Method and software for migrating protected authentication data
First Claim
1. A method for populating password data to a target datastore associated with a target user authenticator that is in communication with a source user authenticator after migration from the source user authenticator, the source user authenticator having associated with a source datastore comprising unencrypted user identification data and user authentication data encrypted with a proprietary encryption algorithm, while also responding to user requests for information, the method comprising:
- migrating unencrypted data from the source datastore to the target datastore;
intercepting, by a servlet interceptor, a request from a user to access information protected by the target user authenticator;
prompting, by the servlet interceptor, the user for an identification;
receiving, by the servlet interceptor, the identification from the user;
locating, by the servlet interceptor, a corresponding identification in the target datastore;
searching, by the servlet interceptor, the target datastore for a user authentication data associated with the corresponding identification;
determining, by the servlet interceptor, that the target datastore does not include a user authentication data associated with the corresponding identification;
forwarding the intercepted request to the source user authenticator responsive to the determining;
prompting, by the source user authenticator, the user for identification and user authentication data;
receiving, by the source user authenticator, identification and user authentication data from the user;
monitoring, by a password capture process, the source user authenticator for an approval response;
detecting, by the password capture process, the approval response from the source user authenticator;
capturing, by the password capture process, the user authentication data provided to the source user authenticator by the user;
populating, by the password capture process, the target datastore with the captured user authentication data associated with the corresponding identification upon detecting the approval response.
6 Assignments
0 Petitions
Accused Products
Abstract
The present disclosure attempts to migrate from a first authenticator to a second authenticator. In the most preferred embodiment, the first step is to migrate the data that is not stored encrypted by a traditional replication or transformation between the datastores of the authenticators. The new authenticator is placed in position, while the old authenticator is maintained. When a user attempts to login, servlets check to see if the user'"'"'s password exists within the datastore for the new authenticator. If not, then the user is sent to the old authenticator'"'"'s sign-on page. When the user enters their authentication credentials into the old authenticator, a code snippet or second servlet will capture this information and, on confirmation from the old authenticator that the user is properly authenticated, use the captured information to populate the new datastore.
-
Citations
13 Claims
-
1. A method for populating password data to a target datastore associated with a target user authenticator that is in communication with a source user authenticator after migration from the source user authenticator, the source user authenticator having associated with a source datastore comprising unencrypted user identification data and user authentication data encrypted with a proprietary encryption algorithm, while also responding to user requests for information, the method comprising:
-
migrating unencrypted data from the source datastore to the target datastore; intercepting, by a servlet interceptor, a request from a user to access information protected by the target user authenticator; prompting, by the servlet interceptor, the user for an identification; receiving, by the servlet interceptor, the identification from the user; locating, by the servlet interceptor, a corresponding identification in the target datastore; searching, by the servlet interceptor, the target datastore for a user authentication data associated with the corresponding identification; determining, by the servlet interceptor, that the target datastore does not include a user authentication data associated with the corresponding identification; forwarding the intercepted request to the source user authenticator responsive to the determining; prompting, by the source user authenticator, the user for identification and user authentication data; receiving, by the source user authenticator, identification and user authentication data from the user; monitoring, by a password capture process, the source user authenticator for an approval response; detecting, by the password capture process, the approval response from the source user authenticator; capturing, by the password capture process, the user authentication data provided to the source user authenticator by the user; populating, by the password capture process, the target datastore with the captured user authentication data associated with the corresponding identification upon detecting the approval response. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
Specification
-
- Resources
-
Current AssigneeT-Mobile Innovations LLC (Deutsche Telekom AG)
-
Original AssigneeSprint Communications Company LP (Deutsche Telekom AG)
-
InventorsKuruvalli, Bharath, Boydstun, Kenneth Charles
-
Primary Examiner(s)Hewitt, II; Calvin Loyd
-
Assistant Examiner(s)SHERR, CRISTINA O
-
Application NumberUS10/075,336Time in Patent Office3,513 DaysField of Search705 51- 67US Class Current705/50CPC Class CodesG06F 21/31 User authenticationG06F 2221/2103 Challenge-responseG06Q 20/3674 involving authenticationG07F 7/1025 Identification of user by a...H04L 63/083 using passwords cryptograph...
