Patent 8327426

Prior art

Earlier patents, publications, and products that may anticipate or render the claims unpatentable.

Active provider: Google · gemini-2.5-flash

Prior art

Earlier patents, publications, and products that may anticipate or render the claims unpatentable.

✓ Generated

The following patent citations are identified as prior art for US patent 8327426, based on the provided patent text. The analysis for potential anticipation under 35 U.S.C. § 102 is based on the titles and general descriptions of the cited patents, compared against the independent claims (Claims 1, 8, and 14) of US8327426. All listed citations have priority dates preceding the June 1, 2006 priority date of US8327426.

Cited Patent References:

1. US5913025A

  • Full Citation: US5913025A, Novell, Inc., "Method and apparatus for proxy authentication"
  • Publication/Filing Date: Priority Date: 1996-11-14; Publication Date: 1999-06-15
  • Brief Description: This patent generally describes a method and apparatus for authentication through a proxy.
  • Potential Anticipation (35 U.S.C. § 102): This patent anticipates the general concept of "proxy authentication," which is a foundational element in US8327426. However, its title does not suggest the specific features of single sign-on (SSO), transparent proxying across multiple identity services, or the dynamic communication of authentication interaction policies as detailed in Claims 1, 8, and 14 of US8327426. It could potentially anticipate the "authenticating, by the machine, the principal" step (Claim 1) or a generic aspect of proxying.

2. US5991810A

  • Full Citation: US5991810A, Novell, Inc., "User name authentication for gateway clients accessing a proxy cache server"
  • Publication/Filing Date: Priority Date: 1997-08-01; Publication Date: 1999-11-23
  • Brief Description: This patent describes a system for user name authentication for clients accessing a proxy cache server via a gateway.
  • Potential Anticipation (35 U.S.C. § 102): Similar to US5913025A, this reference broadly covers user authentication and proxying, specifically in the context of a proxy cache server. It likely anticipates general authentication and proxy concepts but lacks the specific multi-identity service SSO architecture and transparent proxying of services described in US8327426's independent claims.

3. US6182141B1

  • Full Citation: US6182141B1, Intel Corporation, "Transparent proxy server"
  • Publication/Filing Date: Priority Date: 1996-12-20; Publication Date: 2001-01-30
  • Brief Description: This patent describes a proxy server designed to operate transparently to the client.
  • Potential Anticipation (35 U.S.C. § 102): This patent is highly relevant as it explicitly teaches a "transparent proxy server." This directly anticipates the "transparently to the principal" aspect mentioned in Claim 1 and Claim 8, and the "principal believes that the principal is directly interacting with the target service" in Claim 14. While it establishes the transparency of proxying as prior art, it may not anticipate the complex SSO features, authentication message structures between multiple identity services, or policy-driven determination of authentication interactions found in US8327426.

4. US6421768B1

  • Full Citation: US6421768B1, First Data Corporation, "Method and system for authentication and single sign on using cryptographically assured cookies in a distributed computer environment"
  • Publication/Filing Date: Priority Date: 1999-05-04; Publication Date: 2002-07-16
  • Brief Description: This patent describes a method and system for achieving single sign-on (SSO) using cryptographically secured cookies in a distributed computing environment.
  • Potential Anticipation (35 U.S.C. § 102): This patent is highly relevant due to its explicit teaching of "single sign on" in a "distributed computer environment." This directly anticipates the fundamental SSO objective of US8327426, as outlined in Claims 1, 8, and 14. While the specific mechanism (cryptographically assured cookies) and potentially the precise multi-identity service proxying architecture of US8327426 may differ, the core concept of a single authentication granting access to multiple services is taught.

5. US6728885B1

  • Full Citation: US6728885B1, Networks Associates Technology, Inc., "System and method for network access control using adaptive proxies"
  • Publication/Filing Date: Priority Date: 1998-10-09; Publication Date: 2004-04-27
  • Brief Description: This patent describes a system and method for controlling network access using proxies that can adapt their behavior.
  • Potential Anticipation (35 U.S.C. § 102): The concept of "adaptive proxies" and "network access control" could potentially anticipate elements related to policy-driven decision making ("dynamic and real-time evaluation of policies" in Claim 8) and general proxy functionality. However, it does not explicitly disclose the comprehensive SSO framework involving specific authentication message exchanges between distinct identity services for transparent service proxying as claimed in US8327426.

6. US20040128392A1

  • Full Citation: US20040128392A1, International Business Machines Corporation, "Method and system for proof-of-possession operations associated with authentication assertions in a heterogeneous federated environment"
  • Publication/Filing Date: Priority Date: 2002-12-31; Publication Date: 2004-07-01
  • Brief Description: This patent describes using "authentication assertions" for proof-of-possession in "heterogeneous federated environments."
  • Potential Anticipation (35 U.S.C. § 102): This patent is highly relevant. US8327426 extensively uses "authentication statements" or "tokens" (which can be assertions, as noted in the patent description) and operates in an environment with a first and second "identity service," which constitutes a "federated environment." This reference could potentially anticipate significant aspects of the inter-identity service communication, the use of assertions to vouch for authentication, and the fundamental idea of federated identity management, particularly affecting Claims 1, 8, and 14.

