Abstract: A computer implemented method is provided for detecting potential fraud or unauthorized activity when resetting an application password in an application in which a computer system including a call center dashboard system and a fraud detection interface. The method includes the steps of initiating the resetting of a user's application password for an application. The method further includes the steps of determining when an application ID is duplicated in the call center dashboard data store for the application and preparing an error report when the application ID is duplicated in the data store. The method also includes the steps of submitting a reset password for the application using the password criteria of the application. The method further includes the steps of storing the reset password in the user profile of the user when the application ID is not duplicated and the password conforms to the password criteria.

Abstract: A method for access control is provided. A request is received from an administrator to modify a user role for a user. Whether the user is in a user group that belongs exclusively to the administrator is determined. Whether the administrator role permits the request is determined in response to a determination that the user is in the user group. The user role is modified based on the request in response to a determination that the administrator role permits the request, wherein the user accesses a resource based on the user role.

Abstract: A password management system is provided. The password management system includes a plurality of enterprise applications accessible by local and remote desktop computers by providing single sign-on security information. Each of the plurality of enterprise applications require separate login information which is stored in a secure back-end system along with the single sign-on security information. Scripts located, for example, on remotely accessible servers and/or on the local desktop computer, allow a user to logon with a single sign-on and have access to the plurality of enterprise applications. The script uses the single sign-on security information, and perhaps other information, to authenticate the user and access the login information for each of the enterprise applications. The script is further operable to automatically interface with the enterprise applications through user input windows, such as by scripting login information automatically into the enterprise application login windows.

Abstract: A system for single sign-on to a plurality of computing applications is provided. The system includes a plurality of enterprise applications, a policy server, and an authentication data store maintaining authentication information for the enterprise applications. The system also includes internal and external user authorization data stores that maintain user authorization information for the enterprise applications. A synchronization component synchronizes to a consolidated data store information from the internal and external authorization data stores and eliminates duplicate user information. To access a first enterprise application, the user's information is authenticated against the authentication data store and authorized against the consolidated authorization data store.

Abstract: A CORBA-compliant computer network includes a registration server on which an AAR service resides, a registry database and an ORB which couples the registry server to the registry database. A CORBA-compliant interceptor residing on the ORB intercepts each message, generated by the AAR service, invoking the registry database and each message, generated by the registry database, responding to the invocation message generated by the service of the client server. The interceptor selects information useful in determining the cause of a failed usage of the service residing in the client server from each intercepted invocation and response messages, writes the selected information to a data store residing in the client server and then re-invokes the intercepted invocation and response messages. In the event of a network failure, the data written to the data store may be reviewed to obtain useful information regarding the network failure.

Abstract: A system and method for bridging requests for access to resources between requestors in a distributed network and an authenticator servicing the distributed network is provided. The bridging mechanism has security features including a naming service for machine authentication and machine process rules to authorize what process machines can perform. The security proxy bridge intercepts an access request, and checks the IP address for machine authentication as well as the machine process rules and if both verifications are successful, the bridge then forwards the request for access to the authenticator. The security proxy framework utilizes a data structure that provides a method for storing selected security information stored as data records supporting an authentication and authorization system for users to access resources on multiple components of a distributed network supporting multiple business units of an enterprise.

Abstract: A CORBA-compliant computer network includes a registration server on which an AAR service resides, a registry database and an ORB which couples the registry server to the registry database. A CORBA-compliant interceptor residing on the ORB intercepts each message, generated by the AAR service, invoking the registry database and each message, generated by the registry database, responding to the invocation message generated by the service of the client server. The interceptor selects information useful in determining the cause of a failed usage of the service residing in the client server from each intercepted invocation and response messages, writes the selected information to a data store residing in the client server and then re-invokes the intercepted invocation and response messages. In the event of a network failure, the data written to the data store may be reviewed to obtain useful information regarding the network failure.