Method for authenticating users

US 20030177364A1
Filed: 03/15/2002
Published: 09/18/2003
Est. Priority Date: 03/15/2002
Status: Abandoned Application

First Claim

Patent Images

1. A method of authenticating a user to access a client computer and a remote computer that is coupled to the client computer via the internet:

a) receiving at least one credential from the user;

b) granting the user access to the client computer based in part upon the at least one credential;

c) transmitting the at least one credential from the client computer to an identity provider server; and

d) granting the user access to the remote computer based in part upon the at least one credential.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of authenticating a user to access a client computer and a remote computer, such as a web server or a directory server, which is coupled to the client computer via the Internet. The method includes receiving credential(s) from the user and granting the user access to the client computer based upon the credential(s). The method also includes transmitting the credential(s) from the client computer to an identity provider server and granting the user access to the remote computer based in part upon the credential(s).

59 Citations

View as Search Results

23 Claims

1. A method of authenticating a user to access a client computer and a remote computer that is coupled to the client computer via the internet:
- a) receiving at least one credential from the user;
  
  b) granting the user access to the client computer based in part upon the at least one credential;
  
  c) transmitting the at least one credential from the client computer to an identity provider server; and
  
  d) granting the user access to the remote computer based in part upon the at least one credential.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 2. The method of claim 1, wherein the act of receiving the at least one credential includes receiving the credential before the user is logged into the client computer.
  - 3. The method of claim 1, wherein the act of receiving the at least one credential includes receiving a username before the user is logged into the client computer.
  - 4. The method of claim 1, wherein the act of receiving the at least one credential includes receiving a password before the user is logged into the client computer.
  - 5. The method of claim 4, wherein the act of receiving the password includes generating a cryptographic hash of the password and discarding the password.
  - 6. The method of claim 1, wherein the act of receiving the at least one credential includes receiving the at least one credential by a Microsoft Winlogon program.
  - 7. The method of claim 1, wherein the act of granting the user access to the client computer includes transmitting the at least one credential to the identity provider server.
  - 8. The method of claim 1, wherein the act of granting the user access to the client computer includes transmitting the at least one credential to a server that is administered by an entity that is independent from the entity that administers the identity provider server.
  - 9. The method of claim 1, wherein the act of transmitting the at least one credential from the client computer includes transmitting the at least one credential from the client computer to the remote computer and transmitting the at least one credential from the remote computer to the identity provider server.
  - 10. The method of claim 1, wherein the act of transmitting the at least one credential from the client computer to the remote computer occurs after the user has been granted access to the client computer.
  - 11. The method of claim 1, further comprising displaying a screen on the client computer, the screen containing a first field for receiving the at least one credential.
  - 12. The method of claim 11, wherein the act of displaying the screen on the client computer includes displaying a logon screen.
  - 13. The method of claim 11, wherein the act of displaying the screen containing on the client computer includes displaying a screen that contains a field for receiving a username.
  - 14. The method of claim 11, wherein the act of displaying the screen containing on the client computer includes displaying a screen that contains a field for receiving a password.
  - 15. The method of claim 11, wherein the act of displaying the screen containing on the client computer includes displaying a screen that contains a field for receiving a domain name.
  - 16. The method of claim 1, wherein the act of receiving the at least one credential includes receiving data from a smart card.
  - 17. The method of claim 1, wherein the act of receiving the at least one credential includes receiving data from a digital key.
  - 18. The method of claim 1, wherein the act of receiving the at least one credential includes receiving biometric data.
  - 19. The method of claim 1, wherein the act of granting the user access to the remote computer includes granting the user access to a web server.
  - 20. The method of claim 1, wherein the act of granting the user access to the remote computer includes granting the user access to a secure portion of a web server.
  - 21. The method of claim 1, wherein the act of granting the user access to the remote computer includes granting the user access to a directory server.
  - 22. The method of claim 1, wherein the act of granting the user access to the remote computer includes granting the user access to a secure portion of a directory server.

23. A system for authenticating a user to access a client computer and a remote computer that is coupled to the client computer via the internet, the system comprising:
- a) means for receiving at least one credential from the user;
  
  b) means for granting the user access to the client computer based in part upon the at least one credential;
  
  c) means for transmitting the at least one credential from the client computer to an identity provider server; and
  
  d) means for granting the user access to the remote computer based in part upon the at least one credential.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sun Microsystems Incorporated (Oracle Corporation)
Original Assignee
Sun Microsystems Incorporated (Oracle Corporation)
Inventors
Terranova, Mark C., Walsh, Robert E.

Application Number

US10/099,585
Publication Number

US 20030177364A1
Time in Patent Office

Days
Field of Search
US Class Current

713/182
CPC Class Codes

G06F 21/41 where a single sign-on prov...

Method for authenticating users

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

59 Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

Method for authenticating users

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

59 Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links