X window security system

US 5,073,933 A
Filed: 12/01/1989
Issued: 12/17/1991
Est. Priority Date: 12/01/1989
Status: Expired due to Term

First Claim

Patent Images

1. The method of rendering an X Window System including a server and at least one client process secure comprising the steps of:

restricting access to the X Window server system to an authorized user at a host computer terminal using an address family, the address family being encrypted and decrypted using a standard public key cryptographic algorithm.allowing said user to view only resources of the X Window server system specifically authorized to that user and resources authorized to an authenticator zero, andallowing said user to manipulate resources of the X Window server system specifically authorized to that user and resources authorized to an authenticator zero.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The method of rendering an X Windows server system running on a server and at least one host computer terminal secure including the steps of allowing users to view only resources of the X Windows server system the use of which has been specifically authorized to that user, and allowing users to manipulate only resources of the X Windows server system the use of which has been specifically authorized to that user.

46 Citations

View as Search Results

10 Claims

1. The method of rendering an X Window System including a server and at least one client process secure comprising the steps of:
- restricting access to the X Window server system to an authorized user at a host computer terminal using an address family, the address family being encrypted and decrypted using a standard public key cryptographic algorithm.allowing said user to view only resources of the X Window server system specifically authorized to that user and resources authorized to an authenticator zero, andallowing said user to manipulate resources of the X Window server system specifically authorized to that user and resources authorized to an authenticator zero.
- View Dependent Claims (2, 3, 4)
- - 2. The method of rendering an X Window System including a server and at least one client process secure as claimed in claim 1 in which the step of allowing said user to view only resources of the X Window server system specifically authorized to that user and resources authorized to an authenticator zero includes the steps of:
    - placing a user identification in an identification of each resource created by the user that may be viewed by the creating user only, andplacing an authenticator zero identification in the identification of each resource created by the user that may be viewed by any user.
  - 3. The method of rendering an X Window System including a server and at least one client process secure as claimed in claim 2 in which the step of allowing said user to manipulate only resources of the X Window server system specifically authorized to that user and resources authorized to an authenticator zero includes the step of:
    - allowing said user to manipulate only resources containing resource identifications containing one of two user identifications, the two user identifications being the user identification indicating that user and the user identification indicating said authenticator zero.
  - 4. The method of rendering an X Window System including a server and at least one client process secure as claimed in claim 1 in which the step of restricting access to the system to authorized users at host computer terminals comprises the steps of:
    - providing the address family recognizable by the X Window server system, the address family containing an authorized name for the user,providing a public key and a secret key for the user, the user'"'"'s secret key being known only the user,storing the authorized name, the public key, and the secret key for the user in a network-wide server database,providing a public key and a secret key for the X Window server system, the server'"'"'s public key being known to the user, and the server'"'"'s secret key being known only to the server,generating a credential at a host computer terminal encrypted using a standard public key cryptographic algorithm and the server'"'"'s public key, the credential containing the address family of the user and a verifier, the verifier comprising a time stamp to prevent replays of the credential, and being encrypted using the standard public key cryptographic algorithm and the user'"'"'s secret key,decrypting the credential at the X Window server using the standard public key cryptography algorithm and the server'"'"'s secret key to obtain the verifier,decrypting the verifier at the X Window server using the standard public key cryptography algorithm and the client'"'"'s public key to obtain the address family of the user, andgranting access to the X Window System upon matching of the decrypted address family with the address family recognizable by the X Windows server system as containing an authorized name for the user.

5. The method of rendering an X Window System including a server and at least one client process secure comprising the steps of:
- restricting access to the X Window server system to a client process executing on behalf of an authorized user at a host computer terminal using an address family, the address family being encrypted and decrypted using a standard public key cryptographic algorithm,allowing the client process operating on behalf of a user to view only resources of the X Window System specifically authorized to the user and resources authorized to an authenticator zero, andallowing the client process to manipulate only resources of the X Window server system specifically authorized to the user and resources authorized to an authenticator zero.
- View Dependent Claims (6)
- - 6. The method of rendering an X Window System including a server and at least one client process secure as claimed in claim 5 in which the step of restricting access to the system to a client process executing on behalf of an authorized user at a host computer terminal comprises the steps of:
    - providing the address family recognizable by the X Window server system, the address family containing an authorized name for the user,providing a public key and a secret key for the user, the user'"'"'s secret key being known only to the user,storing the authorized name, the public key, and the secret key for the user in a network-wide server database,providing a public key and a secret key for the X Window Server system, the server'"'"'s public key being known to the user, and the server'"'"'s secret key being known only to the server,generating a credential at a host computer terminal encrypted using the standard public key cryptographic algorithm and the server'"'"'s public key, the credential containing the address family of the user and a verifier, the verifier comprising a time stamp to prevent replays of the credential, and being encrypted using the standard public key cryptographic algorithm and the user'"'"'s secret key,decrypting the credential at the X Window server using the standard public key cryptography algorithm and the server'"'"'s secret key to obtain the verifier,decrypting the verifier at the X Window server using the standard public key cryptography algorithm and the client'"'"'s public key to obtain the address family of the user, andgranting access to the X Window System upon matching of the decrypted address family with the address family recognizable by the X Windows server system as containing an authorized name for the user.

