Method and apparatus for detecting grid intrusions
First Claim
1. A method in a data processing system for authorizing a user to access grid resources, the method comprising:
- receiving a request from the user to access a resource on the data processing system, wherein the request includes a certificate;
responsive to receiving the request, performing an authentication process using the certificate;
responsive to successfully authenticating the user in the authentication process, requesting a first host name for the certificate from a trusted source; and
responsive to receiving the first host name, providing access to the resource if the first host name returned by the trusted source matches a second host name for the user from which the request originated.
3 Assignments
0 Petitions
Accused Products
Abstract
A method, apparatus, and computer instructions for authorizing a user to access grid resources. A request is received from the user to access a resource on the data processing system. This request includes a certificate. An authentication process is performed using the certificate when the request is received. In response to successfully authenticating the user in the authentication process, a first host name for the certificate is requested from a trusted source. A reply containing the first host name is received. Access to the resource is provided if the first host name returned by the trusted source matches a second host name for the user from which the request originated.
48 Citations
8 Claims
-
1. A method in a data processing system for authorizing a user to access grid resources, the method comprising:
-
receiving a request from the user to access a resource on the data processing system, wherein the request includes a certificate; responsive to receiving the request, performing an authentication process using the certificate; responsive to successfully authenticating the user in the authentication process, requesting a first host name for the certificate from a trusted source; and responsive to receiving the first host name, providing access to the resource if the first host name returned by the trusted source matches a second host name for the user from which the request originated. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
Specification
-
- Resources
-
Current AssigneeTrend Micro Inc.
-
Original AssigneeInternational Business Machines Corporation
-
InventorsShieh, Johnny Meng-Han, Keohane, Susann Marie, McBrearty, Gerald Francis, Mullen, Shawn Patrick, Murillo, Jessica Kelley
-
Primary Examiner(s)JUNG, DAVID YIUK
-
Application NumberUS10/829,856Publication NumberTime in Patent Office1,496 DaysField of Search713/185, 713/150, 713/153US Class Current713/185CPC Class CodesH04L 2209/76 Proxy, i.e. using intermedi...H04L 63/0823 using certificates cryptogr...H04L 9/3268 using certificate validatio...
