Multiple Server Access Management
First Claim
Patent Images
1. A method comprising a plurality of steps each performed by hardware executing software, wherein the steps include:
- receiving an access request for a target computer from a client computer, wherein the access request comprises a digital certificate belonging to a user;
verifying the identity of the user by validating the digital certificate;
receiving access privileges for the user from a policy database, wherein the access privileges contain one or more access attributes;
evaluating the access request based the one or more access attributes; and
granting the user access to the target computer if all of the one or more access attributes are satisfied.
1 Assignment
0 Petitions
Accused Products
Abstract
An access management system receives an access request for a target computer from a client computer. The access request comprises a digital certificate belonging to a user. The access management system verifies the identity of the user by validating the digital certificate. When so verified, the user receives access privileges from a policy database. The access privileges contain one or more access attributes. The access management system evaluates the access request based the one or more access attributes and grants the user access to the target computer if all the one or more access attributes are satisfied.
-
Citations
7 Claims
-
1. A method comprising a plurality of steps each performed by hardware executing software, wherein the steps include:
-
receiving an access request for a target computer from a client computer, wherein the access request comprises a digital certificate belonging to a user; verifying the identity of the user by validating the digital certificate; receiving access privileges for the user from a policy database, wherein the access privileges contain one or more access attributes; evaluating the access request based the one or more access attributes; and granting the user access to the target computer if all of the one or more access attributes are satisfied. - View Dependent Claims (2)
-
- 3. Any computer implemented method of establishing direct authentication with a server by a Secure Shell (SSH) connection with a user'"'"'s public key without an impersonation, wherein a direct identification of the user is centrally validated and tracked by using the user'"'"'s public keys when combined with a centralized policy database.
-
6. A method comprising a plurality of steps each performed by hardware executing software, wherein the steps include:
-
receiving, from a client computer, an access request to an access management system, wherein the access request is for a target computer and includes a digital certificate belonging to a user; upon verifying, with the access management system, the identity of the user by validating the digital certificate, granting the user privileges from a policy database, wherein the access privileges from the policy database contain one or more access attributes; evaluating, by the access management, the access request using the one or more access attributes; and upon a successful evaluation such that each of the access attributes is satisfied, granting, by the access management system, the user access to the target computer. - View Dependent Claims (7)
-
Specification