7. The method of rendering a networked window system including a server and at least one client process secure comprising the steps of:
- restricting access to the networked window system to an authorized user at a host computer terminal using an address family, the address family being encrypted and decrypted using a standard public key cryptographic algorithm,allowing said user to view only the resources of the networked window system specifically authorized to that user, and resources authorized to an authenticator zero, andallowing said user to manipulate only resources of the networked window system specifically authorized to that user and resources authorized to an authenticator zero.
- View Dependent Claims (8)
- - 8. The method of rendering a networked window system including a server and at least one client process secure as claimed in claim 7 in which the step of restricting access to the system to an authorized user at a host computer terminal comprises the steps of:
    - providing the address family recognizable by the networked windows server system, the address family containing an authorized name for the user,providing a public key and a secret key for the user, the user'"'"'s secret key being known only to the user,storing the authorized name, the public key, and the secret key for the user in a network-wide server database,providing a public key and a secret key for the networked window server system, the server'"'"'s public key being known to the user, and the server'"'"'s secret key being known only to the server,generating a credential at a host computer terminal encrypted using the standard public key cryptographic algorithm and the server'"'"'s public key, the credential containing the address family of the user and a verifier, the verifier comprising a time stamp to prevent replays of the credential, and being encrypted using the standard public key cryptographic algorithm and the user'"'"'s secret key,decrypting the credential at the networked window server using the standard public key cryptography algorithm and the server'"'"'s secret key to obtain the verifier,decrypting the verifier at the networked window server using the standard public key cryptography algorithm and the client'"'"'s public key to obtain the address family of the user, andgranting access to the networked window system upon matching of the decrypted address family with the address family recognizable by the networked window server system as containing an authorized name for the user.

9. The method of rendering a networked window system including a server and at least one client process secure comprising the steps of:
- restricting access to the networked window system to a client process executing on behalf of an authorized user at a host computer terminal using an address family, the address family being encrypted and decrypted using a standard public key cryptographic algorithm,allowing the client process operating on behalf of a user to view only resources of the networked window systems specifically authorized to the user and resources authorized to an authenticator zero, andallowing the client process to manipulate only resources of the networked window system specifically authorized to the user and resources authorized to an authenticator zero.
- View Dependent Claims (10)
- - 10. The method of rendering a networked window system including a server and at least one client process secure as claimed in claim 9 in which the step of restricting access to the system to a client process executing on behalf of an authorized user at a host computer terminal comprises the steps of:
    - providing the address family recognizable by the networked window system, the address family containing an authorized name for the user,providing a public key and a secret key for the user, the user'"'"'s secret key being known only to the user,storing the authorized name, the public key, and the secret key for the user in a network-wide server database,providing a public key and a secret key for the networked window system, the server'"'"'s public key being known to the user, and the server'"'"'s secret key being known only to the server,generating a credential at a host computer terminal encrypted using the standard public key cryptographic algorithm and the server'"'"'s public key, the credential containing the address family of the user and a verifier, the verifier comprising a time stamp to prevent the replay of the credential, and being encrypted using the standard public key cryptographic algorithm and the user'"'"'s secret key,decrypting the credential at the networked window using the standard public key cryptography algorithm and the server'"'"'s secret key to obtain the verifier,decrypting the verifier at the networked window server using the standard public key cryptographic algorithm and the client'"'"'s public key to obtain the address family of the user, andgranting access to the networked window system upon matching of the decrypted address family with the address family recognizable by the networked window system as containing an authorized name for the user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sun Microsystems Incorporated (Oracle Corporation)
Original Assignee
Sun Microsystems Incorporated (Oracle Corporation)
Inventors
Rosenthal, David S. H.
Primary Examiner(s)
Gregory, Bernarr E.

Application Number

US07/444,663
Time in Patent Office

746 Days
Field of Search

364/200 MS File, 364/900 MS File, 364/518, 364/521, 364/522, 380/23, 380/25, 380/29, 380/30, 380/49, 380/50, 380/3-5
US Class Current

713/156
CPC Class Codes

G06F 21/31   User authentication

G06F 21/6218   to a system of files or obj...

G06F 2221/2103   Challenge-response

G06F 2221/2149   Restricted operating enviro...

G06F 9/468   Specific access rights for ...

X window security system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

46 Citations

10 Claims

Specification

Solutions

Use Cases

Quick Links

X window security system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

46 Citations

10 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links