Information security – Access control or authentication
Reexamination Certificate
2007-02-27
2007-02-27
Barron, Jr., Gilberto (Department: 2134)
Information security
Access control or authentication
C726S001000, C726S008000, C713S170000
Reexamination Certificate
active
10029426
ABSTRACT:
An enterprise network architecture has a trust link established between two autonomous network systems that enables transitive resource access between network domains of the two network systems. The trust link is defined by data structures maintained by each of the respective network systems. The first network system maintains namespaces that correspond to the second network system and a domain controller in the first network system, or a first network system administrator, indicates whether to trust individual namespaces. An account managed by a domain in the second network system can request authentication via a domain controller in the first network system. The first network system determines from the trust link to communicate the authentication request to the second network system. The first network system also determines from the trust link where to communicate authorization requests when administrators manage group memberships and access control lists.
REFERENCES:
patent: 5588147 (1996-12-01), Neeman et al.
patent: 5649194 (1997-07-01), Miller et al.
patent: 5675787 (1997-10-01), Miller et al.
patent: 5774552 (1998-06-01), Grimmer
patent: 5787442 (1998-07-01), Harcherl et al.
patent: 5832225 (1998-11-01), Harchel et al.
patent: 5832275 (1998-11-01), Olds
patent: 5832506 (1998-11-01), Kuzma
patent: 5968121 (1999-10-01), Logan et al.
patent: 6052724 (2000-04-01), Willie et al.
patent: 6247017 (2001-06-01), Martin
patent: 6301589 (2001-10-01), Hirashima et al.
patent: 6377950 (2002-04-01), Peters et al.
patent: 6647393 (2003-11-01), Dietterich et al.
patent: 6901433 (2005-05-01), San Andres et al.
Deuby (Sean Deuby, Windows 2000 Server: planning and migration, 1999, ISBN: 157870023-x), p. 55-57, 59, 66-68, 225-226.
Olsen (Gary L. Olsen, Windows 2000 Active Directory design and deployment, 2000, ISBN: 1578702429), p. 94, 100-102, 104.
Schultz (E. Eugene Shultz, “Windows NT/2000 Network Security”, 2000, ISBN: 1578702534), p. 184.
Hadfield et al. (Lee Hadfield, Dave Hater, Dave Bixler, “Windows NT Server 4 Security Handbook”, 1997, ISBN: 078971213), p. 68, 124-126, 166-167.
Sunil Sarin, Richard Floyd, and Nilkanth Phadnis. “A flexible algorithm for replicated directory management,” In Proceedings of the Ninth International Conference on Distributed Computing Systems, pp. 456-464, IEEE, Jun. 1989.
Joshua J. Bloch, Dean S. Daniels, and Alfred Z. Spector. “A weighted voting algorithm for replicated directories,” Journal of the ACM, 34(4):859-909, ACM, Oct. 1987.
Mullender S., van Rossurn, G., Tanenbaum, A., van Renesse, R. and van Staveren, H., “Amoeba: A Distributed Operating System for the 1900s”, IEEE Computer 23, 5 (May 1990), 44-53.
T. Mann, A. Hisgen, and G. Swart, “An Algorithm for Data Replication,” Report 46, DEC System Research Center, Palo Alto, Calif., 1989.
Ganesha Beedubail, Udo Pooch. “An Architecture for Object Replication in Distributed Systems,” Proceedings of the International Conference on Parallel and Distributed Processing Techniques and Applications, PDPTA'97, Department of Computer Science, Texas A&M University, Technical Report (TR 96-006), Mar. 1996.
Haengrae Cho, “Catalog Management in Heterogeneous Distributed Database Systems,” Communications, Computers and Signal Processing, 1997. '10 Years PACRIM 1987-1997—Networking the Pacific Rim'. IEEE, Aug. 1997.
Charles Severance, “Could LDAP Be the Next Killer DAP?,”Computer, vol. 30, No. 8, pp. 88-89, Aug. 1997.
Peter J. Keleher, “Decentralized Replication Mechanisms in Deno,” University of Maryland Computer Science Department,Technical Reports from UMIACSandTechnical Reports of the Computer Science Department, CS-TR-3940 UMIACS, UMIACS-TR-98-54, Oct. 1998. (http://hdl.handle.net/1903/970).
J. Ordille, B. Miller. “Distributed Active Catalogs and Meta-Data Caching in Descriptive Name Services,” Thirteenth International IEEE Conference on Distributed Computing Systems, pp. 120-129. May 1993.
