System and method for secure remote computer task automation

US 20100106963A1
Filed: 04/21/2009
Published: 04/29/2010
Est. Priority Date: 04/22/2008
Status: Abandoned Application

First Claim

Patent Images

1. A method, comprising:

receiving at a third party authority a request from a client computer, the request including authentication information and an access request;

authenticating the client computer based on the authentication information;

processing the access request to grant the client computer access to a target computer to perform a task on the target computer, the access request including the task;

sending an access token to the client computer to access the target computer to perform the task;

receiving the access token from the target computer for validation; and

validating the received access token based on the request for the target computer to process the task.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system includes a third party authority in communication with a client computer and a target computer. The third party authority is configured to receive a request including authentication information and an access request from the client computer. The third party authority is configured to authenticate the client computer based on the authentication information and to process the access request to grant the client computer access to the target computer to perform a task on the target computer, the access request including the task. The third party authority is further configured to send an access token to the client computer to access the target computer to perform the task, to receive the access token from the target computer for validation, to validate the received access token based on the request for the target computer to process the task, and to grant the target computer permission to process the task upon validation.

Citations

51 Claims

1. A method, comprising:
- receiving at a third party authority a request from a client computer, the request including authentication information and an access request;
  
  authenticating the client computer based on the authentication information;
  
  processing the access request to grant the client computer access to a target computer to perform a task on the target computer, the access request including the task;
  
  sending an access token to the client computer to access the target computer to perform the task;
  
  receiving the access token from the target computer for validation; and
  
  validating the received access token based on the request for the target computer to process the task.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, wherein the access request contains an identity of the target computer and a command to be executed on the target computer to process the task.
  - 3. The method of claim 1, wherein the request is sent over a secure communication channel.
  - 4. The method of claim 1, wherein the access token is a time-decaying token.
  - 5. The method of claim 1 further comprising the step of determining a lowest level of access for the client computer to access the target computer to perform the task.

6. A method, comprising:
- sending a request including authentication information and an access request, from a client computer to a third party authority;
  
  receiving an access token from the third party authority at the client computer;
  
  sending the access token from the client computer to a target computer; and
  
  accessing the target computer to perform a task on the target computer.
- View Dependent Claims (7, 8, 9, 10, 11, 12, 13)
- - 7. The method of claim 6, wherein the request is sent over a secure communication channel.
  - 8. The method of claim 6, wherein the access request contains an identity of the target computer and a command to be executed on the target computer to process the task.
  - 9. The method of claim 6 further comprising monitoring for an issue while performing the task.
  - 10. The method of claim 6 further comprising monitoring to determine if a time out has occurred.
  - 11. The method of claim 9 further comprising the step of remediating the issue.
  - 12. The method of claim 9 further comprising the step of aborting the task if the issue is detected on the target computer.
  - 13. The method of claim 6, wherein the step of accessing the target computer further comprises accessing the target computer at a determined lowest level of access to perform the task.

14. A method, comprising:
- receiving an access token at a target computer;
  
  sending the access token to a third party authority for validation;
  
  receiving validation from the third party authority to process a task;
  
  processing the task;
  
  granting a client computer access to the target computer to perform the task;
  
  spawning a thread to process the task on the target computer; and
  
  sending to the client computer an acknowledgement indicating a status of the task.
- View Dependent Claims (15, 16, 17, 18)
- - 15. The method of claim 14 further comprising the step of establishing a secure communication channel with the third party authority after receiving the access token.
  - 16. The method of claim 14 further comprising the step of determining a lowest level of access needed to perform the task.
  - 17. The method of claim 16 further comprising the step of comparing the task to a table of tasks to determine the lowest level of access needed to perform the task.
  - 18. The method of claim 16, wherein the step of granting the client computer access comprises granting the client computer access at the determined lowest level of access.

19. A computer program product including a computer readable medium having stored thereon computer executable instructions that, when executed by a computer, direct the computer to perform a method comprising the steps of:
- receiving a request from a client computer, the request including authentication information and an access request;
  
  authenticating the client computer based on the authentication information;
  
  processing the access request to grant the client computer access to a target computer to perform a task on the target computer, the access request including the task;
  
  sending an access token to the client computer to access the target computer to perform the task;
  
  receiving the access token from the target computer for validation; and
  
  validating the received access token based on the request for the target computer to process the task.
- View Dependent Claims (20, 21, 22, 23)
- - 20. The computer program product of claim 19, wherein the access request contains an identity of the target computer and a command to be executed on the target computer to process the task.
  - 21. The computer program product of claim 19, wherein the request is sent over a secure communication channel.
  - 22. The computer program product of claim 19, wherein the access token is a time-decaying token.
  - 23. The computer program product of claim 19 further including computer executable instructions that, when executed by the computer, configure the computer to perform the step of determining a lowest level of access for the client computer to access the target computer to perform the task.

