×

Method and system for controlling access to a secondary system

  • US 8,230,487 B2
  • Filed: 10/12/2006
  • Issued: 07/24/2012
  • Est. Priority Date: 12/21/2005
  • Status: Expired due to Fees
First Claim
Patent Images

1. A method for controlling access of a user to a secondary system, said user being logged on a user system, a primary system connecting the user system to the secondary system, said method comprising:

  • said primary system receiving first authentication information from the user system;

    said primary system determining that a decryption or an encryption of the first authentication information is equal to protected primary authentication data stored in the primary system, followed by said primary system providing access of the user to the primary system;

    after said providing access of the user to the primary system, said primary system generating a user-specific key consisting of either the first authentication information or an encryption of the first authentication information;

    said primary system generating second authentication information from protected secondary authentication data stored in the primary system, said generating the second authentication information comprising using applying the user-specific key to the protected secondary authentication data to generate the second authentication information; and

    said primary system providing the second authentication information to the secondary system to enable access of the user to the secondary system,wherein the method further comprises;

    said primary system sending a random string to the user system, wherein the random string is derived from user-specific data pertaining to the user; and

    responsive to said sending the random string, said primary system receiving from the user system an encryption of the random string by a private key of the user, wherein the first authentication information is the encryption of the random string, and wherein said generating the user-specific key comprises setting the user-specific key equal to the encryption of the random string.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×