JP2006085697A - 信頼できるネットワークノードへのアクセス特権を制御するための方法とシステム - Google Patents

信頼できるネットワークノードへのアクセス特権を制御するための方法とシステム Download PDF

Info

Publication number
JP2006085697A
JP2006085697A JP2005259125A JP2005259125A JP2006085697A JP 2006085697 A JP2006085697 A JP 2006085697A JP 2005259125 A JP2005259125 A JP 2005259125A JP 2005259125 A JP2005259125 A JP 2005259125A JP 2006085697 A JP2006085697 A JP 2006085697A
Authority
JP
Japan
Prior art keywords
account
password
user
security
computer
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
JP2005259125A
Other languages
English (en)
Japanese (ja)
Other versions
JP2006085697A5 (enExample
Inventor
Sterling M Reasor
エム.リーサー スターリング
Ramesh Chinta
チンタ ラメシュ
Paul J Leach
ジェー.リーチ ポール
John E Brezak
イー.ブレザック ジョン
Eric R Flo
アール.フロ エリック
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Microsoft Corp
Original Assignee
Microsoft Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Microsoft Corp filed Critical Microsoft Corp
Publication of JP2006085697A publication Critical patent/JP2006085697A/ja
Publication of JP2006085697A5 publication Critical patent/JP2006085697A5/ja
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F15/00Digital computers in general; Data processing equipment in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0272Virtual private networks
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F13/00Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/41User authentication where a single sign-on provides access to a plurality of computers
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2149Restricted operating environment

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computing Systems (AREA)
  • Databases & Information Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)
JP2005259125A 2004-09-15 2005-09-07 信頼できるネットワークノードへのアクセス特権を制御するための方法とシステム Pending JP2006085697A (ja)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US10/941,559 US8230485B2 (en) 2004-09-15 2004-09-15 Method and system for controlling access privileges for trusted network nodes

Publications (2)

Publication Number Publication Date
JP2006085697A true JP2006085697A (ja) 2006-03-30
JP2006085697A5 JP2006085697A5 (enExample) 2008-10-23

Family

ID=35539702

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2005259125A Pending JP2006085697A (ja) 2004-09-15 2005-09-07 信頼できるネットワークノードへのアクセス特権を制御するための方法とシステム

Country Status (5)

Country Link
US (1) US8230485B2 (enExample)
EP (1) EP1638034A3 (enExample)
JP (1) JP2006085697A (enExample)
KR (1) KR20060048819A (enExample)
CN (2) CN101729551B (enExample)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014119233A1 (ja) 2013-01-31 2014-08-07 日本電気株式会社 ネットワークシステム
JP2016076116A (ja) * 2014-10-07 2016-05-12 キヤノン株式会社 画像形成装置、該装置の制御方法、及びプログラム

Families Citing this family (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8219807B1 (en) 2004-12-17 2012-07-10 Novell, Inc. Fine grained access control for linux services
US8271785B1 (en) 2004-12-20 2012-09-18 Novell, Inc. Synthesized root privileges
US7490072B1 (en) 2005-02-16 2009-02-10 Novell, Inc. Providing access controls
US8074214B2 (en) * 2005-05-19 2011-12-06 Oracle International Corporation System for creating a customized software installation on demand
US8352935B2 (en) * 2005-05-19 2013-01-08 Novell, Inc. System for creating a customized software distribution based on user requirements
US8676973B2 (en) * 2006-03-07 2014-03-18 Novell Intellectual Property Holdings, Inc. Light-weight multi-user browser
US7886343B2 (en) * 2006-04-07 2011-02-08 Dell Products L.P. Authentication service for facilitating access to services
US8700788B2 (en) 2006-08-18 2014-04-15 Smarticon Technologies, Llc Method and system for automatic login initiated upon a single action with encryption
US7730480B2 (en) * 2006-08-22 2010-06-01 Novell, Inc. System and method for creating a pattern installation by cloning software installed another computer
US20080104239A1 (en) * 2006-10-27 2008-05-01 Lipinski Greg J Method and system of managing accounts by a network server
US8413222B1 (en) * 2008-06-27 2013-04-02 Symantec Corporation Method and apparatus for synchronizing updates of authentication credentials
US20110041166A1 (en) * 2009-08-17 2011-02-17 Avaya Inc. Method of Password Assignment
KR101876466B1 (ko) * 2009-09-09 2018-07-10 삼성전자 주식회사 컴퓨터시스템 및 그 제어방법
US9443078B2 (en) 2010-04-20 2016-09-13 International Business Machines Corporation Secure access to a virtual machine
CN102739404B (zh) * 2012-06-29 2016-01-06 浪潮(北京)电子信息产业有限公司 一种密码管理方法和系统
US20150333910A1 (en) * 2014-05-17 2015-11-19 Dylan Kirdahy Systems, methods, and apparatuses for securely accessing user accounts
CN108038367B (zh) * 2017-12-07 2021-02-26 上海摩软通讯技术有限公司 用户设备的权限管理的控制方法及系统
US11025425B2 (en) 2018-06-25 2021-06-01 Elasticsearch B.V. User security token invalidation
US11223626B2 (en) 2018-06-28 2022-01-11 Elasticsearch B.V. Service-to-service role mapping systems and methods
US11196554B2 (en) * 2018-07-27 2021-12-07 Elasticsearch B.V. Default password removal
US11023598B2 (en) 2018-12-06 2021-06-01 Elasticsearch B.V. Document-level attribute-based access control
US11552943B2 (en) * 2020-11-13 2023-01-10 Cyberark Software Ltd. Native remote access to target resources using secretless connections
CN113362085A (zh) * 2021-06-09 2021-09-07 广州智会云科技发展有限公司 一种子母账号管理方法及系统
CN114422182B (zh) * 2021-12-13 2024-01-16 以萨技术股份有限公司 一种统一身份管理平台

