Expedited message control for synchronous response in a Kerberos domain
First Claim
Patent Images
1. In a network wherein multiple client terminals (10) communicate with a client-server (13) having a Kerberos Support Library (34) which is in communication with a Kerberos Server (20), a method for enabling a requesting client terminal (10) to receive a synchronous message response from said Kerberos Support Library (34) without need to access said Kerberos Server (20), said method comprising the steps of:
- (a) enabling said Kerberos Server (20) to continuously update its local configuration file (F1) which includes parameters of realm name, client ID, principal'"'"'s ID, relevant information data, for immediate transport to a remote configuration file (F2) in said Kerberos Support Library (34) of said client-server (13), said updating of File (F1) being initiated by an external Control Capable Terminal (C1);
(b) continuously maintaining said local configuration file (F1) in said Kerberos Server (20) with updated information from said external Control Capable Terminal (C1);
(c) synchronizing said remote configuration file (F2), in said Kerberos Support Library (34), so as to be continually updated to duplicate said Kerberos Server'"'"'s (20) configuration file (F1);
(d) entering secured administration commands from said Control Capable Terminal (C1) to said Kerberos Server'"'"'s configuration file (F1);
(e) initiating a synchronous comand request, by said client-terminal (10), for information from said configuration file (F2) of said client-server (13);
(f) generating an immediate synchronous response by said Kerberos Support Library (34) to said client terminal (10).
12 Assignments
0 Petitions
Accused Products
Abstract
A system and method is provided which facilitates an expedited message control system which previously required the passage of messages from the Kerberos Server to a Kerberos Support Library, residing on a ClearPath NX Server, to a client workstation in a synchronous fashion. The present system expedites the message response to a client by allowing an intermediary such as the Kerberos Support Library (residing on the ClearPath NX Server), to respond on behalf of the Kerberos Server which does not need to be contacted, since synchronization of updated information is effectuated continually between the Kerberos Server and the Kerberos Support Library.
58 Citations
4 Claims
-
1. In a network wherein multiple client terminals (10) communicate with a client-server (13) having a Kerberos Support Library (34) which is in communication with a Kerberos Server (20), a method for enabling a requesting client terminal (10) to receive a synchronous message response from said Kerberos Support Library (34) without need to access said Kerberos Server (20), said method comprising the steps of:
-
(a) enabling said Kerberos Server (20) to continuously update its local configuration file (F1) which includes parameters of realm name, client ID, principal'"'"'s ID, relevant information data, for immediate transport to a remote configuration file (F2) in said Kerberos Support Library (34) of said client-server (13), said updating of File (F1) being initiated by an external Control Capable Terminal (C1);
(b) continuously maintaining said local configuration file (F1) in said Kerberos Server (20) with updated information from said external Control Capable Terminal (C1);
(c) synchronizing said remote configuration file (F2), in said Kerberos Support Library (34), so as to be continually updated to duplicate said Kerberos Server'"'"'s (20) configuration file (F1);
(d) entering secured administration commands from said Control Capable Terminal (C1) to said Kerberos Server'"'"'s configuration file (F1);
(e) initiating a synchronous comand request, by said client-terminal (10), for information from said configuration file (F2) of said client-server (13);
(f) generating an immediate synchronous response by said Kerberos Support Library (34) to said client terminal (10).
-
-
2. In a network wherein a client terminal (10) communicates with a client-server (13) having a Kerberos Support Library 34, and a Kerberos Server (20), a method for enabling a requesting client-terminal to receive a synchronous response for Kerberos service without the necessity for accessing the Kerberos Server (20), said method comprising the steps of:
-
(a) synchronizing data in a remote configuration file (F2) residing in said Kerberos Support Library (34) in said client-server (13) with the most recently updated data in a local configuration file (F1) residing in said Kerberos Server (20) said step of synchronizing data including the sub-steps of;
(a1) initializing a Kerberos security mechanism resident on said Kerberos Server to process information shared in said local file (F1) of said Kerberos Server;
(a2) utilizing a Menu-Assisted Resource Control Program (MARC) in said client-server to initiate a Communications Management System Program (COMs) in said client-server to initialize the Kerberos Support Library process for the client-server;
(a3) utilizing a Generic Security Support mechanism with encryption means in said client-server to independently initiate said Kerberos Support Library process for said client-server;
(a4) utilizing a Control Capable Terminal (C1) for inserting changes to said local configuration file (F1) which also causes a programmatic updating change event in said Kerberos Support Library;
(b) utilizing an external Control Capable Terminal (C1) to initialize and update said local configuration file (F1) with secured Kerberos Administration commands, realm names, client ID'"'"'s, principal ID'"'"'s, and other parametric data;
(c) initiating a synchronous command request to said client-server (13), by said client-terminal (10) for configuration file information;
(d) receiving an immediate synchronous response, without latency, by said client-terminal (10) from said Kerberos Support Library (34) which holds a duplicate file (F2) of the updated information residing in said local configuration file (F1).
-
-
3. A secure synchronous message transmission and response system which permits a client-terminal means to receive an immediate synchronous response from a Kerberos Support Library residing in a client server means without the need to access a Kerberos Server means in the realm of said client-terminal means, said message transmission system including:
-
(a) a client-terminal means for requesting Kerberos service from a client-server means;
(b) said client server means holding a Kerberos Support Library having a synchronized updated configuration file (F2) which is continuously updated to match that data contained in a local configuration file (F1) in said Kerberos Server;
(c) programmatic means having process means for transmitting said client-terminal means'"'"' requests for Kerberos service to said client-server means and including;
(c1) first process means for updating and changing data in said configuration file (F1);
(c2) second process means for immediate sensing, by said Kerberos Support Library in said client-server means, of any change in said configuration file (F1) in said Kerberos Server means;
(c3) third process means for transmitting any said change to said configuration file (F2) in said Kerberos Support Library of said client-server means;
(c4) fourth process means for utilizing said updated configuration file (F2) in said Kerberos Support Library, of said client-server means, for transmittal as a response to said request of said client-terminal means;
(d) Kerberos Server means holding said configuration file (F1) and connected to an external Control Capable Terminal;
(e) said external Control Capable Terminal providing means for initiating and updating parametric information in said local configuration file (F1), said parametric information including domain names, client ID'"'"'s, principal ID'"'"'s, and relevant information regarding each terminal connected to a domain. - View Dependent Claims (4)
(a) a Menu-Assisted Resource Control Program (MARC) for routing said client-terminal synchronous request to a Communication Management System Program (COMS);
(b) said COMS program for requesting synchronous service from said Kerberos Support Library in said client-server means.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeUnisys Corporation
-
Original AssigneeUnisys Corporation
-
InventorsSchanze, Martin Lee
-
Primary Examiner(s)Swann, Tod R.
-
Assistant Examiner(s)JACK, TODD M
-
Application NumberUS09/026,746Time in Patent Office1,061 DaysField of Search380/49, 713/150US Class Current713/150CPC Class CodesH04L 63/0807 using tickets, e.g. Kerbero...
