Control of access to a secondary system
First Claim
1. A method for controlling access of a user to a secondary system, said method comprising:
- a processor of a primary system receiving, from a user system connected to the secondary system, first authentication information comprising an encryption of a random string by a private key of a public/private key pair of a user logged on the user system, said encryption of the random string being a user-specific key;
said processor generating second authentication information from protected secondary authentication data stored in the primary system, said generating the second authentication information comprising performing a decryption of the protected secondary authentication data by applying the user-specific key to the protected secondary authentication data to generate the second authentication information; and
said processor providing the second authentication information to the secondary system to enable access of the user to the secondary system.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for controlling access of a user to a secondary system. A primary system receives, from a user system connected to the secondary system, first authentication information comprising an encryption of a random string. The encryption of the random string is a user-specific key. Second authentication information is generated from protected secondary authentication data stored in the primary system. Generation of the second authentication information includes applying the user-specific key to the protected secondary authentication data to generate the second authentication information. The second authentication information is provided to the secondary system to enable access of the user to the secondary system.
108 Citations
16 Claims
-
1. A method for controlling access of a user to a secondary system, said method comprising:
-
a processor of a primary system receiving, from a user system connected to the secondary system, first authentication information comprising an encryption of a random string by a private key of a public/private key pair of a user logged on the user system, said encryption of the random string being a user-specific key; said processor generating second authentication information from protected secondary authentication data stored in the primary system, said generating the second authentication information comprising performing a decryption of the protected secondary authentication data by applying the user-specific key to the protected secondary authentication data to generate the second authentication information; and said processor providing the second authentication information to the secondary system to enable access of the user to the secondary system. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computer program product comprising a computer readable storage device storing computer executable instructions that when executed by a processor of a primary system perform a method for controlling access of a user to a secondary system, said method comprising:
-
said processor receiving, from a user system connected to the secondary system, first authentication information comprising an encryption of a random string by a private key of a public/private key pair of a user logged on the user system, said encryption of the random string being a user-specific key; said processor generating second authentication information from protected secondary authentication data stored in the primary system, said generating the second authentication information comprising performing a decryption of the protected secondary authentication data by applying the user-specific key to the protected secondary authentication data to generate the second authentication information; and said processor providing the second authentication information to the secondary system to enable access of the user to the secondary system. - View Dependent Claims (8, 9, 10, 11)
-
-
12. A primary system comprising a processor and a computer program product, said computer program product comprising computer executable instructions that when executed by the processor perform a method for controlling access of a user to a secondary system, said method comprising:
-
said processor receiving, from a user system connected to the secondary system, first authentication information comprising an encryption of a random string by a private key of a public/private key pair of a user logged on the user system, said encryption of the random string being a user-specific key; said processor generating second authentication information from protected secondary authentication data stored in the primary system, said generating the second authentication information comprising performing a decryption of the protected secondary authentication data by applying the user-specific key to the protected secondary authentication data to generate the second authentication information; and said processor providing the second authentication information to the secondary system to enable access of the user to the secondary system. - View Dependent Claims (13, 14, 15, 16)
-
Specification