Searching and replacing credentials in a disparate credential store environment

US 8,863,246 B2
Filed: 08/31/2007
Issued: 10/14/2014
Est. Priority Date: 08/31/2007
Status: Active Grant

First Claim

Patent Images

1. In a computing system environment, a method of searching and replacing user credentials in an environment of multiple disparate credential stores associated with a SSO (Single-Sign-On) service, comprising:

via a common user interface of the computing system, authenticating an authority of a user to change credential information, where the common user interface is a single point of control for searching and replacing the user credentials;

if authenticated, searching via the common user interface for the credential information of at least two of said multiple disparate credential stores associated with the SSO service;

in response to the searching, receiving the requested credential information through the common interface and in a common format; and

displaying the received credential information in the common user interface;

receiving new credential information from the user through the common user interface;

receiving user input through the common user interface to replace each of the received credential information with the new credential information; and

at a same time and responsive to the user input, replacing each of the received credential information from the at least two multiple disparate credential stores with the new credential information via the common interface.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Apparatus and methods are described for searching and replacing user credentials in a multiple disparate credential store environment. Upon authentication of a user to change credentials, credential information of multiple disparate credential stores is searched. Upon population of search results, users indicate which of the credentials they desire to change and results are committed upon affirmative execution in a user interface dialog. In this manner, users locate their credential information, from whatever store, and change it in quantity or singularly from a single point of control. They can also fully understand how many passwords, secrets, keys, etc., they have over the many disparate stores available to them and affirmatively control their relationship to other credential information. Reversion of credential information to an earlier time is still another feature as is retrofitting existing SSO services. Computer program products and computing network interaction are also disclosed.

70 Citations

View as Search Results

30 Claims

1. In a computing system environment, a method of searching and replacing user credentials in an environment of multiple disparate credential stores associated with a SSO (Single-Sign-On) service, comprising:
- via a common user interface of the computing system, authenticating an authority of a user to change credential information, where the common user interface is a single point of control for searching and replacing the user credentials;
  
  if authenticated, searching via the common user interface for the credential information of at least two of said multiple disparate credential stores associated with the SSO service;
  
  in response to the searching, receiving the requested credential information through the common interface and in a common format; and
  
  displaying the received credential information in the common user interface;
  
  receiving new credential information from the user through the common user interface;
  
  receiving user input through the common user interface to replace each of the received credential information with the new credential information; and
  
  at a same time and responsive to the user input, replacing each of the received credential information from the at least two multiple disparate credential stores with the new credential information via the common interface.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the replacing further includes making the credential information for the at least two of said multiple disparate credential stores a same value.
  - 3. The method of claim 1, further including reverting the new credential information back to an original value.
  - 4. The method of claim 1, wherein the authenticating further includes launching a credential store utility providing the common interface for the common format.
  - 5. The method of claim 4, further including retrofitting an existing single-sign-on service with the credential store utility.
  - 6. The method of claim 1, further including establishing a policy for when the replacing can occur.
  - 7. The method of claim 1, further including replacing all the credential information of each said multiple disparate credential stores in a single replacement step.
  - 8. The method of claim 1, further including indicating no-synchronizing of the credential information.

9. In a computing system environment, a method of searching and replacing user credentials in an environment of multiple disparate credential stores associated with a SSO (Single-Sign-On) service, comprising:
- searching via a common user interface of the computing system for credential information for at least two of said multiple disparate credential stores associated with the SSO service upon authenticating a user to change the user credentials, where the common user interface is a single point of control for searching and replacing the user credentials;
  
  in response to the searching, receiving the requested credential information via the common interface; and
  
  displaying the received credential information in the common user interface;
  
  receiving new credential information from the user through the common user interface;
  
  receiving user input through the common user interface to replace each of the received credential information with the new credential information; and
  
  at a same time and in response to the user input, replacing each of the received credential information from the at least two multiple disparate credential stores with the new credential information.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. The method of claim 9, wherein the receiving the requested credential information further includes receiving through the common interface and in a common format.
  - 11. The method of claim 9, further including authenticating an authority of a user for the replacing.
  - 12. The method of claim 9, wherein the replacing the credential information from the at least two multiple disparate credential stores with the new credential information occurs upon a single activation in a user-interface dialog.
  - 13. The method of claim 9, further including providing a synchronizing engine to interface with a single-sign-on service, the synchronizing engine for the receiving and the replacing.
  - 14. The method of claim 13, further including interfacing the synchronizing engine and the single-sign-on service with a layer intermediate the multiple disparate credential stores.

15. A computing system for searching and replacing user credentials in an environment of multiple disparate credential stores associated with a SSO (Single-Sign-On) service, comprising:
- a user interface module of the computing system for indicating various credentials to be searched-for and replaced, where the user interface module is configured to generate a common user interface that is a single point of control for searching and replacing the user credentials;
  
  a single-sign-on service;
  
  a synchronizing engine interfacing with the single-sign-on service; and
  
  at least two credential stores having dissimilar credential information associated with the SSO service, wherein the synchronizing engine is configured to search for the various credentials said indicated by a user via the common user interface upon authenticating the user to change the user credentials and finding said various credentials to;
  
  display the various credentials in the common user interface;
  
  receive new credential information via the common user interface, receive user input to replace each of the various credentials with the new credential information; and
  
  at a same time and in response to the user input, replace the various credentials with the new credential information.
- View Dependent Claims (16)
- - 16. The computing system of claim 15, wherein the user interface module includes a CASA manager.

17. A non-transitory, computer-readable storage medium having stored thereon instructions, which, when executed by one or more hardware processors, causes the one or more processors to perform operations comprising:
- via a common user interface of a computer system, authenticating an authority of a user to change credential information, where the common user interface is a single point of control for searching and replacing the user credentials;
  
  if authenticated, searching via the common user interface for the credential information of at least two multiple disparate credential stores associated with a SSO (Single-Sign-On) service;
  
  in response to the searching, receiving the requested credential information through the common interface and in a common format;
  
  displaying the received credential information in the common user interface;
  
  receiving new credential information from the user through the common user interface;
  
  receiving user input through the common user interface to replace each of the received credential information with the new credential information; and
  
  at a same time and responsive to the user input, replacing each of the received credential information from the at least two multiple disparate credential stores with the new credential information via the common user interface.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
- - 18. The non-transitory, computer-readable storage medium of claim 17, wherein the replacing further includes making the credential information for the at least two of said multiple disparate credential stores a same value.
  - 19. The non-transitory, computer-readable storage medium of claim 17, further including reverting the new credential information back to an original value.
  - 20. The non-transitory, computer-readable storage medium of claim 17, wherein the authenticating further includes launching a credential store utility providing the common user interface for a common format.
  - 21. The non-transitory, computer-readable storage medium of claim 20, further including retrofitting an existing single-sign-on service with the credential store utility.
  - 22. The non-transitory, computer-readable storage medium of claim 17, further including establishing a policy for when the replacing can occur.
  - 23. The non-transitory, computer-readable storage medium of claim 17, further including replacing all the credential information of each said multiple disparate credential stores in a single replacement step.
  - 24. The non-transitory, computer-readable storage medium of claim 17, further including indicating no-synchronizing of the credential information.

25. A non-transitory, computer-readable storage medium having stored thereon instructions, which, when executed by one or more hardware processors, causes the one or more processors to perform operations comprising:
- searching via a common user interface of a computer system for credential information for at least two of said multiple disparate credential stores associated with a SSO (Single-Sign-On) service upon authenticating a user to change the credential information, were the common user interface is a single point of control for searching and replacing the user credentials;
  
  in response to the searching, receiving the requested credential information via the common interface; and
  
  displaying the received credential information in the common user interface;
  
  receiving new credential information from the user through the common user interface;
  
  receiving user input through the common user interface to replace each of the received credential information with the new credential information; and
  
  at a same time and in response to the user input, replacing each of the received credential information from the at least two multiple disparate credential stores with the new credential information.
- View Dependent Claims (26, 27, 28, 29, 30)
- - 26. The non-transitory, computer-readable storage medium of claim 25, wherein the receiving the requested credential information further includes receiving through the common user interface and in a common format.
  - 27. The non-transitory, computer-readable storage medium of claim 25, further including authenticating an authority of a user for the replacing.
  - 28. The non-transitory, computer-readable storage medium of claim 25, wherein the replacing the credential information from the at least two multiple disparate credential stores with the new credential information occurs upon a single activation in a user-interface dialog.
  - 29. The non-transitory, computer-readable storage medium of claim 25, further including providing a synchronizing engine to interface with a single-sign-on service, the synchronizing engine for the receiving and the replacing.
  - 30. The non-transitory, computer-readable storage medium of claim 29, further including interfacing the synchronizing engine and the single-sign-on service with a layer intermediate the multiple disparate credential stores.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Apple Inc.
Original Assignee
Apple Inc.
Inventors
Norman, James M., Mashayekhi, Cameron, Ford, Karl E.
Primary Examiner(s)
Chai, Longbit

Application Number

US11/897,737
Publication Number

US 20090064290A1
Time in Patent Office

2,601 Days
Field of Search

726/5
US Class Current

726/5
CPC Class Codes

G06F 21/31   User authentication

G06F 21/34   involving the use of extern...

G06F 21/41   where a single sign-on prov...

G06F 21/6209   to a single file or object,...

H04L 63/0815   providing single-sign-on or...

Searching and replacing credentials in a disparate credential store environment

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

70 Citations

30 Claims

Specification

Use Cases

Quick Links

Others

Searching and replacing credentials in a disparate credential store environment

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

70 Citations

30 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others