7. US20050015490A1

  • Full Citation: US20050015490A1, Saare John E., "System and method for single-sign-on access to a resource via a portal server"
  • Publication/Filing Date: Priority Date: 2003-07-16; Publication Date: 2005-01-20
  • Brief Description: This patent describes a system and method for providing single sign-on (SSO) access to a resource through a portal server.
  • Potential Anticipation (35 U.S.C. § 102): This patent directly teaches "single-sign-on access to a resource." Similar to US6421768B1, it anticipates the core SSO concept found across Claims 1, 8, and 14 of US8327426. The "via a portal server" might specify a particular implementation, but the overarching principle of SSO is present.

8. US6892307B1

  • Full Citation: US6892307B1, Sun Microsystems, Inc., "Single sign-on framework with trust-level mapping to authentication requirements"
  • Publication/Filing Date: Priority Date: 1999-08-05; Publication Date: 2005-05-10
  • Brief Description: This patent describes a single sign-on framework that incorporates mapping of trust levels to specific authentication requirements.
  • Potential Anticipation (35 U.S.C. § 102): This patent is highly relevant. It directly teaches a "Single sign-on framework" and, critically, "trust-level mapping to authentication requirements." This strongly anticipates the policy-driven determination of authentication interactions (e.g., single vs. multiple interactions) as described in Claim 1, and the reliance on trusted relationships between identity services (Claims 8 and 14) to facilitate authentication for SSO.

9. US20050193427A1

  • Full Citation: US20050193427A1, Pramod John, "Secure enterprise network"
  • Publication/Filing Date: Priority Date: 2004-02-26; Publication Date: 2005-09-01
  • Brief Description: This patent describes a secure enterprise network.
  • Potential Anticipation (35 U.S.C. § 102): The title "Secure enterprise network" is very broad. Without further details from the patent itself, it is difficult to determine specific anticipation of the detailed SSO and proxy service features of US8327426's claims. It likely covers general security principles rather than the specific inventive concepts.

10. US20060021010A1

  • Full Citation: US20060021010A1, International Business Machines Corporation, "Federated identity brokering"
  • Publication/Filing Date: Priority Date: 2004-06-28; Publication Date: 2006-01-26
  • Brief Description: This patent describes the concept of brokering identities in a federated environment.
  • Potential Anticipation (35 U.S.C. § 102): This is arguably one of the most relevant prior art citations. "Federated identity brokering" precisely describes the core interaction between the first and second identity services in US8327426. Claim 8 describes an "original identity service acting as a proxy on behalf of the principal" to another "identity service." Claim 14 details a "first identity service" facilitating the issuance of a token by a "second identity service" based on a trusted relationship, and then proxying services. This patent has a very high potential to anticipate the core federated identity, multi-identity service interaction, and proxying logic embedded in Claims 1, 8, and 14.

11. US20070143836A1

  • Full Citation: US20070143836A1, Quest Software, Inc., "Apparatus system and method to provide authentication services to legacy applications"
  • Publication/Filing Date: Priority Date: 2005-12-19; Publication Date: 2007-06-21
  • Brief Description: This patent describes an apparatus, system, and method for providing authentication services specifically to legacy applications.
  • Potential Anticipation (35 U.S.C. § 102): While it deals with "authentication services," its specific focus on "legacy applications" likely narrows its scope. It might anticipate general authentication service provision but is less likely to anticipate the broader, transparent SSO with proxy services for various external services, particularly the sophisticated inter-identity service communication and service token exchange described in US8327426's independent claims.

Most Relevant Prior Art:

Based on the titles and their direct alignment with the key features of US8327426's independent claims (Claims 1, 8, and 14), the following patents are identified as the most relevant prior art:

  • US20060021010A1 ("Federated identity brokering"): Directly addresses the multi-identity service interaction, where one identity service acts on behalf of a principal to another, which is a central theme of Claims 1, 8, and 14.
  • US20040128392A1 ("Method and system for proof-of-possession operations associated with authentication assertions in a heterogeneous federated environment"): Highly relevant to the use of authentication assertions/tokens and the operation within a federated environment of multiple identity services, as described in Claims 1, 8, and 14.
  • US6892307B1 ("Single sign-on framework with trust-level mapping to authentication requirements"): Directly teaches an SSO framework that incorporates trust levels to determine authentication requirements, which is a key aspect of Claim 1's policy-driven interaction determination and the trusted relationships in Claims 8 and 14.
  • US6421768B1 ("Method and system for authentication and single sign on using cryptographically assured cookies in a distributed computer environment"): Fundamentally teaches "single sign on" in a distributed environment, directly anticipating the core SSO aspect of all independent claims.
  • US6182141B1 ("Transparent proxy server"): Directly teaches the "transparent proxy" concept, which is a specific element of Claim 1, Claim 8, and Claim 14 related to the principal's perception of direct interaction.

Generated 5/25/2026, 6:46:21 AM