Who is the assignee on this patent?

Graser Thomas, Jostmeyer Bernd, Lenz Norbert, and 3 more

What technology area does this patent fall under?

Primary CPC classification G06F21/31. Mapped technology areas include Physics.

When was this patent published?

Publication date Tue Feb 02 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Secure access to a plurality of systems of a distributed computer system by entering passwords

US9251323B2 · US · B2

Patent metadata
Field	Value
Publication number	US-9251323-B2
Application number	US-9485806-A
Country	US
Kind code	B2
Filing date	Aug 17, 2006
Priority date	Nov 24, 2005
Publication date	Feb 2, 2016
Grant date	Feb 2, 2016

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

mechanisms are provided to securely access systems of a distributed computer system by entering passwords. Some systems are accessible by equal, and some systems are accessible by different passwords. The mechanisms store information, which systems (I, II) are accessible by equal, and which are accessible by different passwords and ask to enter a proper password when opening a session by accessing a system of the distributed computer system. The mechanisms cache the password and use the stored information to verify, if another system to be accessed during the current session is accessible by an equal password like a system already accessed during said session. If the result of the verification is true, the mechanisms re-use the adequate cached password. If the result of the verification is false, the mechanism ask to enter a proper password to access the other system and cache the password required to access the other system in a way that during the current session, it can be re-used when accessing other systems accessible by the same password.

First claim

Opening claim text (preview).

The invention claimed is: 1. A method to securely access a plurality of systems of a distributed computer system by entering passwords, the method comprising: storing information identifying a first set of systems within the plurality of systems that are accessible by equal passwords and a second set of systems within the plurality of systems that are accessible by different passwords; prompting a user to enter a first password responsive to the user requesting to open a first session by accessing a first system within the first set of systems of the distributed computer system; caching the first password to be re-used when accessing other systems accessible by the first password; responsive to the user requesting to access a second system within the first set of systems, using the stored information to determine whether the second system to be accessed within the current session is accessible by the first password; responsive to the result of the determination being true, re-using the cached password to access the second system; and responsive to the result of the determination being false, prompting the user to enter a second password to access the second system and caching the second password required to access the second system to be re-used when accessing other systems accessible by the second password. 2. The method of claim 1 , wherein configuring which systems are accessible by equal passwords and which systems can be accessed by different passwords is performed by the user. 3. The method of claim 1 , wherein the cached passwords are deleted at the end of the session. 4. The method of claim 1 , wherein the passwords are cached in an encrypted manner. 5. The method of claim 1 , wherein the distributed computer system comprises at least two different security zones, wherein systems located in different security zones are accessible by different passwords. 6. The method of claim 5 , further comprising: responsive to the user requesting to access a third system within the second set of systems, using the stored information to determine whether the third system to be accessed within the current session is accessible by the first password; responsive to the result of the determination being true, determining whether the third system is in a different security zone from the first system; responsive to a determination that the third system is in a different security zone from the first system, determining whether a cached password for the third system is different from a cached password for the first system; and re-using the cached password for the third system to access the third system responsive to a determination that the cached password for the third system is different from the cached password for the first system. 7. The method of claim 6 , wherein determining whether the third system is in a different security zone from the first system comprises checking security zone rules defined by an administrator of the distributed computing system. 8. The method of claim 6 , further comprising: responsive to a determination that the third system is not in a different security zone from the first system, re-using the cached password for the first system to access the third system. 9. A system for securely accessing a plurality of systems of a distributed computer system, the system comprising: a computer system; and a computer readable storage memory having a computer readable program stored therein, where the computer readable program, when loaded and executed by the computer system, causes the computer system to: store information identifying a first set of systems within the plurality of systems that are accessible by equal passwords and a second set of systems within the plurality of systems that are accessible by different passwords; prompt a user to enter a first password responsive to the user requesting to open a first session by accessing a first system within the first set of systems of the distributed computing system; cache the first password to be re-used when accessing other systems accessible by the first password; responsive to the user requesting to access a second system within the first set of systems, use the stored information to determine whether the second system to be accessed within the current session is accessible by the first password; responsive to the result of the determination being true, re-use the cached first password to access the second system; and responsive to the result of the determination being false, prompt the user to enter a second password to access the second system and cache the second password required to access the second system to be re-used when accessing other systems accessible by the second password. 10. The system of claim 9 , wherein the distributed computer system comprises two different security zones, wherein systems located in different security zones are accessible by different passwords. 11. The system of claim 10 , wherein an administrator configures the first set of systems that are accessible by equal passwords and the second set of systems that are accessible by different passwords. 12. The system of claim 10 , wherein the computer readable program further causes the computer system to: responsive to the user requesting to access a third system within the second set of systems, use the stored information to determine whether the third system to be accessed within the current session is accessible by the first password; responsive to the result of the determination being true, determine whether the third system is in a different security zone from the first system; responsive to a determination that the third system is in a different security zone from the first system, determine whether a cached password for the third system is different from a cached password for the first system; and re-use the cached password for the third system to access the third system responsive to a determination that the cached password for the third system is different from the cached password for the first system. 13. The system of claim 12 , wherein determining whether the third system is in a different security zone from the first system comprises checking security zone rules defined by an administrator of the distributed computing system. 14. The system of claim 12 , wherein the computer readable program further causes the computer system to: responsive to a determination that the third system is not in a different security zone from the first system, re-use the first cached password to access the third system. 15. The system of claim 9 , wherein configuring which systems are accessible by equal passwords and which systems can be accessed by different passwords is performed by the user. 16. The system of claim 9 , wherein the cached passwords are deleted at the end of the session. 17. The system of claim 9 , wherein the passwords are cached in an encrypted manner. 18. A computer program product in a non-transitory computer readable medium having a computer readable program stored therein for securely accessing a plurality of systems of a distributed computer system by entering passwords, where the computer readable program, when loaded and executed by a computer system, causes the computer system to: store information identifying a first set of systems within the plurality of systems that are accessible by equal passwords and a second set of systems within the plurality of systems that are accessible by different passwords; prompt a user to enter a first password responsive to a request

Assignees

Inventors

Classifications

G06F2221/2113
Multi-level security, e.g. mandatory access control · CPC title
G06F21/31Primary
User authentication · CPC title
H04L63/0815
providing single-sign-on or federations · CPC title
G06F2221/2143
Clearing memory, e.g. to prevent the data from being stolen · CPC title
G06F21/41
where a single sign-on provides access to a plurality of computers · CPC title

Patent family

Related publications grouped by family.

View patent family 37106371

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US9251323B2 cover?: mechanisms are provided to securely access systems of a distributed computer system by entering passwords. Some systems are accessible by equal, and some systems are accessible by different passwords. The mechanisms store information, which systems (I, II) are accessible by equal, and which are accessible by different passwords and ask to enter a proper password when opening a session by access…
Who is the assignee on this patent?: Graser Thomas, Jostmeyer Bernd, Lenz Norbert, and 3 more
What technology area does this patent fall under?: Primary CPC classification G06F21/31. Mapped technology areas include Physics.
When was this patent published?: Publication date Tue Feb 02 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).