Remote authorization for operations

US 7,810,139 B2
Filed: 03/29/2006
Issued: 10/05/2010
Est. Priority Date: 03/29/2006
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

receiving a request for authorization to initiate an operation of a security system;

notifying a remote authorization principal of the request, the remote authorization principal is a user who is certified as a crypto officer for the secure system and the remote authorization principal is not physically and not geographically present at the security system when notified and the remote authorization principal is communicated with over a wide-area-network via a phone of the remote authorization principal, the remote authorization principal is notified via a text message to the phone of the request to initiate the operation and at the same time a voice message is sent to the phone of the remote authorization principal, the voice message indicating that the remote authorization principal is to use a random passkey along with credentials of the remote authorization principal to gain access to a random key generator and acquire a secret;

obtaining the secret in response to the notification;

acquiring an access key in response to the secret;

submitting the access key to the security system to initiate the operation;

notifying one or more additional remote authorization principals of the request;

obtaining one or more additional secrets from the one or more additional remote authorization principals;

acquiring one or more additional access keys in response to the one or more additional secrets; and

submitting the one or more additional access keys to the security system to finalize the initiation of the operation.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques for the remote authorization of secure operations are provided. A secure security system restricts access to a secure operation via an access key. An authorization acquisition service obtains the access key on request from the secure security system when an attempt is made to initiate the secure operation. The authorization acquisition service gains access the access key from a secure store via a secret. That is, the secret store is accessible via the secret. The secret is obtained directly or indirectly from a remote authorization principal over a network.

Citations

7 Claims

1. A method, comprising:
- receiving a request for authorization to initiate an operation of a security system;
  
  notifying a remote authorization principal of the request, the remote authorization principal is a user who is certified as a crypto officer for the secure system and the remote authorization principal is not physically and not geographically present at the security system when notified and the remote authorization principal is communicated with over a wide-area-network via a phone of the remote authorization principal, the remote authorization principal is notified via a text message to the phone of the request to initiate the operation and at the same time a voice message is sent to the phone of the remote authorization principal, the voice message indicating that the remote authorization principal is to use a random passkey along with credentials of the remote authorization principal to gain access to a random key generator and acquire a secret;
  
  obtaining the secret in response to the notification;
  
  acquiring an access key in response to the secret;
  
  submitting the access key to the security system to initiate the operation;
  
  notifying one or more additional remote authorization principals of the request;
  
  obtaining one or more additional secrets from the one or more additional remote authorization principals;
  
  acquiring one or more additional access keys in response to the one or more additional secrets; and
  
  submitting the one or more additional access keys to the security system to finalize the initiation of the operation.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, wherein obtaining further includes receiving the secret as the access key.
  - 3. The method of claim 1, wherein obtaining further includes at least one of:
    - receiving the secret from a secure World-Wide Web (WWW) service activated by the remote authorization principal;
      
      receiving the secret as touch tone codes from a communication device of the remote authorization principal;
      
      receiving the secret as a text message submitted by the remote authorization principal from the communication device;
      
      receiving the secret as a voice instruction from the remote authorization principal with the communication device; and
      
      receiving the secret from the communication device identified with a unique device identifier upon instruction to do so by the remote authorization principal.
  - 4. The method of claim 1, wherein obtaining further includes receiving the secret as a randomly and time sensitive secret from the remote authorization principal after the remote authorization principal access at least one of a device and a service to acquire the secret in response to the notification.
  - 5. The method of claim 1, wherein obtaining one or more additional secrets further include receiving the one or more additional secrets as the acquired one or more additional access keys.

6. A method, comprising:
- receiving a request for authorization to initiate an operation of a security system;
  
  notifying a remote authorization principal of the request, the remote authorization principal is a user who is certified as a crypto officer for the secure system and the remote authorization principal is not physically and not geographically present at the security system when notified and the remote authorization principal is communicated with over a wide-area-network via a phone of the remote authorization principal, the remote authorization principal is notified via a text message to the phone of the request to initiate the operation and at the same time a voice message is sent to the phone of the remote authorization principal, the voice message indicating that the remote authorization principal is to use a random passkey along with credentials of the remote authorization principal to gain access to a random key generator and acquire a secret;
  
  obtaining the secret in response to the notification;
  
  acquiring an access key in response to the secret;
  
  submitting the access key to the security system to initiate the operation;
  
  notifying one or more additional remote authorization principals of the request;
  
  obtaining one or more additional secrets from the one or more additional remote authorization principals; and
  
  using the one or more additional secrets as additional information used for purposes of acquiring the access key.
- View Dependent Claims (7)
- - 7. The method of claim 6 further comprising, resolving at least one of a notification mechanism and an acquisition access key mechanism in response to one or more policies.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Novell Incorporated (Open Text Corporation)
Inventors
Carter, Stephen R., Burch, Lloyd Leon
Primary Examiner(s)
Moazzami; Nasser
Assistant Examiner(s)
ABEDIN, SHANTO

Application Number

US11/392,195
Publication Number

US 20070234406A1
Time in Patent Office

1,651 Days
Field of Search

726/1, 726/2, 726/4, 726/6, 726/11, 726/12, 726/14, 726/18, 726/26, 726/27, 726/28, 713/168, 713/183, 713/185, 709/217, 709/219, 709/225, 709/223, 709/224, 709/229, 705/50, 705/51, 705/73, 705/74, 705/75
US Class Current

726/4
CPC Class Codes

G06F 21/33   using certificates

H04L 2463/081   applying self-generating cr...

H04L 63/062   for key distribution, e.g. ...

H04L 63/08   for authentication of entit...

H04L 63/102   Entity profiles

Remote authorization for operations

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

7 Claims

Specification

Solutions

Use Cases

Quick Links

Remote authorization for operations

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

7 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links