| 发明名称 |
Authenticating using cloud authentication |
| 摘要 |
An authentication mechanism in a local area network may use a cloud authentication mechanism to allow or deny authentication requests. A user may gain access within a local area network by entering a cloud identification and password, which may be verified by a cloud authentication mechanism. If the authentication is successful from the cloud authentication mechanism, the user identification and password are stored locally for subsequent authentication requests. In some embodiments, the cloud password may be periodically flushed so that subsequent requests may be passed to the cloud authentication mechanism. The authentication mechanism may be used in both domain and workgroup local area networks, and may operate in parallel with other users who may have local area network or client credentials which may not be authenticated from the cloud. |
| 申请公布号 |
US8955082(B2) |
申请公布日期 |
2015.02.10 |
| 申请号 |
US201314077203 |
申请日期 |
2013.11.11 |
| 申请人 |
Microsoft Corporation |
发明人 |
Mazur Leszek;Xie Jianhui;Daniel Sean D.;Saretto Cesare John |
| 分类号 |
G06F7/04;H04L29/06;H04L9/32;G06F21/31 |
主分类号 |
G06F7/04 |
| 代理机构 |
|
代理人 |
Gabryjelski Henry;Drakos Kate;Minhas Micky |
| 主权项 |
1. A domain server comprising:
a processor; a local area network connection to a plurality of client devices; a wide area network connection to a cloud authentication mechanism; a database comprising user identification and passwords; a domain authentication mechanism configured to perform a method comprising:
receiving a first authentication request from a first client device, said authentication request comprising a first user identification and a first password;transmitting said first user identification and said first password to said cloud authentication mechanism;receiving a first acceptance token from said cloud authentication mechanism;based on said first acceptance token, storing said first user identification and said first password in said database;transmitting a second acceptance token to said first client device;receiving a second authentication request from said first client device, said second authentication request comprising said first user identification and a second password;checking said database to determine that said first user identification and said second password do not match said database;transmitting said first user identification and said second password to said cloud authentication mechanism,receiving a third acceptance token from said cloud authentication mechanism; and
based on said third acceptance token, transmitting a fourth acceptance token to said first client device and updating said database by removing said first password and storing said second password. |
| 地址 |
Redmond WA US |
