[미국특허]
Secure access to a unified logon-enabled data store
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
H04L-009/00
G06F-017/40
출원번호
US-0513065
(2000-02-24)
발명자
/ 주소
Hsing, Chi-Pei Michael
Yaung, Alan Tsu-I
출원인 / 주소
International Business Machines Corporation
대리인 / 주소
Sughrue Mion, PLLC
인용정보
피인용 횟수 :
28인용 특허 :
14
초록▼
A secure access system provides security for a computer connected to a data store. Initially, an authentication key, a user name, and a computer identifier are received. The authentication key is parsed to obtain a parsed user name and computer identifier. The parsed user name and computer identifie
A secure access system provides security for a computer connected to a data store. Initially, an authentication key, a user name, and a computer identifier are received. The authentication key is parsed to obtain a parsed user name and computer identifier. The parsed user name and computer identifier are validated using the received user name and computer identifier. Additionally, if the received user name and computer identifier are validated, the authentication key is parsed to obtain a server user identifier and a server password. Then, the parsed server user identifier and server password are used to connect to a database server computer.
대표청구항▼
1. A method of providing security for a computer connected to a data store via a server, the method comprising;generating an authentication key based on a user name, and a computer identifier, and a server user identifier;receiving the authentication key, the user name, and the computer identifier;p
1. A method of providing security for a computer connected to a data store via a server, the method comprising;generating an authentication key based on a user name, and a computer identifier, and a server user identifier;receiving the authentication key, the user name, and the computer identifier;parsing the authentication key to obtain a parsed user name, computer identifier, and server user identifier; andvalidating the received user name and computer identifier using the parsed user name and computer identifier; andwhen the received user name and the computer identifier match the parsed user name and the computer identifier, using the parsed server user identifier to access the server,wherein the user accesses the data store via the server using the generated authentication key, and wherein, when the server user identifier changes, a new authentication key is generated for the user and the user accesses the data store via the server using the new authentication key.2. The method of claim 1, wherein validating comprises determining whether the received user name and computer identifier match the parsed user name and computer identifier.3. The method of claim 2, wherein a match indicates that the received user name and computer identifier are valid.4. The method of claim 1, further comprising, before parsing, decrypting the authentication key.5. The method of claim 1, further comprising, if the received user name and computer identifier are valid, logging onto the server with the server user identifier and a server password.6. The method of claim 5, further comprising, parsing the authentication key to obtain the sever user identifier and server password.7. The method of claim 6, wherein multiple users share one server user identifier and server password.8. The method of claim 1, wherein the computer is connected to a client and the server and wherein the authentication key is generated with a client user name, a client computer identifier, the server user identifier, and a server password.9. The method of claim 8, further comprising encrypting the authentication key.10. The method of claim 8, further comprising forwarding the authentication key to a user.11. The method of claim 1, wherein the computer is connected to a client and the server, and further comprising;at the client, transmitting the authentication key, a client user name, and a client computer identifier to the server; andat the computer,intercepting the authentication key; andif the user name and computer identifier are valid, logging onto the server.12. An apparatus for providing security, comprising:a computer having a server connected thereto to access a data store;one or more Computer programs, performed by the computer, for generating an authentication key based on a user name and a computer identifier, said authentication key includes a server user name, receiving the authentication key, the user name, and the computer identifier, parsing the authentication key to obtain a parsed user name, computer identifier, and server user name, and validating the received user name and computer identifier using the parsed user name and computer identifier,wherein the user uses the parsed server user name to access the data store via the server, andwherein, when the server user name changes, a new authentication key is generated for the user and the user accesses the data store via the server using the changed server user name obtained from parsing the new authentication key.13. The apparatus of claim 12, wherein validating comprises determining whether the received user name and computer identifier match the parsed user name and computer identifier.14. The apparatus of claim 13, wherein a match indicates that the received user name and computer identifier are valid.15. The apparatus of claim 12, further comprising, before parsing, decrypting the authentication key.16. The apparatus of claim 12, further comprising, if the received user name and computer identifier are valid, logging onto the server with the server user identifier and server password.17. The apparatus of claim 16, further comprising, parsing the authentication key to obtain the server user identifier and server password.18. The apparatus of claim 17, wherein multiple users share one server user identifier and server password.19. The apparatus of claim 12, wherein the computer is connected to a client and the server and wherein the authentication key is generated with a client user name, a client computer identifier, the server user identifier, and a server password.20. The apparatus of claim 19, further comprising encrypting the authentication key.21. The apparatus of claim 19, further comprising forwarding the authentication key to a user.22. The apparatus of claim 12, wherein the computer is connected to a client and the server, and further comprising:at the client, transmitting the authentication key, a client user name, and a client computer identifier to the server; andat the computer,intercepting the authentication key; andif the user name and computer identifier are valid, logging onto the server.23. An article of manufacture comprising a computer program carrier readable by a computer connected to a server and embodying one or more instructions executable by the computer to perform method steps for providing security to the server connected to a data store, the method comprising:generating an authentication key that includes a server user identifier, based on a user name and a computer identifier;receiving the authentication key, the user name, and the computer identifier;parsing the authentication key to obtain a parsed user name, computer identifier, and server