Security management framework

US 20110154455A1
Filed: 02/22/2005
Published: 06/23/2011
Est. Priority Date: 02/22/2005
Status: Abandoned Application

First Claim

Patent Images

1. A computer-implemented method for providing access to a resource, the method comprising the steps of:

validating, with an adapter, a request for access to a resource received from a software program located on a client computer based at least on a username, a password, and an IP address included in the request which identifies the software program;

identifying, with the adapter, an environment of the software program;

identifying, with the adapter, a resource file located on a server, wherein the resource file includes encrypted credentials for accessing the resource, and wherein the adapter is remote from the server;

retrieving encrypted credentials from the resource file based at least on the environment of the software program;

decrypting, with the server, the encrypted credentials; and

providing, with the adapter, decrypted credentials to the software program located on a client computer, wherein the software program is configured to use the decrypted credentials to access the resource.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A framework is provided for securing and managing sensitive credential information required for a software program, such as an application or a script, to access a resource. The centralized framework validates a request for access to a resource received from the software program, retrieves the encrypted credentials associated with the requested resource, decrypts the encrypted credentials, and provides decrypted credentials to the software program for use in accessing the resource.

18 Citations

View as Search Results

32 Claims

1. A computer-implemented method for providing access to a resource, the method comprising the steps of:
- validating, with an adapter, a request for access to a resource received from a software program located on a client computer based at least on a username, a password, and an IP address included in the request which identifies the software program;
  
  identifying, with the adapter, an environment of the software program;
  
  identifying, with the adapter, a resource file located on a server, wherein the resource file includes encrypted credentials for accessing the resource, and wherein the adapter is remote from the server;
  
  retrieving encrypted credentials from the resource file based at least on the environment of the software program;
  
  decrypting, with the server, the encrypted credentials; and
  
  providing, with the adapter, decrypted credentials to the software program located on a client computer, wherein the software program is configured to use the decrypted credentials to access the resource.
- View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 3. The computer-implemented method of claim 1, wherein the credentials include a resource username and a resource password.
  - 4. The computer-implemented method of claim 3, wherein the credentials include a URL address of the resource.
  - 5. The computer-implemented method of claim 1, wherein the resource file is stored in a computer-readable memory.
  - 6. The computer-implemented method of claim 1, wherein the resource file includes meta data of the resource.
  - 7. The computer-implemented method of claim 1, wherein the step of identifying the resource file is performed based at least on the environment of the software program.
  - 8. The computer-implemented method of claim 1, wherein the request includes a signature.
  - 9. The computer-implemented method of claim 8, further comprising the step of verifying the signature.
  - 10. The computer-implemented method of claim 1, wherein the resource file includes information related to a plurality of resources.
  - 11. The computer-implemented method of claim 1, wherein the software program is an application or a script.

2. (canceled)

12. A system for providing access to a resource, the system comprising:
- an adapter communicatively connected to a client computer configured to execute a software program, wherein the adapter is configured to;
  
  validate a request for access to a resource received from the software program located on the client computer based at least on a username, a password, and an IP address included in the request which identifies the software program, andidentify an environment of the software program,identify a resource file stored in a computer-readable memory, wherein the resource file includes encrypted credentials for accessing the resource; and
  
  a server computer communicatively connected to the remotely located adapter, wherein the server computer is configured to;
  
  retrieve the encrypted credentials from the resource file based at least on the environment of the software program,decrypt the encrypted credentials, andprovide the decrypted credentials to the software program located on the client computer via the adapter, wherein the decrypted credentials allow the software program to access the resource.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23)
- - 16. The system of claim 12, wherein the credentials include a resource username and a resource password.
  - 17. The system of claim 16, wherein the credentials include a URL address of the resource.
  - 18. The system of claim 12, wherein the resource file includes meta data of the resource.
  - 19. The system of claim 12, wherein the adapter is configured to identify the resource file based at least on the environment of the software program.
  - 20. The system of claim 12, wherein the request includes a signature.
  - 21. The system of claim 20, wherein the server computer is configured to verify the signature.
  - 22. The system of claim 12, wherein the server computer includes a CODEC server.
  - 23. The system of claim 12, wherein the software program is an application or a script.

