公开(公告)号：DE69613948D1

公开(公告)日：2001-08-23

申请号：DE69613948

申请日：1996-11-13

Applicant: IBM

Inventor： KELLS TIMOTHY ROGER ,  PEEBLES THOMAS FRANK

IPC: G06F13/00 ,  G06F15/16 ,  G06F15/177 ,  G06F21/00 ,  G06F21/20 ,  G06F1/00

Abstract: LAN server machines are configured to utilize their existing mechanisms to pass generic security subsystem (GSS) distributed computing environment (DCE) credentials. The server management block (SMB) protocol is extended to facilitate exchange of such credentials wherein the server utilizes the GSS API interface to obtain and validate such credentials. The GSS interface provides tokens which encapsulate all necessary information to perform mutual authentication between the client and server. A new protocol level is defined with respect to such SMB protocol extensions which includes a new protocol name exchanged in the negotiate protocol (NP) SMB. Pre-existing LAN servers will turn on a bit in the SMB_Secmode field in the NP response indicating that the server supports exchange of secpkgX SMB. The server will then wait for an SMB secpkgX or SMB sesssetupX response. The former response will permit the user/client and server to exchange GSS tokens utilizing a conventional LAN server mechanism and to thereby and mutually authenticate.

公开(公告)号：DE69029452D1

公开(公告)日：1997-01-30

申请号：DE69029452

申请日：1990-09-18

Applicant: IBM

Inventor： GEISE DAVID MICHAEL ,  PEEBLES THOMAS FRANK ,  RICHTER ROGER KYLE

IPC: G06F15/16 ,  G06F15/177 ,  H04L12/56 ,  H04L29/06 ,  H04L29/10

Abstract: An interface between different communications architectures is disclosed. Control blocks (66, 68, 70) are used to store information pertaining to individual communications sessions, or links. Communication link identifiers are different for the two different communications architectures. The interface provides an efficient technique for bidirectionally translating such link identifiers. Identifiers from routines implementing each architecture are used to generate pointers to the appropriate control blocks for each communications session. These control blocks are then used by routines interfacing to the other architecture to extract the translated identifiers.

公开(公告)号：DE69613948T2

公开(公告)日：2002-01-24

申请号：DE69613948

申请日：1996-11-13

Applicant: IBM

Inventor： KELLS TIMOTHY ROGER ,  PEEBLES THOMAS FRANK

IPC: G06F13/00 ,  G06F15/16 ,  G06F15/177 ,  G06F21/00 ,  G06F21/20 ,  G06F1/00

Abstract: LAN server machines are configured to utilize their existing mechanisms to pass generic security subsystem (GSS) distributed computing environment (DCE) credentials. The server management block (SMB) protocol is extended to facilitate exchange of such credentials wherein the server utilizes the GSS API interface to obtain and validate such credentials. The GSS interface provides tokens which encapsulate all necessary information to perform mutual authentication between the client and server. A new protocol level is defined with respect to such SMB protocol extensions which includes a new protocol name exchanged in the negotiate protocol (NP) SMB. Pre-existing LAN servers will turn on a bit in the SMB_Secmode field in the NP response indicating that the server supports exchange of secpkgX SMB. The server will then wait for an SMB secpkgX or SMB sesssetupX response. The former response will permit the user/client and server to exchange GSS tokens utilizing a conventional LAN server mechanism and to thereby and mutually authenticate.

公开(公告)号：DE69029452T2

公开(公告)日：1997-06-12

申请号：DE69029452

申请日：1990-09-18

Applicant: IBM

Inventor： GEISE DAVID MICHAEL ,  PEEBLES THOMAS FRANK ,  RICHTER ROGER KYLE

IPC: G06F15/16 ,  G06F15/177 ,  H04L12/56 ,  H04L29/06 ,  H04L29/10

Abstract: An interface between different communications architectures is disclosed. Control blocks (66, 68, 70) are used to store information pertaining to individual communications sessions, or links. Communication link identifiers are different for the two different communications architectures. The interface provides an efficient technique for bidirectionally translating such link identifiers. Identifiers from routines implementing each architecture are used to generate pointers to the appropriate control blocks for each communications session. These control blocks are then used by routines interfacing to the other architecture to extract the translated identifiers.