System and method for accessing enterprise-wide resources by presenting to the resource a temporary credential
First Claim
1. A resource access control method, comprising the steps of:
- assigning at least one role to a user;
generating a temporary credential token when said user begins a session and requests access to at least one resource based on said at least one role assigned to said user, the temporary credential token allowing said user to access any resource within the enterprise based on the assigned role of the user, wherein said temporary credential token includes role information specifying at least one of said assigned user roles and resource information comprising a list of accessible resources corresponding to said assigned user role;
presenting said temporary credential token to said at least one resource to allow entry by said user;
generating a temporary access permission by said at least one resource in response to said at least one resource receiving said temporary credential token, the temporary access permission permitting said user access to said at least one resource;
terminating said temporary credential token and said temporary access permission to terminate said user'"'"'s access to said at least one resource when said user terminates the session.
4 Assignments
0 Petitions
Accused Products
Abstract
A resource access control system and method (50) for a corporate enterprise includes a security administrator (60, 62) in communication with a plurality of users (90), each of the users (90) having an assigned role and a unique user identifier. A temporary credential token (52) is generated correlative to the assigned role of the user by the security administrator (62) as the user logs on by entering the assigned unique user identifier and indicates a desire to access a resource (56). The temporary credential token (52) is communicated to the resource (56) and any subsequent resources (56) to allow access by the user (90), and deleted as the user (90) terminates the session.
809 Citations
22 Claims
-
1. A resource access control method, comprising the steps of:
-
assigning at least one role to a user; generating a temporary credential token when said user begins a session and requests access to at least one resource based on said at least one role assigned to said user, the temporary credential token allowing said user to access any resource within the enterprise based on the assigned role of the user, wherein said temporary credential token includes role information specifying at least one of said assigned user roles and resource information comprising a list of accessible resources corresponding to said assigned user role; presenting said temporary credential token to said at least one resource to allow entry by said user; generating a temporary access permission by said at least one resource in response to said at least one resource receiving said temporary credential token, the temporary access permission permitting said user access to said at least one resource; terminating said temporary credential token and said temporary access permission to terminate said user'"'"'s access to said at least one resource when said user terminates the session. - View Dependent Claims (2, 3, 4)
-
-
5. An enterprise-wide resource access control system, comprising:
-
a security administrator in communication with a plurality of users, each of said users having at least one assigned role and a unique user identifier, said assigned role defining a job function of a user; a database coupled to said security administrator for storing said plurality of users'"'"' assigned roles, unique user identifiers, and a resource access list identifying all enterprise-wide resources that may be accessed by the user based on the assigned role of the user; a temporary credential token being generated in response to said at least one assigned role of a user by said security administrator as said user logs on to a first resource by entering said assigned unique user identifier, said temporary credential token being communicated to said first resource to allow said user to access any resource within the enterprise that is identified in the resource access list, said temporary credential token being deleted as said user logs off said resource, wherein said temporary credential token includes role information specifying at least one of said assigned user roles and resource information comprising the corresponding accessible resources from the resource access list; and a temporary access permission being generated by a second resource in response to receiving and verifying said temporary credential token, said temporary credential token being presented to said second resource in response to said user requesting access to said second resource, said second resource existing in the resource access list, said temporary access permission being deleted as said user terminates a session with said second resource. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A resource access control method, comprising the steps of:
-
beginning a session and logging on to a first resource by entering a user identifier and password; authenticating said user identifier and password; recognizing at least one role corresponding to said user identifier and generating a temporary credential token in response to said authentication and role recognition, said temporary credential token, wherein said temporary credential token includes role information specifying at least one of said assigned user roles and resource information comprising a list of accessible resources corresponding to said assigned user role; presenting said temporary credential token to said first resource; gaining entry to said first resource in response to receiving said temporary credential token; selecting a second resource;
presenting said temporary credential token to said second resource;generating a temporary access permission by said second resource upon presentation and verification of said temporary credential token;
gaining entry to said second resource in response to the second resource generating a temporary access permission; andterminating said temporary credential token and said temporary access permission when said session is terminated. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22)
-
Specification