Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
1998-06-22
2001-01-30
Iqbal, Nadeem (Department: 2785)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C380S029000
Reexamination Certificate
active
06182227
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Technical Field
The present invention relates generally to client-server computing over the Internet and more particularly to a lightweight authentication service and method to validate a given interaction with a target server.
2. Description of the Related Art
The World Wide Web is the Internet's multimedia information retrieval system. In the Web environment, client machines effect transactions to Web servers using the Hypertext Transfer Protocol (HTTP), which is a known application protocol providing users access to files (e.g., text, graphics, images, sound, video, etc.) using a standard page description language known as Hypertext Markup Language (HTML). HTML provides basic document formatting and allows the developer to specify “links” to other servers and files. In the Internet paradigm, a network path to a server is identified by a so-called Uniform Resource Locator (URL) having a special syntax for defining a network connection. Use of an HTML-compatible browser (e.g., Netscape Navigator or Microsoft Internet Explorer) at a client machine involves specification of a link via the URL.
A given collection of files located at a Web server is sometimes referred to as a Web site. Site operators often desire to monitor the quality-of-service they provide to users, for example, to address and rectify service problems. Moreover, it is also known in the art to implement Web site diagnostic services whereby a given target server is “scanned” or analyzed to evaluate some given metric. Thus, for example, it may be desired to scan a given server for security vulnerability. A security scan thus might evaluate the server's configuration and identify the various software programs (and their version numbers) supported on the platform. If the security of the server is vulnerable based on some given exposure level criteria, an appropriate report may be generated so that corrective action (e.g., upgrade to a newer software version for a given program) may be taken.
While security scans may have a valid purpose, they may also be used maliciously. A scan may be used to collect information (e.g., software versions) about the server that might later be helpful in allowing an interloper to bypass system safeguards. Thus, a scan may be used to find a deficiency in the server's security that may be later exploited in a full scale attack directed at the weakness. More likely, a given security scan may be designed to simply make the server so busy that it cannot otherwise service normal requests. Such “denial of service” attacks succeed by diminishing the server's ability to perform its required processing.
A site operator may also desire to scan its server for reasons of evaluating performance, capacity or other operations. Such a scan may identify any number or type of metric, such as broken links, HTML syntax errors, aggregate file size, number of files, response times, browser incompatibility, and the like.
Regardless of the scan's purpose, providers (whether the site operator or some third party) have a significant interest in minimizing its legal exposure for any damage or loss resulting from the scan. Thus, for example, a site operator would never knowingly allow a large scale security scan to take place during the time of day when the site is expected to receive its heaviest traffic. Were such a denial of service attack to occur, the operator might face legal liability due to attendant loss.
It would be highly desirable to provide new methods and systems that would promote the widespread use of security and performance scans while at the same time reduce the likelihood that one performing such a scan would be held legally responsible for some act or omission during its occurrence.
The present invention addresses this need.
BRIEF SUMMARY OF THE INVENTION
A primary object of this invention is to control the manner by which a given server scan may be authorized and carried out.
A particular object is to place the ability to grant access to a target server, as well as the time of any such access, in the direct control of a person who is trusted, a priori, to grant or deny such access. One such trusted person is a technical contact or administrative contact identified by the site operator itself.
Another object of the present invention is to provide such operation within the context of existing Internet infrastructure so as to provide a “lightweight” authentication server scan method and system.
Another important object of this invention is to reduce legal exposure for entities that perform scanning activities with respect to servers they do not own or control.
Yet another related object is to afford a simple method for validating the legitimacy of a security scan or other access request with respect to a target machine operating in an open computer network.
Yet another object of this invention is to provide an entity with a potential legal defense or similar protection should problems arise as a result of a security scan when the requested scan may originate from anywhere in the network and/or is not validated at the point of request.
A still further object is to provide a robust and efficient validation mechanism that protects an organization should a dispute arise with respect to whether a particular scan request was made or validly authorized.
These and other objects are provided in a lightweight authentication scheme for use, for example, to implement an Internet Web site diagnostic service. The service uses existing Internet infrastructure in a novel manner to provide a low cost, yet highly effective method for validating a server security scan or other access request. In one embodiment, the invention is a method for validating a request to scan a target server in a computer network having a trusted shared resource. The computer network may be the public Internet, in which case the trusted shared resource could be the InterNIC WHOIS database. The WHOIS database includes information identifying technical and administrative contact personnel responsible for a given second level domain server. The method is operative at a host and begins when a request to scan the target server is received at the host. In response, a first query is initiated from the host to the trusted shared resource, which may be mirrored for performance reasons, to identify a technical, administrative or other contact person that may authorize the scan request. Once the contact person is identified, a second query is initiated from the host to the contact's e-mail address. This query includes the details of the request, the URL of the host, and a key that is entered (by the contact person) to provide a formal response to the access request. The key is typically a randomly-generated password or other identifier that enables the contact person to access a Web page located on the host (identified by the URL passed in the second query). The response Web page includes an appropriate interface to enable the contact person to grant/deny access and, if necessary or desired, provide other control information such as a schedule for permitted access or a list of others who may authorize the scan.
Therefore, because the access request is first directed to a trusted source, for example, the target server technical/administrative contact, the present invention avoids after-the-fact questions that may otherwise arise regarding whether the scan was ever authorized in the first instance. Moreover, by taking advantage of existing Internet infrastructure (e.g., the WHOIS or some other “trusted” database) and methods (e-mail) and HTTP, the present invention is simple to implement and provides a robust server scan validation mechanism.
Preferably, a transaction record is generated for each access request and its associated response. The transaction record is uniquely identified by or associated with the key transmitted with the administrative contact query from the host to the target server. Each of the host and target server machines (which may be the same machine or different ma
Blair Steven Cameron
Hassinger Sebastian
Hurley, II William W.
Smith William Meyer
Turek John J. E.
International Business Machines - Corporation
Iqbal Nadeem
Judson David H.
LaBaw Jeffrey S.
LandOfFree
Lightweight authentication system and method for validating... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Lightweight authentication system and method for validating..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Lightweight authentication system and method for validating... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2511308