Systems, methods and computer program products for authenticating client requests with client certificate information
First Claim
1. A method of authenticating a client request to access server resources without uniquely identifying a client IP address or a user making the client request, the method comprising the steps of:
- receiving at an Access Control List (ACL) a certificate associated with the user making the client request, wherein the certificate comprises a plurality of data fields, and wherein the ACL does not contain information that can uniquely identify a client IP address or a user making the client request;
selecting data from at least one of the certificate data fields; and
filtering the selected data using at least one predefined filter rule associated with the ACL to authenticate the client request without uniquely identifying a client IP address or a user making the client request.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods, systems and computer program products authenticate client requests to access server resources. A server receives a certificate containing multiple data fields associated with the client making a request. The server selects data from at least one of the certificate data fields and filters the selected data using at least one predefined filter rule associated with the requested server resources to authenticate the client request. Combinations of filter rules may be utilized and the server may select data from various combinations of data fields.
-
Citations
21 Claims
-
1. A method of authenticating a client request to access server resources without uniquely identifying a client IP address or a user making the client request, the method comprising the steps of:
-
receiving at an Access Control List (ACL) a certificate associated with the user making the client request, wherein the certificate comprises a plurality of data fields, and wherein the ACL does not contain information that can uniquely identify a client IP address or a user making the client request; selecting data from at least one of the certificate data fields; and filtering the selected data using at least one predefined filter rule associated with the ACL to authenticate the client request without uniquely identifying a client IP address or a user making the client request. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A data processing system for authenticating a client request to access server resources without uniquely identifying a client IP address or a user making the client request, the data processing system comprising:
-
means for receiving at an Access Control List (ACL) a certificate associated with the user making the client request, wherein the certificate comprises a plurality of data fields, and wherein the ACL does not contain information that can uniquely identify a client IP address or a user making the client request; means, responsive to the certificate receiving means, for selecting data from at least one of the certificate data fields; and means, responsive to the data selecting means, for filtering the selected data using at least one predefined filter rule associated with the ACL to authenticate the client request without uniquely identifying a client IP address or a user making the client request. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer program product for authenticating a client request to access server resources without uniquely identifying a client IP address or a user making the client request, the computer program product comprising:
-
a computer usable medium having computer readable program code means embodied in the medium for receiving at an Access Control List (ACL) a certificate associated with the user making the client request, wherein the certificate comprises a plurality of data fields, and wherein the ACL does not contain information that can uniquely identify a client IP address or a user making the client request; the computer usable medium having computer readable program code means embodied in the medium, responsive to the certificate receiving means, for selecting data from at least one of the certificate data fields; and the computer usable medium having computer readable program code means embodied in the medium, responsive to the data selecting means, for filtering the selected data using at least one predefined filter rule associated with the ACL to authenticate the client request without uniquely identifying a client IP address or a user making the client request. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
Specification