What technology area does this patent fall under?

Primary CPC classification H04L63/0815. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue Jul 04 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B1). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).

Systems and methods for logging out of cloud-based applications managed by single sign-on services

US9699171B1 · US · B1

Patent metadata
Field	Value
Publication number	US-9699171-B1
Application number	US-201414312675-A
Country	US
Kind code	B1
Filing date	Jun 23, 2014
Priority date	Jun 23, 2014
Publication date	Jul 4, 2017
Grant date	Jul 4, 2017

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

The disclosed computer-implemented method for logging out of cloud-based applications managed by single sign-on services may include (1) identifying an attempt by a single sign-on service to log a user out of a set of cloud-based applications, (2) in response to identifying the attempt to log the user out of the set of applications, tracking a logout status of each application within the set of cloud-based applications by, for each application (a) identifying a logout request sent by the single sign-on service to the application and (b) determining whether the application has sent a logout response to the single sign-on service that verifies that the user has been successfully logged out of the application, and (3) determining that the user is still logged into at least one application managed by the single sign-on service by determining that the application did not send a logout response to the single sign-on service.

First claim

Opening claim text (preview).

What is claimed is: 1. A computer-implemented method for logging out of cloud-based applications managed by single sign-on services, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising: identifying, by a client agent running on a computing device of a user, an attempt, initiated by the user on the computing device and performed by a single sign-on service, to log the user out of a set of cloud-based applications managed by the single sign-on service and not managed by the client agent, at least a portion of the set of cloud-based applications being hosted in a separate domain than the client agent; in response to identifying the attempt to log the user out of the set of cloud-based applications, tracking, by a script implemented by the client agent that is capable of monitoring cross-domain communications from the domain in which the portion of the set of cloud-based applications are hosted, a logout status of each application within the set of cloud-based applications by, for each application: identifying a logout request sent by the single sign-on service to the application via a protocol limited by cross-domain restrictions; and determining whether the application has sent a logout response via the protocol limited by cross-domain restrictions to the single sign-on service that verifies that the user has been successfully logged out of the application; and determining that the user is still logged into at least one application managed by the single sign-on service by determining that the application did not send a logout response to the single sign-on service that verifies that the user has been successfully logged out of the application. 2. The method of claim 1 , wherein determining that the application did not send the logout response to the single sign-on service comprises determining that the application did not send the logout response within a predetermined amount of time. 3. The method of claim 1 , wherein determining that the application did not send the logout response to the single sign-on service comprises determining that the application was unresponsive at a time the single sign-on service sent the logout request. 4. The method of claim 1 , wherein tracking the logout status of each application further comprises: presenting to the user, via a graphical user interface, a number of applications that the single sign-on service is attempting to log the user out of; and presenting to the user, via the graphical user interface, the number of applications that the user has been successfully logged out of. 5. The method of claim 4 , wherein presenting to the user the number of applications that the user has been successfully logged out of comprises dynamically updating the number of applications that the user has been successfully logged out of as each logout response is received by the single sign-on service. 6. The method of claim 1 , further comprising, in response to determining that the user is still logged into the application: notifying the user that the user is still logged into the application; and prompting the user to log out of the application. 7. The method of claim 6 , wherein prompting the user to log out of the application comprises at least one of: prompting the user to log out of the application directly instead of logging out of the single sign-on service; and prompting the user to close an open browser window rendering the application. 8. The method of claim 6 , further comprising: determining that the user has been successfully logged out of the application; and in response to determining that the user has been successfully logged out of the application, notifying the user that the user has been successfully logged out of each of the set of cloud-based applications managed by the single sign-on service. 9. A system for logging out of cloud-based applications managed by single sign-on services, the system comprising: an identification module, stored in memory, that identifies, by a client agent running on a computing device of a user, an attempt, initiated by the user on the computing device and performed by a single sign-on service, to log the user out of a set of cloud-based applications managed by the single sign-on service and not managed by the client agent, at least a portion of the set of cloud-based applications being hosted in a separate domain than the client agent; a tracking module, stored in memory, that in response to identifying the attempt to log the user out of the set of cloud-based applications, tracks, by a script implemented by the client agent that is capable of monitoring cross-domain communications from the domain in which the portion of the set of cloud-based applications are hosted, a logout status of each application within the set of cloud-based applications by, for each application: identifying a logout request sent by the single sign-on service to the application via a protocol limited by cross-domain restrictions; and determining whether the application has sent a logout response via the protocol limited by cross-domain restrictions to the single sign-on service that verifies that the user has been successfully logged out of the application; a determination module, stored in memory, that determines that the user is still logged into at least one application managed by the single sign-on service by determining that the application did not send a logout response to the single sign-on service that verifies that the user has been successfully logged out of the application; and at least one processor that executes the identification module, the tracking module, and the determination module. 10. The system of claim 9 , wherein the determination module determines that the application did not send the logout response to the single sign-on service by determining that the application did not send the logout response within a predetermined amount of time. 11. The system of claim 9 , wherein the determination module determines that the application did not send the logout response to the single sign-on service by determining that the application was unresponsive at a time the single sign-on service sent the logout request. 12. The system of claim 9 , wherein a presentation module further tracks the logout status of each application by: presenting to the user, via a graphical user interface, a number of applications that the single sign-on service is attempting to log the user out of; and presenting to the user, via the graphical user interface, the number of applications that the user has been successfully logged out of. 13. The system of claim 12 , wherein the presentation module presents to the user the number of applications that the user has been successfully logged out of by dynamically updating the number of applications that the user has been successfully logged out of as each logout response is received by the single sign-on service. 14. The system of claim 9 , wherein, in response to determining that the user is still logged into the application: a presentation module notifies the user that the user is still logged into the application; and the presentation module prompts the user to log out of the application. 15. The system of claim 14 , wherein the presentation module prompts the user to log out of the application by at least one of: prompting the user to log out of the application directly instead of logging out of the single sign-on service; and prompting the user to close an open browser window rendering the application. 16. The sys

Assignees

Symantec Corp

Inventors

Classifications

H04L63/0815Primary
providing single-sign-on or federations · CPC title
G06F21/50
Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems · CPC title
G06F21/41
where a single sign-on provides access to a plurality of computers · CPC title

Patent family

Related publications grouped by family.

View patent family 59191923

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US9699171B1 cover?: The disclosed computer-implemented method for logging out of cloud-based applications managed by single sign-on services may include (1) identifying an attempt by a single sign-on service to log a user out of a set of cloud-based applications, (2) in response to identifying the attempt to log the user out of the set of applications, tracking a logout status of each application within the set of…
Who is the assignee on this patent?: Symantec Corp
What technology area does this patent fall under?: Primary CPC classification H04L63/0815. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue Jul 04 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B1). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).