公开(公告)号：US12052247B2

公开(公告)日：2024-07-30

申请号：US17740159

申请日：2022-05-09

Applicant: salesforce.com, inc.

Inventor： Adarsh Khare ,  Shruthi Chikkanna ,  Peixuan Jiang ,  Isaac Westlund ,  Hideyuki Komaki ,  Hayk Baluyan ,  Giridharan Sridharan ,  Mitchell Brent DiNicola ,  Ajay Thargan

IPC: H04L9/40 ,  G06F9/455

CPC classification number: H04L63/0884 ,  G06F9/45558 ,  H04L63/0823 ,  G06F2009/45587

Abstract: A system receives an access token generated by a user performing authentication via an authentication device, for example, a smart card. The system obtains a personalized virtual machine assigned to the user. The system exchanges the access token for a temporary certificate having an expiry time. The system provides the temporary certificate that includes verifiable user identity to a personalized virtual machine. The system provides the user with access to the personalized virtual machine. The system allows the user to present verifiable user identity and connect to any of a plurality of systems without requiring the user to authenticate again using the authentication device. After the expiry time of the temporary certificate is exceeded, the system denies subsequent requests from the user to connect to any of the plurality of systems.

公开(公告)号：US20230362162A1

公开(公告)日：2023-11-09

申请号：US17740159

申请日：2022-05-09

Applicant: salesforce.com, inc.

Inventor： Adarsh Khare ,  Shruthi Chikkanna ,  Peixuan Jiang ,  Isaac Westlund ,  Hideyuki Komaki ,  Hayk Baluyan ,  Giridharan Sridharan ,  Mitchell Brent DiNicola ,  Ajay Thargan

IPC: H04L9/40 ,  G06F9/455

CPC classification number: H04L63/0884 ,  H04L63/0823 ,  G06F9/45558 ,  G06F2009/45587

Abstract: A system receives an access token generated by a user performing authentication via an authentication device, for example, a smart card. The system obtains a personalized virtual machine assigned to the user. The system exchanges the access token for a temporary certificate having an expiry time. The system provides the temporary certificate that includes verifiable user identity to a personalized virtual machine. The system provides the user with access to the personalized virtual machine. The system allows the user to present verifiable user identity and connect to any of a plurality of systems without requiring the user to authenticate again using the authentication device. After the expiry time of the temporary certificate is exceeded, the system denies subsequent requests from the user to connect to any of the plurality of systems.