The present invention relates to computerized systems, software and methods for administratively or voluntarily logging out a validly logged-in cloud based service user. Logging out users of a cloud based service presents a challenge for a number of reasons.
First, shared service accounts arise in a variety of ways. Hotels, Coffee Shops, internet cafes, internet kiosks, etc provide internet access to its customers. The customer's internet access is short-lived, lasting from a couple of minutes to a couple of days. Shared accesses also occur in enterprises where partners, vendors, contract workers, students, share service accounts in a time multiplexed manner. In all these scenarios, though the number of concurrent users is small, the number of unique visitors over a period of time is significantly large. Such shared service usage occurs in retail shops, conference venues, exhibition halls, etc. An efficient and secure logout operation facilitates provision of safe and confidential internet access through shared service accounts.
Next, a secure logout can prevent usage of the accounts using stolen laptops and other computing devices which may have the logged-in tokens. As used herein, logged-in tokens are tokens that encode the logged-in state in some form and facilitate the cloud based service without further authentication.
In addition, stolen or compromised login credentials can lead to multiple service logins from multiple locations and can be prevented using a logout operation coupled with change of user name and password. The forgoing discusses why a simple change of password is not sufficient.
Finally, a secure logout operation can provide a cloud service provider to instantaneously administratively suspend user services at any time such as due to non-payment of the services rendered or compromised credentials. User services may be re-established after such a problem is cleared.
For at least the above reasons, a logout operation that prevents the use of account beyond a defined period is useful. Such a period may be administratively decided or user mandated.
One known method to implement logout operation is to maintain the logged-in state in a centralized service node. The state can be changed by a logout operation. However every user access needs to check the login state. For cloud based services, the user population is so large that the centralized services could easily be overwhelmed by the login state checks. Moreover, when the centralized node fails, authenticated users are unable to proceed.
Another method used by the popular instant messaging systems is that of notifying the service nodes about the user presence. Instead of checking the logged-in status every time, any change in status is communicated to the service nodes. Though this approach reduces the communication overhead to a greater extent, any link failures between the centralized node and the service node would make the system unable to logout users.
A third known method used by cloud based services stores the logged-in information in the client computing device itself, notably in the form of cookies. The logged-in state is then cleared by clearing the cookies. Though this is a scalable alternative, it suffers from the following defects.
Users may forget to clear the cookies and it would become an administrative overhead.
Administrator might want to perform logout, but users may have done the login in multiple systems.
When a group of user's need to be administratively logged-out, even users at remote locations, the mechanism of clearing the cookies does not work.
Stolen or lost computers may have cookies; an administrative logout cannot be performed.
Selective clearing of cookies is time consuming as there will be cookies related to the login state as well as cookies related to other state management. Collective clearing would invalidate other application states.
Two existing approaches to logout user sessions from a cloud based service using the cookie approach are through (i) automatic expiration of cookies and (ii) through explicit flushing of cookies through a logout program or through user's action of clearing cookies of all kinds. However, the cookie expiration is not communicated to the system, and the system can still accept the same cookies. Hence, the tokens may be used to login to the service. A modified approach is to maintain session on the server and clear the session when the cookies are expired. Computing the expiration time in relation to user's intended usage time becomes difficult, if not infeasible.