity network, wherein the first request comprises a device identifier and a user identifier associated with a first user; authenticating the user identifier associated with the first user; associating the user identifier associated with the first user with the device identifier; communicating a first response to the mobile device based on authenticating the user identifier associated with the first user; receiving a second request from the mobile device to receive second user-specific information associated with the first user for a second application executed by the mobile device from the secured network segment, wherein the second request comprises the device identifier; determining that the device identifier is associated with the user identifier associated with the first user; communicating a second response to the mobile device based on determining that the device identifier is associated with the user identifier associated with the first user; receiving a third request from the mobile device, wherein the third request comprises the device identifier and a second user identifier associated with a second user; disassociating the user identifier associated with the first user with the device identifier based on receiving the third request; associating the second user identifier with the device identifier based on receiving the third request; determining that a pre-defined time period has elapsed after receiving the third request; determining that the mobile device has not communicated a subsequent request before the pre-defined period has elapsed; and disassociating the second user identifier associated with the second user and the device identifier based on determining that the mobile device has not communicated a subsequent request before the pre-defined period has elapsed. 8. The computer program product of claim 7 , wherein the device identifier is the security certificate. 9. The computer program product of claim 7 , wherein the entity network further comprises a private network segment, and wherein the non-transitory computer-readable storage medium further having computer-executable instructions for blocking communications between the mobile device and the private network segment. 10. The computer program product of claim 7 , wherein the mobile device is a tablet computer. 11. The computer program product of claim 7 , wherein the non-transitory computer-readable storage medium further having computer-executable instructions for (i) receiving a fourth request, wherein the fourth request comprises a third user identifier, (ii) determining that the third user identifier is not authorized to make requests using the mobile device, (iii) blocking the fourth request based on determining that the third user identifier is not authorized to make requests using the mobile device. 12. The computer program product of claim 11 , wherein blocking the fourth request is further based on the device identifier. 13. A method for providing a multi-user experience on a mobile device via an entity network, the method comprising: receiving a security certificate from the mobile device; authenticating the security certificate; based on authenticating the security certificate, establishing network communication betwee
Assignees
Inventors
Classifications
providing single-sign-on or federations · CPC title
- H04L63/0823Primary
using certificates (cryptographic mechanisms or cryptographic arrangements for entity authentication involving certificates H04L9/3263) · CPC title
using an additional device, e.g. smartcard, SIM or a different communication terminal (cryptographic mechanisms or cryptographic arrangements for entity authentication involving additional secure or trusted devices H04L9/3234) · CPC title
Virtual private networks · CPC title
Subscriber identity · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9521139B2 cover?
- Disclosed is a system for providing multi-user management for personal computing devices over an entity network. The system is typically configured to (i) receive a first request from the personal computing device to receive first user-specific information, (ii) authenticate the user identifier associated with the first user, (iii) associate the user identifier associated with the first user wi…
- Who is the assignee on this patent?
- Bank Of America
- What technology area does this patent fall under?
- Primary CPC classification H04L63/0823. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Dec 13 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).