Method and System for the Storage of Authentication Credentials
First Claim
Patent Images
1. A method of controlling access to host access credentials required to access a resource on a host computer system by a process running on a client computer system, the method comprising the steps of:
- storing the host access credentials in a restricted access directory;
receiving directory access credentials from the client process;
authenticating the received directory access credentials;
receiving a request for the host access credentials from the authenticated client process, the request identifying a user of the client computer system;
determining whether the user of the client computer system is authorised to access the host access credentials stored in the directory; and
in response to determining that the user of the client computer system is authorised to access the host access credentials, providing the requested host access credentials to the authenticated client process.
1 Assignment
0 Petitions
Accused Products
Abstract
A method, apparatus and computer program product for controlling access to host access credentials required to access a host computer system by a client application is provided. The host access credentials are stored in a restricted access directory. The method comprises authenticating directory access credentials received from a client application. The authenticated client application then requests the host access credentials and a determination as to whether the authenticated client process is authorized to access the requested host access credentials, and, if authorized, these are provided to the client application.
-
Citations
12 Claims
-
1. A method of controlling access to host access credentials required to access a resource on a host computer system by a process running on a client computer system, the method comprising the steps of:
-
storing the host access credentials in a restricted access directory; receiving directory access credentials from the client process; authenticating the received directory access credentials; receiving a request for the host access credentials from the authenticated client process, the request identifying a user of the client computer system; determining whether the user of the client computer system is authorised to access the host access credentials stored in the directory; and in response to determining that the user of the client computer system is authorised to access the host access credentials, providing the requested host access credentials to the authenticated client process. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A data processing apparatus for controlling access to host access credentials required to access a resource on a host computer system by a process running on a client computer system the host access credentials being stored in a restricted access field of a directory, the data processing apparatus comprising:
-
a receiving component for receiving messages from the client process; an authentication component for authenticating a client process using directory access credentials received from a client process; and a query component for querying the directory for the requested host access credentials in response to a request for the host access credentials from an authenticated client process, the request identifying a user of the client computer system, for determining whether the user of the authenticated client process is authorised to access the host access credentials stored in the directory, and for providing the host access credentials if the user of the client computer system is determined to be authorised to access the host access credentials. - View Dependent Claims (11)
-
-
12. A computer program product having a set of instructions to cause a computer to perform a method of controlling access to host access credentials required to access a resource on a host computer system by a process running on a client computer system, the method comprising:
-
storing the host access credentials in a restricted access directory; receiving directory access credentials from the client process; authenticating the received directory access credentials; receiving a request for the host access credentials from the authenticated client process, the request identifying a user of the client computer system; determining whether the user of the client computer system is authorised to access the host access credentials stored in the directory; and in response to determining that the user of the client computer system is authorised to access the host access credentials, providing the requested host access credentials to the authenticated client process.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeInternational Business Machines Corporation
-
Original AssigneeInternational Business Machines Corporation
-
InventorsHavercan, Peter Edward
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current726/6
-
CPC Class CodesG06F 21/10 Protecting distributed prog...G06F 21/33 using certificatesG06F 21/6218 to a system of files or obj...G11B 20/00086 Circuits for prevention of ...H04L 63/08 for authentication of entit...H04L 63/0815 providing single-sign-on or...
