Abstract: A method and system for processing authenticated data objects. An authenticated data object utility allows a user to view and edit the contents of data objects embedded within an authenticated data object via a graphical user interface. Graphical objects represent the data objects embedded within an authenticated data object. A user may drag and drop objects onto other objects within the authenticated data object, and the authenticated data object utility automatically performs the necessary authenticating operations. Logical associations between data objects contained within the authenticated data object, such as between certificates and recipient information objects, are determined or created, and the logical associations are displayed using visual indicators. As data objects are added or deleted through user actions on the graphical objects, the visual indicators are updated to reflect any updates to the logical associations between the data objects.

Abstract: A method and system for processing signed data objects in a data processing system is presented. A signed data object utility allows a user to view and edit the contents of data objects embedded within a signed data object via a graphical user interface. Graphical objects represent the data objects embedded within a signed data object. A user may drag and drop objects onto other objects within the signed data object, and the signed data object utility automatically performs the necessary signing operations. Logical associations between data objects contained within the signed data object are determined, and the logical associations are displayed using visual indicators between graphical objects representing the associated data objects. As data objects are added or deleted, the visual indicators are updated to reflect any updates to the logical associations. The user may direct other operations on the signed data object through the graphical user interface.

Abstract: A method is provided for determining an identity of a browser in an Java environment in which an intermediary program masks the browser's identity. The method begins by querying an operating system process table for information identifying the browser. Thereafter, a Java properties table including the information from the process table is set. In response to a request from a calling program (e.g., an applet class) for the browser identity, a getProperty method is then called to retrieve the browser identity from the properties table. The browser identity is then returned to the calling program.

Abstract: An architecture for extending the Java security model to allow a user or administrator to explicitly deny permissions. By itself, the Java 2 security model does not allow additions to the collections of policy permissions after they have been loaded from the Java policy file. The inventive architecture allows Java applets and applications to dynamically prompt the user to deny a permission that does not exist in the Java policy file. If the user denies the permission, the present invention denies the permission for the ProtectionDomain to which the class asking for the permission belongs. Attributes for the denied permission may be set during runtime and saved across browser sessions.

Abstract: A method and apparatus for type independent permission based access control are provided. The method and apparatus utilize object inheritance to provide a mechanism by which a large group of permissions may be assigned to a codesource without having to explicitly assign each individual permission to the codesource. A base permission, or superclass permission, is defined along with inherited, or subclass, permissions that fall below the base permission in a hierarchy of permissions. Having defined the permissions in such a hierarchy, a developer may assign a base permission to an installed class and thereby assign all of the inherited permissions of the base permission to the installed class. In this way, security providers need not know all the permission types defined in an application. In addition, security providers can seamlessly integrate with many applications without changing their access control and policy store semantics.

Abstract: A method and apparatus for type independent permission based access control are provided. The method and apparatus utilize object inheritance to provide a mechanism by which a large group of permissions may be assigned to a codesource without having to explicitly assign each individual permission to the codesource. A base permission, or superclass permission, is defined along with inherited, or subclass, permissions that fall below the base permission in a hierarchy of permissions. Having defined the permissions in such a hierarchy, a developer may assign a base permission to an installed class and thereby assign all of the inherited permissions of the base permission to the installed class. In this way, security providers need not know all the permission types defined in an application. In addition, security providers can seamlessly integrate with many applications without changing their access control and policy store semantics.

Abstract: A method of enabling an HTTP server plug-in to pass an unmangled environment variable into a CGI process begins by configuring the HTTP server to initially override a CGI service method. When the server processes an HTTP request, the server plug-in, which is called prior to the CGI service method and is running in a process of the HTTP server, inserts a “name value” pair prepended with a marker in a request header parameter block of the HTTP server. Then, the CGI service override method executes the server's original (i.e. native) CGI service method, causing it to run an encapsulation program in the CGI process. This program scans the environment of the CGI process for any string prepended with a given HTTP code (e.g., the string “HTTP_”) and the marker. If it finds any such string, the program strips the given HTTP code and the marker from a remainder of the string and resets the environment variable into the CGI process in an “unmangled” form.

Abstract: An architecture for extending the Java security model to allow a user or administrator to grant permissions dynamically. By itself, the Java 2 security model does not allow additions to the collections of policy permissions after they have been loaded from the Java policy file. The inventive architecture allows Java applets and applications to dynamically prompt the user to grant a permission that does not exist in the Java policy file. If the user grants the permission, the present invention grants the permission for the ProtectionDomain to which the class asking for the permission belongs. Attributes for the dynamic permission may be set during runtime and saved across browser sessions.

Abstract: Various aspects of the invention may be found in software that performs mutual authentication between a plurality of interconnected software module. The modules contain security tools that allow for the verifying, authenticating, and/or authorizing of a caller module and an invoked module. Before a caller module invokes another module, the caller performs functions that verify, authenticate, and/or authorize the invoked module. Upon success, the module is invoked. However, upon failure, the module is not invoked. In one case, the calling class uses embedded certificates or keys relating to the invoked class. Upon a possibility of invoking the class, the calling module obtains a digitally signed codebase of the invoked class, and verifies, authenticates, and/or authorizes the code based upon the signature and/or the characteristics of the certificate. Conversely, the invoked class performs similar functionality upon being invoked.

