Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
1998-03-03
2002-09-24
Iqbal, Nadeem (Department: 2184)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C714S038110
Reexamination Certificate
active
06457130
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The invention relates to file access control in a multi-protocol file server.
2. Related Art
In an integrated computer network, it is desirable for multiple client devices to share access to the same files. One known method is to provide a network file server for storing files, capable of receiving and responding to file server requests from those client devices. These file server requests are made using a file server protocol, which is recognized and adhered to by both the file server and the client device. Because the files are stored at the file server, multiple client devices have the opportunity to share access to the same files.
In a file system intended for use by more than one user, it is desirable to restrict access by programs to files in the file system. Restricting access includes at least the aspects of (1) user authentication—determining that requesting users are truly who they say they are, and (2) access control validation—determining that an authenticated user is allowed to access a particular file in a particular way. When the file system is maintained on a file server remote from the user making the request, there is an additional aspect of the access control protocol—what requests can be made by the user to access files or to set access control for files.
One problem in the known art is that there are multiple diverse models for access control validation, each typically associated with a particular file system, and there are multiple diverse access control protocols, each typically corresponding to a model for access control validation. Despite the differences between these models and protocols, the file server should respond to file server requests from each user, and should exhibit access control validation behavior, consistent with each user's model and without security violations or surprises for users.
For example, a first access control model in common use is associated with the Unix operating system (or a variant thereof). This first access control model associates permissions with each file for a file owner, an owner's group, and all other users. These permissions allow access (for the owner, group, or all other users) to read, write, or execute the indicated file. This first access control model is typically implemented by the NFS (“Network File System”) file server protocol, possibly augmented with an adjunct file-locking protocol, NLM (“Network Lock Manager”). A second access control model in common use is associated with the Windows NT operating system. This second access control model associates an ACL (access control list) with each file, each entry in the ACL specifying an individual user, a group of users, or all users. Each entry can allow access (for the specified users) to read, write, or execute the indicated file, or can specifically deny access. This second access control model is typically implemented by the CIFS (“Common Internet File System”) protocol. However, NT devices can also use the NFS protocol by means of the “PC NFS” implementation, and Unix devices can also manipulate POSIX ACLs. These two access control models in common use differ in significant ways, including (1) what permissions can be assigned to a file, (2) with what granularity of specificity permissions can be assigned, and (3) how users are identified so as to match them with permissions.
One method known in the art is to provide a multi-protocol file server that maps all security semantics to that of a single native operating system for the file server, and uses that single native operating system to validate file access control. The “Samba” system and similar emulation packages are believed to use this known method. This known method has the drawback that it can result in security errors or surprises for those client devices using security semantics other than the file server's native operating system.
Another method known in the art is to provide a multi-protocol file server that supports differing types of security semantics for differing files, but attempts to validate file access control for each user using the user's access control model. Some “Netware” products available from Novell Corporation are believed to use this known method. This known method has the drawback that the user's access control model can differ significantly from the access control model set for the file, resulting in security errors or surprises for those client devices using security semantics other than associated with the target file.
Accordingly, it would be desirable to provide a method and system for enforcing file security semantics among client devices using multiple diverse access control models and multiple diverse file server protocols. This advantage is achieved in an embodiment of the invention in which a multi-protocol file server identifies each file with one particular access control model out of a plurality of possible access control models, and enforces that particular access control model for all accesses to that file. When the file server receives a file server request for that file using a file server protocol with a different access control model, the file server translates the access control limits imposed by the file's access control model into no-less-restrictive access control limits in the different access control model. The file server restricts access to the file using the translated access control limits.
SUMMARY OF THE INVENTION
The invention provides a method and system for enforcing file access control among client devices using multiple diverse access control models and multiple diverse file server protocols. A multi-protocol file server identifies each file with one particular access control model out of a plurality of possible models, and enforces that one particular model for all accesses to that file. When the file server receives a file server request for that file using a different access control model, the file server translates the access control limits for that file into no-less-restrictive limits in the different model. The file server restricts access by the client device using the translated access control limits.
In a preferred embodiment, each file is assigned the access control model of the user who created the file or who last set access control limits for the file. When a user having a different access control model sets access control limits, the access control model for the file is changed to the new model. Files are organized in a tree hierarchy, in which each tree is limited to one or more access control models (which can limit the ability of users to set access control limits for files in that tree). Each tree can be limited to NT-model-only format, Unix-model-only format, or mixed NT-or-Unix-models format.
REFERENCES:
patent: 3813529 (1974-05-01), Bartlett
patent: 3893024 (1975-07-01), Reins et al.
patent: 4075691 (1978-02-01), Davis et al.
patent: 4075704 (1978-02-01), O'Leary
patent: 4156907 (1979-05-01), Rawlings
patent: 4333144 (1982-06-01), Whiteside
patent: 4351023 (1982-09-01), Richer
patent: 4377843 (1983-03-01), Garringer
patent: 4399503 (1983-08-01), Hawley
patent: 4456957 (1984-06-01), Schieltz
patent: 4459664 (1984-07-01), Pottier
patent: 4488231 (1984-12-01), Yu et al.
patent: 4494188 (1985-01-01), Nakane
patent: 4527232 (1985-07-01), Bechtolsheim
patent: 4550368 (1985-10-01), Bechtlosheim
patent: 4589067 (1986-05-01), Porter et al.
patent: 4620292 (1986-10-01), Hagiwara
patent: 4685125 (1987-08-01), Zave
patent: 4710868 (1987-12-01), Cocke et al.
patent: 4719569 (1988-01-01), Ludemann
patent: 4742447 (1988-05-01), Duvall et al.
patent: 4742450 (1988-05-01), Duvall et al.
patent: 4761737 (1988-08-01), Duvall et al.
patent: 4761785 (1988-08-01), Clark et al.
patent: 4766534 (1988-08-01), DeBenedicts
patent: 4780821 (1988-10-01), Crossley
patent: 4783730 (1988-11-01), Fischer
patent: 4803621 (1989-02-01), Kelly
patent: 4819159 (1989-04-01), Shipley et al.
patent: 4825354 (1989-04-01), Agrawal et al.
patent: 4827411 (1989-05-01),
Borr Andrea
Hawley Robert J.
Hitz David
Muhlestein Mark
Pearson Joan
Iqbal Nadeem
Network Appliance Inc.
Swernofsky Law Group PC
LandOfFree
File access control in a multi-protocol file server does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with File access control in a multi-protocol file server, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and File access control in a multi-protocol file server will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2908436