PRIVILEGED ACCOUNT MANAGER, ACCESS MANAGEMENT
First Claim
1. A system, comprising:
- a memory storing a plurality of instructions; and
one or more processors configured to access the memory, wherein the one or more processors are further configured to execute the plurality of instructions to;
receive, from a target system, identification of a user-accessible account of the target system to be managed;
associate the user-accessible account with a security account of the target system, the security account configured to modify a password associated with the user-accessible account.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques for managing accounts are provided. An access management system may check out credentials for accessing target systems. For example a user may receive a password for a period of time or until checked back in. Access to the target system may be logged during this time. Upon the password being checked in, a security account may modify the password so that the user may not log back in without checking out a new password. Additionally, in some examples, password policies for the security account may be managed. As such, when a password policy changes, the security account password may be dynamically updated. Additionally, in some examples, hierarchical viewing perspectives may be determined and/or selected for visualizing one or more managed accounts. Further, accounts may be organized into groups based on roles, and grants for the accounts may be dynamically updated as changes occur or new accounts are managed.
67 Citations
20 Claims
-
1. A system, comprising:
-
a memory storing a plurality of instructions; and one or more processors configured to access the memory, wherein the one or more processors are further configured to execute the plurality of instructions to; receive, from a target system, identification of a user-accessible account of the target system to be managed; associate the user-accessible account with a security account of the target system, the security account configured to modify a password associated with the user-accessible account. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A computer-implemented method, comprising:
-
receiving, by a computer system, from a target system, information associated with an account to be managed by the computer system, the account being accessible by a user; associating, by the computer system, the account to be managed with a security account of the target system, the security account riot accessible by a user and configured to modify a password associated with the account to be managed; and in response to a user request, received by the computer system, to access the - View Dependent Claims (14, 15, 16)
-
-
17. A computer-readable memory storing a plurality of instructions executable by one or more processors, the plurality of instructions comprising:
-
instructions that cause the one or more processors to receive, from a target system, identification of a plurality of accounts of the target system to be managed, the plurality of accounts being accessible by a user; instructions that cause the one or more processors to associate the plurality of accounts to be managed with a security account of the target system that is not accessible by a user, the security account configured to modify a password associated with at least one of the plurality of accounts to be managed; instructions that cause the one or more processors to receive, from a user, an authentication request and a request for a particular password associated with at least one of the plurality of accounts to be managed; instructions that cause the one or more processors to check out the particular password to the user based at least in part on successful authentication of the user; and instructions that cause the one or more processors to automatically modify the particular password after the particular password is checked in by the user. - View Dependent Claims (18, 19, 20)
-
Specification