H. V. Jagadish, M. A. Jones, D. Srivastava, and D. Vista. Flexible list management in a directory. In Proceedings of the Seventh International Conference on Information and Knowledge Management (CIKM), p. 10-19, ACM, Washington, DC, Nov. 1998.
Roger Y. M. Cheung, “From Grapevine to Trader: The Evolution of Distributed Directory Technology,” Proceedings of the 1992 conference of the Centre for Advanced Studies on Collaborative research—vol. 2, pp. 375-389, 1992, Ontario, Canada 1992.
B. Acevedo, L. Bahler, E. N. Elnozahy, V.Ratan,and M. E. Segal. Highly available directory services in DCE. In Proceedings of the Symposium on Principles of Distributed Computing (PODC'95), pp. 387-391, Aug. 1995.
“NetOp® Policy Server, Version 3.0, Quick Guide,” Document revision: 2004313, 1981-2005 Danware Data A/S, CrossTec Corp. (http://www.crossteccorp.com/support/resources
ps13quick—install.pdf).
Keith K.S. Lee, Y.H. Chin, “A New Replication Strategy for Unforeseeable Disconnection under Agent-Based Mobile Computing System,” 1998 International Conference on Parallel and Distributed Systems (ICPADS'98) p. 164, IEEE, 1998.
Henning Maass, “Open Mobility Management Platform With Directory-Based Architecture And Signalling Protocols,” Open Architectures and Network Programming, pp. 72-87, IEEE 1998.
Yair Amir, “Replication Using Group Communication Over a Partitioned Network,” Ph. D. Dissertation, Institute of Computer Science, The Hebrew University of Jerusalem, Israel, 1995.
Howes, Timothy A., “The Lightweight Directory Access Protocol: X. 500 Lite,” Technical Report CITI TR 95-8, University of Michigan, Jul. 1995.
Bruce Walker, Gerald Popek, Robert English, Charles Kline, and Greg Thiel. The LOCUS distributed operating system. In Proceedings of the 9th Symposium on Operating Systems Principles, Operating Systems Review, pp. 49-69, ACM, Oct. 1983.
M.F. Kaashoek, A.S. Tanenbaum, and K. Verstoep, “Using Group Communication to Implement a Fault-Tolerant Directory Service,” Proceedings of the 13th International Conference on Distributed Computing Systems, pp. 130139, IEEE, May 1993.
Joao Ferreira, Jose Luis Borbinha, Jose Delgado, “Using LDAP in a Filtering Service for a Digital Library,” 5th DELOS Workshop, Budapest, Nov. 1997.
J M Bennett, M A Bauer, “An Analysis of Replication Strategies for X.500-like Distributed Directories,” Workshop on the Management of Replicated Data, IEEE Computer Society Press, Nov. 1990, pp. 137-142.
“Microsoft Active Directory Service Interfaces: ADSI Open Interfaces for Managing and Using Directory Services”, Microsoft Corporation, 1999.
“Active Directory Service Interfaces—The Easy Way to Access and Manage LDAP-Based Directories (Windows NT 4.0),” Microsoft Corp., Feb. 1997. (http://www.microsoft.com/technet/archive/winntas/maintain/adsildap.mspx).
John Carter, Anand Ranganathan, Sai Susarla, “Khazana An Infrastructure for Building Distributed Services,” Proceedings of the ICDCS'98, IEEE, May 1998.
N. Lesert, “The distributed computing environment naming architectue”, Distrib. Syst. Engng vol. 1 pp. 19-28 (1993), first published in the proceedings of “OpenForum '92” in Utrecht, the Netherlands.
R. Khare et al., “Trust Management on the World Wide Web”, Computer Networks and ISDN Systems vol. 30 pp. 651-653 (1998).
J. Pato, “Hierarchical Trust Relationships for Inter-Cell Authentication”, http://www.opengroup.org/tech/rfc/mirror-rfc/rfc7.0.txt (Jul. 1992).
Microsoft Corporatioin: “Comparing Microsoft Active Directory to Novell's NDS”, Sep. 1998, pp. 1-14, Internet citation retrieved Nov. 22, 2005, URL:http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnactdir/html/msdn—activedirvsnds.asp>p. 2, line 20—p. 2, line 38 Table I p. 4, line 2—p. 6, line 4 p.
Garg Praerit
Leach Paul J.
Satagopan Murli D.
Schmidt Donald E.
Van Dyke Clifford P.
Barron Jr. Gilberto
Merchant & Gould P,C,
Microsoft Corporation
Poltorak Piotr
LandOfFree
Authentication and authorization across autonomous network... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Authentication and authorization across autonomous network..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Authentication and authorization across autonomous network... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3868728