A system provides cloud-based identity and access management. The system receives a request from a client for an identity management service, authenticates the request, and accesses a microservice based on the request. The system determines, based on the request, a tenancy of the client, a tenancy of a user, and a tenancy of a resource. The system retrieves data from the determined tenancies as required to process the request, where the data is retrieved by the microservice using a connection pool that provides connections to the database. The system then performs the identity management service by the appropriate microservice responsible for processing the received request.

An authentication and encryption protocol is provided that can be implemented within a single clock cycle of an integrated circuit chip while still providing unbreakable encryption. The protocol of the present invention is so small that it can co-exist on any integrated circuit chip with other functions, including a general purpose central processing unit, general processing unit, or application specific integrated circuits with other communication related functionality.

A telecommunications network server system provides a digital identifier to a user device. The digital identifier may include identification data corresponding to a user of the user device. In addition, the telecommunications network server system receives, from one or more third-party systems, requests to authenticate the user for an electronic transaction with the respective third-party system. The telecommunications network server system provides a unique electronic transaction code to each third-party system. Responsive to receiving from the user device one of the unique electronic transaction codes, the telecommunications network server system provides, to the respective third-party system, authentication of the user.

A data processing system communicates with a secure third-party database to obtain information about a user that is usable to determine one or more items associated with the user. The system then coordinates gathering and identification of additional data relevant to the user from other third-party data sources, to potentially update the user's information stored with the secure third-party database. The updated information may then be accessed at the secure third-party database to determine items associated with the user, which may include additional items in view of the additional data

Systems and methods are provided for a media provider to allow a user to access media objects with a third-party partner that authenticates the user and authorizes the user to access certain media objects. The media provider offers access to media objects, such as video content or audio content. The partner, through a relationship with the media provider, similarly offers access to the media provider's media objects, for example, as a service or benefit to the partner's customers or users. In particular, a partner integration server mediates user authentication and authorization by the partner. The partner integration server also allows the media provider to easily and flexibly to add and integrate additional partners.

The invention relates to a method for selectively configuring a container that contains an application, wherein user-authentication data are received by a container management component and forwarded via a container applicant to an authorisation server. This server transmits an authorisation response, on the basis of which a decision is made as to whether the application is allowed to be run in the container.

An access processing method and apparatus for remotely controlling a terminal, and a storage medium. The method includes: obtaining identity information of a target user from a user terminal, returning a controllable device set corresponding to the target user to the user terminal based on the identity information, receiving, from the user terminal, a target device identifier selected from the controllable device set, and obtaining verification information of a target device indicated by the target device identifier, the verification information including: access information for accessing the target device, and controlling the verification information to be transmitted to the target device to allow, based on verification of the verification information passing, access and remote control on the target device.

Authorization for access to an application server and associated communication service can be desirably managed. When a device attempts to access an application server and service, an authorization server generates an encrypted token, comprising device identifier information, and communicates the token to the device. The device communicates the token to the application server. The application server communicates the token to the authorization server. The authorization server determines whether the device is validated to access the application server and service based on the encrypted token, private decryption key, and initialization vector, and based on subscriber-related information. The authorization server does not share the private decryption key or initialization vector with the application server. If validated, the authorization server communicates validation-related information, including a permitted portion of subscriber-related information, to the application server. If not validated, the authorization server communicates not-validated information to the application server.

A communication apparatus includes an authentication unit that sets a communication parameter for connecting to a wireless network, and executes authentication processing, with a base station, for registering the communication apparatus to the base station that forms the wireless network, as a management apparatus that is allowed to connect another apparatus to the wireless network, a setting unit that, based on information acquired from code information captured through imaging, sets the communication parameter to another communication apparatus corresponding to the code information, and a registration unit that executes registration processing for registering the other communication apparatus to the base station as the management apparatus, based on at least a condition that the communication parameter is set to the other communication apparatus by the setting unit.

Systems and methods are provided that may be implemented as an identity management system to provide a single sign on to a master website and silent authentication for subservient websites. The identity management system may include an identity provider server and a user management server. The identity provider server may authenticate a user, redirect an authenticated user to the user management server, and receive and verify a silent authentication request including a cryptographic signature and a modified message on behalf of the authenticated user from the user management server.