Single login multiplexing

US 9,600,643 B2
Filed: 02/06/2014
Issued: 03/21/2017
Est. Priority Date: 02/06/2014
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

maintaining, by a processing device, authorization data in a data store, the authorization data comprising an association of a plurality of passwords of a plurality of users with a username shared by the plurality of users for an account of an application in a data store, wherein each of the plurality of passwords has a corresponding user of the plurality of users and a corresponding set of privileges;

receiving, by the processing device, a request for access to the account from a first user device of a first user, the request comprising the shared username and a first password of the plurality of passwords, the first password corresponding to the first user;

authenticating, by the processing device, the first user in view of a comparison of the shared username and the first password with the authorization data;

upon authentication of the first user, granting, by the processing device, access to the account for the first user device of the first user to execute a corresponding first set of privileges;

receiving, by the processing device, a request for access to the account from a second user device of a second user, the request comprising the shared username and a second password of the plurality of passwords, the second password corresponding to the second user;

authenticating, by the processing device, the second user in view of a comparison of the shared username and the second password with the authorization data; and

upon authentication of the second user, granting, by the processing device, access to the account for the second user device of the second user to execute a corresponding second set of privileges.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for providing access to application, where an association of a plurality of passwords with a login for an account of an application is maintained, wherein each of the plurality of passwords has a corresponding user and a corresponding set of privileges. A request for access to the account is received from a first user including the login and a first password of the plurality of password corresponding to the user, and the user is authenticated in view of the login and the password. Upon authentication of the user, access to the account is granted for the user to execute a corresponding first set of privileges.

Citations

20 Claims

1. A method comprising:
- maintaining, by a processing device, authorization data in a data store, the authorization data comprising an association of a plurality of passwords of a plurality of users with a username shared by the plurality of users for an account of an application in a data store, wherein each of the plurality of passwords has a corresponding user of the plurality of users and a corresponding set of privileges;
  
  receiving, by the processing device, a request for access to the account from a first user device of a first user, the request comprising the shared username and a first password of the plurality of passwords, the first password corresponding to the first user;
  
  authenticating, by the processing device, the first user in view of a comparison of the shared username and the first password with the authorization data;
  
  upon authentication of the first user, granting, by the processing device, access to the account for the first user device of the first user to execute a corresponding first set of privileges;
  
  receiving, by the processing device, a request for access to the account from a second user device of a second user, the request comprising the shared username and a second password of the plurality of passwords, the second password corresponding to the second user;
  
  authenticating, by the processing device, the second user in view of a comparison of the shared username and the second password with the authorization data; and
  
  upon authentication of the second user, granting, by the processing device, access to the account for the second user device of the second user to execute a corresponding second set of privileges.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, further comprising:
    - associating an administrator password with the shared username, wherein the administrator password corresponds to an administrator and an administrator set of privileges, wherein the administrator set of privileges is different from the first set of privileges and comprises the privilege of associating and dissociating each of the plurality of passwords with the shared username;
      
      receiving a request for access to the account from the administrator comprising the shared username and the administrator password;
      
      authenticating the administrator in view of the shared username and the administrator password; and
      
      upon authentication of the administrator, granting access to the account for the administrator to execute the administrator set of privileges.
  - 3. The method of claim 2, further comprising providing an administrator user interface that displays each of the plurality of passwords, and a corresponding user and a corresponding set of privileges for each of the plurality of passwords.
  - 4. The method of claim 1 further comprising:
    - receiving a message from the first user for the second user; and
      
      sending the message to the second user.
  - 5. The method of claim 1 further comprising:
    - providing a user interface that indicates each currently authenticated user in view of a corresponding password.
  - 6. The method of claim 5, wherein the user interface further displays for each currently authenticated user a session length.
  - 7. The method of claim 5, wherein the user interface further displays for each currently authenticated user a user location.