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPS63286950A (ja) * 1987-05-19 1988-11-24 Fujitsu Ltd ログイン処理方式
JPH0530103A (ja) * 1991-07-23 1993-02-05 Fujitsu Ltd リモートによるパスワード設定方式
JP2000172500A (ja) * 1998-12-07 2000-06-23 Fujitsu Ltd ソフトウエア利用管理システム及びそのシステムでの処理をコンピュータに行わせるためのプログラムを格納する記憶媒体
JP2001188755A (ja) * 1999-12-28 2001-07-10 Casio Comput Co Ltd 通信電子機器及び通信処理プログラムを記憶した記憶媒体
JP2003162509A (ja) * 2001-11-27 2003-06-06 Nec Soft Ltd ユーザ情報の一括管理システム及びその方法
JP2005501353A (ja) * 2001-08-20 2005-01-13 バイエリッシェ モートーレン ウエルケ アクチエンゲゼルシャフト 特に自動車両内に設けられている加入者ステーションを外部情報システム内で自動ログインするための方法
JP2006504189A (ja) * 2002-10-25 2006-02-02 エクスパートン、ベッティーナ ネットワークアドレスおよびアプリケーションを自動起動しアクセスするためのシステムおよび方法(優先権)これは、特許協力条約(pct)に基づいて提出された国際特許出願である。この国際出願は、参照として組み込まれた、2002年10月25日に出願された米国仮出願第60/421,622号の優先権を主張する。

Family Cites Families (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6275941B1 (en) * 1997-03-28 2001-08-14 Hiatchi, Ltd. Security management method for network system
US5944824A (en) * 1997-04-30 1999-08-31 Mci Communications Corporation System and method for single sign-on to a plurality of network elements
US6000033A (en) * 1997-11-26 1999-12-07 International Business Machines Corporation Password control via the web
JPH11265544A (ja) * 1998-03-16 1999-09-28 Fujitsu Ltd 記憶装置及びそのパスワード制御方法
US6182142B1 (en) * 1998-07-10 2001-01-30 Encommerce, Inc. Distributed access management of information resources
US6647497B1 (en) * 1999-03-31 2003-11-11 International Business Machines Corporation Method and system for secure computer system transfer
US6889328B1 (en) 1999-05-28 2005-05-03 Telefonaktiebolaget Lm Ericsson (Publ) Method and apparatus for secure communication
US6851060B1 (en) * 1999-07-15 2005-02-01 International Business Machines Corporation User control of web browser user data
US6993658B1 (en) * 2000-03-06 2006-01-31 April System Design Ab Use of personal communication devices for user authentication
US7150038B1 (en) * 2000-04-06 2006-12-12 Oracle International Corp. Facilitating single sign-on by using authenticated code to access a password store
ATE465462T1 (de) * 2000-08-04 2010-05-15 Computer Ass Think Inc System und verfahren zum authentifizierten zugang eines benutzers zu einem web-server
US6807577B1 (en) * 2000-09-14 2004-10-19 International Business Machines Corporation System and method for network log-on by associating legacy profiles with user certificates
US7260838B2 (en) * 2000-12-18 2007-08-21 International Business Machines Corporation Incorporating password change policy into a single sign-on environment
US7197765B2 (en) * 2000-12-29 2007-03-27 Intel Corporation Method for securely using a single password for multiple purposes
US7043489B1 (en) * 2001-02-23 2006-05-09 Kelley Hubert C Litigation-related document repository
US20040054592A1 (en) * 2002-09-13 2004-03-18 Konrad Hernblad Customer-based wireless ordering and payment system for food service establishments using terminals and mobile devices
US7308580B2 (en) 2002-04-23 2007-12-11 International Business Machines Corporation System and method for ensuring security with multiple authentication schemes
JP2005532736A (ja) * 2002-07-03 2005-10-27 オーロラ・ワイヤレス・テクノロジーズ・リミテッド 生物測定学的私設キーインフラストラクチャ
US20040034583A1 (en) * 2002-08-15 2004-02-19 Lanier Cheryl Lynn Systems and methods for performing electronic check commerce
US7690025B2 (en) * 2003-04-03 2010-03-30 General Electric Company Methods and systems for accessing a network-based computer system
US7640324B2 (en) 2003-04-15 2009-12-29 Microsoft Corporation Small-scale secured computer network group without centralized management
US7620679B2 (en) 2003-10-23 2009-11-17 Microsoft Corporation System and method for generating aggregated data views in a computer network
US20050170321A1 (en) * 2004-01-30 2005-08-04 Scully Helen M. Method and system for career assessment
US20050182654A1 (en) * 2004-02-14 2005-08-18 Align Technology, Inc. Systems and methods for providing treatment planning
US7506170B2 (en) * 2004-05-28 2009-03-17 Microsoft Corporation Method for secure access to multiple secure networks
US20060059346A1 (en) * 2004-09-14 2006-03-16 Andrew Sherman Authentication with expiring binding digital certificates

