System and method for dynamic discovery and database password expiration management
Abstract
A system and method that proactively manages login security data is provided. The system selects requesters of a software application resource. A privileged requester is used to request login security data pertaining to the selected requesters. The login security data that is received is compared to one or more parameters that indicate which action(s) should take place. Based on this comparison, one or more actions are taken on behalf of the selected requesters. One of the actions that can be taken is a grace period. One of the actions that can be taken is an automatic security setting update. Another action that can be taken is an automatic notification that automatically informs a user or application that a requestor's access to the resource is about to expire.
Claims
exact text as granted — not AI-modified1 . A computer-implemented method comprising:
selecting a plurality of requesters that are requesters of a software application resource, wherein access to the software application resource is restricted; requesting, from a privileged requester, login security data pertaining to the selected requesters from the software application resource; receiving, at the privileged requester, the requested login security data corresponding to the selected requesters; comparing the login security data for each selected requester to one or more action parameters; and performing, by the privileged requester, one or more actions for at least one of the selected requesters in response to the comparison.
2 . The method of claim 1 wherein the software application resource is a database management system and wherein the requesters are selected from a group consisting of users, software applications, and software application servers.
3 . The method of claim 1 wherein the action performed for at least one of the requesters (a grace period requester) is a grace period setting, the method further comprising:
establishing a grace period for the grace period requester based upon the grace period setting; receiving, at the privileged requester, a request from the grace period requester after the grace period has been established; forwarding the request from the privileged requester to the software application resource; receiving, at the privileged requester, a response from the software application resource; and relaying the response from the privileged requester to the grace period requestor.
4 . The method of claim 3 further comprising:
determining whether the grace period has expired in response to receiving the request, wherein the forwarding, receiving, and relaying are only performed if the grace period is not expired.
5 . The method of claim 1 further comprising:
prioritizing the requestors into a plurality of groups, wherein the prioritizing is based upon one or more priority group parameters, wherein at least one of the priority group parameters is selected from the group consisting of a connection frequency, a last connection timestamp, and a priority setting; and sequentially selecting each of the groups of requestors based upon the priority of the group, wherein the selected group is the plurality of selected requesters.
6 . The method of claim 1 wherein the action performed for at least one of the requesters (an updated requester) is an automatic security setting update, the method further comprising:
sending, on behalf of the updated requester, a security update request from the privileged requestor to the software application resource; receiving, at the software application resource, the security update request; and updating, at the software application resource, the updated requestor's security setting in response to receiving the security update request.
7 . The method of claim 6 further comprising:
sending, from the software application resource to the privileged requester, password update data resulting from the updating; and forwarding, from the privileged requester to the updated requester, the password update data.
8 . The method of claim 1 wherein the action performed for at least one of the requesters (a notified requester) is a notification, the method further comprising:
sending a message to the notified requester, wherein the message indicates that the notified requestor's access to the software application resource is about to expire.
9 . An information handling system comprising:
one or more processors; one or more network adapters connecting the information handling system to a computer network; a memory accessible by the processors; a nonvolatile storage area accessible by the processors; a process operated by the processors for managing access to a software application resource, the process being effective to:
select a plurality of requestors that are requesters of a software application resource, wherein access to the software application resource is restricted;
request, from a privileged requester, login security data pertaining to the selected requesters from the software application resource;
receive, at the privileged requester, the requested login security data corresponding to the selected requesters;
compare the login security data for each selected requester to one or more action parameters; and
perform, by the privileged requester, one or more actions for at least one of the selected requesters in response to the comparison.
10 . The information handling system of claim 9 wherein the action performed for at least one of the requesters (a grace period requester) is a grace period setting, and wherein the process is further effective to:
establish a grace period for the grace period requester based upon the grace period setting; receive, at the privileged requester, a request from the grace period requester after the grace period has been established; forward the request from the privileged requester to the software application resource; receive, at the privileged requester, a response from the software application resource; and relay the response from the privileged requestor to the grace period requestor.
11 . The information handling system of claim 9 wherein the action performed for at least one of the requesters (an updated requestor) is an automatic security setting update, wherein the process is further effective to:
send, on behalf of the updated requestor, a security update request from the privileged requester to the software application resource; receive, at the software application resource, the security update request; and update, at the software application resource, the updated requestor's security setting in response to receiving the security update request.
12 . The information handling system of claim 9 wherein the action performed for at least one of the requesters (a notified requester) is a notification, wherein the process is further effective to:
send a message to the notified requester, wherein the message indicates that the notified requestor's access to the software application resource is about to expire.
13 . A computer program product stored in a computer readable medium, comprising functional descriptive material that, when executed by a data processing system, causes the data processing system to perform events that include:
selecting a plurality of requesters that are requesters of a software application resource, wherein access to the software application resource is restricted; requesting, from a privileged requester, login security data pertaining to the selected requesters from the software application resource; receiving, at the privileged requester, the requested login security data corresponding to the selected requesters; comparing the login security data for each selected requester to one or more action parameters; and performing, by the privileged requester, one or more actions for at least one of the selected requesters in response to the comparison.
14 . The computer program product of claim 13 wherein the software application resource is a database management system and wherein the requesters are selected from a group consisting of users, software applications, and software application servers.
15 . The computer program product of claim 13 wherein the action performed for at least one of the requesters (a grace period requester) is a grace period setting, the computer program product further comprising functional descriptive material that, when executed by a data processing system, causes the data processing system to perform events that include:
establishing a grace period for the grace period requester based upon the grace period setting; receiving, at the privileged requester, a request from the grace period requester after the grace period has been established; forwarding the request from the privileged requester to the software application resource; receiving, at the privileged requester, a response from the software application resource; and relaying the response from the privileged requester to the grace period requestor.
16 . The computer program product of claim 15 further comprising functional descriptive material that, when executed by a data processing system, causes the data processing system to perform events that include:
determining whether the grace period has expired in response to receiving the request, wherein the forwarding, receiving, and relaying are only performed if the grace period is not expired.
17 . The computer program product of claim 13 further comprising functional descriptive material that, when executed by a data processing system, causes the data processing system to perform events that include:
prioritizing the requesters into a plurality of groups, wherein the prioritizing is based upon one or more priority group parameters, wherein at least one of the priority group parameters is selected from the group consisting of a connection frequency, a last connection timestamp, and a priority setting; and sequentially selecting each of the groups of requesters based upon the priority of the group, wherein the selected group is the plurality of selected requestors.
18 . The computer program product of claim 13 wherein the action performed for at least one of the requesters (an updated requester) is an automatic security setting update, the computer program product further comprising functional descriptive material that, when executed by a data processing system, causes the data processing system to perform events that include:
sending, on behalf of the updated requester, a security update request from the privileged requester to the software application resource; receiving, at the software application resource, the security update request; and updating, at the software application resource, the updated requestor's security setting in response to receiving the security update request.
19 . The computer program product of claim 18 further comprising functional descriptive material that, when executed by a data processing system, causes the data processing system to perform events that include:
sending, from the software application resource to the privileged requester, password update data resulting from the updating; and forwarding, from the privileged requestor to the updated requester, the password update data.
20 . The computer program product of claim 13 wherein the action performed for at least one of the requestors (a notified requester) is a notification, the computer program product further comprising functional descriptive material that, when executed by a data processing system, causes the data processing system to perform events that include:
sending a message to the notified requester, wherein the message indicates that the notified requestor's access to the software application resource is about to expire.Join the waitlist — get patent alerts
Track US2007214500A1 — get alerts on status changes and closely related new filings.
We store only your email — no account needed. See our privacy policy.