Abstract: A system controls access to target servers in a network and includes: a user interface accessible to the target servers; a memory storing a database providing information to the interface; and a server implementing a discovery engine discovering user rights stored at the target servers and delivering the stored user rights to the database, and a trigger engine. The trigger engine is invoked by detection of a request to add or delete a user or group to a list of privileged groups from a first target server, updates the user rights at a local cache on the first target server, and delivers the updated user rights to database. The trigger engine modifies the discovery engine based on the detection of the request. A local security account manager database is changed to insert or remove a domain account to a local group, in response to the request.

Abstract: A system controls access to target servers in a network and includes: a user interface accessible to the target servers; a memory storing a database providing information to the interface; and a server implementing a discovery engine discovering user rights stored at the target servers and delivering the stored user rights to the database, and a trigger engine. The trigger engine is invoked by detection of a request to add or delete a user or group to a list of privileged groups from a first target server, updates the user rights at a local cache on the first target server, and delivers the updated user rights to database. The trigger engine modifies the discovery engine based on the detection of the request. A local security account manager database is changed to insert or remove a domain account to a local group, in response to the request.

Abstract: Systems and methods for customization server operating system provisioning using server blueprints are disclosed. In one embodiment, a method for provisioning a server using a server blueprint, in a target server comprising a computer processor, may include: (1) receiving a request to provision the target server, the request to provision comprising an identification of a server blueprint for the target server; (2) requesting, over a computer network, an application manifest for the server blueprint comprising an identification of applications to install on the target server; (3) receiving a plurality of software build and install instructions for the application manifest; and (4) executing the build and install instructions on the target server.

Abstract: A system and method control or manage access to multiple target servers in a network. The system includes an access control user interface, a memory, and a management server. The access control user interface is accessible to the multiple target servers. The memory stores a database providing information to the access control user interface. The management server includes a processor implementing discovery and event trigger engines. The discovery engine discovers user rights stored at the multiple target servers and delivers the user rights over the network to the database. The event trigger engine is invoked by detection of a security event from a first target server, updates the user rights at a local cache on the first target server, and delivers the updated user rights to the database. The event trigger engine is configured to modify the discovery engine based on the detection of the security event.

Abstract: A system and method control or manage access to multiple target servers in a network. The system includes an access control user interface, a memory, and a management server. The access control user interface is accessible to the multiple target servers. The memory stores a database providing information to the access control user interface. The management server includes a processor implementing discovery and event trigger engines. The discovery engine discovers user rights stored at the multiple target servers and delivers the user rights over the network to the database. The event trigger engine is invoked by detection of a security event from a first target server, updates the user rights at a local cache on the first target server, and delivers the updated user rights to the database. The event trigger engine is configured to modify the discovery engine based on the detection of the security event.

Abstract: An access control system is provided for controlling access to multiple target servers in a networked environment. The access control system includes an access control user interface accessible to the target servers and a computer memory storing an access control database providing information to the access control user interface. The access control system additionally includes a management server including an access control processor, the access control processor implementing a discovery engine for discovering user rights stored at the target server and delivering the user rights stored at the target server over the network to the access control database.

Abstract: A password management system and method for securing networked client terminals and mobile devices is provided. More specifically, the present invention provides a system and method for encrypting randomly generated administrator-level passwords and providing a means for decrypting the randomly generated passwords for single-use unrestricted access to a designated terminal or mobile device. When unrestricted access to the terminal or mobile device is required, the encrypted administrator-level password is decrypted using a shared symmetric key, which is generated during encryption of the administrator password, to reveal the administrator-level password for the terminal or mobile device. The administrator-level password is a single-use password, wherein upon use of the administrator-level password a new administrator-level password may be automatically generated for the corresponding terminal or mobile device.

Abstract: A password management system and method for securing networked client terminals and mobile devices is provided. More specifically, the present invention provides a system and method for encrypting randomly generated administrator-level passwords and providing a means for decrypting the randomly generated passwords for single-use unrestricted access to a designated terminal or mobile device. When unrestricted access to the terminal or mobile device is required, the encrypted administrator-level password is decrypted using a shared symmetric key, which is generated during encryption of the administrator password, to reveal the administrator-level password for the terminal or mobile device. The administrator-level password is a single-use password, wherein upon use of the administrator-level password a new administrator-level password may be automatically generated for the corresponding terminal or mobile device.

Abstract: A password management system and method for securing networked client terminals and mobile devices is provided. More specifically, the present invention provides a system and method for encrypting randomly generated administrator-level passwords and providing a means for decrypting the randomly generated passwords for single-use unrestricted access to a designated terminal or mobile device. When unrestricted access to the terminal or mobile device is required, the encrypted administrator-level password is decrypted using a shared symmetric key, which is generated during encryption of the administrator password, to reveal the administrator-level password for the terminal or mobile device. The administrator-level password is a single-use password, wherein upon use of the administrator-level password a new administrator-level password may be automatically generated for the corresponding terminal or mobile device.