WO2004027612A3 - Application server object-level security for distributed computing domains - Google Patents

Application server object-level security for distributed computing domains Download PDF

Info

Publication number
WO2004027612A3
WO2004027612A3 PCT/GB2003/004063 GB0304063W WO2004027612A3 WO 2004027612 A3 WO2004027612 A3 WO 2004027612A3 GB 0304063 W GB0304063 W GB 0304063W WO 2004027612 A3 WO2004027612 A3 WO 2004027612A3
Authority
WO
WIPO (PCT)
Prior art keywords
objects
security
ior
domain
application server
Prior art date
Application number
PCT/GB2003/004063
Other languages
French (fr)
Other versions
WO2004027612A2 (en
Inventor
Peter Birk
Ching-Yun Chao
Hyen Chung
Carlton Mason
Ajaykumar Reddy
Vishwanath Venkataramappa
Original Assignee
Ibm
Ibm Uk
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ibm, Ibm Uk filed Critical Ibm
Priority to JP2004537309A priority Critical patent/JP4636366B2/en
Priority to AU2003269163A priority patent/AU2003269163A1/en
Priority to AT03750943T priority patent/ATE441150T1/en
Priority to DE60329002T priority patent/DE60329002D1/en
Priority to EP03750943A priority patent/EP1540474B1/en
Publication of WO2004027612A2 publication Critical patent/WO2004027612A2/en
Publication of WO2004027612A3 publication Critical patent/WO2004027612A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication

Abstract

Objects on application servers may be defined into classes which receive different levels of security protection, such as definition of user objects and administrative objects. Domain-wide security may be enforced on administrative objects, which user object security may be configured separately for each application server in a domain. In a CORBA architecture, IOR's for shared objects which are to be secured on a domain-wide basis, such as administrative objects, are provided with tagged components during IOR creation and exporting to a name server. Later, when the IOR is used by a client, the client invokes necessary security measures such as authentication, authorization and transport protection according to the tagged components.
PCT/GB2003/004063 2002-09-19 2003-09-19 Application server object-level security for distributed computing domains WO2004027612A2 (en)

Priority Applications (5)

Application Number Priority Date Filing Date Title
JP2004537309A JP4636366B2 (en) 2002-09-19 2003-09-19 Application server object-level security for distributed computing domains
AU2003269163A AU2003269163A1 (en) 2002-09-19 2003-09-19 Application server object-level security for distributed computing domains
AT03750943T ATE441150T1 (en) 2002-09-19 2003-09-19 RESTRICTION OF ACCESS TO OBJECTS FOR APPLICATION SERVERS IN DISTRIBUTED COMPUTING SYSTEMS
DE60329002T DE60329002D1 (en) 2002-09-19 2003-09-19 ACCESS RESTRICTION TO OBJECTS FOR APPLICATION SERVER IN DISTRIBUTED COMPUTER SYSTEMS
EP03750943A EP1540474B1 (en) 2002-09-19 2003-09-19 Application server object-level security for distributed computing domains

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US10/246,909 US7448066B2 (en) 2002-09-19 2002-09-19 Application server object-level security for distributed computing domains
US10/246,909 2002-09-19

Publications (2)

Publication Number Publication Date
WO2004027612A2 WO2004027612A2 (en) 2004-04-01
WO2004027612A3 true WO2004027612A3 (en) 2004-07-29

Family

ID=31992391

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/GB2003/004063 WO2004027612A2 (en) 2002-09-19 2003-09-19 Application server object-level security for distributed computing domains

Country Status (10)

Country Link
US (2) US7448066B2 (en)
EP (1) EP1540474B1 (en)
JP (1) JP4636366B2 (en)
KR (1) KR100834347B1 (en)
CN (1) CN100336021C (en)
AT (1) ATE441150T1 (en)
AU (1) AU2003269163A1 (en)
DE (1) DE60329002D1 (en)
TW (1) TWI273811B (en)
WO (1) WO2004027612A2 (en)

