Method and apparatus for delegated communications in a computer system using trusted deputies
First Claim
1. In a distributed computer system, a method for a user to communicate safely with an untrusted server, by delegating a trusted deputy application to act in behalf of said user, said method performed by instructions in a central processor of a computer in said distributed system, said method comprising the steps of:
- identifying a deputy application in a computer in said distributed computer system, said deputy application being recommended by said untrusted server to a client application, said client application checking a series of places on said client application'"'"'s computer which contain indications of deputy applications to be trusted and if said recommended deputy application is recognized as trustworthy designating said recommended deputy application as a trusted deputy application to act on behalf of said client application;
executing a call on one or more target programs by invoking said call on said trusted deputy application, said call being initiated by said client application;
passing said invoked call to one or more servers which contain implementations of said one or more target programs, by said deputy application; and
accepting said invoked call by said one or more servers which contain implementations of said one or more target programs by recognizing that said trusted deputy is acting for said client application regardless of which computer in said distributed computer system said trusted deputy application resides on.
1 Assignment
0 Petitions
Accused Products
Abstract
An apparatus and a method are disclosed whereby a client application can use a trusted "Deputy" application to execute operation calls on several servers on behalf of the client, the Deputy application being able to convince the servers that the deputy application is representing the original client application, and the client thereby reducing the risk of being contaminated by uncontrolled access to an unknown server, while at the same time being able to obtain the desired processing results regardless of the number or location of servers involved in providing the results. The Deputy application is authenticated by the server as representing a user, not a user on a predetermined workstation or as a predetermined member of a particular work group.
141 Citations
28 Claims
-
1. In a distributed computer system, a method for a user to communicate safely with an untrusted server, by delegating a trusted deputy application to act in behalf of said user, said method performed by instructions in a central processor of a computer in said distributed system, said method comprising the steps of:
-
identifying a deputy application in a computer in said distributed computer system, said deputy application being recommended by said untrusted server to a client application, said client application checking a series of places on said client application'"'"'s computer which contain indications of deputy applications to be trusted and if said recommended deputy application is recognized as trustworthy designating said recommended deputy application as a trusted deputy application to act on behalf of said client application; executing a call on one or more target programs by invoking said call on said trusted deputy application, said call being initiated by said client application; passing said invoked call to one or more servers which contain implementations of said one or more target programs, by said deputy application; and accepting said invoked call by said one or more servers which contain implementations of said one or more target programs by recognizing that said trusted deputy is acting for said client application regardless of which computer in said distributed computer system said trusted deputy application resides on. - View Dependent Claims (2, 3)
-
-
4. A method for a client application in a computer system to communicate safely with one or more untrusted servers on behalf of a user, by delegating a trusted deputy application to act in behalf of said user, said method performed by instructions in a central processor in said computer system comprising the steps of:
-
initiating a client application, said client application being located on a first computer; accessing a first target object by said client application, an implementation of said first target object being located on a first server; obtaining from said implementation of said first target object an identification of a deputy application, which said first server is willing to accept independent of which machine said deputy application resides on; locating said identified deputy application; determining whether said client application is willing to trust said identified deputy application, said determination being made by checking said identification of said deputy application against identifications of deputy applications known to be trusted by said client application; and using said identified deputy application which has been located, if said identified deputy application is determined to be trustworthy, as one which can be trusted by said client application, to act as a trusted representative of said client application in dealing with said first server. - View Dependent Claims (5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A method for creating a system for use in a computer to allow a client application to communicate safely with an untrusted server, by delegating a trusted deputy application to act in behalf of said client application, said method performed by instructions in a central processor of a computer, said method comprising the steps of:
-
creating an object reference which points to a first target object located on a first server wherein said object reference contains a flag, said flag being coded by said computer to indicate to a client application whether or not a deputy application is recommended when invoking operations on said target object; obtaining a deputy application if one is recommended for use with said first target object, wherein said deputy application will be accepted by a server as a representative of a client application independent of which machine said deputy application resides on; installing said deputy application on a machine trusted by said client application and placing an identification of said deputy application in a place well known by said client application as a place containing identifications of deputy applications which are trustworthy; and using said deputy application as a trusted intermediary by said client application to invoke operations on said first target object if said flag in said object reference to said first target object indicates that use of a deputy application is recommended and if said client application is able to verify that said deputy application is trustworthy. - View Dependent Claims (16, 17, 18, 19)
-
-
20. A computer system containing in its memory a computer program product for use in a distributed computer system for executing programs on one or more untrusted servers, said computer system comprising:
-
a first system element for identifying a deputy application, by said computer system, said deputy application being trusted by a client application in said computer system, said deputy application having security credentials proving that said deputy application is entitled to represent said client application; and a second system element for using said deputy application, by a client application unaware of a location of said one or more servers containing target applications, to act as a trusted intermediary in accessing said target applications wherein said one or more servers containing target applications will accept operation calls from said deputy application as representing said client application without regard to what machine said deputy application is on.
-
-
21. A distributed computer system including a plurality of servers and having a plurality of computers interconnected by a communications link, said distributed computer system comprising:
-
a deputy application on a first computer which deputy application can be trusted by a client application to act on behalf of said client application in executing a call on one or more target programs; a fast target program residing on a fast server, said first server being coupled to said computer containing said deputy application, said first target program containing a reference to a second target program; and a program in said first computer for executing said call by said client application, said call being executed on said deputy application, said deputy application executing said call on said first target program and said second target program on behalf of said client application, said deputy application being trusted by said fast target program and said second target program without regard for what machine said deputy application is on, whereby said client application can access a plurality of target programs through said deputy application. - View Dependent Claims (22, 23, 24, 25, 26)
-
-
27. In an object oriented system having a client application and a plurality of computers, and a plurality of servers, said plurality of servers containing one or more target object implementations, the improvement comprising:
a deputy application operating in one of said plurality of computers, which deputy application was recommended by one of said plurality of servers to said client application, said client application checking a series of places on said client application'"'"'s computer which contain indications of deputy applications to be trusted and if said recommended deputy application is recognized as trustworthy designating said recommended deputy application as a trusted deputy application to act in said client application'"'"'s behalf, said deputy application being trusted by one or more of said plurality of servers which originally recommended said deputy application as one which is trustworthy, without regard for what machine said deputy application is on, wherein said client application executes a call on said one or more target object implementations by invoking said call on said deputy application.
-
28. A distributed computer system having a plurality of computers, and a plurality of servers, said distributed computer system comprising:
-
a client application operating in one of said plurality of computers in said distributed computer system; and a deputy application which can be trusted by said client application to act on behalf of said client application in executing a call on a target program operating in one of said plurality of computers in said distributed computer system, wherein said call on said target program requiring access to program implementations on one or more of said servers is performed by computer instructions in one of said plurality of computers in said distributed computer system, said computer instructions representing said deputy application, and wherein said one or more of said servers trust said deputy application as representing said client application without regard to which computer said deputy application resides upon.
-
Specification