SELF-SERVICE CREDENTIAL MANAGEMENT
First Claim
1. A method for determining whether to permit a user to reset a credential used to access a resource, comprising the steps of:
- receiving a request from a first user to reset a first credential, wherein the first request includes first user information;
determining, based at least on the first user information, an applicable reset policy from among at least a first reset policy and a second reset policy,wherein the first reset policy is different from the second reset policy;
receiving a response from the first user;
granting the first request if the response satisfies the applicable reset policy.
2 Assignments
0 Petitions
Accused Products
Abstract
A self-service system and method for credential reset permits an administrator to customize policies for credential reset based on any user or group of users. Administrators may choose to set a more stringent policy for credential reset for users or groups that have higher-level permissions to access sensitive information within the resource protected by the credential. Customizable, plug-in gates are provided to permit administrators fine grained control over reset policy definition. When the user initiates a credential reset, the reset policy applicable to that user is invoked, and the user is presented with gates to pass pursuant to the applicable reset policy. The user'"'"'s responses are compared to responses presented by the user at registration. If the responses meet the reset policy'"'"'s threshold for accuracy, the user is permitted to reset the credential.
-
Citations
20 Claims
-
1. A method for determining whether to permit a user to reset a credential used to access a resource, comprising the steps of:
-
receiving a request from a first user to reset a first credential, wherein the first request includes first user information; determining, based at least on the first user information, an applicable reset policy from among at least a first reset policy and a second reset policy, wherein the first reset policy is different from the second reset policy; receiving a response from the first user; granting the first request if the response satisfies the applicable reset policy. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A computer readable medium, executable on a computing system, including at least one tangible medium and encoding a computer program of instructions for executing a computer implemented method for setting requirements to permit reset of a credential used to access a resource, comprising the steps of:
-
associating a first user with a first reset policy based on first user information; and associating a second user with a second reset policy based on second user information; wherein the first user is required to satisfy the first reset policy to reset a first credential used to access the resource; and wherein the second user is required to satisfy the second reset policy to reset a first credential used to access the resource; and wherein the first reset policy is different from the second reset policy. - View Dependent Claims (13, 14, 15, 16, 17)
-
-
18. A system for determining whether to allow users to reset credentials protecting a resource, comprising:
-
a processing unit; and a memory coupled with and readable by the processing unit and having stored therein instructions which, when executed by the processing unit, cause a credential reset module to perform the following acts; receiving a first request from a first user to reset a first credential protecting the resource, wherein the first request includes first user information; mapping the first user information to a first reset policy, wherein the first reset policy identifies at least a first gate; receiving a first response from the first user; granting the first user permission to reset the first credential if the first response satisfies the first reset policy; receiving a second request from a second user to reset a second credential, wherein the second request includes second user information; mapping the second user information to a second reset policy, wherein the second reset policy identifies at least a second gate; receiving a second response from the second user; granting the second user permission to reset the second credential if the second response satisfies the second reset policy; wherein the first reset policy is different from the second reset policy. - View Dependent Claims (19, 20)
-
Specification