Learning Center
Plans & pricing Sign in
Sign Out

Method And Apparatus For Authenticating A Client To A Server In Computer Systems Which Support Different Security Mechanisms - Patent 5586260


This invention relates generally to distributed computing systems, or computer networks, and more particularly to techniques for authentication of users of computing resources in the distributed computing context. Networks of computers allow thesharing of computer resources among many users. In this type of distributed computing environment, some systems function as "servers" and others function as "clients" of the servers. A server provides some type of service to client systems. Theservice may involve access to a database or other file system, access to printers, or access to more powerful computing resources. A client system makes requests for service from a server system and, in many instances, the server requires"authentication" of the user before the service will be provided and, in some cases, the client will require that the server be authenticated, to make sure that someone is not posing as the server. Client authentication implies the presence of asecurity mechanism whereby the server can verify that the client is authorized to receive the requested service.Security mechanisms for client authentication tend to evolve separately and independently for different types of systems and network hardware. As networks grow in size and diversity, there is a significant problem in being able to authenticateclient systems easily. The problem is most apparent in the integration of personal computers (PCs) with networks of larger computer systems. For example, if the larger systems employ Distributed Computing Environment (DCE) security protocols, it willin general be inconvenient and costly to provide each connected PC with the appropriate software necessary for authentication in accordance with DCE security. Consequently, PCs do not provide DCE security and a PC client cannot directly access DCEservers.Stated more generally, the problem is to provide a mechanism that would allow a server to authenticate a client that had no knowledge of the server's security

More Info
To top