SYSTEMS FOR AUTHENTICATING A USER'S CREDENTIALS AGAINST MULTIPLE SETS OF CREDENTIALS
First Claim
1. A system for determining an appropriate level of access authority for a person in a distributed computer network including multiple sets of access credentials, wherein the system is in communication with a plurality of client machines over the network, wherein the system performs operations, the operations comprising:
- maintaining a set of access credential information for node users;
maintaining a set of access credential information for admin users;
wherein the set of access credential information for node users and the set of access credential information for admin users are maintained in respective separate name spaces;
receiving from one of the client machines the person'"'"'s request for access to the computer network or a subcomponent thereof, wherein the request includes the person'"'"'s input credentials;
comparing the person'"'"'s input credentials to the set of access credential information for node users, wherein the set of access credential information for node users is stored in a node table in a database;
determining whether the person'"'"'s input credentials are successfully verified against the set of access credential information stored in the node table, and if so, an authentication against the set of access credential information stored in the node table is successful;
comparing the person'"'"'s input credentials to the set of access credential information for admin users, wherein the set of access credential information for admin users is stored in an admin table in the database;
determining whether the person'"'"'s input credentials are successfully verified against the set of access credential information stored in the admin table, and if so, an authentication against the set of access credential information stored in the admin table is successful;
wherein the operation of comparing the person'"'"'s input credentials to the set of access credential information for node users at least partially overlaps in time with the operation of comparing the person'"'"'s input credentials to the set of access credential information for admin users;
wherein the node table contains a set of access credential information for a different class of users than the set of access credential information contained in the admin table;
wherein the node table and the admin table are ranked, with the admin table having a higher ranking than the node table;
comparing results of the authentication against the set of access credential information stored in the node table and results of the authentication against the set of access credential information stored in the admin table;
ascertaining a level of access authority for the person, without the person specifying an intended level of access authority, wherein the ascertained level of access authority corresponds with the highest ranked set of access credentials for which authentication is successful;
and wherein the appropriate level of access authority for the person is ascertained without regard to a specific machine, a location of the machine, an IP address of the machine, and a MAC address of the machine, from which the person'"'"'s request is received.
0 Assignments
0 Petitions
Accused Products
Abstract
Provided are systems for authenticating the identity of a user for use in a distributed computer network including multiple sets of access credentials. A user request, including the user'"'"'s input credentials, is received, and then compared simultaneously to multiple sets of access credentials in order to verify the user'"'"'s input credentials. When the user'"'"'s input credentials are verified, the appropriate level of access authority is then determined, and proper access is granted to the user.
-
Citations
17 Claims
-
1. A system for determining an appropriate level of access authority for a person in a distributed computer network including multiple sets of access credentials, wherein the system is in communication with a plurality of client machines over the network, wherein the system performs operations, the operations comprising:
-
maintaining a set of access credential information for node users; maintaining a set of access credential information for admin users; wherein the set of access credential information for node users and the set of access credential information for admin users are maintained in respective separate name spaces; receiving from one of the client machines the person'"'"'s request for access to the computer network or a subcomponent thereof, wherein the request includes the person'"'"'s input credentials; comparing the person'"'"'s input credentials to the set of access credential information for node users, wherein the set of access credential information for node users is stored in a node table in a database; determining whether the person'"'"'s input credentials are successfully verified against the set of access credential information stored in the node table, and if so, an authentication against the set of access credential information stored in the node table is successful; comparing the person'"'"'s input credentials to the set of access credential information for admin users, wherein the set of access credential information for admin users is stored in an admin table in the database; determining whether the person'"'"'s input credentials are successfully verified against the set of access credential information stored in the admin table, and if so, an authentication against the set of access credential information stored in the admin table is successful; wherein the operation of comparing the person'"'"'s input credentials to the set of access credential information for node users at least partially overlaps in time with the operation of comparing the person'"'"'s input credentials to the set of access credential information for admin users; wherein the node table contains a set of access credential information for a different class of users than the set of access credential information contained in the admin table; wherein the node table and the admin table are ranked, with the admin table having a higher ranking than the node table; comparing results of the authentication against the set of access credential information stored in the node table and results of the authentication against the set of access credential information stored in the admin table; ascertaining a level of access authority for the person, without the person specifying an intended level of access authority, wherein the ascertained level of access authority corresponds with the highest ranked set of access credentials for which authentication is successful; and wherein the appropriate level of access authority for the person is ascertained without regard to a specific machine, a location of the machine, an IP address of the machine, and a MAC address of the machine, from which the person'"'"'s request is received. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for determining an appropriate level of access authority for a person in a distributed computer network including multiple sets of access credentials, wherein the system is in communication with a plurality of client machines over the network, wherein the system performs operations, the operations comprising:
