Electrical computers and digital processing systems: support – Multiple computer communication using cryptography
Reexamination Certificate
1998-04-30
2001-05-29
Peeso, Thomas R. (Department: 2132)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
C713S155000, C713S168000, C380S255000
Reexamination Certificate
active
06240512
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Technical Field
The present invention relates generally to accessing heterogeneous networks and reducing costs by increasing productivity for end-users and system administrators in an enterprise computer environment.
2. Description of the Related Art
With sprawling client-server systems growing daily, applications and information are spread across many PC networks, mainframes and minicomputers. In a distributed system environment connected by networks, a user must access many database systems, network systems, operating systems and mainframe applications. To use these systems and applications, the user must issue separate sign-on commands for each specific system or application. Indeed, it is not unusual for a user to encounter ten or more different login sessions during a working shift, and these often are different interfaces with different userid and authentication information, usually passwords. This places the user under a significant burden to remember and maintain this information.
It would be quite beneficial to provide a single sign-on (SSO) tool to enable authorized users to perform one initial sign-on to access a variety of networks, systems and applications. A single sign-on system should provide secure storage of user passwords, support for more than one user password, as well as support for multiple target logon methods. Each of these issues present varying design considerations.
With respect to the first issue, there are multiple approaches to storing and managing passwords. One approach is to use the same password for all accessible systems/applications. This technique may weaken system security, however, because a compromised password in any of the systems or applications compromises the user's privileges on these systems and applications at the same time. Further, different sign-on mechanisms may have their own distinctive password requirements and, thus, it is problematic to use the same password for multiple targets.
Another approach to storing and managing passwords is password-mapping, which refers to using the user's primary password to encrypt all the user's secondary passwords. The encrypted passwords are stored in a local storage space accessible to the user (e.g., a local file, a readable/writable smartcard, and the like). Once the primary password is verified, the local system authentication module obtains the passwords for other sign-on systems and applications by decrypting the mechanism-specific encrypted password with the primary password. The security of this password-mapping scheme assumes that the primary password is the user's strongest password, and it also depends on the security of the local storage for the secondary passwords. If secondary passwords are stored in an untrusted publicly accessible machine, an intruder is provided with opportunities for potential attacks. Moreover, although this approach is simple, the password file must be moved from machine to machine by the user to logon to more than one machine.
The target logon alternatives also influence the single sign-on system design. In particular, the method used for storing a user password heavily influences the design of target logon code. It is known to embed passwords in target specific logon scripts. This is how many “homegrown” single sign-on systems work today. This technique is the least extendible design because it ties passwords (and logon target code) to each machine the user uses. It is also hard to maintain passwords in this design because passwords need to be changed both in the applications and in the logon scripts. For a mobile user, the scripts need to be present on all machines the user might use. The overall security of this approach is thus very weak.
Another target logon alternative involves building in all the logon methods for every possible target to which any user may desire to logon. This “hardcoded” approach assumes that all workstations and applications are configured similarly and do not change. Because the logon methods are built into the solution, changes made to the logon methods require changes to the actual solution itself. This approach is costly and also is not very extensible.
These known approaches to secure password storage/management and target logon have yet to provide an adequate single sign-on solution. The present invention addresses and solves this problem.
BRIEF SUMMARY OF THE INVENTION
The present invention implements a single sign-on (SSO) mechanism that coordinates logons to local and remote resources in a computer enterprise with preferably one ID and password. A particular object is the provision of a master key to synchronize a set of SSO servers. The master key is generated automatically by one server machine and pulled as needed by other SSO servers.
The SSO framework supports storage of all passwords and keys belonging to a user in secure storage (e.g., either in local storage, a centralized password service, a smartcard, or the like), so that the user needs to remember only one ID and password. Upon authentication, the SSO mechanism securely retrieves all the passwords for a user from the secure storage and automatically (i.e. without additional user intervention) issues sign-ons to each system/application the user is authorized to access.
The system framework preferably includes a number of modules including a configuration information manager (CIM), which includes information on how to logon to the applications configured on a given machine, a personal key manager (PKM), which includes information about users, systems and passwords they use to logon to those systems, and a logon coordinator (LC), which retrieves the user's passwords from PKM and uses them in conjunction with target-specific logon code to log users onto all their systems, preferably without any additional user intervention.
The SSO framework implements a “data model” where information used to sign on to applications is kept in the separate PKM and CIM databases. The PKM is globally accessible and stores user-specific information, and the CIM is locally accessible and stores application-specific information derived from PTF files. In operation, the logon coordinator (LC) accesses the PKM to obtain the user's information (e.g., which target systems and applications to which the user can sign-on), as well as the passwords and keys for those systems/applications. The LC then uses these passwords/keys, together with the target logon information found in the CIM, to sign-on to various target systems and applications. Sign-on is preferably based upon the target's own protocols and mechanisms as defined in the PTF.
The invention describes a method of sharing a master key across a set of servers operating a single sign-on (SSO) mechanism in a distributed computer network. The master key is useful for encrypting user passwords for storage in a globally-accessible registry. The method begins by establishing in the registry a group identifying which of the servers in the set, if any, have a copy of the master key. At a given server, the method continues by determining whether a copy of the master key is stored at the given server and whether the group has at least one member. The master key is then generated at the given server if a copy of the key is not stored at the given server and the group does not have at least one member. Other servers in the set pull the master key as needed.
The foregoing has outlined some of the more pertinent objects of the present invention. These objects should be construed to be merely illustrative of some of the more prominent features and applications of the invention. Many other beneficial results can be attained by applying the disclosed invention in a different manner or modifying the invention as will be described. Accordingly, other objects and a fuller understanding of the invention may be had by referring to the following Detailed Description of the preferred embodiment.
REFERENCES:
patent: 4238853 (1980-12-01), Ehrsam et al.
patent: 4386234 (1983-05-01), Ehrsa
Fang Yi
Kao I-Lung
Wilson George Conerly
Burwell Joseph R.
International Business Machines - Corporation
Judson David
LaBaw Jeffrey S.
Peeso Thomas R.
LandOfFree
Single sign-on (SSO) mechanism having master key... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Single sign-on (SSO) mechanism having master key..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Single sign-on (SSO) mechanism having master key... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2527498