Families Citing this family (27)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7363487B2 (en) * 2003-07-01 2008-04-22 International Business Machines Corporation Method and system for dynamic client authentication in support of JAAS programming model
US7676562B2 (en) * 2004-01-20 2010-03-09 Microsoft Corporation Computer system for accessing instrumentation information
US7523195B2 (en) * 2004-10-29 2009-04-21 International Business Machines Corporation Method and system for monitoring server events in a node configuration by using direct communication between servers
US20060106864A1 (en) * 2004-11-12 2006-05-18 International Business Machines Corporation System, computer program product and method of narrowing an enterprise Java bean (EJB) object reference to a home implementation class name
US8250226B2 (en) * 2005-07-21 2012-08-21 Ca, Inc. Generating one or more clients for generating one or more synthetic transactions with one or more web service operations
ATE409330T1 (en) * 2006-07-24 2008-10-15 Alcatel Lucent METHOD, SERVER AND CLIENT FOR PROVIDING SERVICES ON A COMPUTER NETWORK
US7912047B2 (en) * 2006-12-22 2011-03-22 International Business Machines Corporation Method and program for classifying fragmented messages
KR100918114B1 (en) * 2007-10-17 2009-09-22 한국전자통신연구원 A framework apparatus of mobile and method for providing interoperability between component
JP5227605B2 (en) * 2008-02-15 2013-07-03 アズビル株式会社 Portal server system and server access method in portal server system
US20100111836A1 (en) * 2008-10-31 2010-05-06 Searete Llc, A Limited Liability Corporation Of The State Of Delaware Compositions and methods for therapeutic delivery with frozen particles
US8893156B2 (en) * 2009-03-24 2014-11-18 Microsoft Corporation Monitoring of distributed applications
US9804899B2 (en) * 2009-07-31 2017-10-31 Ixia Communications using the common object request broker architecture (CORBA)
CN101655789B (en) * 2009-09-22 2012-10-24 用友软件股份有限公司 Method and device for realizing hot plugging of application components
CN102043922A (en) * 2009-10-13 2011-05-04 中兴通讯股份有限公司 Method and device for improving security of CORBA interface
CN104854561B (en) * 2012-10-16 2018-05-11 思杰系统有限公司 Application program for application management framework encapsulates
US9450820B2 (en) * 2014-02-26 2016-09-20 International Business Machines Corporation Dynamic extensible application server management
US9876822B2 (en) 2014-11-28 2018-01-23 International Business Machines Corporation Administration of a context-based cloud security assurance system
US9762616B2 (en) 2015-08-08 2017-09-12 International Business Machines Corporation Application-based security rights in cloud environments
US10348730B2 (en) 2015-12-28 2019-07-09 International Business Machines Corporation Reducing complexities of authentication and authorization for enterprise web-based social applications
KR20180060807A (en) 2016-11-29 2018-06-07 충남대학교산학협력단 Apparatus and method for distributed storage based on tiers
US10812502B2 (en) 2018-02-06 2020-10-20 Bank Of America Corporation Network device owner identification and communication triggering system
US11089042B2 (en) 2018-02-06 2021-08-10 Bank Of America Corporation Vulnerability consequence triggering system for application freeze and removal
US11265340B2 (en) 2018-02-06 2022-03-01 Bank Of America Corporation Exception remediation acceptable use logic platform
US10862915B2 (en) 2018-02-06 2020-12-08 Bank Of America Corporation Exception remediation logic routing and suppression platform
US10819731B2 (en) 2018-02-06 2020-10-27 Bank Of America Corporation Exception remediation logic rolling platform
CN110413327B (en) * 2019-07-16 2022-07-19 创新先进技术有限公司 Hardware driving method and device based on hardware abstraction layer
CN110471742B (en) * 2019-08-15 2022-03-29 中国银行股份有限公司 Java object monitoring management system and method under distributed environment

