1. Technical Field of the Invention
This invention relates to client/server and similar systems, such as in a TCP/IP or internet environment. In particular, this invention relates to the use of CRC hashing to generate compressed object identified for authorizing client or work station gateway access to server objects.
2. Background Art
Software applications in a client/server or Internet system may require that a local object, such as a data or print file, be uniquely identified as belonging to a particular remote user in order to validate a request from such a remote user to access that object to read, modify or delete it. Using user names (or profile names, or logon names, etc.) is not suitable for that purpose, since user, for example, JSTEVENS on a remote system may not necessarily be the same person as user JSTEVENS on the local system.
Similarly, built-in object security or other system authorization schemes useful for validating requests by local users for access to local objects cannot easily be used for identification or validation purposes of remote users or requesters. Such systems typically require that the user provide both a user name and a password. Using this approach, remote users have been identified as authorized to access a local TCP/IP protocol application by requiring that the remote user send both a user name and password that is known to the local system. These user names and passwords must be stored on the local system.
Further, a software application may tag each local object with a tag used to identify those users authorized to access the object. Typically, the local or remote user must provide a signature that matches the tag in order to access the object. In order to protect objects which are not to be shared, the user signature must not match the signature of any other remote or local user.
In an "open" system, it is desirable that such an object tag be a publicly visible property of the object. This avoids the need to use built-in object security or do other system authorization checking. Built-in object security is normally in contradiction to "open" design. That is, proprietary security mechanisms are generally platform dependent, which defeats the open design objective of creating client/server applications that can interact while the client and server may each be running on a different platform. If the platforms are different, then the built-in security may be different, and to account for all cases of security protocols for the various platforms defeats important objectives of "openness". There is, therefore, a need in the art for a method to tag an object through publicly visible properties, such as file name and profile or other such descriptive properties that can or will be communicated by a remote user in a request to access a local object. There is, also, a need in the art for a tagging protocol that will work within existing communication protocols, that is compliant with existing standards based applications such that the protocol is transparent to the client, where the client need not have knowledge of or specifically participate in the authorization mechanism employed (such as by communicating keys or passwords), and that requires no changes to the many different existing client applications available on many various platforms.
In one important client/server open application, a text field for an operating system definition of a spool file is restricted to a maximum of 10 bytes. There is a need for that text field to contain a unique tag for a user identified by both a TCP/IP address of sixteen bytes and a user profile of ten bytes. In order to preserve the "openness" aspect of that client/server application, whatever is done by the server to accommodate the 10 byte limitation must be transparent to the client. Consequently, there is a need in the art for a client/server system protocol for compressing user identification information into a substantially secure and unique tag in a manner which is transparent to the client.
It is an object of the invention to provide a system for identifying objects with a user unique, compressed tag.
It is a further object of the invention to provide such a user unique, compressed tag in a manner which is transparent to the user.
It is a further object of the invention to provide such a user unique, compressed tag from publicly available information.