Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Central trusted authority provides computer authentication
Patent
1998-06-29
2000-10-24
Peeso, Thomas R.
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Central trusted authority provides computer authentication
713176, 713150, 713169, 713175, 380255, 380277, H04R 2500
Patent
active
061382353
ABSTRACT:
The present invention provides a method and an apparatus for providing a first computer program module with the ability to access a service from a second computer program module. The method includes receiving the first computer program module--for example, at a third party computer system, and determining whether the first computer program module has been digitally signed by an authority having power to confer access for the service. If so, the method provides the first computer program module with access to the service. A variation on this embodiment includes verifying that the first computer program module includes a chain of certificates establishing a chain of authorization for the service. This verification process includes verifying that a first certificate in the chain is signed by an entity that is originally authorized to confer access for the service, and verifying that subsequent certificates in the chain are signed by entities that have been delegated authorization to confer access for the service. In a further variation on the above embodiment, the act of providing the first computer program module with access to the service, includes providing the first computer program module with a permit that allows the first computer program module to perform a restricted set of operations on the service.
REFERENCES:
patent: 5218637 (1993-06-01), Angebaud et al.
patent: 5642419 (1997-06-01), Rosen
patent: 5649099 (1997-07-01), Theimer et al.
patent: 5823726 (1998-11-01), Shwed et al.
patent: 5933503 (1999-08-01), Schell et al.
patent: 5991399 (1999-11-01), Graunke et al.
patent: 6002767 (1999-12-01), Kramer
patent: 6002768 (1999-12-01), Albanese et al.
patent: 6055236 (2000-04-01), Nessett et al.
U.S. Pat. Application, entitled "Permit for Controlling Access to Services in Protected Memory Systems," to Efrem Lipkin and Theodore C. Goldstein, Filed Jun. 18, 1998, Ser. No. Not Yet Assigned.
Wallach D S et al: "Extensible security architectures for Java" Proceedings of the ACM Symposium on Operating Systems Principles, 1997, pp. 1-26 14, XP002101681; p. 5, line 7--p. 7, line 11; p. 8, line 9--p. 10, line 13; p. 14, line 1--line 14.
Gong L et al: "Going beyond the sandbox: an overview of the new security architecture in the Java/sup TM/Development Kit 1.2". Stahl und Eisen, pp. 103-112 110, XP002100907. ISSN: 0340-4803 "the whole document".
Goldstein Theodore C.
Lipkin Efrem
Peeso Thomas R.
Sun Microsystems Inc.
LandOfFree
Controlling access to services between modular applications does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Controlling access to services between modular applications, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Controlling access to services between modular applications will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-1975953