Security system
First Claim
1. A security system for use in a distributed processing system having a plurality of nodes, comprising:
- passthrough means for passing access request data through an intra node to another one of said plurality of nodes, said access request data including at least address information for specifying one of said plurality of nodes and security information for obtaining access to one of said plurality of nodes;
node directory storing means for storing a node directory representing a correspondence between each of said plurality of nodes and respective security information; and
control means for receiving said access request data, and upon determining that said address information does not specify said intra node and that said security information of said access request data corresponds to said address information in accordance with said correspondence represented by said node directory, for causing said passthrough means to pass said access request data through said intra node to said other one of said plurality of nodes.
1 Assignment
0 Petitions
Accused Products
Abstract
In a distributed processing system having a plurality of nodes, a correspondence table, which represents a correspondence between the nodes and corresponding passwords that grant access to the nodes, stored in a disk device. Each of the nodes includes a passthrough device which permits passthrough of access request data to a node of the next hierarchical level. Upon receipt of access request data, the passthrough device refers to the correspondence table to check a password contained in the received access request data for validity of access to the node. When the password is valid, the passthrough of the access request data is permitted.
60 Citations
9 Claims
-
1. A security system for use in a distributed processing system having a plurality of nodes, comprising:
-
passthrough means for passing access request data through an intra node to another one of said plurality of nodes, said access request data including at least address information for specifying one of said plurality of nodes and security information for obtaining access to one of said plurality of nodes; node directory storing means for storing a node directory representing a correspondence between each of said plurality of nodes and respective security information; and control means for receiving said access request data, and upon determining that said address information does not specify said intra node and that said security information of said access request data corresponds to said address information in accordance with said correspondence represented by said node directory, for causing said passthrough means to pass said access request data through said intra node to said other one of said plurality of nodes. - View Dependent Claims (2, 3, 4)
-
-
5. In a distributed processing system with a plurality of nodes which accesses one node through another node, a security method of checking validity of access request data having at least node data for specifying a node to access and a password indicating whether access to the node is valid or not, the security method comprising the steps of:
-
preparing correspondence information representing a correspondence between the node data and passwords corresponding to the nodes; determining whether or not the password designated in the access request data coincides with a password in the correspondence information that corresponds to the node data designated in the access request data; and passing the access request data through an intra node to another node upon coincidence of the passwords. - View Dependent Claims (6, 7, 8)
-
-
9. A security system in a distributed processing system wherein a plurality of nodes are arranged in a hierarchical structure of different hierarchical levels, comprising:
-
a terminal serving as a source node, for issuing access request data including node specifying data for specifying a destination node to be accessed, and a password for accessing the destination node; a host unit which serves as the destination node; a subhost unit which serves as an intra node and which is connected between said terminal and said host unit, including, table memory means for storing a correspondence between node specifying data and passwords; passthrough means for passing the access request data through the intra node to a node of a different hierarchical level; and control means for determining whether or not the node specifying data included in the access request data specifies the intra node, for referring to said table memory means to determine whether or not the password included in the access request data coincides with a password of the destination node stored in said table memory means and whether or not the node specifying data designates a node at a higher level in the hierarchy than the intra node, and for passing the access request data to said host unit if the password included in the access request data coincides with the password of the destination node stored in said table memory means.
-
Specification