AU2001263929A1 - Method and system for session based authorization and access control for networked application objects - Google Patents

Method and system for session based authorization and access control for networked application objects

Info

Publication number
AU2001263929A1
AU2001263929A1 AU2001263929A AU6392901A AU2001263929A1 AU 2001263929 A1 AU2001263929 A1 AU 2001263929A1 AU 2001263929 A AU2001263929 A AU 2001263929A AU 6392901 A AU6392901 A AU 6392901A AU 2001263929 A1 AU2001263929 A1 AU 2001263929A1
Authority
AU
Australia
Prior art keywords
target
access
session
host
request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
AU2001263929A
Inventor
Tim Eckardt
Sebastian Staamann
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
XTRADYNE TECHNOLOGIES AG
Original Assignee
XTRADYNE TECHNOLOGIES AG
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by XTRADYNE TECHNOLOGIES AG filed Critical XTRADYNE TECHNOLOGIES AG
Publication of AU2001263929A1 publication Critical patent/AU2001263929A1/en
Abandoned legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0281Proxies
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/465Distributed object oriented systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/468Specific access rights for resources, e.g. using capability register
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/168Implementing security features at a particular protocol layer above the transport layer

Abstract

The present invention relates to an ingress-session-based authorization and access control method and system to control access from an initiator-host (IH) to objects (Target 1 , Target 2 ) on a target host (TH) by receiving an access-request, preferably a request-message (M 1 ), originally coming from the initiator-host (IH), that references an object (Target 1 , Target 2 ) on the target host (TH) to access, assigning the access-request (M 1 ) to an ingress-session and selecting a session-context (SC-U, SC-W, SC-Y) belonging to that ingress-session, checking whether the access to the referenced object (Target 1 , Target 2 ) is authorized in the selected session-context (SC-U, SC-W, SC-Y)or not wherein references to objects (Target 1 , Target 2 ) on the target host (TH) were handed over to the initiator-host (IH) as a response to an access-request already granted and wherein the object the reference is handed over for is authorized for access under the handed over reference in that session-context (SC-U, SC-W, SC-Y)the already granted access-request is assigned to.
AU2001263929A 2000-08-04 2001-05-12 Method and system for session based authorization and access control for networked application objects Abandoned AU2001263929A1 (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
EP00116864 2000-08-04
EP00116864.0 2000-08-04
PCT/EP2001/005433 WO2002013437A2 (en) 2000-08-04 2001-05-12 Method and system for session based authorization and access control for networked application objects

Publications (1)

Publication Number Publication Date
AU2001263929A1 true AU2001263929A1 (en) 2002-02-18

Family

ID=8169451

Family Applications (1)

Application Number Title Priority Date Filing Date
AU2001263929A Abandoned AU2001263929A1 (en) 2000-08-04 2001-05-12 Method and system for session based authorization and access control for networked application objects

Country Status (6)

Country Link
US (1) US7441265B2 (en)
EP (1) EP1307988B1 (en)
AT (1) ATE265112T1 (en)
AU (1) AU2001263929A1 (en)
DE (1) DE60102934T2 (en)
WO (1) WO2002013437A2 (en)