-
accepting the person'"'"'s request for access to the computer network, wherein the request includes the person'"'"'s input credentials; maintaining a set of access credential information for a first class of users; maintaining a set of access credential information for a second class of users;
wherein the set of access credential information for the first class of users and the set of access credential information for the second class of users are maintained in respective separate name spaces;comparing the person'"'"'s input credentials to the set of access credential information for the first class of users, wherein the set of access credential information for the first class of users is stored in a first table; determining whether the person'"'"'s input credentials are successfully verified against the set of access credential information stored in the first table, and if so, an authentication against the set of access credential information stored in the first table is successful; comparing the person'"'"'s input credentials to the set of access credential information for the second class of users, wherein the set of access credential information for the second class of users is stored in a second table; determining whether the person'"'"'s input credentials are successfully verified against the set of access credential information stored in the second table, and if so, an authentication against the set of access credential information stored in the second table is successful; wherein the operation of comparing the person'"'"'s input credentials to the set of access credential information for he first class of users at least partially overlaps in time with the operation of comparing the person'"'"'s input credentials to the set of access credential information for the second class of users; wherein the first table and the second table are in a single database; wherein the first class of users is a different class than the second class of users; wherein the first table and the second table are ranked, with the second table having a higher ranking than the first table; comparing results of the authentication against the set of access credential information stored in the first table and results of the authentication against the set of access credential information stored in the second table; ascertaining a level of access authority for the person, without the person specifying an intended level of access authority, wherein the ascertained level of access authority corresponds with the highest ranked set of access credentials for which authentication is successful; and wherein the appropriate level of access authority for the person is ascertained without regard to a specific machine, location of the machine, IP address of the machine, and MAC address of the machine, from which the person'"'"'s request is received. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A system for determining an appropriate level of access authority for a person in a distributed computing environment, wherein the system is in communication with a plurality of client machines over the network, wherein the system performs operations, the operations comprising:
-
accepting the person'"'"'s request for access to the computer network, wherein the request includes the person'"'"'s input credentials; performing, during a first time period, an authentication against a node table, wherein the authentication against the node table includes comparing the person'"'"'s input credentials to a set of access credential information for node users stored in the node table, and determining whether authentication against the node table is successful; performing, during a second time period, an authentication against an admin table, wherein the authentication against the admin table includes comparing the person'"'"'s input credentials to a set of access credential information for admin users stored in the admin table, and determining whether authentication against the admin table is successful; performing, during a third time period, an authentication against a third table, wherein the authentication against the third table includes comparing the person'"'"'s input credentials to a set of access credential information for users stored in the third table, and determining whether authentication against the third table is successful; performing, during a fourth time period, an authentication against a fourth table, wherein the authentication against the fourth table includes comparing the person'"'"'s input credentials to a set of access credential information for users stored in the fourth table, and determining whether authentication against the fourth table is successful; performing, during a fifth time period, an authentication against a fifth table, wherein the authentication against the fifth table includes comparing the person'"'"'s input credentials to a set of access credential information for users stored in the fifth table, and determining whether authentication against the fifth table is successful; wherein the first time period and the second time period and the third time period and the fourth time period and the fifth time period at least partially overlap; wherein the node table and the admin table and the third table and the fourth table and the fifth table are in a database; wherein the node table and the admin table and the third table and the fourth table and the fifth table each contain a set of access credential information that are respectively for different classes of users; wherein the node table and the admin table and the third table and the fourth table and the fifth table are ranked, with the admin table having a higher ranking than the node table; and wherein the method further comprises ascertaining a level of access authority for the person, without the person specifying an intended level of access authority, wherein the ascertained level of access authority corresponds with the highest ranked set of access credentials for which authentication is successful; and wherein the appropriate level of access authority for the person is ascertained without regard to a specific machine, location of the machine, IP address of the machine, and MAC address of the machine, from which the person'"'"'s request is received. - View Dependent Claims (16, 17)
-
Specification