Using a service-provider password to simulate F-SSO functionality

Assignee

• International Business Machines Corporation · US

Inventors

• Heather M. Hinton · Austin, US
• Kelly Malone · Delmar, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/10
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A system and method for using a Service-Provider password to simulate F-SSO functionality. A processor receives from an F-SSO Identity Provider authentication data for a user who has requested access to a secured service. The service is managed by an F-SSO Service Provider that does not offer F-SSO functionality for that service. Upon receiving the data, the processor redirects the user to an SU-F-SSO portal of the Service Provider, which uses the received authentication data to authenticate the user. The processor sends the user an on-demand password and, when the user uses that password to sign on, the processor matches the entered password with a stored copy of the password that was sent to the user. If they match, the processor grants the user access to the requested service. In some embodiments, the on-demand password may be a single-use password or may be sent to the user via an out-of-band communication.