CN100547516C - 用于无需提供密钥认证请求者的方法和系统 - Google Patents

用于无需提供密钥认证请求者的方法和系统 Download PDF

Info

Publication number
CN100547516C
CN100547516C CN200580038334.7A CN200580038334A CN100547516C CN 100547516 C CN100547516 C CN 100547516C CN 200580038334 A CN200580038334 A CN 200580038334A CN 100547516 C CN100547516 C CN 100547516C
Authority
CN
China
Prior art keywords
node
client node
client
key
request entity
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN200580038334.7A
Other languages
English (en)
Chinese (zh)
Other versions
CN101057201A (zh
Inventor
T·布雷
G·弗雷泽
G·普菲斯特
W·鲁尼
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
International Business Machines Corp
Original Assignee
International Business Machines Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by International Business Machines Corp filed Critical International Business Machines Corp
Publication of CN101057201A publication Critical patent/CN101057201A/zh
Application granted granted Critical
Publication of CN100547516C publication Critical patent/CN100547516C/zh
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2105Dual mode as a secondary aspect
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2129Authenticate client device independently of the user
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/30Definitions, standards or architectural aspects of layered protocol stacks
    • H04L69/32Architecture of open systems interconnection [OSI] 7-layer type protocol stacks, e.g. the interfaces between the data link level and the physical level
    • H04L69/322Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions
    • H04L69/329Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions in the application layer [OSI layer 7]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Small-Scale Networks (AREA)
  • Storage Device Security (AREA)
CN200580038334.7A 2004-11-12 2005-11-09 用于无需提供密钥认证请求者的方法和系统 Expired - Fee Related CN100547516C (zh)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US10/987,280 US7437447B2 (en) 2004-11-12 2004-11-12 Method and system for authenticating a requestor without providing a key
US10/987,280 2004-11-12

Publications (2)

Publication Number Publication Date
CN101057201A CN101057201A (zh) 2007-10-17
CN100547516C true CN100547516C (zh) 2009-10-07

Family

ID=35614672

Family Applications (1)

Application Number Title Priority Date Filing Date
CN200580038334.7A Expired - Fee Related CN100547516C (zh) 2004-11-12 2005-11-09 用于无需提供密钥认证请求者的方法和系统

Country Status (6)

Country Link
US (3) US7437447B2 (enExample)
EP (1) EP1825343B1 (enExample)
JP (1) JP4822224B2 (enExample)
CN (1) CN100547516C (enExample)
TW (1) TWI393400B (enExample)
WO (1) WO2006051083A1 (enExample)

Families Citing this family (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9088551B2 (en) * 2005-06-29 2015-07-21 International Business Machines Corporation Method and system for easily and securely managing multiple keys used to have access to multiple computing resources
GB2434947B (en) * 2006-02-02 2011-01-26 Identum Ltd Electronic data communication system
US7913077B2 (en) * 2007-02-13 2011-03-22 International Business Machines Corporation Preventing IP spoofing and facilitating parsing of private data areas in system area network connection requests
AU2012247065B2 (en) * 2007-10-08 2015-04-16 Qualcomm Incorporated Access management for wireless communication
US9775096B2 (en) * 2007-10-08 2017-09-26 Qualcomm Incorporated Access terminal configuration and access control
US9167505B2 (en) * 2007-10-08 2015-10-20 Qualcomm Incorporated Access management for wireless communication
US9055511B2 (en) * 2007-10-08 2015-06-09 Qualcomm Incorporated Provisioning communication nodes
US8321503B2 (en) * 2010-06-24 2012-11-27 Microsoft Corporation Context-specific network resource addressing model for distributed services
JP5844373B2 (ja) 2010-09-17 2016-01-13 オラクル・インターナショナル・コーポレイション ミドルウェアマシン環境におけるランナウェイサブネットマネージャインスタンスからの保護を促進するためのシステムおよび方法
US9935848B2 (en) 2011-06-03 2018-04-03 Oracle International Corporation System and method for supporting subnet manager (SM) level robust handling of unkown management key in an infiniband (IB) network
US9900293B2 (en) 2011-06-03 2018-02-20 Oracle International Corporation System and method for supporting automatic disabling of degraded links in an infiniband (IB) network
US9037511B2 (en) 2011-09-29 2015-05-19 Amazon Technologies, Inc. Implementation of secure communications in a support system
CN104170348B (zh) 2012-05-10 2018-02-13 甲骨文国际公司 用于在网络环境中支持状态同步的系统和方法
US9665719B2 (en) 2012-06-04 2017-05-30 Oracle International Corporation System and method for supporting host-based firmware upgrade of input/output (I/O) devices in a middleware machine environment
US9584605B2 (en) 2012-06-04 2017-02-28 Oracle International Corporation System and method for preventing denial of service (DOS) attack on subnet administrator (SA) access in an engineered system for middleware and application execution
US9723008B2 (en) 2014-09-09 2017-08-01 Oracle International Corporation System and method for providing an integrated firewall for secure network communication in a multi-tenant environment

