Server entity that provides secure access to its resources through token validation
First Claim
1. A method for providing secure access to resources controlled by a server entity, said method comprising the steps within said server entity of:
- receiving a first authorization token from an authorizer entity, said first authorization token being generated by said authorizer entity based on previous communication with a client entity, said server entity, said client entity and said authorizer entity being mutually interconnected; and
validating a second authorization token to ensure that said client entity is permitted to access said resources by comparing said second authorization token with said first authorization token, said second authorization token being received as part of a request to said server entity from said client entity.
1 Assignment
0 Petitions
Accused Products
Abstract
A peer to peer connection authorizer is described. The connection authorizer involves three different entities: a system authorizer mechanism, a client connection manager, and a server connection manager. The system authorizer resides on the main or primary CPU while the client and server connection managers reside on individual IOPs. To obtain information required by a user and/or an application program, the client connection manager issues a request to the system authorizer. When the system authorizer receives the request, it first verifies that the client device is who it claims to be. If the system authorizer determines that the client device should be allowed to access the requested information, it then sends a token to the server device and a copy of the same token to the client device. Upon receipt of the token copy from the system authorizer, the client connection manager packages the token copy into a message that it sends to the server device. When the server connection manager receives the message from the client device, it compares the token copy to the token it received from the system authorizer. If the tokens match, the server connection manager responds to the client device and the connection is established.
151 Citations
8 Claims
-
1. A method for providing secure access to resources controlled by a server entity, said method comprising the steps within said server entity of:
-
receiving a first authorization token from an authorizer entity, said first authorization token being generated by said authorizer entity based on previous communication with a client entity, said server entity, said client entity and said authorizer entity being mutually interconnected; and validating a second authorization token to ensure that said client entity is permitted to access said resources by comparing said second authorization token with said first authorization token, said second authorization token being received as part of a request to said server entity from said client entity. - View Dependent Claims (2, 3, 4)
-
-
5. A server entity that provides secure access to resources controlled by said server entity, said server entity comprising:
-
a token receiving mechanism that receives a first authorization token from an authorizer entity and a second authorization token from a client entity, said first authorization token being generated by said authorizer entity based on previous communication with said client entity, said server entity, said client entity and said authorizer entity being mutually interconnected; and a token validating mechanism, said token validating mechanism ensuring that said client entity is permitted to access said resources by validating said second authorization token through comparison of said second authorization token with said first authorization token. - View Dependent Claims (6, 7, 8)
-
Specification
-
- Resources
-
Current AssigneeInternational Business Machines Corporation
-
Original AssigneeInternational Business Machines Corporation
-
InventorsCarlson, Brent A., Huss, Frederic L., Schmucki, Nancy M., Zelenski, Richard E.
-
Primary Examiner(s)Ray, Gopal C.
-
Application NumberUS08/459,451Time in Patent Office424 DaysField of Search395/200.06, 395/200.12, 395/425, 395/575, 395/186, 395/200.03, 395/200.12, 395/821, 380/4, 380/25, 380/23, 235/380, 340/825.31, 340/825.34, 370/85.4US Class Current726/5CPC Class CodesG06F 12/1408 by using cryptography for d...G06F 21/335 for accessing specific reso...G06F 21/606 by securing the transmissio...G06F 21/85 interconnection devices, e....
