Aggregated authenticated identity apparatus for and method therefor
First Claim
1. An authentication method comprising the steps of:
- generating a first security context in response to a first user authentication;
generating a second security context in response to a second user authentication, wherein said second security context aggregates said first security context and a security context corresponding to an identity in said second user authentication.
1 Assignment
0 Petitions
Accused Products
Abstract
An apparatus and method for authenticating users on a data processing system is implemented. The present invention provides for aggregating authenticated identities and related authorization information. A security context created in response to a first user logon is saved in response to a second logon. A composite or aggregate security context is created based on the identity passed in the second logon. Access may then be granted (or denied) based on the current, aggregated security context. Upon logout of the user based on the second identity, the aggregate security context is destroyed, and the security context reverts to the context previously saved.
-
Citations
24 Claims
-
1. An authentication method comprising the steps of:
-
generating a first security context in response to a first user authentication;
generating a second security context in response to a second user authentication, wherein said second security context aggregates said first security context and a security context corresponding to an identity in said second user authentication. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer program product embodied in a tangible storage medium, the program product comprising a program of instructions for performing the method steps of:
-
generating a first security context in response to a first user authentication;
generating a second security context in response to a second user authentication, wherein said second security context aggregates said first security context and a security context corresponding to an identity in said second user authentication. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 18, 19, 20, 21, 22, 23, 24)
-
-
17. A data processing system comprising:
-
circuitry operable for generating a first security context in response to a first user authentication;
circuitry operable for generating a second security context in response to a second user authentication, wherein said second security context aggregates said first security context and a security context corresponding to an identity in said second user authentication.
-
Specification