Authenticating a requestor without providing a key
First Claim
Patent Images
1. A tangible, non-transitory computer readable storage medium having computer readable instructions stored thereon that, when executed by a computer, implement a method for authenticating a requesting entity in a subnet communications environment, the method further comprising:
- determining a client identification of a client node associated with the requesting entity by receiving a source identifier from the requesting entity and associating the source identifier with one or more permanent identifiers of the client node, wherein the source identifier is a source logical identifier (SLID), and the one or more permanent identifiers are one or more globally unique identifiers (GUID) of the client node;
determining whether the requesting entity associated with the client node is acting in a supervisor capacity by defining a supervisor only privileged key for each client node in the communications environment, and by determining whether a connection request received from the requested entity includes the supervisor only privileged key corresponding to the client node of the requesting entity; and
returning, from a resource provider node, a key to the requesting entity upon determining that the client identification of the client node indicates that the client node is permitted to access one or more resources of the provider node, and that the client node is acting in a supervisor capacity;
wherein the associating the SLID with one or more globally unique identifiers (GUID) of the client node further comprises;
forwarding the SLID to a subnet administrator; and
receiving, from the subnet administrator, the one or more GUIDs corresponding to the SLID.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for authenticating a requesting entity in a communications environment. In an exemplary embodiment, the method includes determining a client identification of a client node associated with the requesting entity, and determining whether the requesting entity associated with the client node is acting in a supervisor capacity. A key to the requesting entity is returned from a resource provider node upon determining that the client identification of the client node indicates that the client node is permitted to access one or more resources of the provider node, and that the client node is acting in a supervisor capacity.
13 Citations
4 Claims
-
1. A tangible, non-transitory computer readable storage medium having computer readable instructions stored thereon that, when executed by a computer, implement a method for authenticating a requesting entity in a subnet communications environment, the method further comprising:
-
determining a client identification of a client node associated with the requesting entity by receiving a source identifier from the requesting entity and associating the source identifier with one or more permanent identifiers of the client node, wherein the source identifier is a source logical identifier (SLID), and the one or more permanent identifiers are one or more globally unique identifiers (GUID) of the client node; determining whether the requesting entity associated with the client node is acting in a supervisor capacity by defining a supervisor only privileged key for each client node in the communications environment, and by determining whether a connection request received from the requested entity includes the supervisor only privileged key corresponding to the client node of the requesting entity; and returning, from a resource provider node, a key to the requesting entity upon determining that the client identification of the client node indicates that the client node is permitted to access one or more resources of the provider node, and that the client node is acting in a supervisor capacity; wherein the associating the SLID with one or more globally unique identifiers (GUID) of the client node further comprises; forwarding the SLID to a subnet administrator; and receiving, from the subnet administrator, the one or more GUIDs corresponding to the SLID. - View Dependent Claims (2, 3, 4)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeDigital Reasoning Systems, Inc (Smarsh Incorporated)
-
Original AssigneeInternational Business Machines Corporation
-
InventorsFrazier, Giles R., Pfister, Gregory F., Brey, Thomas M., Rooney, William J.
-
Primary Examiner(s)Backer; Firmin
-
Assistant Examiner(s)EDWARDS, JAMES A
-
Application NumberUS12/168,201Publication NumberTime in Patent Office1,156 DaysField of Search709/225US Class Current709/203CPC Class CodesG06F 2221/2105 Dual mode as a secondary as...G06F 2221/2129 Authenticate client device ...H04L 61/00 Network arrangements, proto...H04L 63/06 for supporting key manageme...H04L 63/08 for authentication of entit...H04L 67/1097 for distributed storage of ...H04L 69/329 in the application layer [O...