13. (canceled)

14. (canceled)

15. (canceled)

24. (canceled)

25. (canceled)

26. (canceled)

27. (canceled)

28. A computer-readable storage medium storing computer code, wherein the computer code comprises:
- code, executable by an adapter, configured for validating a request for access to a resource received from a software program located on a client computer based at least on a username, a password, and an IP address included in the request which identifies the software program;
  
  code, executable by the adapter, for identifying an environment of the software program,code, executable by the adapter, configured for identifying a resource file, wherein the resource file includes encrypted credentials for accessing the resource;
  
  code, executable by a server, configured for retrieving the encrypted credentials from the resource file based at least on the environment of the software program, and the server is remote from the adapter;
  
  code, executable by the server, configured for decrypting the encrypted credentials; and
  
  code, executable by the adapter, configured for providing decrypted credentials to the software program located on a client computer, wherein the decrypted credentials allow the software program to access the resource.
- View Dependent Claims (29)
- - 29. The computer-readable medium of claim 28, wherein the software program is an application or a script.

30. A computer-implemented method for providing access to a resource, the method comprising the steps of:
- validating, with an adapter, a request for access to a resource received from a software program located on a client computer based at least on a username, a password, and an IP address included in the request which identifies the software program and a signature;
  
  identifying, with the adapter, an environment of the software program;
  
  identifying, with the adapter, a resource file located on a server based at least on the environment of the software program, wherein the resource file includes encrypted credentials for accessing the resource, wherein the encrypted credentials include a resource username, a resource password, a URL address of the resource, and meta data of the resource, and wherein the adapter is remote from the server;
  
  retrieving, with a server, environment-specific encrypted credentials from the resource file from a computer-readable memory based at least on the environment of the software program;
  
  decrypting, with the server, the encrypted credentials; and
  
  providing, with the adapter, decrypted credentials to the software program located on a client computer, wherein the decrypted credentials allow the software program to access the resource.
- View Dependent Claims (31)
- - 31. The computer-implemented method of claim 30, wherein the software program is an application or a script.

32. A system for providing access to a resource, the system comprising:
- an adapter communicatively connected to a client computer configured to execute an application or a script, wherein the adapter is configured to;
  
  validate a request for access to a resource received from the application or the script based on a username, a password, and an IP address included in the request which identifies the application or the script and a signature,identify an environment of the software program;
  
  identify a resource file stored in a computer-readable memory based at least on the environment of the application or the script, wherein the resource file includes encrypted credentials for accessing the resource, wherein the credentials include a resource username, a resource password, a URL address of the resource, and meta data of the resource; and
  
  a server computer communicatively connected to the remotely located adapter, wherein the server computer is configured to;
  
  retrieve the encrypted credentials from the resource file based at least on the environment of the application or script;
  
  decrypt the encrypted credentials; and
  
  provide the decrypted credentials to the application or the script, wherein the decrypted credentials allow the application or the script to access the resource.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
JP Morgan Chase Bank, N.A. (JP Morgan Chase & Co)
Original Assignee
JP Morgan Chase Bank, N.A. (JP Morgan Chase & Co)
Inventors
Nanjangudu, Shiva R., Jung, Philip H.

Application Number

US11/063,098
Publication Number

US 20110154455A1
Time in Patent Office

Days
Field of Search
US Class Current

726/6
CPC Class Codes

H04L 63/04   for providing a confidentia...

H04L 63/083   using passwords cryptograph...

H04L 9/32   including means for verifyi...

H04L 9/3226   using a predetermined code,...

H04L 9/3247   involving digital signatures

Security management framework

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

18 Citations

32 Claims

Specification

Solutions

Use Cases

Quick Links

Security management framework

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

18 Citations

32 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links