1. Technical Field
The present invention relates in general to computer system and in particular to accessing console features of a networked computer system. Still more particularly, the present invention relates to a method and system for improved security access for console devices and/or console device features of a networked computer system.
2. Description of the Related Art
Computer networks or multi-user computer systems are common in today's business environment and may range from small, localized, local area networks (LANs) to larger, geographically, dispersed wide area networks (WANs), such as the Internet. Irrespective of the type and size of network, the network setup, control, and maintenance are usually performed by operators or administrators having specialized access and utilizing specialized console devices.
Multi-user computer systems typically support a system console mode of operation that is used by the system administrator to setup and manage the computer system. System administrator functions include installing software applications, installing software updates (and fixes), performing file backup and restore operations, managing security controls, and giving new users access to applications and system resources. The console mode of operation runs either separately (in the case of initial setup) or concurrently with user applications. The console mode of operation can also be utilized by service personnel to perform service functions and problem determination.
Typically, console functions are restricted to designated console operators. The restriction to designated operators provides added security to the computer system and ensures the integrity of the system. Access to the console operations is controlled by the “system console control program”, which authenticates a console operator. The operator is required to enter a user-identifier (user ID) and his/her associated password.
Typically, to ensure added security and integrity, console functions are allowed and supported only on particular devices (e.g., keyboard/display terminals or workstations) that may be located in a protected, controlled physical environment. These console devices have simple command line and/or text menu interfaces because of the limited resources of the system console control program during early phases of system initialization and setup and when performing service functions. For example, iSeries™ console devices connect to the system via a twinaxial serial port or an asynchronous RS-232 serial port. These types of connectivity also require the console device to be in close physical proximity to the system. Additionally, some systems (e.g., iSeries™) support multiple-logical system partitions, where each partition requires its own console device.
Present mechanisms used to protect console functions do not identify and authenticate the device from which the console function request is being made. These other mechanisms rely upon physical controls such as special connectivity (i.e., a special communication cable, such as a TWINAX connection) or special physical device controls (i.e. the device accessing the console functions has to be located in a secure room in close physical proximity to the system) or an identity scheme based on the unique burned-in identifier in the console device's network adapter card (which can be shared among systems and is not secure). These restrictions in present mechanisms limit the capabilities of allowing access to the console functions and thus reduce the security, usability, and functionality of the system.
With the widespread use of LANs, there is a growing need to provide more flexibility in attaching and supporting console devices in a networked environment. Thus, system administrators do not want specialized devices, which require special communications ports (with corresponding cable length restrictions) to perform system console functions. Instead, system administrators want to utilize LAN-attached PCs or, in the more general case, network-attached devices to provide console support.
Providing console support on network-attached devices enables a wider selection in the types of devices that may be utilized and allows greater flexibility in the physical placement or location of the device. Also, network-attached devices (in the case of personal computers) are capable of running multiple console sessions (e.g., one session for each system in the network or for each logical partition in a system). However, capitalizing on the flexibility of allowing console operations from any network-attached device exposes potentially serious security issues, including:
a. restricting console functions to a particular device (i.e., a system administrator may still require that a console device be located at a particular location on the physical premises);
b. passing a user-id and associated user-id password to authenticate the console operator over an insecure network;
c. console session data passing across an insecure network un-encrypted and available to be viewed by unauthorized persons; and
d. ensuring that the integrity of the console session data is maintained (i.e., not modified) when flowing across the network.
There are some user-authentication methods being presently utilized such as described in U.S. Pat. No. 5,434,918. However, these methods focus specifically on user-to-server authentication and do not provide any solution to issues of continuing console device authentication and preserving data integrity during console operations.
The present invention thus recognizes that it would be desirable to provide a method and system for enhancing security of access to console operations from network-attached console devices. The invention recognizes that it would be desirable to enable authentication of a device to be utilized as a console device. The invention further recognizes that it would be desirable to enable secure transmission of console functions and/or sessions data to and from a network-attached device. These and other benefits are provided in the present invention.