Remote password administration for a computer network among a plurality of nodes sending a password update message to all nodes and updating on authorized nodes

US 5,611,048 A
Filed: 05/09/1994
Issued: 03/11/1997
Est. Priority Date: 10/30/1992
Status: Expired due to Term

First Claim

Patent Images

1. In a computer network having a plurality of nodes with one or more computer systems coupled to a node, a method of administering a password in a first and second type of security system, the first and second security systems having incompatible security procedures comprising the steps of:

transmitting a password update message from a first computer system equipped with the first type of security system to a second computer system over the network according to the procedure of the first type of security system;

receiving the password update message at the second computer system equipped with the first type of security system;

determining authorized computer systems in the network to which the user is authorized access, the authorized computer systems including a third computer system equipped with the second type of security system;

transmitting the password update message to the authorized computer systems, wherein the password update message is transmitted to the third computer system according to the procedure of the second type of security system;

updating password tables in the first types of and second security systems at the second and third computer systems with the password update message; and

transmitting a password status message to the first computer system to indicate that the password tables in the first and second security systems were updated at the second and third computer systems.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A remote password administration facility operating on the network is divided in client and server programs and provides coordination between a mainframe and a network security system. A password update message is generated by the client program and transmitted across the network to a server system which acts as a gateway server to the mainframe. The password is updated at the server system in the network security system. The gateway server is coupled to a mainframe system via an emulator session. The server scans the logon profile database to determine whether the user id is authorized to access the mainframe. If so, the password update message is sent to the second security system resident in the mainframe. The server program cooperates with the emulator program to send the password update message to the mainframe security system and determine whether the password was successfully updated.

204 Citations

19 Claims

1. In a computer network having a plurality of nodes with one or more computer systems coupled to a node, a method of administering a password in a first and second type of security system, the first and second security systems having incompatible security procedures comprising the steps of:
- transmitting a password update message from a first computer system equipped with the first type of security system to a second computer system over the network according to the procedure of the first type of security system;
  
  receiving the password update message at the second computer system equipped with the first type of security system;
  
  determining authorized computer systems in the network to which the user is authorized access, the authorized computer systems including a third computer system equipped with the second type of security system;
  
  transmitting the password update message to the authorized computer systems, wherein the password update message is transmitted to the third computer system according to the procedure of the second type of security system;
  
  updating password tables in the first types of and second security systems at the second and third computer systems with the password update message; and
  
  transmitting a password status message to the first computer system to indicate that the password tables in the first and second security systems were updated at the second and third computer systems.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method as recited in claim 1 wherein the process for updating the password table in the second type of security system comprises the steps of:
    - initiating a dialog with the third computer system by the second computer system;
      
      searching for a first screen display of the third system by the second computer system;
      
      responsive to finding the first screen display, entering user identifier data from the password update message to the third computer system by the second computer system;
      
      searching for a second screen display of the third computer system by the second computer system;
      
      responsive to finding the second screen display, entering old password data from the password update message to the third computer system by the second computer system;
      
      searching for a third screen display of the third computer system by the second computer system; and
      
      ,responsive to finding the third screen display, entering new password data from the password update message to the third system by the second computer system.
  - 3. The method as recited in claim 1 which further comprises the step of transmitting a password status message to the first computer system to indicate that the password tables in the first and second security systems were updated at the second and third computer systems.
  - 4. The method as recited in claim 1 wherein a plurality of remote computer systems in the authorized computer systems are equipped with the first type of security system;
    - transmitting the password update message to the plurality of remote computer systems according to the procedure of the first type of security system; and
      
      ,updating a password table in the first type of security system at each of the plurality of remote computer systems.
  - 5. The method as recited in claim 1 which further comprises the step of translating the password update message from a first format for the first type of security system to a second format for the second type of security system, the translating step taking place at the second computer system.
  - 6. The method as recited in claim 1 wherein the third computer system is a host mainframe computer and which further comprises the steps of:
    - emulating a host terminal session by the second computer system;
      
      searching for a plurality of successive host screen displays in the host terminal session by the second computer system; and
      
      ,responsive to finding one of the plurality of successive host screens, sending a portion of the data from the password update message to the third computer system by the second computer system.

7. In a computer network having a plurality of nodes with one or more computer systems coupled to a node, a system of administering a password for a first and second type of security system having incompatible security procedures comprising:
- a first and second computer system coupled to a first and second node of a network respectively;
  
  means for transmitting a password update message from the first computer system to the second computer system over the network according to the security procedure of the first type of security system;
  
  means for receiving the password update message at the second computer system, the second computer system equipped with the first type of security system;
  
  a third computer system coupled to and in communication with the second computer system;
  
  means for determining authorized computer systems in the network to which the user is authorized access, the authorized computer systems including a third computer system equipped with the second type of security system;
  
  means for transmitting the password update message to the authorized computer systems, wherein the password update message is transmitted to the third computer system responsive to finding a set of security related screen messages from the third computer system and according to the security procedure of the second type of security system; and
  