Family Cites Families (32)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5802291A (en) * 1995-03-30 1998-09-01 Sun Microsystems, Inc. System and method to control and administer distributed object servers using first class distributed objects
JP2000503154A (en) * 1996-01-11 2000-03-14 エムアールジェイ インコーポレイテッド System for controlling access and distribution of digital ownership
US6226746B1 (en) * 1998-03-20 2001-05-01 Sun Microsystems, Inc. Stack-based system and method to combine security requirements of methods
US5881230A (en) * 1996-06-24 1999-03-09 Microsoft Corporation Method and system for remote automation of object oriented applications
US6044409A (en) * 1996-06-26 2000-03-28 Sun Microsystems, Inc. Framework for marshaling and unmarshaling argument object references
ES2141456T3 (en) * 1996-08-20 2000-03-16 Cit Alcatel SUPPORT PROCEDURE FOR THE CREATION OF AN OBJECT.
ES2142564T3 (en) * 1996-08-20 2000-04-16 Cit Alcatel PROCEDURE FOR ADMINISTERING THE SPECIFICATION OF OBJECTS.
US5908469A (en) * 1997-02-14 1999-06-01 International Business Machines Corporation Generic user authentication for network computers
US6687761B1 (en) * 1997-02-20 2004-02-03 Invensys Systems, Inc. Process control methods and apparatus with distributed object management
KR19990040321A (en) * 1997-11-17 1999-06-05 정선종 User access control method and server structure for distributed system environment with multiple security zones
GB9725742D0 (en) * 1997-12-04 1998-02-04 Hewlett Packard Co Object gateway
US6438616B1 (en) * 1997-12-18 2002-08-20 Sun Microsystems, Inc. Method and apparatus for fast, local corba object references
US6219787B1 (en) * 1997-12-22 2001-04-17 Texas Instruments Incorporated Method and apparatus for extending security model to native code
US6148402A (en) * 1998-04-01 2000-11-14 Hewlett-Packard Company Apparatus and method for remotely executing commands using distributed computing environment remote procedure calls
US6321334B1 (en) * 1998-07-15 2001-11-20 Microsoft Corporation Administering permissions associated with a security zone in a computer system security model
US6330677B1 (en) * 1998-10-27 2001-12-11 Sprint Communications Company, L. P. Object-based security system
US6158010A (en) * 1998-10-28 2000-12-05 Crosslogix, Inc. System and method for maintaining security in a distributed computer network
US6393605B1 (en) * 1998-11-18 2002-05-21 Siebel Systems, Inc. Apparatus and system for efficient delivery and deployment of an application
US6487665B1 (en) * 1998-11-30 2002-11-26 Microsoft Corporation Object security boundaries
US6298478B1 (en) * 1998-12-31 2001-10-02 International Business Machines Corporation Technique for managing enterprise JavaBeans (™) which are the target of multiple concurrent and/or nested transactions
WO2000045256A1 (en) * 1999-01-29 2000-08-03 Iona Technologies, Inc. Method and system for dynamic configuration of interceptors in a client-server environment
US6422460B1 (en) * 1999-01-29 2002-07-23 Verisign, Inc. Authorization system using an authorizing device
US6453320B1 (en) * 1999-02-01 2002-09-17 Iona Technologies, Inc. Method and system for providing object references in a distributed object environment supporting object migration
GB2350971A (en) * 1999-06-07 2000-12-13 Nokia Mobile Phones Ltd Security Architecture
JP2001056810A (en) * 1999-06-07 2001-02-27 Kawasaki Steel Systems R & D Corp Database access system
US6922685B2 (en) * 2000-05-22 2005-07-26 Mci, Inc. Method and system for managing partitioned data resources
KR100343069B1 (en) 2000-08-26 2002-07-05 박태규 Mandatory Object Access Control Method Using Multi-Level Security, and Computer Readable Recording Medium Having thereon Programmed Mandatory Object Access Control Method Using Multi-Level Security
FR2813471B1 (en) * 2000-08-31 2002-12-20 Schneider Automation COMMUNICATION SYSTEM FOR AUTOMATED EQUIPMENT BASED ON THE SOAP PROTOCOL
US6442460B1 (en) * 2000-09-05 2002-08-27 Hunter Engineering Company Method and apparatus for networked wheel alignment communications and services
TWI237434B (en) * 2000-09-29 2005-08-01 Matsushita Electric Works Ltd Linear oscillator
US6968553B1 (en) * 2001-03-01 2005-11-22 Alcatel Element manager common gateway architecture system and method
US6795791B2 (en) * 2001-06-22 2004-09-21 Bea Systems, Inc. System and method for testing time-varying signals

Non-Patent Citations (5)

* Cited by examiner, † Cited by third party
Title
BENOIT FOUCHER: "[OB-Users] Using IORInterceptor conditionally", ORBACUS USERS MAILING LIST, 18 June 2001 (2001-06-18), pages 1, XP002278395, Retrieved from the Internet <URL:http://mail.ooc.nf.ca/pipermail/ob-users/2001-June/018451.html> [retrieved on 20040427] *
ENDREI M; CLUNING R; DAOMANEE W; HEYWARD J; IYENGAR A; MAUNY I; NAUMANN T; SANCHEZ A: "IBM WebSphere V4.0 Advanced Edition Handbook", IBM REDBOOKS, INTERNATIONAL TECHNICAL SUPPORT ORGANIZATION, RESEARCH TRIANGLE PARK, NORTH CAROLINA, USA, March 2002 (2002-03-01), pages 42,59-60,85-95,103-124,739 - 777, XP002278391, Retrieved from the Internet <URL:http://www.redbooks.ibm.com/redbooks/pdfs/sg246176.pdf> [retrieved on 20040428] *
IONA TECHNOLOGIES PLC: "Orbix Wonderwall Administrator's Guide", ONLINE, September 2000 (2000-09-01), pages 12-19,134-135,165 - 182, XP002278394, Retrieved from the Internet <URL:http://www.iona.com/support/docs/manuals/orbix/33/pdf/orbixwonderwall33_admin.pdf> [retrieved on 20040427] *
LEYMANN F: "Web Services Flow Language (WSFL 1.0)", IBM TECHNICAL DOCUMENT, IBM SOFTWARE GROUP, May 2001 (2001-05-01), pages 1-40,83 - 86, XP002278393, Retrieved from the Internet <URL:http://www-306.ibm.com/software/solutions/webservices/pdf/WSFL.pdf> [retrieved on 20040427] *
OBJECT MANAGEMENT GROUP (OMG): "Security Service Specification, Version 1.8", ONLINE, March 2002 (2002-03-01), pages (3-1) - (3-13), XP002278392, Retrieved from the Internet <URL:http://www.omg.org/cgi-bin/apps/doc?formal/02-03-11.pdf> [retrieved on 20040427] *

Also Published As

Publication number Publication date
TWI273811B (en) 2007-02-11
KR20050060068A (en) 2005-06-21
JP4636366B2 (en) 2011-02-23
CN1820254A (en) 2006-08-16
TW200405710A (en) 2004-04-01
EP1540474B1 (en) 2009-08-26
US7810132B2 (en) 2010-10-05
AU2003269163A1 (en) 2004-04-08
ATE441150T1 (en) 2009-09-15
US7448066B2 (en) 2008-11-04
US20040059940A1 (en) 2004-03-25
EP1540474A2 (en) 2005-06-15
DE60329002D1 (en) 2009-10-08
CN100336021C (en) 2007-09-05
JP2006517690A (en) 2006-07-27
WO2004027612A2 (en) 2004-04-01
KR100834347B1 (en) 2008-06-02
US20080222697A1 (en) 2008-09-11

Similar Documents

Publication Publication Date Title
WO2004027612A3 (en) Application server object-level security for distributed computing domains
WO2007123705A3 (en) Enhanced security for electronic communications
WO2002039237A3 (en) Method and system for web-based cross-domain single-sign-on authentication
MY140918A (en) Image file container
WO2000030285A8 (en) Method and apparatus for secure distribution of authentication credentials to roaming users
WO2005059717A3 (en) Certificate based digital rights management
WO2001092993A3 (en) System and method for licensing management
WO2003032575A3 (en) Method and system for providing client privacy when requesting content from a public server
AU2002349163A1 (en) Fabrication of chopper for particle beam instrument
CA2118297A1 (en) Distributed Cryptographic Object Method
WO2004059415A3 (en) Method and system for authentification in a heterogeneous federated environment, i.e. single sign on in federated domains
EP1271279A3 (en) Binding a digital license to a portable device or the like in a digital rights management (DRM) system and checking out/checking in the digital license to/from the portable device or the like
ATE389214T1 (en) TECHNIQUE FOR REGISTERING AN ENTITY WITH A RIGHTS ISSUER SYSTEM
EP1544780A4 (en) Authentication system
SG152289A1 (en) System and method for application authorization
CA2205732A1 (en) Using fontless structured document image representations to render displayed and printed documents at preferred resolutions
WO2001086421A3 (en) Message gates in a distributed computing environment
WO2004092864A3 (en) Client-server authentication using the challenge-response principle
EP2339777A3 (en) Method of authenticating a user to use a system
WO2007084863A3 (en) Privacy protection in communication systems
WO2005002166A3 (en) Method for distributing passwords
WO2003047256A3 (en) Enhanced content resolution method
WO2007000761A3 (en) Method and apparatus for protecting files from none authorized access
DE69937196D1 (en) METHOD AND DEVICE FOR THE SAFE DISTRIBUTION OF AUTHENTICATION DATA TO HANDLING PARTICIPANTS
EP1059578A3 (en) Secure backdoor access for a computer

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 1020057002717

Country of ref document: KR

WWE Wipo information: entry into national phase

Ref document number: 2004537309

Country of ref document: JP

WWE Wipo information: entry into national phase

Ref document number: 20038222574

Country of ref document: CN

WWE Wipo information: entry into national phase

Ref document number: 2003750943

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 2003750943

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 1020057002717

Country of ref document: KR