This invention relates to a system for ensuring secure access to a network. More specifically, this invention relates to a password generation and management system running as an application on a network server, and which permits access to a secured database by remote users (including users communicating with the server over the Internet).
It is often desirable for a corporation to make its internal databases available to external users (for example, subscribers on the World Wide Web or "Extranet" as opposed to the corporation's "Intranet"). In particular, two business partners (each with its own "Intranet")may wish to share sensitive information. In these situations, providing secure access to databases (and maintaining the integrity of the content of those databases) is of great concern.
FIG. 1 shows schematically a networking arrangement with users belonging to different organizations. A corporate intranet 110 has a number of servers 130-1 to 130-n connected thereto, along with a number of users 120-1, 120-2, . . . , 120-n. Various applications running on servers 130 provide security for the intranet and its users. These applications, familiar to those skilled in the art, are collectively termed a "firewall," shown schematically as a wall 140 surrounding the organization. The users 120 may also connect to the Internet 100, to which a number of other servers 101-1 to 101-n are also connected.
Another user 105, though not part of the same organization as users 120, may still communicate with users 120 by connecting to the Internet 100. Users 120 may of course communicate with each other over the intranet 110. In both of these cases, access to databases on servers 130 must be controlled, and the security of the data must be assured. In particular, when user 120-1 (for example) establishes a link 141 extending past the firewall 140 to the Internet 100 and to user 105 (for example, a customer or business partner), it is necessary to ensure that no unauthorized access to the data residing on servers 130 occurs.
Accordingly, there is a need for a system that provides secure account management and content protection in a networking environment where both internal and external users have access to an organization's internal databases.