Simplified management of authentication credentials for unattended applications
First Claim
1. A system for providing unattended authorization to a requesting software application to access resources, the system comprising:
- a credentials manager (CM) module in a credentials manager node for authorizing access to said resources by said requesting software application;
a server password manager (SPM) module resident on a node on which said requesting software application is resident, said SPM module being for receiving a request of said requesting software application and for transmitting said request to said CM module, said SPM module uniquely identifying itself to said CM module;
whereinsaid SPM module and said requesting software application are previously authenticated by and registered with said CM module.
3 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for unattended authentication of software applications to provide these applications with access to shared resources. A server password manager (SPM) module resident on a node also occupied by a requester software application requesting access to resources receives the requestor'"'"'s request. The SPM module creates a request package containing the requestor'"'"'s information as well as the node'"'"'s identifying information. The request package is then transmitted to a credentials manager (CM) module in a CM node. The request package, encrypted by the SPM module with encryption keys previously generated by the CM module, is decrypted by the CM module. The contents are checked against data stored by the CM module regarding the SPM module and the requestor application when these were registered with the CM. If the data matches, then the CM provides credentials which are used to give the requestor application access to the requested resources.
-
Citations
13 Claims
-
1. A system for providing unattended authorization to a requesting software application to access resources, the system comprising:
-
a credentials manager (CM) module in a credentials manager node for authorizing access to said resources by said requesting software application; a server password manager (SPM) module resident on a node on which said requesting software application is resident, said SPM module being for receiving a request of said requesting software application and for transmitting said request to said CM module, said SPM module uniquely identifying itself to said CM module; wherein said SPM module and said requesting software application are previously authenticated by and registered with said CM module. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method for requesting authorization for access to resources for a requesting software application, the method comprising:
-
a) receiving a request for access to resources from said requesting software application; b) creating fingerprint data for uniquely identifying a source of said requesting software application, said fingerprint data being derived from characteristics of a requesting node on which said requesting software application is resident, said fingerprint data being for uniquely identifying said source to a credentials manager (CM) module resident on a credentials manager node; c) creating a request package for transmission to said CM module, said request package containing data to uniquely identify said requesting software application to said CM module; d) encrypting said request package using cryptographic keys previously generated by said CM module, said cryptographic keys being specifically for communications between said CM module and said source; and e) transmitting said request package to said CM module, wherein said requesting software application is previously registered and authenticated by said CM module; and said resources are previously registered with said CM module. - View Dependent Claims (8, 9, 10)
-
-
11. A method for providing access to resources by a requesting software application, the method comprising the steps of:
-
a) receiving an encrypted request package and fingerprint data from a server password manager (SPM) module resident on a node on which said requesting software application is also resident; b) identifying and authenticating said node by way of said fingerprint data; c) determining decryption keys for use in decrypting said request package based on an identity of said node; d) decrypting said request package using said decryption keys; e) determining if contents of said request package matches stored data stored by a credentials manager module for said node and said requesting software application; and f) in the event said contents match said stored data, transmitting credentials required to provide access to said resources for said requesting software application. - View Dependent Claims (12, 13)
-
Specification
-
- Resources
-
Current AssigneeIrdeto B.V. (MultiChoice Group Ltd.)
-
Original AssigneeIrdeto B.V. (MultiChoice Group Ltd.)
-
InventorsGrapes, Robert, Mehan, Richard Edward Johnston, Rong, Jack Jiequn, Gu, Yuan Xiang, Adams, Garney David
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current726/6
-
CPC Class CodesG06F 21/31 User authenticationG06F 21/62 Protecting access to data v...