24. A computer program product including a computer readable medium having stored thereon computer executable instructions that, when executed by a computer, direct the computer to perform a method comprising the steps of:
- sending a request including authentication information and an access request to a third party authority;
  
  receiving an access token from the third party authority;
  
  sending the access token to a target computer; and
  
  accessing the target computer to perform a task on the target computer.
- View Dependent Claims (25, 26, 27, 28, 29, 30, 31)
- - 25. The computer program product of claim 24, wherein the request is sent over a secure communication channel.
  - 26. The computer program product of claim 24, wherein the access request contains an identity of the target computer and a command to be executed on the target computer to process the task.
  - 27. The computer program product of claim 24 further including computer executable instructions that, when executed by the computer, configure the computer to perform the step of monitoring for an issue while performing the task.
  - 28. The computer program product of claim 24 further including computer executable instructions that, when executed by the computer, configure the computer to perform the step of monitoring to determine if a time out has occurred.
  - 29. The computer program product of claim 27 further including computer executable instructions that, when executed by the computer, configure the computer to perform the step of remediating the issue.
  - 30. The computer program product of claim 27 further including computer executable instructions that, when executed by the computer, configure the computer to perform the step of aborting the task if the issue is detected on the target computer.
  - 31. The computer program product of claim 24 further including computer executable instructions that, when executed by the computer, configure the computer to perform the step of accessing the target computer at a determined lowest level of access to perform the task.

32. A computer program product including a computer readable medium having stored thereon computer executable instructions that, when executed by a computer, direct the computer to perform a method comprising the steps of:
- receiving an access tokensending the access token to a third party authority for validation;
  
  receiving validation from the third party authority to process a task;
  
  processing the task;
  
  granting a client computer access to the computer to perform the task;
  
  spawning a thread to process the task on the computer; and
  
  sending to the client computer an acknowledgement indicating a status of the task.
- View Dependent Claims (33, 34, 35, 36)
- - 33. The computer program product of claim 32 further including computer executable instructions that, when executed by the computer, configure the computer to perform the step of establishing a secure communication channel with the third party authority after receiving the access token.
  - 34. The computer program product of claim 32 further including computer executable instructions that, when executed by the computer, configure the computer to perform the step of determining a lowest level of access needed to perform the task.
  - 35. The computer program product of claim 34 further including computer executable instructions that, when executed by the computer, configure the computer to perform the step of comparing the task to a table of tasks to determine the lowest level of access needed to perform the task.
  - 36. The computer program product of claim 34, wherein granting the client computer access comprises granting the client computer access at the determined lowest level of access.

37. A system, comprising:
- a third party authority in communication with a client computer and a target computer;
  
  the third party authority configured to;
  
  receive a request from the client computer, the request including authentication information and an access request,authenticate the client computer based on the authentication information,process the access request to grant the client computer access to the target computer to perform a task on the target computer, the access request including the task,send an access token to the client computer to access the target computer to perform the task,receive the access token from the target computer for validation, andvalidate the received access token based on the request for the target computer to process the task.
- View Dependent Claims (38, 39, 40)
- - 38. The system of claim 37, wherein the access request contains an identity of the target computer and a command to be executed on the target computer to process the task.
  - 39. The system of claim 37, wherein the access token is a time-decaying token.
  - 40. The system of claim 37, wherein the target computer is further configured to determine a lowest level of access for the client computer to access the target computer to perform the task.

41. A system, comprising:
- a client computer in communication with a third party authority and a target computer;
  
  the client computer configured to;
  
  send a request including authentication information and an access request to the third party authority,receive an access token from the third party authority,send the access token to the target computer, andaccess the target computer to perform a task on the target computer.
- View Dependent Claims (42, 43, 44, 45, 46, 47)
- - 42. The system of claim 41, wherein the access request contains an identity of the target computer and a command to be executed on the target computer to process the task.
  - 43. The system of claim 41, wherein the client computer is further configured to monitor for an issue while performing the task.
  - 44. The system of claim 41, wherein the client computer is further configured to monitor to determine if a time out has occurred.
  - 45. The system of claim 43, wherein the client computer is further configured to remediate the issue.
  - 46. The system of claim 43, wherein the client computer is further configured to abort the task if the issue is detected on the target computer.
  - 47. The system of claim 41, wherein the client computer is further configured to access the target computer at a determined lowest level of access to perform the task.

48. The system, comprising:
- a target computer in communication with a third party authority and a client computer;
  
  the target computer configured to;
  
  receive an access token,send the access token to a third party authority for validation,receive validation from the third party authority to process a task,process the task,grant the client computer access to perform the task,spawn a thread to process the task, andsend to the client computer an acknowledgement indicating a status of the task.
- View Dependent Claims (49, 50, 51)
- - 49. The system of claim 48, wherein the target computer is further configured to determine a lowest level of access needed to perform the task.
  - 50. The system of claim 49, wherein the target computer is further configured to compare the task to a table of tasks to determine the lowest level of access needed to perform the task.
  - 51. The system of claim 49, wherein the target computer is further configured to grant the client computer access at the determined lowest level of access.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Barclays Capital Incorporated (Barclays PLC)
Original Assignee
Barclays Capital Incorporated (Barclays PLC)
Inventors
Virtuoso, Anthony, Dolphin, Miles Avery

Application Number

US12/385,846
Publication Number

US 20100106963A1
Time in Patent Office

Days
Field of Search
US Class Current

713/155
CPC Class Codes

G06F 21/335   for accessing specific reso...

G06F 2221/2101   Auditing as a secondary aspect

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/0823   using certificates cryptogr...

H04L 63/102   Entity profiles

System and method for secure remote computer task automation

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

51 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for secure remote computer task automation

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

51 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links