Method and system for controlling access to a secondary system
First Claim
1. A method for controlling access of a user to a secondary system, said user being logged on a user system, a primary system connecting the user system to the secondary system, said method comprising:
- receiving first authentication information from the user system;
determining that the first authentication information conforms to protected primary authentication data comprised by the primary system, followed by providing access of the user to the primary system;
after providing access of the user to the primary system, generating a user-specific key from the first authentication information;
deriving second authentication information from protected secondary authentication data comprised by the primary system, said deriving the second authentication information comprising using the user-specific key in conjunction with the protected secondary authentication data; and
providing the second authentication information to the secondary system to enable access of the user to the secondary system, wherein said receiving first authentication information, said determining and providing access, said deriving the second authentication information, and said providing the second authentication information to the secondary system are performed by the primary system.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system for controlling access of a user to a secondary system. The user is logged on a user system. A primary system connects the user system to the secondary system. A first authentication information is received from the user system. After determining that the first authentication information conforms to protected primary authentication data included in the primary system, access of the user to the primary system is provided followed by generation of a user-specific key from the first authentication information. Second authentication information is derived from protected secondary authentication data included in the primary system, by use of the user-specific key in conjunction with the protected secondary authentication data. The second authentication information is provided to the secondary system to enable access of the user to the secondary system.
81 Citations
35 Claims
-
1. A method for controlling access of a user to a secondary system, said user being logged on a user system, a primary system connecting the user system to the secondary system, said method comprising:
-
receiving first authentication information from the user system;
determining that the first authentication information conforms to protected primary authentication data comprised by the primary system, followed by providing access of the user to the primary system;
after providing access of the user to the primary system, generating a user-specific key from the first authentication information;
deriving second authentication information from protected secondary authentication data comprised by the primary system, said deriving the second authentication information comprising using the user-specific key in conjunction with the protected secondary authentication data; and
providing the second authentication information to the secondary system to enable access of the user to the secondary system, wherein said receiving first authentication information, said determining and providing access, said deriving the second authentication information, and said providing the second authentication information to the secondary system are performed by the primary system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A computer program product comprising computer executable instructions for performing a method for controlling access of a user to a secondary system, said user being logged on a user system, a primary system connecting the user system to the secondary system, said method comprising:
-
receiving first authentication information from the user system;
determining that the first authentication information conforms to protected primary authentication data comprised by the primary system, followed by providing access of the user to the primary system;
after providing access of the user to the primary system, generating a user-specific key from the first authentication information;
deriving second authentication information from protected secondary authentication data comprised by the primary system, said deriving the second authentication information comprising using the user-specific key in conjunction with the protected secondary authentication data; and
providing the second authentication information to the secondary system to enable access of the user to the secondary system, wherein said receiving first authentication information, said determining and providing access, said deriving the second authentication information, and said providing the second authentication information to the secondary system are performed by the primary system. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
-
25. A primary system comprising a processor and a computer program product, said computer program product comprising computer executable instructions that when executed by the processor perform a method for controlling access of a user to a secondary system when the user is logged on a user system subject to the primary system connecting the user system to the secondary system, said method comprising:
-
receiving first authentication information from the user system;
determining that the first authentication information conforms to protected primary authentication data comprised by the primary system, followed by providing access of the user to the primary system;
after providing access of the user to the primary system, generating a user-specific key from the first authentication information;
deriving second authentication information from protected secondary authentication data comprised by the primary system, said deriving the second authentication information comprising using the user-specific key in conjunction with the protected secondary authentication data; and
providing the second authentication information to the secondary system to enable access of the user to the secondary system. - View Dependent Claims (26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
-
Specification