Some content of this application is unavailable at the moment.
If this situation persist, please contact us atFeedback&Contact
1. (WO2014191180) METHOD OF CHANGING PASSWORD IN AN INDUSTRIAL AUTOMATION AND CONTROL SYSTEM
Note: Text based on automatic Optical Character Recognition processes. Please use the PDF version for legal matters

Claims

1. Method of changing a user password in an Industrial Automation and Control System IACS comprising a user authentication unit running a LDAP server and at least one Intelligent Electronic Device IED running a LDAP client, wherein the IED comprises a Local Human Machine Interface LHMI, wherein the method comprises steps of:

generating the local password policy by retrieving a global password policy from the LDAP server,

storing the local password policy into the IED,

entering a new password at the LHMI after successful authentication of the user, verifying conformance of the new password with a local password policy by the IED, and

changing the user password to the new password.

2. Method according to claim 1 , wherein the authenticating step is carried out by the LDAP server.

3. Method according to claim 1, wherein the LDAP client comprises a replica of a LDAP database of the LDAP server.

4. Method according to claim 3, wherein the authenticating step is carried out by the LDAP client.

5. Method according to one of claims 3 to 4, wherein after changing the user password, the new password is synchronised from the LDAP client back to the LDAP server.

6. Method according to any one of claims 1 to 5, wherein the local password policy is stored separately in respect to the LDAP client.

7. Method according to any one of claims 3 to 5, wherein the replica comprises the local password policy.

8. Method according to any one of claims 1 to 7, further comprises the step of: upon a change of the global password policy, distributing the changed global password policy to the local password policy.

9. An Industrial Automation and Control System I ACS comprising:

a user authentication unit including a LDAP server,

at least one Intelligent Electronic Device IED including a LDAP client, wherein the IED comprises a Local Human Machine Interface LHMI,

a local password policy generated based on a global password policy of the LDAP server,

wherein the IED is adapted to generate the local password policy by retrieving a global password policy from the LDAP server,

wherein the local password policy is stored into the IED,

wherein the IED is adapted to verify conformance of a new password with the local password policy after the successful authentication, and

wherein the system is adapted to change the user password to the new password if the new password fulfils the local password policy.

10. System according to claim 9, wherein the LDAP client comprises a replica of a LDAP database of the LDAP server.

11. System according to claim 9, wherein the local password policy is stored separately in respect to the LDAP client.