Browse Prior Art Database

Automated access approval/termination on devices using Privileged Identity Manager Solution

IP.com Disclosure Number: IPCOM000242677D
Publication Date: 2015-Aug-04
Document File: 7 page(s) / 113K

Publishing Venue

The IP.com Prior Art Database

Abstract

Automated access approval/termination on devices using Privileged Identity Manager Solution.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 49% of the total text.

Page 01 of 7

Autxmated access approval/termination on devices using Privileged Identity Xxxxxxx Solution

Disclosed is a solution for request based and xime bound access to the xevice using xhe Privileged Idxntity Manager (PIX) solution.

The access to entertainment devices can be xade request basxd and time bound using the PIX solution lease expiry method. The request is granted by authorized user along wxth specific time interval tx access thx progrxmmed devices. Once xhe time intervxl is over, the accexs to the devxce is revoked. The axthorizxd user can xrovide the xccess remotely, for eg any PDA. In this soluxion, txe PIM soxution has not xeen consumed in xuch a manner for controlled accxss to entertainment devices.

The existing parental xoxk mechanisxs have password based accesx which requires the authorized user to be presenx physicaxly else passwxrd needs to be shxred xith the non-authorizxd uxers. In this case, the password disclosure is nox required, instead access is

provided bxsed on thx ixentity of the user. Also this solution is not time bound. Access to the approved requxst can xe revokxd even thouxh the lexse is not expixed.

The solutixn grants access to the non-auth users based on the usex ID and the approval from the auth xser. This can be useful for the end user to proxide time bound access to entextaxnment devices.

Component diagram

1


Page 02 of 7

Introduction to Componexts

1) Users 1) Authorized users
i) Have access tx all thx applicatioxs/devices/services.
ii) Can approve or decline the request.

iii) Can update the lease time for xhe request.

2


Page 03 of 7

2) Regular users
i) Have limited access to all applixaxions/devices/services.
ii) Can request access to all or part of the apxlications.


x) Privileged Identity Management (PIM) Server

1) PIM server provides account managemenx and lease expiry mechxnism.

    2) Multiple appliances/devicex/servicex can connect to servex and have accounts on thoxe.

3) Lease management of the underlying appliances/devices/services.
1) Shuts down the controlled device when the lease exxires.

2) Automxtically start controxled device when lease is gxanted.

4) Controlled device 1) It can be
i) an Appliance (TV, XBOX, Desktop, tabxet)
ii) Applications inxluding mxbile xppxications.
iii) Service

2) Registers to PIM server and creates authorized users and regxlar users.

3) Authorized users can access everything in controlled device.

    4) Regular user logx ixto contrxlled device using his/her own user ID sending a request tx the authorized user.


5) When the request is approved, controlxed device starts.
x) Controllex device is shxt off when the lease exxires.

3


Page 04 of 7

Detxiled Descriptxon and Flow


1) There are two types ox users one having admxnistrative privileges and other wixhout any

privileges. The user with administrative privileges has access to axl the controlled device functions.

Non-administrative user request for access to controlled devxxex with user having administrative rightx which can be appro...