Families Citing this family (87)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110267263A1 (en) 2000-07-17 2011-11-03 Microsoft Corporation Changing input tolerances based on device movement
US20020133598A1 (en) * 2001-03-16 2002-09-19 Strahm Frederick William Network communication
US20020169707A1 (en) * 2001-04-05 2002-11-14 Koek Wei Song Financial language internet real-time trading
JP3961796B2 (en) * 2001-08-27 2007-08-22 ソニー株式会社 Information providing system, information processing apparatus and method, information providing apparatus and method, recording medium, and program
US7016965B2 (en) * 2001-11-13 2006-03-21 International Business Machines Corporation System and method for asynchronously reading data across secure sockets layer sessions
US8185943B1 (en) * 2001-12-20 2012-05-22 Mcafee, Inc. Network adapter firewall system and method
US7899915B2 (en) * 2002-05-10 2011-03-01 Richard Reisman Method and apparatus for browsing using multiple coordinated device sets
US7685287B2 (en) * 2002-05-30 2010-03-23 Microsoft Corporation Method and system for layering an infinite request/reply data stream on finite, unidirectional, time-limited transports
US20040133441A1 (en) * 2002-09-04 2004-07-08 Jeffrey Brady Method and program for transferring information from an application
US7552470B2 (en) * 2002-11-21 2009-06-23 Honeywell International Inc. Generic security infrastructure for COM based systems
US7426329B2 (en) 2003-03-06 2008-09-16 Microsoft Corporation Systems and methods for receiving, storing, and rendering digital video, music, and pictures on a personal media player
FR2855691B1 (en) * 2003-06-02 2005-11-11 Canon Kk SECURING THE DISTRIBUTION OF DIGITAL DOCUMENTS IN A PAIRING NETWORK
US7882251B2 (en) * 2003-08-13 2011-02-01 Microsoft Corporation Routing hints
US8266294B2 (en) * 2003-08-13 2012-09-11 Microsoft Corporation Routing hints
US8539063B1 (en) 2003-08-29 2013-09-17 Mcafee, Inc. Method and system for containment of networked application client software by explicit human input
US20070008884A1 (en) * 2003-10-08 2007-01-11 Bob Tang Immediate ready implementation of virtually congestion free guarantedd service capable network
US8453196B2 (en) * 2003-10-14 2013-05-28 Salesforce.Com, Inc. Policy management in an interoperability network
US8150984B2 (en) * 2003-10-23 2012-04-03 International Business Machines Corporation Enhanced data security through file access control of processes in a data processing system
US7532196B2 (en) * 2003-10-30 2009-05-12 Microsoft Corporation Distributed sensing techniques for mobile devices
US7921299B1 (en) * 2003-12-05 2011-04-05 Microsoft Corporation Partner sandboxing in a shared multi-tenant billing system
US7840968B1 (en) 2003-12-17 2010-11-23 Mcafee, Inc. Method and system for containment of usage of language interfaces
US7783735B1 (en) 2004-03-22 2010-08-24 Mcafee, Inc. Containment of network communication
WO2005091159A1 (en) * 2004-03-24 2005-09-29 Exers Technologies. Inc. Authentication system being capable of controlling authority based of user and authenticator.
US7757287B2 (en) * 2004-04-19 2010-07-13 Computer Associates Think, Inc. Systems and methods for computer security
US7873955B1 (en) 2004-09-07 2011-01-18 Mcafee, Inc. Solidifying the executable software set of a computer
DE102004047692A1 (en) * 2004-09-30 2006-04-13 Siemens Ag A communication system and method for providing a mobile communication service
US20060156418A1 (en) * 2005-01-10 2006-07-13 Ibm Corporation Method and apparatus for preventing unauthorized access to data
US20070094273A1 (en) * 2005-04-18 2007-04-26 Brindusa Fritsch System topology for secure end-to-end communications between wireless device and application data source
US20060242305A1 (en) * 2005-04-25 2006-10-26 Telefonaktiebolaget L M Ericsson (Publ) VPN Proxy Management Object
US7603552B1 (en) * 2005-05-04 2009-10-13 Mcafee, Inc. Piracy prevention using unique module translation
US7856661B1 (en) 2005-07-14 2010-12-21 Mcafee, Inc. Classification of software on networked systems
US7636794B2 (en) * 2005-10-31 2009-12-22 Microsoft Corporation Distributed sensing techniques for mobile devices
US7849469B1 (en) * 2006-01-04 2010-12-07 Emc Corporation Methods and apparatus providing a categorical approach to aspect-oriented programming
US7757269B1 (en) * 2006-02-02 2010-07-13 Mcafee, Inc. Enforcing alignment of approved changes and deployed changes in the software change life-cycle
US7817991B2 (en) * 2006-02-14 2010-10-19 Microsoft Corporation Dynamic interconnection of mobile devices
US7895573B1 (en) 2006-03-27 2011-02-22 Mcafee, Inc. Execution environment file inventory
US7870387B1 (en) 2006-04-07 2011-01-11 Mcafee, Inc. Program-based authorization
US8352930B1 (en) 2006-04-24 2013-01-08 Mcafee, Inc. Software modification by group to minimize breakage
US8555404B1 (en) 2006-05-18 2013-10-08 Mcafee, Inc. Connectivity-based authorization
US9424154B2 (en) 2007-01-10 2016-08-23 Mcafee, Inc. Method of and system for computer system state checks
US8332929B1 (en) 2007-01-10 2012-12-11 Mcafee, Inc. Method and apparatus for process enforced configuration management
US20080178278A1 (en) * 2007-01-22 2008-07-24 Doron Grinstein Providing A Generic Gateway For Accessing Protected Resources
US8195931B1 (en) 2007-10-31 2012-06-05 Mcafee, Inc. Application change control
US8515075B1 (en) 2008-01-31 2013-08-20 Mcafee, Inc. Method of and system for malicious software detection using critical address space protection
US8615502B2 (en) 2008-04-18 2013-12-24 Mcafee, Inc. Method of and system for reverse mapping vnode pointers
US20090328153A1 (en) * 2008-06-25 2009-12-31 International Business Machines Corporation Using exclusion based security rules for establishing uri security
