Authentication based on previous authentications
First Claim
1. A method for authenticating a user to a target server, said method comprising:
- receiving, by one or more processors of a computer system, a request from a user computer system to authenticate the user for access to N−
1 target servers of N target servers at respective levels 1 through N−
1 of N levels, wherein N is a positive integer of at least 2, wherein the N target servers are sequentially nested at respective levels of the N levels, wherein levels 1 through N are sequenced from lowest level to highest level, and wherein authentication of the user for access to the target server at level N requires prior authentication of the user for access to the target server at level 1 if N is 2 or for access to the N−
1 target servers at the respective levels 1 through N−
1 if N is at least 3;
accessing, by the one or more processors, a stored authentication plan associated with the user, the stored authentication plan having one or more authentication records each having expected information relating to said authentication of the user for access to the N−
1 target servers at the respective levels 1 through N−
1;
receiving, by the one or more processors, an indication that a current authentication plan exists in an authentication store, wherein the current authentication plan includes one or more authentication records, wherein each authentication record of the current authentication plan includes current information relating to authentication of the user for said access to the N−
1 target servers at the respective levels 1 through N−
1;
in response to having received the indication that the current authentication plan exists in the authentication store, (i) requesting, by the one or more processors, the current authentication plan and (ii) receiving, by the one or more processors, the current authentication plan from the authentication store;
determining, by the one or more processors, that there is at least a partial match between the current authentication plan and the stored authentication plan; and
authenticating, by the one or more processors in response to said determining that there is at least the partial match, the user for access to the target server at level N.
2 Assignments
0 Petitions
Accused Products
Abstract
A method and system for authenticating a user to a target server. A request is received from a user computer system to authenticate the user for access to a target server at level N of N levels (N≧2). Each record of a stored authentication plan associated with the user has authentication records each having information relating to authentication of the user for access to N−1 target servers at respective levels 1 through N−1. Each record of a received current authentication plan for the user has authentication records each having current information relating to authentication of the user for access to the N−1 target servers at respective levels 1 through N−1. It is determined that there is at least a partial match between the stored and current authentication plans, and in response, the user is authenticated for access to the target server at level N.
44 Citations
20 Claims
-
1. A method for authenticating a user to a target server, said method comprising:
-
receiving, by one or more processors of a computer system, a request from a user computer system to authenticate the user for access to N−
1 target servers of N target servers at respective levels 1 through N−
1 of N levels, wherein N is a positive integer of at least 2, wherein the N target servers are sequentially nested at respective levels of the N levels, wherein levels 1 through N are sequenced from lowest level to highest level, and wherein authentication of the user for access to the target server at level N requires prior authentication of the user for access to the target server at level 1 if N is 2 or for access to the N−
1 target servers at the respective levels 1 through N−
1 if N is at least 3;accessing, by the one or more processors, a stored authentication plan associated with the user, the stored authentication plan having one or more authentication records each having expected information relating to said authentication of the user for access to the N−
1 target servers at the respective levels 1 through N−
1;receiving, by the one or more processors, an indication that a current authentication plan exists in an authentication store, wherein the current authentication plan includes one or more authentication records, wherein each authentication record of the current authentication plan includes current information relating to authentication of the user for said access to the N−
1 target servers at the respective levels 1 through N−
1;in response to having received the indication that the current authentication plan exists in the authentication store, (i) requesting, by the one or more processors, the current authentication plan and (ii) receiving, by the one or more processors, the current authentication plan from the authentication store; determining, by the one or more processors, that there is at least a partial match between the current authentication plan and the stored authentication plan; and authenticating, by the one or more processors in response to said determining that there is at least the partial match, the user for access to the target server at level N. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer program product, comprising one or more computer-readable hardware storage devices storing program instructions stored which, upon being executed by a computer, perform a method for authenticating a user to a target server, said method comprising:
-
receiving, by one or more processors of a computer system, a request from a user computer system to authenticate the user for access to N−
1 target servers of N target servers at respective levels 1 through N−
1 of N levels, wherein N is a positive integer of at least 2, wherein the N target servers are sequentially nested at respective levels of the N levels, wherein levels 1 through N are sequenced from lowest level to highest level, and wherein authentication of the user for access to the target server at level N requires prior authentication of the user for access to the target server at level 1 if N is 2 or for access to the N−
1 target servers at the respective levels 1 through N−
1 if N is at least 3;accessing, by the one or more processors, a stored authentication plan associated with the user, the stored authentication plan having one or more authentication records each having expected information relating to said authentication of the user for access to the N−
1 target servers at the respective levels 1 through N−
1;receiving, by the one or more processors, an indication that a current authentication plan exists in an authentication store, wherein the current authentication plan includes one or more authentication records, wherein each authentication record of the current authentication plan includes current information relating to authentication of the user for said access to the N−
1 target servers at the respective levels 1 through N−
1;in response to having received the indication that the current authentication plan exists in the authentication store, (i) requesting, by the one or more processors, the current authentication plan and (ii) receiving, by the one or more processors, the current authentication plan from the authentication store; determining, by the one or more processors, that there is at least a partial match between the current authentication plan and the stored authentication plan; and authenticating, by the one or more processors in response to said determining that there is at least the partial match, the user for access to the target server at level N. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A computer system, comprising one or more processors, one or more memories, and one or more computer readable hardware storage devices storing program instructions which, being executed by the one or more processors via the one or more memories, perform a method for authenticating a user to a target server, said method comprising:
-
receiving, by the one or more processors a request from a user computer system to authenticate the user for access to N−
1 target servers of N target servers at respective levels 1 through N−
1 of N levels, wherein N is a positive integer of at least 2, wherein the N target servers are sequentially nested at respective levels of the N levels, wherein levels 1 through N are sequenced from lowest level to highest level, and wherein authentication of the user for access to the target server at level N requires prior authentication of the user for access to the target server at level 1 if N is 2 or for access to the N−
1 target servers at the respective levels 1 through N−
1 if N is at least 3;accessing, by the one or more processors, a stored authentication plan associated with the user, the stored authentication plan having one or more authentication records each having expected information relating to said authentication of the user for access to the N−
1 target servers at the respective levels 1 through N−
1;receiving, by the one or more processors, an indication that a current authentication plan exists in an authentication store, wherein the current authentication plan includes one or more authentication records, wherein each authentication record of the current authentication plan includes current information relating to authentication of the user for said access to the N−
1 target servers at the respective levels 1 through N−
1;in response to having received the indication that the current authentication plan exists in the authentication store, (i) requesting, by the one or more processors, the current authentication plan and (ii) receiving, by the one or more processors, the current authentication plan from the authentication store; determining, by the one or more processors, that there is at least a partial match between the current authentication plan and the stored authentication plan; and authenticating, by the one or more processors in response to said determining that there is at least the partial match, the user for access to the target server at level N. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification