Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
1998-04-20
2001-04-24
Black, Thomas G. (Department: 2771)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C709S227000
Reexamination Certificate
active
06223289
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
This invention relates computer systems and, more specifically, to user authentication and the location management of user sessions.
2. Background Art
The paradigms by which computer systems have been configured have changed over time. In earlier times, a computer consisted of a so called “mainframe” computer that was accessed by a plurality of “dumb terminals”. The mainframe was a central station that provided computational power and data storage. A dumb terminal was a display device for data provided by the mainframe, and also provided a means to communicate some data to the mainframe. Other system paradigms followed, including the desktop computer, client/server architectures, and recently, the so-called network computer.
A desktop computer is a self contained computing system where all applications and data are resident on the desktop computer system itself. Such systems were implemented in personal computers and have spurred the use of computers in homes and offices. A disadvantage of desktop computers is the short lifetime of the hardware used in the system. Desktop computers are microprocessor driven, and as faster and more powerful microprocessors become available, upgrades of existing desktop systems, or purchase of new desktop systems, is required. In many offices, there are personal desktop computers distributed throughout, sometimes numbering in the thousands and tens of thousands. A disadvantage of such large systems is the lack of compatibility of applications and data on individual systems. Some users may have more recent versions of software applications that are not backwards compatible with older versions of the software. The solution to this problem is to maintain consistent software on all systems. However, the cost to upgrade each system and to provide licensed copies of software and software upgrades can be substantial.
Client server systems are systems where central stores of data and/or applications are accessed through a network by personal computer clients. This provides some administrative efficiency in maintaining the shared data. However, the clients still have local applications and data that can present the same kinds of problems faced in the desktop systems already described.
Recently, the rise of the internet has resulted in the proposed use of so-called “network computers”. A network computer is a stripped down version of a personal computer with less storage space, less memory, and often less computational power. The idea is that network computers will access data through the internet, and only those applications that are needed for a particular task will be provided to the network computer. When the applications are no longer being used, they are not stored on the network computer. There has been some criticism of such systems as lacking the power of a full desktop system, yet not being inexpensive enough to justify the reduced capability. And even though the network computer is a subset of a desktop computer, the network computer may still require upgrades of hardware and software to maintain adequate performance levels.
An example of a dynamic host configuration protocol is provided in RFC 2131. RFCs 1321 and 2104 contain examples of MD5, or message digesting. A point to point challenge host authentication protocol is contained in RFC 1994.
SUMMARY OF THE INVENTION
Authentication and session management can be used with a system architecture that partitions functionality between a human interface device (HID) and a computational service provider such as a server. An authentication manager executing on a server interacts with the HID to validate the user when the user connects to the system via the HID. A session manager executing on a server manages services running on computers providing computational services (e.g., programs) on behalf of the user. The session manager notifies each service in a session that the user is attached to the system using a given desktop machine. A service can direct display output to the HID while the user is attached to the system. When a user detaches from the system, each of the service's executing for the user is notified via the authentication manager and the session manager. Upon notification that the user is detached from the system, a service continues to execute while stopping its display to the desktop machine.
REFERENCES:
patent: 5027269 (1991-06-01), Grant et al.
patent: 5291585 (1994-03-01), Sato et al.
patent: 5335320 (1994-08-01), Iwata et al.
patent: 5345550 (1994-09-01), Bloomfield
patent: 5347627 (1994-09-01), Hoffmann et al.
patent: 5384911 (1995-01-01), Bloomfield
patent: 5412772 (1995-05-01), Monson
patent: 5414806 (1995-05-01), Richards
patent: 5423034 (1995-06-01), Cohen-Levy et al.
patent: 5430836 (1995-07-01), Wolf et al.
patent: 5436637 (1995-07-01), Gayraud et al.
patent: 5448695 (1995-09-01), Douglas et al.
patent: 5461399 (1995-10-01), Cragun
patent: 5461710 (1995-10-01), Bloomfiled et al.
patent: 5473745 (1995-12-01), Berry et al.
patent: 5491784 (1996-02-01), Douglas et al.
patent: 5493638 (1996-02-01), Hooper et al.
patent: 5509116 (1996-04-01), Hiraga et al.
patent: 5526517 (1996-06-01), Jones et al.
patent: 5544288 (1996-08-01), Morgan et al.
patent: 5546519 (1996-08-01), Berry
patent: 5548702 (1996-08-01), Li et al.
patent: 5550968 (1996-08-01), Miller et al.
patent: 5559942 (1996-09-01), Gough et al.
patent: 5564003 (1996-10-01), Bell et al.
patent: 5566330 (1996-10-01), Sheffield
patent: 5570462 (1996-10-01), McFarland
patent: 5572643 (1996-11-01), Judson
patent: 5590199 (1996-12-01), Krajewski, Jr. et al.
patent: 5694603 (1997-12-01), Reiffin
patent: 5694604 (1997-12-01), Reiffin
patent: 5754830 (1998-05-01), Butts et al.
patent: 5832228 (1998-11-01), Holden et al.
patent: 5935212 (1999-08-01), Kalajan et al.
patent: 5940591 (1999-08-01), Boyle et al.
patent: 5944794 (1999-08-01), Okamoto et al.
patent: 5964836 (1999-10-01), Rowe et al.
Ronald L. Johnston, “The Dynamic Incremental Compiler of APL/3000” Proceedings of the API '79 Conference, published as APL Quote Quad, 9(4), p 82-87.
Leo J. Guibas et al., “Compilation and Delayed Evaluation in APL,” Fifth Annual Synposium on Principles in Programming Languages, p. 1-8, 1978.
Gleen Krasner “The Smalltalk-80 Virtual Machine” BYTE Publications Inc., Aug. 1991, pp. 300-320.
Schneier, Bruce, “Why Cryptography is Harder Than It Looks,” Copyright 1996, Counterpane Systems.
“(PAM) Pluggable Authentication Module,” Dated: Mar. 26, 1997.
Miller, Steve, “Kerberos—Introduction to the Kerberos System,” Copyright 1985, 1986, Massachusetts Institute of Technology.
Dasgupta, Sanjay et al., “A Movable User Interface Based on a Simple X-Window Like Protocol,” Proceedings of the International Conference on EC3—Energy, Computer, Communication and Control Systems, Aug. 28-30, 1991, pp. 199-203, vol. 3.
Butcher Lawrence L.
Hanko James G.
Northcutt J. Duane
Ruberg Alan T.
Wall Gerard A.
Black Thomas G.
Sun Microsystems Inc.
The Hecker Law Group
Wang Mary
LandOfFree
Method and apparatus for session management and user... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for session management and user..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for session management and user... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2520347