8. A system comprising:
- a memory having a data store to store authorization data comprising an association of a plurality of passwords of a plurality of users with a username shared by the plurality of users for an account of an application in a data store, wherein each of the plurality of passwords has a corresponding user of the plurality of users and a corresponding set of privileges; and
  
  a processing device coupled to the memory to;
  
  receive a request for access to the account from a first user device of a first user, the request comprising the shared username and a first password of the plurality of passwords, the first password corresponding to the first user;
  
  authenticate the first user in view of the shared username and the first password;
  
  upon authentication of the first user, grant access to the account for the first user to execute a corresponding first set of privileges;
  
  receive a request for access to the account from a second user device of a second user, the request comprising the shared username and a second password of the plurality of passwords, the second password corresponding to the second user;
  
  authenticate the second user in view of a comparison of the shared username and the second password with the authorization data; and
  
  upon authentication of the second user, grant access to the account for the second user to execute a corresponding second set of privileges.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The system of claim 8, wherein the processing device is further to:
    - associate an administrator password with the shared username, wherein the administrator password corresponds to an administrator and an administrator set of privileges, wherein the administrator set of privileges is different from the first set of privileges and comprises the privilege of associating and dissociating each of the plurality of passwords with the shared username;
      
      receive a request for access to the account from the administrator comprising the shared username and the administrator password;
      
      authenticate the administrator in view of the shared username and the administrator password; and
      
      upon authentication of the administrator, grant access to the account for the administrator to execute the administrator set of privileges.
  - 10. The system of claim 9, wherein the processing device is further to provide an administrator user interface that displays each of the plurality of passwords, and a corresponding user and a corresponding set of privileges for each of the plurality of passwords.
  - 11. The system of claim 8, wherein the processing device is further to:
    - receive a message from the first user for the second user; and
      
      send the message to the second user.
  - 12. The system of claim 8, wherein the processing device is further to:
    - provide a user interface that indicates each currently authenticated user in view of a corresponding password.
  - 13. The system of claim 12, wherein the user interface further displays for each currently authenticated user a session length.
  - 14. The system of claim 12, wherein the user interface further displays for each currently authenticated user a user location.

15. A non-transitory computer-readable storage medium including instructions that, when executed by a processing device, cause the processing device to perform operations comprising:
- maintaining authorization data in a data store, the authorization data comprising an association of a plurality of passwords of a plurality of users with a username shared by the plurality of users for an account of an application in a data store, wherein each of the plurality of passwords has a corresponding user of the plurality of users and a corresponding set of privileges;
  
  receiving a request for access to the account from a first user device of a first user, the request comprising the shared username and a first password of the plurality of passwords corresponding to the first user;
  
  authenticating the first user in view of a comparison of the shared username and the first password with the authorization data;
  
  upon authentication of the first user, granting access to the account for the first user device of the first user to execute a corresponding first set of privileges;
  
  receiving a request for access to the account from a second user device of a second user, the request comprising the shared username and a second password of the plurality of passwords, the second password corresponding to the second user;
  
  authenticating the second user in view of a comparison of the shared username and the second password with the authorization data; and
  
  upon authentication of the second user, granting access to the account for the second user device of the second user to execute a corresponding second set of privileges.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The non-transitory computer-readable storage medium of claim 15, wherein the operations further comprise:
    - associating an administrator password with the shared username, wherein the administrator password corresponds to an administrator and an administrator set of privileges, wherein the administrator set of privileges is different from the first set of privileges and comprises the privilege of associating and dissociating each of the plurality of passwords with the shared username;
      
      receiving a request for access to the account from the administrator comprising the shared username and the administrator password;
      
      authenticating the administrator in view of the shared username and the administrator password; and
      
      upon authentication of the administrator, granting access to the account for the administrator to execute the administrator set of privileges.
  - 17. The non-transitory computer-readable storage medium of claim 16, wherein the operations further comprise providing an administrator user interface that displays each of the plurality of passwords, and a corresponding user and a corresponding set of privileges for each of the plurality of passwords.
  - 18. The non-transitory computer-readable storage medium of claim 15, wherein the operations further comprise receiving a message from the first user for the second user;
    - and sending the message to the second user.
  - 19. The non-transitory computer-readable storage medium of claim 15, wherein the operations further comprise providing a user interface that indicates for each currently authenticated user in view of a corresponding password.
  - 20. The non-transitory computer-readable storage medium of claim 19, wherein the user interface further displays for each currently authenticated user a session length.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Red Hat, Inc. (International Business Machines Corporation)
Original Assignee
Red Hat, Inc. (International Business Machines Corporation)
Inventors
Strode, Maureen Emily
Primary Examiner(s)
Truong, Thanhnga B

Application Number

US14/174,616
Publication Number

US 20150220725A1
Time in Patent Office

1,139 Days
Field of Search

726 2- 7, 726 20- 21, 726 27- 29, 726/9, 713/1, 713/168, 713/183, 725/139
US Class Current

1/1
CPC Class Codes

G06F 21/31 User authentication

Single login multiplexing

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Single login multiplexing

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links