Abstract: A test/run program receives as input a list of identifiers for source pages referencing applets to be tested or run. The test/run program creates an array of the identifiers, together with parameters for each identifier, web browser to run the test under, and a number of times the source page is to be reloaded and the applets re-run. For each source page, and for each reload of a given source page, the test/run program starts the specified web browser process, loads the designated source page, and starts a fresh runtime environment for the applet. Support for a test class within the test/run program allows the applets to write success, failure, or informational results to an output file and to exit the web browser process when complete. Where a native implementation of the test class is employed, special security permissions need not be specified and the test/run program need not necessarily be run locally.

Abstract: A method, apparatus, and computer implemented instructions for managing access to data in a keystore in a data processing system. A request for access to an item of data is received from a requestor, wherein the item of data is encrypted using a key. A determination of whether the requestor is a trusted requestor is made. The key and the item of data are sent to the requestor in response to a determination that the requestor is a trusted requestor.

Abstract: An apparatus and method for managing keystores is implemented. A distributed keystore is established by aggregating individual. The distributed keystore may, be organized in a multi-level structure, which may be associated with an organizational structure of an enterprise, or other predetermined partitioning. Additionally, a centralized management of certificates may be provided, whereby the expiration or revocation of the certificates may be tracked, and expired or revoked certificates may be refreshed. The keystore may be updated in response to one or more update events.

Abstract: The present invention provides a method, apparatus, and computer implemented instructions for executing cryptographic operations. Responsive to a request to perform a cryptographic operation, one (or more) of a software process and a hardware process is selected for performing the cryptographic operation based on a policy which process results in a available resources to perform the cryptographic operation to form a selected process. The cryptographic operation is performed using the selected process. Necessary object conversions, which is transparent to the application, is carried out in order to convert objects to usable forms of the selected process (es).

Abstract: A method, apparatus, and computer implemented instructions for synchronizing time in a network data processing system. A request for time synchronization is received at a target data processing system. A current target time at the target data processing system is placed in a reply. The reply is sent to the source data processing system. A current source time from when the reply is received at the source data processing system is compared to the current target time to generate a comparison. A synchronization factor is generated using the comparison.

Abstract: A method of authenticating a Web client to a Web server connectable to a distributed file system of a distributed computing environment. The distributed computing environment includes a security service for returning a credential to a user authenticated to access the distributed file system. The method preferably operates within the context of a native operating system environment such as “Windows NT”. Upon initialization of the Web server, a session manager creates a pool of temporary Windows NT user identities. In response to a Web client browser request, a temporary NT user identity is associated with proper DCE credentials. A server process then impersonates the returned NT user identity on a thread which is attempting to access the requested resource.

Abstract: A method of executing Common Gateway Interface (CGI) programs in a computer network having a Web client and a Web server, the server connectable to a secure distributed file system of a distributed computing environment. If a Web client user request requires CGI processing, the requested CGI program is run in a new process spawned from the Web server thread and executing within the context of the temporary user identity set up with the proper DCE credentials. This function is effected by saving the name and path of the user-requested CGI program and then substituting the name and path of an encapsulation CGI program. The encapsulation CGI program starts the user-requested CGI program in a new process (i.e. a desktop) within the context of the temporary user identity (having proper DCE credentials). The encapsulation program thus ensures that the CGI program being executed cannot harm the default Web server desktop.

Abstract: A test page including a statement invoking an executable periodically reloading the test page is placed on a Web server having a security plug-in to be tested. The test page may include multiple frames, each containing a reference requesting access to the same test page or each performing a different testing function. The test page may be placed in a protected directory, may include an attempt to access the contents of a file within a different protected directory, and may include attempts to access protected CGI executables or other programs or modules which may be run on the Web server. A remote browser is employed to attempt to access the test page using the userid and password employed to login to the browser. Successful or unsuccessful access to the test page verifies proper operation of the security plug-in.

Abstract: An account manager plug-in for a Web server having an application programming interface (API). The plug-in is preferably a computer program product comprising a set of instructions (program code) encoded on a computer-readable substrate. This plug-in includes program code for establishing a set of one or more monitored resources (e.g., UrlCounter, ByteCounter, PageCounter and FailedLoginCounter) and for defining a threshold rule for at least one of the set of monitored resources. As Web transactions occur at the Web server, the account manager is responsive to a monitored resource exceeding a condition of a threshold rule for triggering one of a set of threshold actions. The set of threshold actions, for example, include clearing a record counter, running a given program, sending an e-mail note and disabling or enabling a user account.

Abstract: A method of enabling persistent access by a Web server to files stored in a distributed file system of a distributed computing environment that includes a security service. A session manager is used to perform a proxy login to the security service on behalf of the Web server. Persistent operation of the session manager is ensured by periodically spawning new instances of the session manager process. Each new instance preferably initializes itself against a binding file. A prior instance of the session manager is maintained in an active state for at least a period of time during which the new instance of the session manager initializes itself. Upon receipt of a given transaction request from a Web client to the Web server, a determination is made regarding whether a new instance of the session manager process has been spawned while the Web server was otherwise idle.

Abstract: A method of enabling a Web server to impersonate a Web client to thereby obtain access to files stored in a distributed file system of a distributed computing environment. The distributed computing environment includes a security service for returning a credential to a user authenticated to access the distributed file system. In response to receipt of a transaction request from the Web client, a determination is made whether the transaction request has originated from a user authenticated to access the distributed file system. If so, the Web server is controlled to reuse the credential of the user across multiple file accesses in the distributed file system on behalf of the Web client.