| 发明名称 | Techniques for credential auditing | ||
| 摘要 | Techniques for credential auditing are provided. Histories for credentials are evaluated against a principal credential policy for a user and an enterprise credential policy for an enterprise as a whole. An audit trail is produced within a report for the histories. The report indicates whether compliance with the principal and enterprise credential policies occurred and if not at least one reason is provided as to why compliance was not met within the histories. | ||
| 申请公布号 | US9060026(B2) | 申请公布日期 | 2015.06.16 |
| 申请号 | US201313933688 | 申请日期 | 2013.07.02 |
| 申请人 | Oracle International Corporation | 发明人 | Henderson Larry Hall;Berger Brett A. |
| 分类号 | H04L29/06;G06F21/46;G06F21/45 | 主分类号 | H04L29/06 |
| 代理机构 | Kilpatrick Townsend & Stockton LLP | 代理人 | Kilpatrick Townsend & Stockton LLP |
| 主权项 | 1. A method comprising: maintaining, by a password management system, a password history for a user, the password history comprising a record of prior passwords used by the user to access a secure environment and where each password represented in the password history is replaced with substitute text masking the password; analyzing, by a password audit service, the password history for the user without accessing the passwords represented in the password history; determining, by the password audit service based on said analyzing, whether the password history complies with a password usage policy for the user and a lifetime password usage policy for an enterprise; and generating, by the password audit service, a report including an audit trail of the password history wherein the report masks the password and the password history and includes an indication as to whether the user has complied with the password usage policy for the user and the lifetime password usage policy for the enterprise. | ||
| 地址 | Redwood Shores CA US | ||