Inter-partition message passing method, system and program product for a security server in a partitioned processing environment

US 20020129274A1
Filed: 03/08/2001
Published: 09/12/2002
Est. Priority Date: 03/08/2001
Status: Abandoned Application

First Claim

Patent Images

1. A method for providing security in a partitioned processing system having a first partition which includes a common security server and a second partition which includes a security client, the method comprising the steps of:

a) sending a request for authorization by a user to the security client in said second partition;

b) transmitting the request for authorization from the security client to the common security server in the first partition;

c) transmitting a first response to the request for authorization from the common security server in the first partition to the security client in the second partition said transmition of one of said request or said first response between partitions being by way of main storage; and

, d) transmitting a second response from the security client to the user.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A partitioned processing system is disclosed wherein a common security server is run in a first partition and at least one server client is run in at least one other partition, each partition having a shared memory or memory-to-memory connection to said first partition, which enables security client server communication with the common security server. The partitioned processing system additionally has a main storage having a first portion accessible by the first partition and a second portion accessible by the second partition. Also included is a mechanism connected to the security client for sending a request for authorization by a user to the security client. A first transmitter in the security client sends the request for authorization from the security client to the common security server by way of said main storage. A second transmitter in the common security server sends a response to the request for authorization from the common security server to the security client by way of said main storage. A third transmitter in the security client then sends the response from the security client to the user.

Citations

26 Claims

1. A method for providing security in a partitioned processing system having a first partition which includes a common security server and a second partition which includes a security client, the method comprising the steps of:
- a) sending a request for authorization by a user to the security client in said second partition;
  
  b) transmitting the request for authorization from the security client to the common security server in the first partition;
  
  c) transmitting a first response to the request for authorization from the common security server in the first partition to the security client in the second partition said transmition of one of said request or said first response between partitions being by way of main storage; and
  
  , d) transmitting a second response from the security client to the user.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method for providing security in a partitioned processing system of claim 1, wherein transmitting the request for authorization of step b comprises the further steps of:
    - b1) signaling by the security client running in the second partition, a first program running in the first partition to start a proxy client in the first partition; and
      
      , b2) transmitting the request from the proxy client to the security server in the first partition.
  - 3. The method for providing security in a partitioned processing system of claim 1, wherein one of step b or step c includes using main storage shared between the first partition and the second partition.
  - 4. The method for providing security in a partitioned processing system of claim 1, wherein one of step b or step c includes using main storage linked between the first partition and the second partition by a memory-to-memory data mover.
  - 5. The method for providing security in a partitioned processing system of claim 1, wherein step b includes a program call by the proxy client using an interface native to the security server.
  - 6. The method for providing security in a partitioned processing system of claim 1, wherein step c comprises the further step of transmitting the first response from the common security server to the security client by way of a first program running in the first partition.
  - 7. The method for providing security in a partitioned processing system of claim 1, wherein said second response transmitted from the security client in the second partition to the user is a program action.

8. A partitioned processing system for providing security having a first partition including a common security server and a second partition having a security client, the partitioned processing system comprising:
- means for sending a request for authorization by a user to the security client in the second partition;
  
  means for transmitting the request for authorization from the security client to the common security server in the first partition;
  
  Means for transmitting a first response to the request for authorization from the common security server in the first partition to the security client in the second partition said transmition of one of said request or said first response between partitions being by way of main storage; and
  
  , d) means for transmitting a second response from the security client to the user.
- View Dependent Claims (9, 10, 11, 12, 13, 15, 16, 17, 18, 19)
- - 9. The partitioned processing system of claim 8, wherein the means for transmitting the request for authorization further comprises:
    - a first program running in the first partition for starting a proxy client;
      
      means for signaling said first program by the security client running in the second partition thereby starting said proxy client in the first partition; and
      
      , means for transmitting the request from the proxy client to the security server in the first partition.
  - 10. The partitioned processing system of claim 8, wherein said main storage comprises storage shared between the first partition and the second partition.
  - 11. The partitioned processing system of claim 8 further comprising storage linked between the first partition and the second partition, and said the means for transmitting the request for authorization from the security client includes a memory-to-memory data mover.
  - 12. The partitioned processing system of claim 8, wherein the means for transmitting the request from the proxy client includes means for sending a program call by the proxy client using an interface native to the security server.
  - 13. The partitioned processing system of claim 8, wherein the means for transmitting a response to the request for authorization from the common security server further comprises a first program running in the first partition transmitting the response from the common security server to the security client.
  - 15. The computer program product for providing security in a partitioned processing system of claim 14, wherein the computer readable program means for transmitting the request for authorization comprises:
    - b1) computer readable program means for signaling by the security client running in the second partition, a first program running in the first partition to start a proxy client in the first partition; and
      