user name; andvalidating the received user name and computer identifier using the parses user name and computer identifier,wherein the user uses the parsed server user name to access the data store via the server, andwherein, when the server name changes, a new authentication key is generated for the user and the user accesses the data store via the server using the changed server user name obtained from parsing the new authentication key.24. The article of manufacture of claim 23, wherein validating comprises determining whether the received user name and computer identifier match the parsed user name and computer identifier.25. The article of manufacture of claim 24, wherein a match indicates that the received user name and computer identifier are valid.26. The article of manufacture of claim 23, further comprising, before parsing, decrypting the authentication key.27. The article of manufacture of claim 23, further comprising, if the received user name and computer identifier are valid, logging onto the server connected to the computer with the server user identifier and server password.28. The article of manufacture of claim 27, further comprising, parsing the authentication key to obtain the server user and server password.29. The article of manufacture of claim 28, wherein multiple users shared one server user identifier and server password.30. The article manufacture of claim 23, wherein the computer is connected to a client and the server and wherein the authentication key is generated with a client user name, a client computer identifier, the server user identifier, and a server password.31. The article of manufacture of claim 30, further comprising encrypting the authentication key.32. The article of manufacture of claim 30, further comprising forwarding the authentication key to a user.33. The article of manufacture of claim 23, wherein the computer is connected to a client and the server, and further comprising:at the client, transmitting the authentication key, a client user name, and a client computerat the computer,intercepting the authentication key; andif the user name and computer identifier are valid, logging onto the server.34. The method of claim 8, wherein the generated authentication key for access to the server is sent to a user, and further comprises a server password, and wherein when the server password changes, a unique new authentication key based on the server user identifier and the server password is sent to the user.35. The method of claim 34, wherein when the client transmits the generated authentication key, the user name and the computer identifier, to the server, the authentication key is intercepted and validated by the computer.36. The method of claim 35, wherein when the computer determines that the received user name and the computer identifier match the parsed user name and the computer identifier, the computer parses the authentication key to obtain the server user identifier and the server password.37. The method of claim 36, wherein the parsed server use identifier and the parsed server password is transmitted to the serve, connecting the client computer to the server.38. The method of claim 8, wherein the authentication key comprises the computer identifier split into portions and the portions being interposed between the user name, the server user identifier and the server password prior to encryption.39. The method according to claim 8, wherein the computer identifier is an IP address.40. A method of facilitating security maintance in a secure access to a data store via a server, the method comprising:each time the user logs onto a client workstation with a computer identifier, generation an authentication key based on a server identifier, a server password, a user name, and the computer identifier;receiving the authentication key, the user name, and the computer identifier;parsing the authentication key to obtain a parsed user name, computer identifier server identifier, and server password; andvalidating the received user name and computer identifier using the parsed user name and computer identifier; andaccessing the data store via the server using the parsed server identifier and the parsed server password,wherein when the administrator changes the server password a new authentication key is generated and transmitted to the user for access to the data store.41. The method of claim 1, wherein the authentication key comprises a plurality of fields, and wherein a first field type stores a portion of the computer identifier, a second field type stores at least one the server user identifier, a server password, the user name, and a third field type comprises a separator.42. The method of claim 1, wherein the user accesses the data store via the server using a unique authentication key generated using the user name, the computer identifier, the server user identifier, and a server password that corresponds to the server user identifier, and wherein, when the administrator changes the server password, a new authentication key is generated for the user and the user accesses the data store via the server using the new authentication key.43. The method of claim 1, wherein a plurality of authentication keys for different users are generated using the server user identifier, and wherein, when the server user identifier changes, a plurality of new authentication keys are generated for the different users and each of the generated plurality of new authentication keys is transmitted to respective user.
Cohen Richard Jay ; Forsberg Richard Allen ; Kallfelz ; Jr. Paul A. ; Meckstroth John Robert ; Pascoe Christopher James ; Snow-Weaver Andrea Lynn, Coordinating user target logons in a single sign-on (SSO) environment.
Blakley ; III George R. (Austin TX) Hickerson L. Brooks (Austin TX) Milman Ivan M. (Austin TX) Gittins Robert S. (Woodland Park CO) Scheer Douglas B. (Boynton Beach FL) Wilson John H. (Austin TX), Method and system for providing a user access to multiple secured subsystems.
Sadovsky Vladimir (Kirkland WA), Method for providing access to independent network resources by establishing connection using an application programming.
Jin Jane Jiaying ; Chu Jie ; Dos Santos Maria Alice ; Lou Shuxian ; Xu Xi ; Zhang Shujin, Method for providing single step log-on access to a differentiated computer network.
Wu Tajen R. ; Shannon William A. ; Fronberg Paul ; Stephenson Donald R. ; Samar Vipin, Pluggable account management interface with unified login and logout and multiple user authentication services.
Sokal Wayne G.,CAX ; Carthy Kevin R.,CAX, Public accessible terminal capable of opening an account for allowing access to the internet and E-mail by generating I.
Stephen Michael Cole ; Jeffrey Alan Schanhals ; George William Vallillee, IV, System and method for supporting a worker in a distributed work environment.
Wagner, Matthew J.; Ali, Valiuddin; Novoa, Manuel, System, method and apparatus for transparently granting access to a selected device using an automatically generated credential.
Sureshchandra, Jayesh; Luh, Addison, Systems and methods for logging into an application on a second domain from a first domain in a multi-tenant database system environment.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.