  ,means for updating password tables in the first and second type of security systems with the password update message.
- View Dependent Claims (8, 9, 10, 11, 12, 13)
- - 8. The system as recited in claim 7 wherein the system further comprises:
    - means for initiating a dialog with the third computer system by the second computer system;
      
      means for searching for a first, second and third screen display of the third computer system by the second computer system;
      
      means responsive to finding the first, second and third screen displays, respectively entering user identifier data, old password data and new password data from the password update message to the third computer system by the second computer system.
  - 9. The system as recited in claim 7 which further comprises means for transmitting a password status message to the first computer system to indicate that the password tables in the first and second types of security systems were updated.
  - 10. The system as recited in claim 7a plurality of remote systems in the authorized computer systems equipped with the first type of security system;
    - means for transmitting the password update message to the plurality of remote computer systems according to the procedure of the first security system; and
      
      ,means for updating a password table in the first type of security system at each of the plurality of remote computer systems.
  - 11. The system as recited in claim 7 wherein the third computer system is a mainframe computer.
  - 12. The system as recited in claim 7 which further comprises means for translating the password update message from a first format for the first type of security system to a second format for the second type of security system, the translating means at the second computer system.
  - 13. The system as recited in claim 7 wherein the third computer system is a host mainframe computer and which further comprises:
    - means for emulating a host terminal session the second computer system;
      
      means for searching for a plurality of successive host screen displays in the host terminal session by the second computer system; and
      
      ,means to finding one of the plurality of successive host screens, for sending a portion of the data from the password update message to the third computer system by the second computer system according to the procedure of the second security system.

14. For a computer network having a plurality of nodes with one or more computer systems coupled to a node, a computer program product resident on a computer readable memory for administering a password in a first and second type of security system having incompatible security procedures executable in the one or more computer systems, comprising:
- program code means for transmitting a password update message from a first computer system to a second computer system over the network according to the procedure of the first security system;
  
  program code means for receiving the password update message at the second computer system equipped with the first type of security system;
  
  program code means for determining authorized computer systems in the network to which the user is authorized access, the authorized computer systems including a third computer system equipped with the second type of security system;
  
  program code means for receiving screen messages from the second type of security system at the second computer systemprogram code means for transmitting the password update message to the authorized computer systems, wherein the password update message is transmitted to the third computer system by the second computer system in successive portions according to the procedure of the second security system each successive portion being transmitted responsive to receiving a predetermined screen message from the second security system; and
  
  ,program code means for updating password tables in the second and third computer systems with the password update message.
- View Dependent Claims (15, 17, 18, 19)
- - 15. The product as recited in claim 14 which further comprises:
    - program code means for initiating a dialog with the third system from the second system;
      
      program code means for searching for a first, second and third screen display by the third system;
      
      program code means responsive to finding the first, second and third screen displays, respectively entering user identifier data, old password data and new password data from the password update message to the third system.
  - 17. The product as recited in claim 14 whereina plurality of remote systems in the authorized computer systems are equipped with the first type of security system and the product further comprises:
    - program code means for transmitting the password update message to the plurality of remote systems; and
      
      ,program code means for requesting an update to a password table in the first type of security system at each of the plurality of remote systems.
  - 18. The product as recited in claim 14 which further comprises program code means for translating the password update message from a first format for the first type of security system to a second format for the second type of security system, the translating step taking place at the second system.
  - 19. The product as recited in claim 14 wherein the third system is a host mainframe computer and which further comprises:
    - program code means for emulating a host terminal session at the second system;
      
      program code means for searching for a plurality of successive host screen displays in the host terminal session; and
      
      ,program code means responsive to finding one of the plurality of successive host screens, for sending a portion of the data from the password update message to the third system.

16. A computer program product on a computer readable medium for administering a password in a computer network wherein individual computer systems run either a first or a second type of security system which have mutually incompatible security procedures, comprising:
- means for transmitting a password update message to a second computer system according to the procedure of the first security system from a first computer system;
  
  means for receiving the password update message at the second computer system and updating a password table in the first security system at the second computer system;
  
  means for transmitting the password update message from the second computer system to a third computer system according to the procedure of the second security systemmeans for receiving the password update message at the third computer system and updating a password table in the second security system at the third computer system; and
  
  means for transmitting a password status message to the first system to indicate that the password tables in the first and second types of security systems were updated.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Jacobs, Dwayne C., Wangler, James A.
Primary Examiner(s)
Lee, Thomas C.
Assistant Examiner(s)
Kim, Sang Hui

Application Number

US08/240,291
Time in Patent Office

1,037 Days
Field of Search

395/325, 395/800, 395/575, 395/491, 395/188.01, 395/187, 395/187.01, 395/200.09, 380/23
US Class Current

726/5
CPC Class Codes

G06F 21/31   User authentication

G06F 21/33   using certificates

G06F 21/6236   between heterogeneous systems

Remote password administration for a computer network among a plurality of nodes sending a password update message to all nodes and updating on authorized nodes

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

204 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Remote password administration for a computer network among a plurality of nodes sending a password update message to all nodes and updating on authorized nodes

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

204 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links