Cryptography – Key management – Having particular key generator
Patent
1995-12-11
1998-06-09
Beausoliel, Jr., Robert W.
Cryptography
Key management
Having particular key generator
39518701, 380 23, 3642225, 3642865, G06F 1100, H04K 100
Patent
active
057648875
ABSTRACT:
LAN server machines are configured to utilize their existing mechanisms to pass generic security subsystem (GSS) distributed computing environment (DCE) credentials. The server management block (SMB) protocol is extended to facilitate exchange of such credentials wherein the server utilizes the GSS API interface to obtain and validate such credentials. The GSS interface provides tokens which encapsulate all necessary information to perform mutual authentication between the client and server. A new protocol level is defined with respect to such SMB protocol extensions which includes a new protocol name exchanged in the negotiate protocol (NP) SMB. Pre-existing LAN servers will turn on a bit in the SMB.sub.-- Secmode field in the NP response indicating that the server supports exchange of secpkgX SMB. The server will then wait for an SMB secpkgX or SMB sesssetupX response. The former response will permit the user/client and server to exchange GSS tokens utilizing a conventional LAN server mechanism and to thereby and mutually authenticate.
REFERENCES:
patent: 5204961 (1993-04-01), Barlow
patent: 5235642 (1993-08-01), Wobber et al.
patent: 5239662 (1993-08-01), Danielson et al.
patent: 5245657 (1993-09-01), Sakurai
patent: 5329619 (1994-07-01), Page et al.
patent: 5369705 (1994-11-01), Bird et al.
patent: 5414833 (1995-05-01), Hershey et al.
patent: 5428351 (1995-06-01), Lee, Jr. et al.
patent: 5432932 (1995-07-01), Chen et al.
patent: 5434562 (1995-07-01), Reardon
patent: 5434918 (1995-07-01), Kung et al.
patent: 5442342 (1995-08-01), Kung
patent: 5463625 (1995-10-01), Yasrebi
patent: 5491752 (1996-02-01), Kaufman et al.
patent: 5495533 (1996-02-01), Linehan et al.
patent: 5497421 (1996-03-01), Kaufman et al.
patent: 5560008 (1996-09-01), Johnson et al.
"Integrating Security in CORBA Based Object Architectures", Proceedings of the Symposium on Security and Privacy, May, 1995, #1081-6011/95, IEEE, pp. 50-61.
"Personal Computer--Local Area Network Logon", IBM Technical Disclosure Bulletin, vol. 33, No. 10A, Mar. 1991, pp. 279-280.
"Dual-Processor Boot Procedure for LAN Services", IBM Technical Disclosure Bulletin, vol. 35, No. 3, Aug. 1992, pp. 306-316.
"Secure Generic Authentication for Distributed Computing Environment Applications", IBM Technical Disclosure Bulletin, vol. 38, No. 5, May 1995, pp. 521-522.
"Migration Utility for Distributed Computing Environment Application Enabler for OS/2", IBM Technical Disclosure Bulletin, vol. 38, No. 3, Mar. 1995, pp. 473-476.
Kells Timothy Roger
Peebles Thomas Frank
Beausoliel, Jr. Robert W.
Carwell Robert M.
International Business Machines - Corporation
Le Dieu-Minh
LandOfFree
System and method for supporting distributed computing mechanism does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with System and method for supporting distributed computing mechanism, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and System and method for supporting distributed computing mechanism will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2212115