Patent
1996-06-26
1998-03-10
Beausoliel, Jr., Robert W.
G06F 1500
Patent
active
057271453
ABSTRACT:
In a distributed object computing system, a client makes a call to a daemon process of a host computer in order to communicate with a target object in an object server process. This call uses a particular security mechanism to ensure a secure communication. The daemon process locates the object server and starts it if necessary. The object server provides the daemon process with a list or table of all the particular security mechanisms that it supports. Using a security class identifier provided by the client in the original call, the daemon process selects a particular security mechanism supported by the server, and then returns this new security mechanism along with the server's port to the client. The client constructs a new object reference to the target object and then calls the target object directly using the new security mechanism. The new security mechanism may be different from the original security mechanism used to communicate with the daemon process. A foreign client from a different distributed system may also attempt to locate or invoke upon a target object using a similar technique for secure communication. In this situation, because the object reference may be unintelligible to the foreign client, the daemon process constructs a new object reference before sending it back to the foreign client. The client and object server may be on the same or different computers. The object reference data structure includes: a host field; a server identifier; a port field; an object key; a security information field; and a security class identifier.
REFERENCES:
patent: 4713753 (1987-12-01), Boebert et al.
patent: 5291593 (1994-03-01), Abraham et al.
patent: 5317746 (1994-05-01), Watanabe
patent: 5457797 (1995-10-01), Butterworth et al.
patent: 5522079 (1996-05-01), Acker et al.
patent: 5535389 (1996-07-01), Elder et al.
patent: 5539909 (1996-07-01), Tanaka et al.
patent: 5542045 (1996-07-01), Levine
patent: 5546584 (1996-08-01), Lundin et al.
patent: 5608720 (1997-03-01), Biegel et al.
patent: 5613148 (1997-03-01), Bezviner et al.
patent: 5642511 (1997-06-01), Chow et al.
Chapin et al., "Security for the Common Object Request Broker Architecture (CORBA)" IEEE Tenth Annual Computer Security Appl. Conf., Dec. 1994, pp. 21-30.
Deng et al., "Integrating Security in Corba Based Object Architectures", IEEE Proceedings 1995 IEEE Symposium on Security and Privacy, May 1995, pp. 50-61.
Orali et al., "Essential Client/Server Survival Guide", Van Nostrand Reinhold, 1994, Chapter 21--Object Request Brokers, pp. 337-366.
Object Management Group, "The Common Object Request Broker: Architecture and Specification", Rev. 2.0, Jul. 1995.
Object Management Group, "Corba Security", Dec. 1995, OMG Doc. No. 95-12-1.
Callsen Christian J.
Cavanaugh, III Ken M.
Nessett Dan M.
Beausoliel, Jr. Robert W.
Elmore Stephen C.
Sun Microsystems Inc.
LandOfFree
Mechanism for locating objects in a secure fashion does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Mechanism for locating objects in a secure fashion, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Mechanism for locating objects in a secure fashion will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-147939