Abstract: A method of providing and managing secure access to computer systems or resources from an external client, the method including the steps of a) receiving a message from the client at an authorisation module, b) requesting credentials from the client, c) sending the message and credentials to a session management module, d) checking the credentials of the client, and, if valid, issuing a ticket to the client, the ticket being valid for a plurality of trusted computer systems, e) receiving a further message together with said ticket from the client at the authorisation module, f) checking the validity of the ticket via the session management module, and g) passing the message and ticket to an impersonator module which provides secure communication between the client and the desired destination computer system or resource, the impersonator module also providing usage information to the session management module.

Abstract: A method of providing and managing secure access to computer systems or resources from an external client, the method including the steps of a) receiving a message from the client at an authorisation module, b) requesting credentials from the client, c) sending the message and credentials to a session management module, d) checking the credentials of the client, and, if valid, issuing a ticket to the client, the ticket being valid for a plurality of trusted computer systems, e) receiving a further message together with said ticket from the client at the authorisation module, f) checking the validity of the ticket via the session management module, and g) passing the message and ticket to an impersonator module which provides secure communication between the client and the desired destination computer system or resource, the impersonator module also providing usage information to the session management module.