US8544003B1 (en) 2008-12-11 2013-09-24 Mcafee, Inc. System and method for managing virtual machine configurations
JP5482781B2 (en) * 2009-02-17 2014-05-07 日本電気株式会社 Information processing system and method of operating information processing system
JP4599447B2 (en) * 2009-03-18 2010-12-15 株式会社東芝 Telephone system, server and terminal device
US8381284B2 (en) 2009-08-21 2013-02-19 Mcafee, Inc. System and method for enforcing security policies in a virtual environment
US8341627B2 (en) 2009-08-21 2012-12-25 Mcafee, Inc. Method and system for providing user space address protection from writable memory area in a virtual environment
US8977652B2 (en) * 2009-09-17 2015-03-10 Oracle International Corporation Client-side API framework for uniform resource identifier (URI) manipulations
US9552497B2 (en) 2009-11-10 2017-01-24 Mcafee, Inc. System and method for preventing data loss using virtual machine wrapped applications
US8213315B2 (en) * 2009-11-19 2012-07-03 Mellanox Technologies Ltd. Dynamically-connected transport service
US20110125902A1 (en) * 2009-11-24 2011-05-26 Nokia Corporation Apparatus And A Method For Resource Management
US20110167477A1 (en) * 2010-01-07 2011-07-07 Nicola Piccirillo Method and apparatus for providing controlled access to a computer system/facility resource for remote equipment monitoring and diagnostics
US8353019B2 (en) * 2010-03-26 2013-01-08 Canon Kabushiki Kaisha Security token destined for multiple or group of service providers
US8549585B2 (en) * 2010-06-14 2013-10-01 International Business Machines Corporation Method and apparatus to implement secured, layered logout from a computer system
US8938800B2 (en) 2010-07-28 2015-01-20 Mcafee, Inc. System and method for network level protection against malicious software
US8925101B2 (en) 2010-07-28 2014-12-30 Mcafee, Inc. System and method for local protection against malicious software
US8549003B1 (en) 2010-09-12 2013-10-01 Mcafee, Inc. System and method for clustering host inventories
US8656453B2 (en) * 2010-11-10 2014-02-18 Software Ag Security systems and/or methods for cloud computing environments
US9075993B2 (en) 2011-01-24 2015-07-07 Mcafee, Inc. System and method for selectively grouping and managing program files
US9112830B2 (en) 2011-02-23 2015-08-18 Mcafee, Inc. System and method for interlocking a host and a gateway
US20130124852A1 (en) * 2011-11-11 2013-05-16 Michael T. Kain File-based application programming interface providing ssh-secured communication
US9594881B2 (en) 2011-09-09 2017-03-14 Mcafee, Inc. System and method for passive threat detection using virtual memory inspection
US8694738B2 (en) 2011-10-11 2014-04-08 Mcafee, Inc. System and method for critical address space protection in a hypervisor environment
US8973144B2 (en) 2011-10-13 2015-03-03 Mcafee, Inc. System and method for kernel rootkit protection in a hypervisor environment
US9069586B2 (en) 2011-10-13 2015-06-30 Mcafee, Inc. System and method for kernel rootkit protection in a hypervisor environment
US8800024B2 (en) 2011-10-17 2014-08-05 Mcafee, Inc. System and method for host-initiated firewall discovery in a network environment
US8713668B2 (en) 2011-10-17 2014-04-29 Mcafee, Inc. System and method for redirected firewall discovery in a network environment
US8886767B1 (en) * 2012-03-16 2014-11-11 Arris Enterprises, Inc. Sharing resources in a local serving office
US8739272B1 (en) 2012-04-02 2014-05-27 Mcafee, Inc. System and method for interlocking a host and a gateway
US8761189B2 (en) 2012-06-28 2014-06-24 Mellanox Technologies Ltd. Responding to dynamically-connected transport requests
US8973146B2 (en) 2012-12-27 2015-03-03 Mcafee, Inc. Herd based scan avoidance system in a network environment
US9294539B2 (en) 2013-03-14 2016-03-22 Microsoft Technology Licensing, Llc Cooperative federation of digital devices via proxemics and device micro-mobility
CN105580023B (en) 2013-10-24 2019-08-16 迈克菲股份有限公司 The malicious application of agency's auxiliary in network environment prevents
AU2014101252B4 (en) * 2014-10-15 2015-04-23 Parametric Systems Pty Ltd Net2Core - An Innovative Computer Systems Design to Protect Computer Systems where System Access through the Internet is Desired or Required.
US9609069B2 (en) * 2014-12-15 2017-03-28 Lenovo Enterprise Solutions (Singapore) Pte. Ltd. Administering a remote session between a target computing device and a remote computing device
CN105205231B (en) * 2015-09-06 2018-11-09 中国电力科学研究院 A kind of power distribution network Digital Simulation System based on DCOM
US9923985B2 (en) * 2015-09-17 2018-03-20 International Business Machines Corporation Facilitating an efficient exchange of streaming data constructs between origin and target systems while making remote procedure calls
US10148581B2 (en) 2016-05-30 2018-12-04 Mellanox Technologies, Ltd. End-to-end enhanced reliable datagram transport
US10523677B2 (en) * 2017-04-28 2019-12-31 Versata Development Group, Inc. Managing metadata for external content within a computing environment
US10902152B2 (en) 2017-06-30 2021-01-26 Oracle International Corporation Restricting plug-in application recipes
US11023300B2 (en) 2017-06-30 2021-06-01 Oracle International Corporation Governing access to third-party application programming interfaces
US10949560B1 (en) 2017-10-10 2021-03-16 Berryville Holdings, LLC Systems and methods for providing access control to web services using mirrored, secluded web instances
US11178111B2 (en) 2018-11-28 2021-11-16 International Business Machines Corporation Licensing authority controlled modification of http headers in a proxy-based system

