Method and Apparatus for Securely Synchronizing Password Systems
1 Assignment
0 Petitions
Accused Products
Abstract
A centralized password repository (CPR) provides network users with a password portal through which the user can manage password access to domains and applications on the network. A subset of the domains and applications on the network may be required, by design, to maintain a separate password infrastructure. For these systems, the CPR establishes a secure and authenticated communication channel and software on the system interfaces with the password infrastructure to synchronize the password in the system password infrastructure with the password in the CPR. For other systems not required to maintain a separate password infrastructure, the CPR performs password services by responding to requests from those systems seeking to validate user IDs and passwords. The CPR enables an administrator to modify network privileges and enables a user to alter passwords on the network through a single interface.
-
Citations
46 Claims
-
1-17. -17. (canceled)
-
18. A communication network comprising:
-
a plurality of password domains, each password domain configured to maintain a respective association between respective users and respective passwords used to authenticate the respective users for access to the respective password domains, and each password domain requiring a respective authentication level for password changes; a password portal configured to maintain an association between respective users, respective password domains and respective passwords used to authenticate the respective users for changing the respective passwords associated with the respective users at the password portal and at respective password domains; and communication facilities connected between the password portal and the plurality of password domains; the password portal being configured; to receive a password change request from a particular user authenticated at a particular authentication level at the password portal; to implement the password change request at the password portal; to establish respective encrypted and authenticated communication channels over the communication facilities only to respective password domains which are associated with the particular user at the password portal and which require respective authentication levels for password changes which is not higher than the particular authentication level; and to communicate the password change request over each respective encrypted and authenticated communication channel to a respective password domain; and each password domain receiving the password change request over a respective encrypted and authenticated communication channel being configured to implement the password change request at the password domain. - View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46)
-
Specification