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPS63286950A (ja) * 1987-05-19 1988-11-24 Fujitsu Ltd ログイン処理方式
JPH0530103A (ja) * 1991-07-23 1993-02-05 Fujitsu Ltd リモートによるパスワード設定方式
JP2000172500A (ja) * 1998-12-07 2000-06-23 Fujitsu Ltd ソフトウエア利用管理システム及びそのシステムでの処理をコンピュータに行わせるためのプログラムを格納する記憶媒体
JP2001188755A (ja) * 1999-12-28 2001-07-10 Casio Comput Co Ltd 通信電子機器及び通信処理プログラムを記憶した記憶媒体
JP2005501353A (ja) * 2001-08-20 2005-01-13 バイエリッシェ モートーレン ウエルケ アクチエンゲゼルシャフト 特に自動車両内に設けられている加入者ステーションを外部情報システム内で自動ログインするための方法
JP2003162509A (ja) * 2001-11-27 2003-06-06 Nec Soft Ltd ユーザ情報の一括管理システム及びその方法
JP2006504189A (ja) * 2002-10-25 2006-02-02 エクスパートン、ベッティーナ ネットワークアドレスおよびアプリケーションを自動起動しアクセスするためのシステムおよび方法(優先権)これは、特許協力条約(pct)に基づいて提出された国際特許出願である。この国際出願は、参照として組み込まれた、2002年10月25日に出願された米国仮出願第60/421,622号の優先権を主張する。

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014119233A1 (ja) 2013-01-31 2014-08-07 日本電気株式会社 ネットワークシステム
US10129173B2 (en) 2013-01-31 2018-11-13 Nec Corporation Network system and method for changing access rights associated with account IDs of an account name
JP2016076116A (ja) * 2014-10-07 2016-05-12 キヤノン株式会社 画像形成装置、該装置の制御方法、及びプログラム

Also Published As

Publication number Publication date
US8230485B2 (en) 2012-07-24
EP1638034A2 (en) 2006-03-22
CN1750537A (zh) 2006-03-22
US20060059359A1 (en) 2006-03-16
CN101729551A (zh) 2010-06-09
CN101729551B (zh) 2013-07-31
EP1638034A3 (en) 2013-01-16
KR20060048819A (ko) 2006-05-18

Similar Documents

Publication Publication Date Title
JP2006085697A (ja) 信頼できるネットワークノードへのアクセス特権を制御するための方法とシステム
KR100920871B1 (ko) 네트워크 위치의 하위 위치에 대한 사용자의 인증을 위한방법 및 시스템
CN110463161B (zh) 用于访问受保护资源的口令状态机
KR101120810B1 (ko) 캐스케이딩 인증 시스템
US7305701B2 (en) Methods and arrangements for controlling access to resources based on authentication method
CN108293045B (zh) 本地和远程系统之间的单点登录身份管理
KR101816863B1 (ko) 기업 시스템들에서 사용자 및 디바이스 인증
EP2337296B1 (en) Session migration between network policy servers
US9172541B2 (en) System and method for pool-based identity generation and use for service access
US11425166B2 (en) Identifier-based application security
US10810295B2 (en) Unified authentication management system
KR101545897B1 (ko) 주기적인 스마트카드 인증을 통한 서버 접근 통제 시스템
Gkotsis Creating a windows active directory lab and performing simulated attacks
KR101066729B1 (ko) 네트워크 위치의 하위 위치에 대한 사용자의 인증을 위한 방법 및 시스템
Kulkarni et al. An Image Priority-Based Multi-factor Authentication System
WO2025115035A1 (en) Method and system for managing data access for users in a network
Beckerle et al. Interactive rule learning for access control: Concepts and design
MacDonald Implementing Security

Legal Events

Date Code Title Description
A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20080905

A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20080905

A977 Report on retrieval

Free format text: JAPANESE INTERMEDIATE CODE: A971007

Effective date: 20110530

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20110603

A02 Decision of refusal

Free format text: JAPANESE INTERMEDIATE CODE: A02

Effective date: 20111028