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE69126223T2 (en) * 1990-02-14 1997-09-18 Fujitsu Ltd System for creating a transmission path in a tightly coupled computer system
US5414852A (en) * 1992-10-30 1995-05-09 International Business Machines Corporation Method for protecting data in a computer system
US6377994B1 (en) * 1996-04-15 2002-04-23 International Business Machines Corporation Method and apparatus for controlling server access to a resource in a client/server system
US5852666A (en) * 1996-07-01 1998-12-22 Sun Microsystems, Inc. Capability security for distributed object systems
GB9725742D0 (en) 1997-12-04 1998-02-04 Hewlett Packard Co Object gateway
US6317831B1 (en) * 1998-09-21 2001-11-13 Openwave Systems Inc. Method and apparatus for establishing a secure connection over a one-way data path
US6892307B1 (en) * 1999-08-05 2005-05-10 Sun Microsystems, Inc. Single sign-on framework with trust-level mapping to authentication requirements

Also Published As

Publication number Publication date
EP1307988A2 (en) 2003-05-07
ATE265112T1 (en) 2004-05-15
DE60102934D1 (en) 2004-05-27
WO2002013437A3 (en) 2002-10-31
US7441265B2 (en) 2008-10-21
WO2002013437A2 (en) 2002-02-14
EP1307988B1 (en) 2004-04-21
DE60102934T2 (en) 2005-03-10
US20030145094A1 (en) 2003-07-31

Similar Documents

Publication Publication Date Title
AU2001263929A1 (en) Method and system for session based authorization and access control for networked application objects
EP0827059A3 (en) Disk apparatus
GC0000109A (en) System and method for delineating spatially dependent objects, such as hydrocarbon accumulations from seismic data.
AU5135000A (en) Biometric system for biometric input, comparison, authentication and access control and method therefor
AU2001294017A1 (en) A method for controlling access to protected content
CA2315212A1 (en) System and method for authenticating peer components
EP1524598A3 (en) Program and apparatus for blocking information leaks, and storage medium for the program
GB0600609D0 (en) An anti-phising system
CA2418758A1 (en) Interactive and/or secure activation of a tool
EP1277778A3 (en) Stabilized cationically-curable compositions
WO1998021683A3 (en) System and method for protecting a computer and a network from hostile downloadables
GB2411027A (en) Control of access to a memory by a device
ATE326678T1 (en) SYSTEM FOR PROTECTING OBJECTS AGAINST SHAPED LOADS
WO2004019550A3 (en) System and method for authenticating wireless component
MXPA03011855A (en) Method and apparatus for memory cloning for a control device.
AU2002332405A1 (en) Mobile application access control list security system
WO2002044888A8 (en) Workflow access control
WO2008095866A3 (en) Method for authorizing the access to at least one automation component of a technical system
GB2396037A (en) Method and system for logging into and providing access to a computer system via a communications network
WO2004002786A3 (en) Method and system for vehicle authorization of a service technician
WO2003038573A3 (en) Method and apparatus for physical address-based security to determine target security
EP1321901A3 (en) Method for controlling access rights to an object
WO2001088566A3 (en) System and method for acquiring tie-point location information on a structure
WO2002062822A3 (en) Methods of identifying regulator molecules
AU4714100A (en) Biometric system for biometric input, comparison, authentication and access control and method therefor