Access control subsystem and method for distributed computer system using locally cached authentication credentials
First Claim
1. In a distributed computer system having a multiplicity of interconnected computers, security apparatus comprising:
- a plurality of processes, each process running on one of said multiplicity of computers, said plurality of processes including requester processes and server processes;
secure channels connecting ones of said multiplicity of computers on which respective ones of said requester processes are running to second ones of said multiplicity of computers on which respective ones of said server processes are running; and
a multiplicity of authenticating agents, each running in a trusted computing base on a different one of said multiplicity of interconnected computers;
one of said multiplicity of authenticating agents, running on one of said multiplicity of computers having at least one server process running thereon, including;
local cache means for maintaining data identifying previously authenticated requests from ones of said requester processes running on other ones of said multiplicity of interconnected computers; and
received request authenticating means for authenticating, on behalf of said at least one server process, a received request when data in said received request match said data maintained by said local cache means, for obtaining credentials authenticating said received request when said first data in said received request does not match said data maintained by said local cache means, and for enabling said at least one server process to process said received request only after said received request has been authenticated.
6 Assignments
0 Petitions
Accused Products
Abstract
A distributed computer system has a number of computers coupled thereto at distinct nodes. The computer at each node of the distributed system has a trusted computing base that includes an authentication agent for authenticating requests received from principals at other nodes in the system. Requests are transmitted to servers as messages that include a first identifier provided by the requester and a second identifier provided by the authentication agent of the requester node. Each server process is provided with a local cache of authentication data that identifies requesters whose previous request messages have been authenticated. When a request is received, the server checks the request'"'"'s first and second identifiers against the entries in its local cache. If there is a match, then the request is known to be authentic. Otherwise, the server node'"'"'s authentication agent is called to obtain authentication credentials from the requester'"'"'s node to authenticate the request message. The principal identifier of the requester and the received credentials are stored in a local cache by the server node'"'"'s authentication agent. The server process also stores a record in its local cache indicating that request messages from the specified requester are known to be authentic, thereby expediting the process of authenticating received requests.
673 Citations
9 Claims
-
1. In a distributed computer system having a multiplicity of interconnected computers, security apparatus comprising:
-
a plurality of processes, each process running on one of said multiplicity of computers, said plurality of processes including requester processes and server processes; secure channels connecting ones of said multiplicity of computers on which respective ones of said requester processes are running to second ones of said multiplicity of computers on which respective ones of said server processes are running; and a multiplicity of authenticating agents, each running in a trusted computing base on a different one of said multiplicity of interconnected computers; one of said multiplicity of authenticating agents, running on one of said multiplicity of computers having at least one server process running thereon, including; local cache means for maintaining data identifying previously authenticated requests from ones of said requester processes running on other ones of said multiplicity of interconnected computers; and received request authenticating means for authenticating, on behalf of said at least one server process, a received request when data in said received request match said data maintained by said local cache means, for obtaining credentials authenticating said received request when said first data in said received request does not match said data maintained by said local cache means, and for enabling said at least one server process to process said received request only after said received request has been authenticated. - View Dependent Claims (2, 3)
-
-
4. In a distributed computer system having a multiplicity of interconnected computers, security apparatus comprising:
-
a plurality of processes, each process running on one of said multiplicity of computers, said plurality of processes including requester processes and server processes; secure channels connecting first ones of said multiplicity of computers on which respective ones of said requester processes are running to second ones of said multiplicity of computers on which respective ones of said server processes are running; a plurality of authenticating agents, each running in a trusted computing base on a different one of said multiplicity of interconnected computers; each requester process including means for generating a request and for initiating transmission of said request over one of said secure channels to a specified one of said server processes, said request including a first datum allegedly identifying a principal associated with said requester process; each authenticating agent running on one of said multiplicity of interconnected computers having at least one requester process running thereon including; request processing means for adding a second datum to each request generated by a requester process running on the same one of said multiplicity of computers as said authenticating agent, wherein said second datum uniquely corresponds to said originating requester process; and request authenticating means for authenticating that the first datum and second datum in a previously sent request are valid; each authenticating agent running on one of said multiplicity of interconnected computers having at least one server process running thereon including; local cache means for maintaining data indicating said first datum and second datum in previously authenticated requests; and received request authenticating means for (A) authenticating, on behalf of said at least one server process, a received request when said first datum and second datum in said received request match said data maintained by said local cache means, (B) obtaining authentication of said received request from said authenticating agent running on the same computer as the requester process that sent said received request when said first datum and second datum in said received request do not match said data maintained by said local cache means, and (C) enabling said at least one server process to process said received request only after said received request has been authenticated. - View Dependent Claims (5, 6)
-
-
7. A method of operating a distributed computer system having a multiplicity of interconnected computers, the steps of the method comprising:
-
running requester processes on at least a first subset of said multiplicity of computers and running server on at least a second subset of said multiplicity of computers; interconnecting with secure channels first ones of said multiplicity of computers on which respective ones of said requester processes are running to second ones of said multiplicity of computers on which respective ones of said server processes are running; establishing authenticating agents within a trusted computing base on each one of said multiplicity of computers; said requester processes each generating requests and initiating transmission of said requests over ones of said secure channels to specified ones of said server processes, said requests each including a first datum allegedly identifying a principal associated with said each requester process; said authenticating agents adding to each request generated by said requester processes a second datum uniquely corresponding to the one of said requester processes which generated said each request; and those of said authenticating agents established on ones of said multiplicity of computers having at least one server process running thereon (A) maintaining a local cache of data indicating said first datum and second datum in previously authenticated requests received by said at least one server process, and (B) authenticating, on behalf of said at least one server process, a received request when said first datum and second datum in said received request match said data in said local cache, (C) obtaining authentication of said received request, from said authenticating agent established on the computer running the requester process that sent said received request, when said first datum and second datum in said received request do not match said data maintained by said local cache means, and (D) for enabling said at least one server process to process said received request only after said received request has been authenticated. - View Dependent Claims (8, 9)
-
Specification