Access control in a distributed computer system
First Claim
1. A data processing system comprising:
- (a) a plurality of initiator entries, each having a set of initiator qualifier attributes associated therewith,(b) a plurality of target entities, connected to and accessible by said initiator entries,(c) authentication means coupled to said target entities for issuing each target entity, on request, with a privilege attribute certificate (PAC) indicating access rights granted to that target entity,(d) PAC validation means, coupled to said target entities, for validating PACs on behalf of said target entities,(e) key distribution means, coupled to said initiator entities, for issuing to each initiator entity, on request, with(i) a first key, for communicating with the PAC validation means, the first key being encrypted under a second key known to both the initiator entity and the key distribution means,(ii) a package comprising said first key, and the initiator qualifier attributes of the initiator entity, encrypted together under a third key known only to the key distribution means and to the PAC validation means,(f) connection means for interconnecting each initiator entity to the PAC validation means to permit the initiator entity to present said package to the PAC validation means, and(g) a table associated with the PAC validation means, for recording an association between the first key and the initiator qualifier attributes in said package.
1 Assignment
0 Petitions
Accused Products
Abstract
A mechanism is described for controlling access to a target application (TA) in a distributed computer system. A user sponsor (US) acting on behalf of an end user is issued with a privilege attribute certificate (PAC) containing initiator qualifier attributes (IQA) identifying permitted users of the PAC. The US obtains a key from a key distribution server (KDS), the key having initiator qualifier attributes of the US cryptographically associated with it.
The US uses this key to communicate with the TA, and presents its PAC for verification. If the IQA in the PAC do not match the IQA associated with the key, this indicates that the PAC is being presented by the wrong initiator, and so access is not permitted.
If a receiving entity subsequently wishes to act as an initiator and to use the PAC by proxy, it acquires a key from the KDS, the key having the receiving entity'"'"'s attributes cryptographically associated with it. This provides a way of regulating proxy use of PACs.
-
Citations
1 Claim
-
1. A data processing system comprising:
-
(a) a plurality of initiator entries, each having a set of initiator qualifier attributes associated therewith, (b) a plurality of target entities, connected to and accessible by said initiator entries, (c) authentication means coupled to said target entities for issuing each target entity, on request, with a privilege attribute certificate (PAC) indicating access rights granted to that target entity, (d) PAC validation means, coupled to said target entities, for validating PACs on behalf of said target entities, (e) key distribution means, coupled to said initiator entities, for issuing to each initiator entity, on request, with (i) a first key, for communicating with the PAC validation means, the first key being encrypted under a second key known to both the initiator entity and the key distribution means, (ii) a package comprising said first key, and the initiator qualifier attributes of the initiator entity, encrypted together under a third key known only to the key distribution means and to the PAC validation means, (f) connection means for interconnecting each initiator entity to the PAC validation means to permit the initiator entity to present said package to the PAC validation means, and (g) a table associated with the PAC validation means, for recording an association between the first key and the initiator qualifier attributes in said package.
-
Specification