Cryptography – Particular algorithmic function encoding – Nbs/des algorithm
Patent
1992-02-25
1993-06-15
Cain, David
Cryptography
Particular algorithmic function encoding
Nbs/des algorithm
380 25, H04L 900
Patent
active
052206033
ABSTRACT:
A mechanism is described for controlling access to a target application (TA) in a distributed computer system. A user sponsor (US) acting on behalf of an end user is issued with a privilege attribute certificate (PAC) containing initiator qualifier attributes (IQA) identifying permitted users of the PAC. The US obtains a key from a key distribution server (KDS), the key having initiator qualifier attributes of the US cryptographically associated with it.
The US uses this key to communicate with the TA, and presents its PAC for verification. If the IQA in the PAC do not match the IQA associated with the key, this indicates that the PAC is being presented by the wrong initiator, and so access is not permitted.
If a receiving entity subsequently wishes to act as an initiator and to use the PAC by proxy, it acquires a key from the KDS, the key having the receiving entity's attributes cryptographically associated with it. This provides a way of regulating proxy use of PACs.
REFERENCES:
patent: 4811393 (1989-03-01), Hazard
patent: 4853962 (1989-08-01), Brockman
patent: 5029208 (1991-07-01), Tanaka
patent: 5093860 (1992-03-01), Steinbrenner et al.
patent: 5136642 (1992-08-01), Kawamura et al.
Cain David
International Computers Limited
LandOfFree
Access control in a distributed computer system does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Access control in a distributed computer system, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Access control in a distributed computer system will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-1048813