System, apparatus and method for updating security configurations of a plurality of servers from a centralized directory server

US 7,373,654 B1
Filed: 07/20/2000
Issued: 05/13/2008
Est. Priority Date: 07/20/2000
Status: Expired due to Fees

First Claim

Patent Images

1. A method of updating security configurations of a plurality of servers, comprising:

changing security information in a centralized server;

receiving an update command; and

downloading the changed security information to the plurality of servers in response to receiving the update command, wherein the downloaded changed security information is used to update the security configurations of the plurality of servers, wherein the security configurations of the plurality of servers are updated by updating security parameter lists associated with at least one of files and resources associated with each of the plurality of servers, and wherein the security parameter lists identify authorized users or authorized groups of users of the at least one of files and resources associated with the security parameter lists.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system, apparatus and method for updating security configurations of a plurality of servers from a centralized directory server. The system includes a centralized directory server and a plurality of servers that provide resources and store files for use by users of the system. Each file/resource associated with the servers includes a security parameter list identifying authorized users of the file/resource. The security parameter lists are updated from the centralized directory server by first inputting changes to the system security configuration in the directory server and then downloading these changes to the plurality of servers. The changes are used by the plurality of servers to update the security parameter lists associated with the files/resources of the server.

27 Citations

View as Search Results

25 Claims

1. A method of updating security configurations of a plurality of servers, comprising:
- changing security information in a centralized server;
  
  receiving an update command; and
  
  downloading the changed security information to the plurality of servers in response to receiving the update command, wherein the downloaded changed security information is used to update the security configurations of the plurality of servers, wherein the security configurations of the plurality of servers are updated by updating security parameter lists associated with at least one of files and resources associated with each of the plurality of servers, and wherein the security parameter lists identify authorized users or authorized groups of users of the at least one of files and resources associated with the security parameter lists.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the plurality of servers are Windows NT servers and the centralized server is a directory server.
  - 3. The method of claim 1, wherein the centralized server is a directory server and wherein changing the security information includes using an editor to change a directory listing in the centralized server.
  - 4. The method of claim 1, wherein the update command is received from a network administrator.
  - 5. The method of claim 1, wherein the update command is received at scheduled periodic times.
  - 6. The method of claim 1, wherein the update command is received from one or more of the plurality of servers.
  - 7. The method of claim 1, wherein the centralized server is a light weight directory access protocol server.
  - 8. The method of claim 1, wherein downloading the changed security information includes filtering a directory listing stored on the centralized server to extract the changed security information.
  - 9. The method of claim 1, wherein the security configurations are updated by filtering the downloaded changed security information to extract only necessary update information for updating the security configurations and then updating the security configurations based on the extracted necessary update information.

10. A security configuration update server for updating security configurations of a plurality of servers, comprising:
- a controller;
  
  a network interface coupled to the controller, anda storage device coupled to the controller, wherein the controller, in response to receiving an update command, downloads security information stored in the storage device to the plurality of servers via the network interface, wherein the downloaded security information is used to update the security configurations of the plurality of servers, wherein the security configuration of the plurality of servers are updated by updating security parameter lists associated with at least one of files and resources associated with each of the plurality of servers, and wherein the security parameter lists identify authorized users or authorized groups of users of the at least one of files and resources associated with the security parameter lists.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The security configuration update server of claim 10, wherein the plurality of servers are Windows NT servers and the security configuration update server is a directory server.
  - 12. The security configuration update server of claim 10, wherein the update command includes changes to the security information.
  - 13. The security configuration update server of claim 10, wherein the update command is received from a network administrator.
  - 14. The security configuration update server of claim 10, wherein the update command is received at scheduled periodic times.
  - 15. The security configuration update server of claim 10, wherein the update command is received from one or more of the plurality of servers.
  - 16. The security configuration update server of claim 10, wherein the security configuration update server is a light weight directory access protocol server.
  - 17. The security configuration update server of claim 10, wherein downloading the changed security information includes filtering a directory listing stored in the storage device to extract the changed security information.
  - 18. The security configuration update server of claim 10, wherein the security configurations are updated by filtering the downloaded security information to extract only necessary update information for updating the security configurations and then updating the security configurations based on the extracted necessary update in formation.

19. A computer program product in a computer readable medium for updating security configurations of a plurality of servers, comprising:
- first instructions for changing security information in a centralized server;
  
  second instructions for receiving an update command; and
  
  third instructions for downloading the changed security information to the plurality of servers in response to receiving the update command, wherein the downloaded changed security information is used to update the security configurations of the plurality of servers, wherein the third instructions include instructions for updating security parameter lists associated with at least one of files and resources associated with each of the plurality of servers, and wherein the security parameter lists identify authorized users or authorized groups of users of the at least one of files and resources associated with the security parameter lists.
- View Dependent Claims (20, 21, 22, 23, 24, 25)
- - 20. The computer program product of claim 19, wherein the centralized server is a directory server and wherein the first instructions include instructions for using an editor to change a directory listing in the centralized server.
  - 21. The computer program product of claim 19, wherein the update command is received from a network administrator.
  - 22. The computer program product of claim 19, wherein the update command is received at scheduled periodic times.
  - 23. The computer program product of claim 19, wherein the update command is received from one or more of the plurality of servers.
  - 24. The computer program product of claim 19, wherein the centralized server is a light weight directory access protocol server.
  - 25. The computer program product of claim 19, wherein the third instructions include instructions for filtering a directory listing stored on the centralized server to extract the changed security information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Reid, William J.
Primary Examiner(s)
Louis-Jacques; Jacques H.
Assistant Examiner(s)
Ho; Thomas

Application Number

US09/620,350
Time in Patent Office

2,854 Days
Field of Search

713/201, 713/155, 713/168, 705/51, 707/9, 707/1, 707/10, 707201-205, 707/244, 709/219, 709/244, 717/168, 726/1, 726/2, 726/22, 726/26, 726/34
US Class Current

726/1
CPC Class Codes

H04L 63/20 for managing network securi...

System, apparatus and method for updating security configurations of a plurality of servers from a centralized directory server

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

27 Citations

25 Claims

Specification

Use Cases

Quick Links

Others

System, apparatus and method for updating security configurations of a plurality of servers from a centralized directory server

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

27 Citations

25 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others