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6405317B1 (en) * 1998-01-30 2002-06-11 International Business Machines Corporation Security module for a transaction processing system
US20030217137A1 (en) * 2002-03-01 2003-11-20 Roese John J. Verified device locations in a data network
CN1536842A (zh) * 2003-04-10 2004-10-13 国际商业机器公司 用于根据使用类来控制对设施的访问的装置、系统和方法

Family Cites Families (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5557678A (en) * 1994-07-18 1996-09-17 Bell Atlantic Network Services, Inc. System and method for centralized session key distribution, privacy enhanced messaging and information distribution using a split private key public cryptosystem
JP3937475B2 (ja) * 1996-06-14 2007-06-27 キヤノン株式会社 アクセス制御システムおよびその方法
US6457129B2 (en) * 1998-03-31 2002-09-24 Intel Corporation Geographic location receiver based computer system security
JP2000165373A (ja) * 1998-11-25 2000-06-16 Toshiba Corp 暗号装置、暗号通信システム及び鍵復元システム並びに記憶媒体
FI112433B (fi) * 2000-02-29 2003-11-28 Nokia Corp Sijaintiin sidotut palvelut
ATE403323T1 (de) * 2000-05-24 2008-08-15 Voltaire Ltd Gefilterte kommunikation von anwendung zu anwendung
US6766353B1 (en) * 2000-07-11 2004-07-20 Motorola, Inc. Method for authenticating a JAVA archive (JAR) for portable devices
JP2002132729A (ja) * 2000-10-25 2002-05-10 Nippon Telegraph & Telephone East Corp 端末認証接続方法およびそのシステム
US20030058875A1 (en) * 2001-09-24 2003-03-27 International Business Machines Corporation Infiniband work and completion queue management via head only circular buffers
US7360242B2 (en) 2001-11-19 2008-04-15 Stonesoft Corporation Personal firewall with location detection
US7873985B2 (en) 2002-01-08 2011-01-18 Verizon Services Corp. IP based security applications using location, port and/or device identifier information
US20030163731A1 (en) 2002-02-28 2003-08-28 David Wigley Method, system and software product for restricting access to network accessible digital information
US20040059914A1 (en) 2002-09-12 2004-03-25 Broadcom Corporation Using signal-generated location information to identify and authenticate available devices
US7526798B2 (en) 2002-10-31 2009-04-28 International Business Machines Corporation System and method for credential delegation using identity assertion
US7451219B2 (en) 2003-11-05 2008-11-11 International Business Machines Corporation Determining server resources accessible to client nodes using information received at the server via a communications medium

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6405317B1 (en) * 1998-01-30 2002-06-11 International Business Machines Corporation Security module for a transaction processing system
US20030217137A1 (en) * 2002-03-01 2003-11-20 Roese John J. Verified device locations in a data network
CN1536842A (zh) * 2003-04-10 2004-10-13 国际商业机器公司 用于根据使用类来控制对设施的访问的装置、系统和方法

Also Published As

Publication number Publication date
US7437447B2 (en) 2008-10-14
JP4822224B2 (ja) 2011-11-24
US20080271133A1 (en) 2008-10-30
US20060117103A1 (en) 2006-06-01
US7818413B2 (en) 2010-10-19
EP1825343B1 (en) 2012-07-25
US20080271125A1 (en) 2008-10-30
US8015243B2 (en) 2011-09-06
JP2008520018A (ja) 2008-06-12
EP1825343A1 (en) 2007-08-29
TWI393400B (zh) 2013-04-11
WO2006051083A1 (en) 2006-05-18
CN101057201A (zh) 2007-10-17
TW200642391A (en) 2006-12-01

Similar Documents

Publication Publication Date Title
US8015243B2 (en) Authenticating a requestor without providing a key
EP4005173B1 (en) Registering and requesting services in a service based architecture
US9613224B2 (en) Integrating a user's security context in a database for access control
EP4062617B1 (en) Server to server communication
US10049205B2 (en) Asserting identities of application users in a database system based on delegated trust
US20100318570A1 (en) Pluggable session context
US11063927B1 (en) Identity-aware application load balancer
US20090199288A1 (en) Distributed authentication in a protocol-based sphere of trust in which a given external connection outside the sphere of trust may carry communications from multiple sources
EP3982614B1 (en) Resource security integration platform
WO2023065969A1 (zh) 访问控制方法、装置及系统
CN108881309A (zh) 大数据平台的访问方法、装置、电子设备及可读存储介质
CN113836510A (zh) 基于token的应用访问控制方法及其装置、设备、存储介质
US20090158047A1 (en) High performance secure caching in the mid-tier
EP1981242B1 (en) Method and system for securing a commercial grid network
CN114616796A (zh) 客户端准备系统
US20220239726A1 (en) Communication device and communication method
KR20250067605A (ko) 차량용 데이터의 인증 및 획득을 위한 방법 및 시스템
US20190297496A1 (en) Operation method of communication node for access control in multi-hop based communication network
CN116132163B (zh) 使用dhcp协议实现设备限定局域网络围栏的方法
CN116805904A (zh) 一种应用登录的方法以及相关装置

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20091007