Trusted local single sign-on
First Claim
1. A computing method, comprising:
- running on a user computer a first operating environment for performing general-purpose operations and a second operating environment, which is configured exclusively for interacting with multiple servers in respective secure communication sessions and is separate from the first operating environment, wherein the second operating environment is isolated from the first operating environment and the first operating environment does not interact with the multiple servers in the secure communication sessions, the first operating environment including an operating system and second operating environment including an operating system separate from the operating system of the first operating environment, wherein in the protected communication session the second operating environment exchanges transaction data with a server via a security protocol, wherein general-purpose operations performed in the first operating environment do not affect operation of the second operating environment, and wherein running the second operating environment comprises verifying a trustworthiness of the second operating environment by communication between the second operating environment and a Central Management System (CMS) that is external to the user computer;
storing in the second operating environment multiple different server-specific credentials, each corresponding to one of the multiple servers, for authenticating a user of the user computer to each respective server, and a single set of master credentials for authenticating the user to the second operating environment; and
establishing a secure communication session between the user computer and at least one of the multiple servers under control of a program running in the second operating environment, by authenticating the user to the second operating environment using the master credentials and, responsively to successfully authenticating the user in the second operating environment, automatically selecting one of the server-specific credentials in the second operating environment corresponding to the one of the multiple servers and the second operating environment authenticating the user to the one server using the selected server-specific credentials.
3 Assignments
0 Petitions
Accused Products
Abstract
A method includes running on a computer a first operating environment for performing general-purpose operations and a second operating environment, which is configured exclusively for interacting with multiple servers in respective secure communication sessions and is isolated from the first operating environment. Multiple server-specific credentials for authenticating a user of the computer to the respective servers, as well as a single set of master credentials for authenticating the user to the second operating environment, are stored in the second operating environment.
A secure communication session is established between the computer and a given server under control of a program running in the second operating environment, by authenticating the user using the master credentials and, responsively to authenticating the user, selecting one of the server-specific credentials and authenticating the user to the given server using the selected server-specific credentials.
160 Citations
25 Claims
-
1. A computing method, comprising:
-
running on a user computer a first operating environment for performing general-purpose operations and a second operating environment, which is configured exclusively for interacting with multiple servers in respective secure communication sessions and is separate from the first operating environment, wherein the second operating environment is isolated from the first operating environment and the first operating environment does not interact with the multiple servers in the secure communication sessions, the first operating environment including an operating system and second operating environment including an operating system separate from the operating system of the first operating environment, wherein in the protected communication session the second operating environment exchanges transaction data with a server via a security protocol, wherein general-purpose operations performed in the first operating environment do not affect operation of the second operating environment, and wherein running the second operating environment comprises verifying a trustworthiness of the second operating environment by communication between the second operating environment and a Central Management System (CMS) that is external to the user computer; storing in the second operating environment multiple different server-specific credentials, each corresponding to one of the multiple servers, for authenticating a user of the user computer to each respective server, and a single set of master credentials for authenticating the user to the second operating environment; and establishing a secure communication session between the user computer and at least one of the multiple servers under control of a program running in the second operating environment, by authenticating the user to the second operating environment using the master credentials and, responsively to successfully authenticating the user in the second operating environment, automatically selecting one of the server-specific credentials in the second operating environment corresponding to the one of the multiple servers and the second operating environment authenticating the user to the one server using the selected server-specific credentials. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A user computer, comprising:
-
an network interface device, which is operative to communicate with multiple servers over a communication network; and a hardware processor, which is coupled to run a first operating environment, which is configured to perform general-purpose operations, and a second operating environment, which is configured exclusively for interacting with the multiple servers in respective protected communication sessions and is separate from the first operating environment, wherein the second operating environment is isolated from the first operating environment and the first operating environment does not interact with the multiple servers in the secure communication sessions, the first operating environment including an operating system and second operating environment including an operating system separate from the operating system of the first operating environment, wherein in the protected communication session the second operating environment exchanges transaction data with a server via a security protocol, wherein general-purpose operations performed in the first operating environment do not affect operation of the second operating environment, and wherein running the second operating environment comprises verifying a trustworthiness of the second operating environment by communication between the second operating environment and a Central Management System (CMS) that is external to the user computer, the hardware processor configured to store in the second operating environment multiple different server-specific credentials, each corresponding to one of the multiple servers, for authenticating a user of the user computer to each respective server and a single set of master credentials for authenticating the user to the second operating environment, and the hardware processor configured to establish a secure communication session between the user computer and at least one of the multiple servers under control of a program running in the second operating environment, by authenticating the user to the second operating environment using the master credentials and, responsively to successfully authenticating the user in the second operating environment, automatically selecting, one of the server-specific credentials in the second operating environment corresponding to the one of the multiple servers and the second operating environment authenticating the user to the one server using the selected server-specific credentials. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
-
25. A computer software product for use in a user computer, the computer software product comprising a non-transitory computer-readable storage medium, storing executable instructions, which instructions, when executed by the user computer, cause the user computer to perform operations including,
communicating with multiple servers over a communication network, to run a first operating environment for performing general-purpose operations and a second operating environment, which is configured exclusively for interacting with the multiple servers in respective secure communication sessions and is separate from the first operating environment, wherein where the second operating environment is isolated from the first operating environment and the first operating environment does not interact with the multiple servers in the secure communication sessions, the first operating environment including an operating system and second operating environment including an operating system separate from the operating system of the first operating environment, wherein in the protected communication session the second operating environment exchanges transaction data with a server via a security protocol, wherein general-purpose operations performed in the first operating environment do not affect operation of the second operating environment, and wherein running the second operating environment comprises verifying a trustworthiness of the second operating environment by communication between the second operating environment and a Central Management System (CMS) that is external to the user computer, storing in the second operating environment multiple different server-specific credentials, each corresponding to one of the multiple servers, for authenticating a user of the user computer to each respective server and a single set of master credentials for authenticating the user to the second operating environment, and establishing a secure communication session between the user computer and at least one of the multiple servers under control of a program running in the second operating environment, by authenticating the user to the second operating environment using the master credentials and, responsively to successfully authenticating the user in the second operating environment, automatically selecting one of the server-specific credentials in the second operating environment corresponding to the one of the multiple servers and the second operating environment authenticating the user to the one server using the selected server-specific credentials.
Specification