Dynamic server-managed access control for a distributed file system

Assignee

• International Business Machines Corporation · US

Inventors

• Robert R. Berbec · New York, US
• John Brady · Apex, US
• James M. Caffrey · Woodstock, US
• Joanne T. Crimi · Highland, US
• Arthur P. Fenaroli · Rhinebeck, US
• Matthew C. Iatridis · Woodstock, US
• Gary S. Puchkoff · Rochester, US
• Roberto J. Sanchez · Poughkeepsie, US
• Madeline R. Whalen · Hyde Park, US
• Joseph Williams · Poughkeepsie, US

Key dates

Classification

• Technology area (CPC Y)Emerging Cross-Sectional Technologies
• CPC primaryY10S707/99939
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

A method and apparatus for providing dynamically controlling access to files in a client/server system. A client wanting access to a file first requests a token from an object server. The object server generates the token as a function of the file name and ephemeral information and provides the token to both the client and the file system. Upon receiving the token from the object server, the client presents an access request to the file system, using the token rather than the file name as an identifier. The file system compares the received identifier with the file names in the specified directory as well as with a list of valid tokens that it maintains. If the identifier corresponds to a valid token for a file in the directory, the access request is granted. Otherwise, the access request is denied. The procedure is transparent to the client, which uses the token in the same manner as it would use a regular file name.