Patents by Inventor Tzippi YITZHACK

Tzippi YITZHACK has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • User provisioning
    Patent number: 9680813
    Abstract: A method of credential provisioning on a target service utilizes three credential sets: authentication credentials, privileged credentials and provisioned credentials. An intermediate element receives a request from a user client to establish a session with a target service. The request includes authentication credentials. The intermediate element creates provisioned credentials using privileged credentials which are authorized for creating provisioned credentials for accessing the target service. Once provisioned credentials have been created, a dual session communication channel is established between the user client and the target service. The session between the user client and intermediate element is established using the authentication credentials and the session between the intermediate element and the target service is established using the provisioned credentials. Optionally, user authorization to establish a session with the target service is determined prior to creating the provisioned credentials.
    Type: Grant
    Filed: September 8, 2014
    Date of Patent: June 13, 2017
    Assignee: Cyber-Ark Software Ltd.
    Inventors: Yair Sade, Roy Adar, Yossi Dantes, Tzippi Yitzhack, Andrey Dulkin
  • USER PROVISIONING
    Publication number: 20160006712
    Abstract: A method of credential provisioning on a target service utilizes three credential sets: authentication credentials, privileged credentials and provisioned credentials. An intermediate element receives a request from a user client to establish a session with a target service. The request includes authentication credentials. The intermediate element creates provisioned credentials using privileged credentials which are authorized for creating provisioned credentials for accessing the target service. Once provisioned credentials have been created, a dual session communication channel is established between the user client and the target service. The session between the user client and intermediate element is established using the authentication credentials and the session between the intermediate element and the target service is established using the provisioned credentials. Optionally, user authorization to establish a session with the target service is determined prior to creating the provisioned credentials.
    Type: Application
    Filed: September 8, 2014
    Publication date: January 7, 2016
    Inventors: Yair SADE, Roy ADAR, Yossi DANTES, Tzippi YITZHACK, Andrey DULKIN