User provisioning

User provisioning

A method of credential provisioning on a target service utilizes three credential sets: authentication credentials, privileged credentials and provisioned credentials. An intermediate element receives a request from a user client to establish a session with a target service. The request includes aut...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Dantes Yossi, Yitzhack Tzippi, Dulkin Andrey, Adar Roy, Sade Yair
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FORADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORYOR FORECASTING PURPOSES
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
PHYSICS
SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE,COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTINGPURPOSES, NOT OTHERWISE PROVIDED FOR
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A method of credential provisioning on a target service utilizes three credential sets: authentication credentials, privileged credentials and provisioned credentials. An intermediate element receives a request from a user client to establish a session with a target service. The request includes authentication credentials. The intermediate element creates provisioned credentials using privileged credentials which are authorized for creating provisioned credentials for accessing the target service. Once provisioned credentials have been created, a dual session communication channel is established between the user client and the target service. The session between the user client and intermediate element is established using the authentication credentials and the session between the intermediate element and the target service is established using the provisioned credentials. Optionally, user authorization to establish a session with the target service is determined prior to creating the provisioned credentials.