What technology area does this patent fall under?

Primary CPC classification G06F21/41. Mapped technology areas include Physics.

When was this patent published?

Publication date Tue Sep 19 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Session activity tracking for session adoption across multiple data centers

US9769147B2 · US · B2

Patent metadata
Field	Value
Publication number	US-9769147-B2
Application number	US-201514754222-A
Country	US
Kind code	B2
Filing date	Jun 29, 2015
Priority date	Jun 29, 2015
Publication date	Sep 19, 2017
Grant date	Sep 19, 2017

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

Techniques are disclosed for managing session activity of SSO access across multiple data centers. Session activity of SSO access is managed across multiple geographically disperse computing systems clustered together to form a multi-data center (MDC) system. A first data center in the MDC system may implement session adoption to manage an SSO session of the user in the MDC system. Information about subsequent sessions established by other data centers may be adopted by the first data center. The first data center may obtain session activity data from each session that is adopted for the user. The session activity may be used to determine whether SSO session is active for the user across data centers in the MDC system. Authorization to access a resource at any data center in the MDC system may be granted based on the status of the SSO session using session adoption among the data centers.

First claim

Opening claim text (preview).

What is claimed is: 1. A method comprising: establishing a first session for a user at a first computing system, wherein the first session is established based on authentication of the user; receiving, by the first computing system, from a second computing system, a session adoption request for the first computing system to adopt a second session for the first session, wherein the second session provides the user with access to a resource managed by the second computing system; storing, by the first computing system, session adoption data indicating an association between the second session and the first session for the user; detecting that the first session has expired; requesting, by the first computing system, based on the session adoption data, session activity data of the second session from the second computing system; determining, based on the session activity data, that the second session has not expired; and upon determining that the second session has not expired, providing authentication to the user for the first session. 2. The method of claim 1 , wherein the first session is different from the second session, and wherein the second session is established based on determining authorization for the user to access the resource. 3. The method of claim 1 , wherein the first computing system is located at a first geographical location that is different from a second geographical location of the second computing system. 4. The method of claim 1 , further comprising: based upon receiving the session adoption request, sending, to the second computing system, session data corresponding to the first session for the user, wherein the second session is established using the session data for the user at the second computing system. 5. The method of claim 1 , wherein requesting session activity data includes: identifying, based on the session adoption data, the second session as adopted by the first session; sending a request to the second computing system for the session activity data of the second session for the user; and receiving the session activity data from the second computing system. 6. The method of claim 1 , wherein detecting that the first session has expired includes determining, based on the session activity, that the first session is inactive for a threshold time period, and wherein the authentication of the user to the first session is based on satisfying the threshold time period. 7. The method of claim 6 , wherein authentication is provided to the user for the first session based on determining, using the session activity data, that the second session is active for the threshold time period. 8. The method of claim 6 , wherein the session activity data indicates that the second session has not expired, and wherein the second session has not expired when the second session is active for the threshold time period. 9. The method of claim 1 , wherein authorization for the user to access the resource is provided based on authentication of the user. 10. The method of claim 1 , further comprising: receiving, by the first computing system, from a third computing system, a session adoption request for the first computing system to adopt a third session for the first session, wherein the third session provides the user with access to a resource managed by the third computing system, and wherein the resource managed by the third computing system is different from the resource managed by the second computing system; and updating the session adoption data to indicating an association between first session, the second session, and the third session for the user. 11. The method of claim 10 , further comprising: requesting, based on the session adoption data, session activity data of the third session from the third computing system; upon determining that the first session has expired and that the second session has expired, determining, based on the session activity data, that the third session has not expired; and upon determining that the third session has not expired, providing authentication to the user for the first session. 12. The method of claim 1 , wherein the first computing system and the second computing system are included in a multi-data center (MDC) system. 13. A system comprising: a first computing system and a second computing system communicatively coupled to each other; and wherein the first computing system performs operations to: establish a first session for a user at a first computing system, wherein the first session is established based on authentication of the user; receive, from a second computing system, a session adoption request for the first computing system to adopt a second session for the first session, wherein the second session provides the user with access to a resource managed by the second computing system; based upon receiving the session adoption request, send, to the second computing system, session data corresponding to the first session for the user; store session adoption data indicating an association between the second session and the first session for the user; detect that the first session has expired; request, based on the session adoption data, session activity data of the second session from the second computing system; determine, based on the session activity data, that the second session has not expired; and upon determining that the second session has not expired, provide authentication to the user for the first session; and wherein the second computing system performs operations to: receive a request for the user to access the resource managed by the second computing system; upon determining that the second session has not been established, send the session adoption request to the first computing system; receive the session data from the first computing system; establish, using the session data, the second session for the user to access the resource; and in response to the request for session activity data, send the session activity data of the second session to the first computing system. 14. The system of claim 13 , wherein the first computing system is located at a first geographical location that is different from a second geographical location of the second computing system. 15. The system of claim 13 , wherein the first computing system communicates with the second computing system using an open access protocol (OAP). 16. A non-transitory computer-readable medium storing a set of instructions that are executable by one or more processors to: establish a first session for a user at a first computing system, wherein the first session is established based on authentication of the user; receive, by the first computing system, from a second computing system, a session adoption request for the first computing system to adopt a second session for the first session, wherein the second session provides the user with access to a resource managed by the second computing system; store, by the first computing system, session adoption data indicating an association between the second session and the first session for the user; detect that the first session has expired; request, by the first computing system, based on the session adoption data, session activity data of the second session from the second computing system; determine, based on the session activity data, that the second session has not expired; and upon determining that the second session has not expired, provide authentication to the user for the first session. 17. The non-transitory computer-readable medium of

Assignees

Oracle Int Corp

Inventors

Classifications

H04L63/0846
using time-dependent-passwords, e.g. periodically changing passwords · CPC title
H04L63/10
for controlling access to devices or network resources · CPC title
H04L67/142
Managing session states for stateless protocols; Signalling session states; State transitions; Keeping-state mechanisms · CPC title
G06F21/41Primary
where a single sign-on provides access to a plurality of computers · CPC title
H04L65/1066
Session management · CPC title

Patent family

Related publications grouped by family.

View patent family 57601359

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US9769147B2 cover?: Techniques are disclosed for managing session activity of SSO access across multiple data centers. Session activity of SSO access is managed across multiple geographically disperse computing systems clustered together to form a multi-data center (MDC) system. A first data center in the MDC system may implement session adoption to manage an SSO session of the user in the MDC system. Information …
Who is the assignee on this patent?: Oracle Int Corp
What technology area does this patent fall under?: Primary CPC classification G06F21/41. Mapped technology areas include Physics.
When was this patent published?: Publication date Tue Sep 19 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).