      , b2) computer readable program means for transmitting the request from the proxy client to the security server in the first partition.
  - 16. The computer program product for providing security in a partitioned processing system of claim 14, wherein the computer readable program means of step b or c includes computer program means using storage shared between the first partition and the one of the at least one second partition.
  - 17. The computer program product for providing security in a partitioned processing system of claim 14, wherein the computer readable program means of step b or c includes computer program means for using storage linked between the first partition and the one of the at least one second partition by a memory-to-memory data mover.
  - 18. The computer program product for providing security in a partitioned processing system of claim 14, wherein the computer readable program means of step b includes computer program means for providing a program call by the proxy client using an interface native to the security server.
  - 19. The computer program product for providing security in a partitioned processing system of claim 14, wherein the computer readable program means of step c comprises computer readable program means for transmitting the response from the common security server to the security client by way of a first program running in the first partition.

14. A computer program product comprising a computer useable medium having computer readable program code means therein for providing security in a partitioned processing system wherein a first partition includes a common security server and a second partition including a security client, the computer readable program means in said computer program product comprising:
- a) computer readable program means for sending a request for authorization by a user to the security client in the second partition;
  
  b) computer readable program means for transmitting the request for authorization from the security client to the common security server in the first partition;
  
  c) computer readable program means for transmitting a first response to the request for authorization from the common security server in the first partition to the security client in the second partition said transmition of one of said request or said first response between partitions being by way of main storage; and
  
  , d) computer readable program means for transmitting a second response from the security client to the user.

20. A partitioned processing system for providing security having a first partition including a common security server and a second partition having a security client, the partitioned processing system comprising:
- main storage having a first portion accessible by the first partition and a second portion accessible by the second partition;
  
  a mechanism connected to the security client, said mechanism sending a request for authorization by a user to the security client;
  
  a first transmitter in the security client sending the request for authorization from the security client to the common security server;
  
  a second transmitter in the common security server sending a first response to the request for authorization from the common security server in the first partition to the security client in the second partition said transmition of one of said request or said first response between partitions being by way of main storage; and
  
  , a third transmitter in the common security server sending a second response from the security client to the user.
- View Dependent Claims (21, 22, 23, 24, 25, 26)
- - 21. The partitioned processing system of claim 20, wherein said first transmitter comprises:
    - a program running in the first partition for starting a proxy client;
      
      said security client signaling said program thereby starting said proxy client in the first partition; and
      
      , a forth transmitter transmitting the request from the proxy client to the security server.
  - 22. The partitioned processing system of claim 20, wherein said main storage comprises a third portion accessible by both the first partition and the second partition.
  - 23. The partitioned processing system of claim 20 further comprising storage linked between the first partition and the second partition, and said second transmitter includes a memory-to-memory data mover moving data between said first portion and second portion of said main memory.
  - 24. The partitioned processing system of claim 20, wherein said forth transmitter sends a program call by the proxy client using an interface native to the security server.
  - 25. The partitioned processing system of claim 20, wherein said second transmitter further comprises a program running in the first partition transmitting the first response from the common security server to the security client.
  - 26. The partitioned processing system of claim 20 further comprising a third partition having a second security client, and said common security server of said first partition being responsive to requests for authorization from the security client of the second partition or the second security client of the third partition.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Baskey, Michael E., Jones, John C., DeGilio, Frank J., Temple, Joseph L. III, Rohrbach, Christian F.

Application Number

US09/801,492
Publication Number

US 20020129274A1
Time in Patent Office

Days
Field of Search
US Class Current

713/201
CPC Class Codes

G06F 21/6218   to a system of files or obj...

G06F 21/6236   between heterogeneous systems

G06F 9/544   Buffers; Shared memory; Pipes

G06F 9/546   Message passing systems or ...

Inter-partition message passing method, system and program product for a security server in a partitioned processing environment

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Inter-partition message passing method, system and program product for a security server in a partitioned processing environment

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links