公开(公告)号：US09191390B1

公开(公告)日：2015-11-17

申请号：US14260192

申请日：2014-04-23

Applicant: Amdocs Software Systems Limited

Inventor： Patrick Garrett Ryan

IPC: H04L29/06

CPC classification number: H04L63/0884 ,  H04L63/0823 ,  H04L63/10

Abstract: A system, method, and computer program product are provided for managing user access credentials in a computer network. In use, a Security Asset Repository (SAR) is maintained on a first computer connected to a network, the SAR being operable for storing user access credentials to resources on the network. Additionally, a first program residing on a second computer connected to the network is executed by a user, the user having first user access credentials for accessing the second computer. Responsive to executing of the first program, the SAR is accessed by the first program, by employing second user access credentials provided to the first program by the user. Responsive to accessing the SAR by the first program, the first program retrieves third user access credentials from the SAR, the third user access credentials being operable for accessing the SAR by a third computer. Responsive to retrieving the third user access credentials from the SAR, the first program executes a second program residing on the third computer connected to the network, and provides the third user access credentials to the second program. Responsive to providing the third user access credentials to the second program, the SAR is accessed by the second program by employing the third user access credentials, and the second program retrieves fourth user access credentials from the SAR, the fourth user access credentials being operable for accessing resources on the network other than the SAR.

Abstract translation: 提供了一种用于管理计算机网络中的用户访问凭证的系统，方法和计算机程序产品。 在使用中，在连接到网络的第一计算机上维护安全资产存储库（SAR），所述SAR可操作用于将用户访问凭证存储在网络上的资源上。 此外，驻留在连接到网络的第二计算机上的第一程序由用户执行，用户具有用于访问第二计算机的第一用户访问凭证。 响应于第一程序的执行，SAR由第一程序访问，通过由用户提供给第一程序的第二用户访问凭证。 响应于第一程序访问SAR，第一程序从SAR检索第三用户访问凭证，第三用户访问凭证可操作用于由第三计算机访问SAR。 响应于从SAR检索第三用户访问凭证，第一程序执行驻留在连接到网络的第三计算机上的第二程序，并向第二程序提供第三用户访问凭证。 响应于向第二程序提供第三用户访问凭证，SAR由第二程序通过采用第三用户访问凭证访问，并且第二程序从SAR检索第四用户访问凭证，第四用户访问证书可操作用于 访问网络以外的资源。