SECURE AUTHENTICATION OF USERS VIA INTERMEDIATE PARTIES

摘要

An intermediate system provides remote clients with access to a primary system, such as a server. The intermediate system creates and store a log-in record (100) for each client. The log-in record contains an encrypted primary system client identifier (PSCI). The PSCI contains authentication information for verifying a client's right to access the primary system. Storing an encrypted version of the PSCI enhances the security of the authentication information on the intermediate system. In some implementations of the present invention, the PSCI itself is an encrypted value. When a client attempts to log into the primary system, the intermediate system initially verifies the client's intermediate system access rights (104). The intermediate system makes this determination using the log-in record and data provided by the client (102). Next, the intermediate system sends the PSCI to the client's primary system for further authentication (106). The primary system uses the PSCI to verify the client's right to access primary system data (108).