Password security utility
First Claim
1. A resource manager for use in an associated content management system, the resource manager configured to receive a client request pertaining to information and to access at least one of a plurality of data servers to execute the client request, the resource manager including:
- a encryption engine adapted to encrypt passwords associated with the plurality of data servers using a key-based encryption algorithm and to store in a password storage a ciphertext corresponding to each password, the ciphertext being generated based at least on the encrypted password;
a server identifier module that identifies a ciphertext in the passwords storage that is associated with the at least one of a plurality of data servers; and
a decryption engine that decrypts the ciphertext using a key-based decryption algorithm corresponding to the key-based encryption algorithm to recover the password corresponding to the ciphertext.
1 Assignment
0 Petitions
Accused Products
Abstract
A resource manager (14, 16) of a content management system (10) is configured to receive a client request (34, 36) pertaining to information and to access at least one of a plurality of data servers (20, 22, 24, 26) to execute the client request (34, 36). An encryption engine (80) encrypts passwords associated with the plurality of data servers (20, 22, 24, 26) using a key-based encryption algorithm and stores a ciphertext corresponding to each password in a passwords storage (40). A server identifier module (70, 72) identifies a ciphertext in the passwords storage (40) that is associated with the at least one of a plurality of data servers (20, 22, 24, 26). A decryption engine (100) decrypts the ciphertext using a key-based decryption algorithm corresponding to the key-based encryption algorithm.
26 Citations
20 Claims
-
1. A resource manager for use in an associated content management system, the resource manager configured to receive a client request pertaining to information and to access at least one of a plurality of data servers to execute the client request, the resource manager including:
-
a encryption engine adapted to encrypt passwords associated with the plurality of data servers using a key-based encryption algorithm and to store in a password storage a ciphertext corresponding to each password, the ciphertext being generated based at least on the encrypted password; a server identifier module that identifies a ciphertext in the passwords storage that is associated with the at least one of a plurality of data servers; and a decryption engine that decrypts the ciphertext using a key-based decryption algorithm corresponding to the key-based encryption algorithm to recover the password corresponding to the ciphertext. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A content management method for managing content stored on a plurality of data servers, the content management method including:
-
computing a first cipher key set comprising one or more random cipher keys associated with a first application of the method; encrypting a first plurality of passwords corresponding to a first plurality of servers using the first cipher key set to produce ciphertexts corresponding to the passwords, the ciphertexts being stored in a first passwords list associated with the first application of the method; constructing an information processing request based on user inputs; identifying a server to be accessed during execution of the information processing request; retrieving a ciphertext corresponding to the server to be accessed from the first passwords list; and decrypting the ciphertext corresponding to the server to be accessed using the first cipher key set. - View Dependent Claims (14, 15, 16)
-
-
17. An article of manufacture comprising a program storage medium readable by a computer and embodying one or more instructions executable by the computer to perform a security utility method for maintaining a passwords list, the method comprising:
-
computing a cipher key set based on a generally variable quantity; encrypting passwords using the cipher key set, the encrypting of each password including; generating a generally variable initialization factor corresponding to the password, encrypting the password based on the corresponding generally variable initialization factor and the cipher key set to produce an encrypted password, combining the encrypted password with at least the corresponding generally variable initialization factor to produce a ciphertext, and storing the ciphertext in the passwords list; and responsive to a request for one of the passwords; retrieving a ciphertext corresponding to the password from the passwords list, recovering the encrypted password and the corresponding variable initialization factor from the retrieved ciphertext, and decrypting the encrypted password based on the corresponding variable initialization factor and the cipher key set to recover the password. - View Dependent Claims (18, 19, 20)
-
Specification