Protecting access to a hardware device through use of an aggregate identity instance
First Claim
1. A computer-implemented method of controlling access to an appliance, the computer-implemented method comprising:
- receiving, from a client computer and by a host system, appliance-specific user data, wherein the appliance-specific user data includes a user password, a user-created name of an appliance, a user identifier, and a network address of the client computer;
concatenating, by the host system, the appliance-specific user data with a host name of the host system to create an Aggregate Identity Instance (AII);
storing, by one or more processors, the AII in the host system;
receiving, from the client computer and by the host system, a request to access the appliance, wherein the request includes the appliance-specific user data;
determining, by the host system, whether the appliance-specific user data sent with the request is contained in the AII that is stored in the host system;
in response to determining that the appliance-specific user data sent with the request is contained in the AII that is stored in the host system, the host system;
matching the user-created name of the appliance to an address of the appliance;
establishing a session between the client computer and the appliance; and
transmitting a copy of the AII to the client computer;
and utilizing, by the host system, a starting location on the AII to encrypt and decrypt data being exchanged between the client computer and the host system.
2 Assignments
0 Petitions
Accused Products
Abstract
A computer-implemented method, system, and/or computer program product controls access to an appliance. A host system receives, from a client computer, appliance-specific user data that includes a user password, a user-created name of an appliance, a user identifier, and a network address of the client computer, and then concatenates the appliance-specific user data with a host name of the host system to create and store an Aggregate Identity Instance (AII) in the host system. The host system receives, from the client computer, a request to access the appliance, and determines whether appliance-specific user data sent with the request is in the AII in the host system. If so, then the host system matches the user-created name of the appliance to an address of the appliance; establishes a session between the client computer and the appliance; and uses the AII to encrypt and decrypt data.
17 Citations
20 Claims
-
1. A computer-implemented method of controlling access to an appliance, the computer-implemented method comprising:
-
receiving, from a client computer and by a host system, appliance-specific user data, wherein the appliance-specific user data includes a user password, a user-created name of an appliance, a user identifier, and a network address of the client computer; concatenating, by the host system, the appliance-specific user data with a host name of the host system to create an Aggregate Identity Instance (AII); storing, by one or more processors, the AII in the host system; receiving, from the client computer and by the host system, a request to access the appliance, wherein the request includes the appliance-specific user data; determining, by the host system, whether the appliance-specific user data sent with the request is contained in the AII that is stored in the host system; in response to determining that the appliance-specific user data sent with the request is contained in the AII that is stored in the host system, the host system; matching the user-created name of the appliance to an address of the appliance;
establishing a session between the client computer and the appliance; and
transmitting a copy of the AII to the client computer;and utilizing, by the host system, a starting location on the AII to encrypt and decrypt data being exchanged between the client computer and the host system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer program product for controlling access to an appliance, the computer program product comprising a non-transitory computer readable storage medium having program code embodied therewith, the program code readable and executable by a processor to perform a method comprising:
-
receiving, from a client computer, appliance-specific user data, wherein the appliance-specific user data includes a user password, a user-created name of an appliance, a user identifier, and a network address of the client computer; concatenating, by the host system, the appliance-specific user data with a host name of the host system to create an Aggregate Identity Instance (AII);
storing the AII in the host system;receiving, from the client computer, a request to access the appliance, wherein the request includes the appliance-specific user data; determining, by the host system, whether the appliance-specific user data sent with the request is contained in the AII that is stored in the host system; in response to determining that the appliance-specific user data sent with the request is contained in the AII that is stored in the host system; matching the user-created name of the appliance to an address of the appliance;
establishing a session between the client computer and the appliance;and transmitting a copy of the AII to the client computer; and utilizing, by the host system, a starting location on the AII to encrypt and decrypt data being exchanged between the client computer and the host system. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A computer system comprising:
-
a processor, a computer readable memory, and a non-transitory computer readable storage medium; first program instructions to receive, from a client computer, appliance-specific user data, wherein the appliance-specific user data includes a user password, a user-created name of an appliance, a user identifier, and a network address of the client computer; second program instructions to concatenate the appliance-specific user data with a host name of the host system to create and store an Aggregate Identity Instance (AII) in a host system; third program instructions to receive, from the client computer, a request to access the appliance, wherein the request includes the appliance-specific user data; fourth program instructions to determine whether the appliance-specific user data sent with the request is contained in the AII stored in the host system; fifth program instructions to, in response to determining that the appliance-specific user data sent with the request is contained in the AII stored in the host system; match the user-created name of the appliance to an address of the appliance;
establish a session between the client computer and the appliance; and
transmit a copy of the AII to the client computer;and sixth program instructions to utilize a starting location on the AII to encrypt and decrypt data being exchanged between the client computer and the host system; and
whereinthe first, second, third, fourth, fifth, and sixth program instructions are stored on the non-transitory computer readable storage medium for execution by one or more processors via the computer readable memory. - View Dependent Claims (18, 19, 20)
-
Specification