Authentication based on client access limitation
US10803190B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jul 21, 2017 |
| Grant date | Oct 13, 2020 |
| Priority date | — |
| Expiry date | Feb 26, 2038 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/2103
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Systems, computer program products and methods implementing access control on a distributed file system are described. A file system enforcement point protects an HDFS from unauthorized access by authenticating a declared identity of a task submitting a request from a client. Upon receiving the request, the file system enforcement point submits a challenge to the client, requesting the task to provide credentials of the declared identity. The task submits credentials. On the client, each task has access to credentials of a true identity of the task. Accordingly, in case a task submits a claimed identity that is different from the true identity of the task, the task cannot submit correct credentials in response to the challenge. The file system enforcement point authenticates the declared identity using the submitted credentials. The file system enforcement point allows the client to access the HDFS only upon successful authentication.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.