Privileged account manager, managed account perspectives
First Claim
1. An account management system, comprising:
- a memory storing a plurality of instructions; and
one or more processors configured to access the memory, wherein the one or more processors are further configured to execute the plurality of instructions to;
receive, from an administrator account, identification of a plurality of accounts of a target system, at least one of the plurality of the accounts of the target system managed by the account management system, the at least one of the plurality of accounts providing user access to the target system;
receive, from the administrator account, a user-defined tag for the at least one of the plurality of accounts of the target system, the user-defined tag defining an attribute of the at least one of the plurality of accounts, wherein the defined attribute allows a viewing perspective to be defined, the viewing perspective including a user-configurable hierarchical view of one or more of the plurality of accounts;
receive, from a user account, a perspective selection defining the viewing perspective including the user-configurable hierarchical view of the one or more of the plurality of accounts, wherein the viewing perspective defined by the perspective selection is based at least in part on the user-defined tag; and
prepare, for display to the user account, the at least one of the plurality of accounts of the target system in the user-configurable hierarchical view based at least in part on the perspective selection.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques for managing accounts are provided. An access management system may check out credentials for accessing target systems. For example a user may receive a password for a period of time or until checked back in. Access to the target system may be logged during this time. Upon the password being checked in, a security account may modify the password so that the user may not log back in without checking out a new password. Additionally, in some examples, password policies for the security account may be managed. As such, when a password policy changes, the security account password may be dynamically updated. Additionally, in some examples, hierarchical viewing perspectives may be determined and/or selected for visualizing one or more managed accounts. Further, accounts may be organized into groups based on roles, and grants for the accounts may be dynamically updated as changes occur or new accounts are managed.
56 Citations
18 Claims
-
1. An account management system, comprising:
-
a memory storing a plurality of instructions; and one or more processors configured to access the memory, wherein the one or more processors are further configured to execute the plurality of instructions to; receive, from an administrator account, identification of a plurality of accounts of a target system, at least one of the plurality of the accounts of the target system managed by the account management system, the at least one of the plurality of accounts providing user access to the target system; receive, from the administrator account, a user-defined tag for the at least one of the plurality of accounts of the target system, the user-defined tag defining an attribute of the at least one of the plurality of accounts, wherein the defined attribute allows a viewing perspective to be defined, the viewing perspective including a user-configurable hierarchical view of one or more of the plurality of accounts; receive, from a user account, a perspective selection defining the viewing perspective including the user-configurable hierarchical view of the one or more of the plurality of accounts, wherein the viewing perspective defined by the perspective selection is based at least in part on the user-defined tag; and prepare, for display to the user account, the at least one of the plurality of accounts of the target system in the user-configurable hierarchical view based at least in part on the perspective selection. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer-implemented method, comprising:
-
receiving, by a computer system, identification of a plurality of accounts of a target system from an administration account, the plurality of accounts of the target system managed by an account management server of the computer system, the plurality of accounts providing user access to the target system; receiving, by the computer system, a user-defined tag for at least one of the plurality of accounts of the target system from the administration account, the user-defined tag defining an attribute of the at least one of the plurality of accounts, wherein the defined attribute allows a viewing perspective to be defined, the viewing perspective including a user-definable hierarchical view of one or more of the plurality of accounts; receiving, by the computer system, a perspective selection from a user account, the perspective selection defining the viewing perspective including the user-definable hierarchical view of the one or more of the plurality of accounts, wherein the viewing perspective defined by the perspective selection is based at least in part on the user-defined tag; and preparing, by the computer system, the at least one of the plurality of accounts of the target system for display, to a user of the user account, in a user-defined hierarchical view based at least in part on the perspective selection. - View Dependent Claims (9, 10, 11, 12)
-
-
13. A computer-readable memory storing a plurality of instructions executable by one or more processors, the plurality of instructions comprising:
-
instructions that cause the one or more processors to receive, from an administrative account, information associated with a plurality of managed accounts of a target system, the plurality of managed accounts of the target system managed by an account management system, the plurality of managed accounts providing user access to the target system; instructions that cause the one or more processors to receive, from the administrative account, user-defined tags for the plurality of managed accounts of the target system, the user-defined tags defining one or more attributes of the plurality of managed accounts, wherein the one or more defined attributes allow one or more viewing perspectives to be defined, the one or more viewing perspectives including one or more user-configurable hierarchical views of one or more of the plurality of accounts; instructions that cause the one or more processors to receive, from a user account, a selection of a viewing perspective out of a plurality of viewing perspectives, the selection of the viewing perspective defining a user-configurable hierarchical view of one or more of the plurality of managed accounts, and the selected viewing perspective being based at least in part on the user-defined tags; and instructions that cause the one or more processors to display the plurality of managed accounts of the target system based at least in part on at least one of the user-defined tags or the perspective. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification