Technique for synchronizing security credentials using a trusted authenticating domain
US6986039B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Jul 11, 2000 |
| Grant date | Jan 10, 2006 |
| Priority date | — |
| Expiry date | Oct 15, 2022 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L67/1095
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
The present invention provides a method, system, and computer program product for synchronizing security credentials of users and/or groups of users between directories, operating system platforms, and/or registries. A user's security credentials at a master registry are to be securely set (or reset). To ensure that the user has the required permission for this operation, the user is first authenticated with a trusted authenticating domain. The authenticating domain may be identified by the user, or the identification of the domain may be obtained from the master registry. The master registry may store an identification of the authenticating domain on a per-user basis, or for groups of users, or for the master registry as a whole. The credentials may be propagated to other registries, in addition to the master. This technique enables synchronizing multiple copies of a user's security credentials without requiring access to a plaintext version thereof, and without forcing the credentials to a new value as part of the synchronization process.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.