This disclosure relates generally to the field of computing systems. More particularly, but not by way of limitation, it relates to techniques for allowing access to computer systems.
Automation products perform tasks on a variety of different computer systems. Various systems have been developed to provide what is known as “Single Sign-On” (SSO) capability, allowing a user to provide authentication information once, typically a userid and a password, then gain access to other systems without being prompted to login again at each of the other systems. These various SSO systems have been in practice incapable of providing complete coverage for all computer systems of an enterprise, particularly where those systems are provided by different vendors, with varying authentication systems, so that the different systems cannot be integrated into an enterprise-wide SSO security architecture.
Some products available today attempt to deal with the problem by encoding passwords using simple encodings, such as Base64, then passing these encoded passwords to the different systems as needed. Other products encrypt all passwords in a single place, using a single key, making an attack on the single place particularly attractive.