N/A
N/A
The present invention relates to computer network security techniques and more particularly to a method and system for granting an applicant the right of access to a computer resource without disclosing intelligible information to the applicant regarding the group having access to the resource.
In computer systems and networks, including client-server systems, the need to control access to various services and resources is well understood and most systems employ techniques for assuring that applicants seeking to use available resources and services are authorized to use the same. Security precautions are taken within most computer networks to maintain the integrity of data within the network and to assure that the privacy of sensitive information is maintained. By way of example, it may be desirable to allow only individuals possessing sufficient rights to access and/or modify particular files, access certain directories, create and/or view directory structures, read specific web pages, etc. There are advantages and disadvantages associated with the use of different techniques for controlling access to available computer resources. In some computer systems, group membership lists are employed to determine whether an applicant that requests a service, or access to a computer resource, has the right of access to the respective service or resource. Each such list may include the identification of one or more members that have access to the specified service or resource. Upon receipt of a request from a user or process (collectively referred to herein as an applicant) associated with a client of a client/server system, the recipient of the request (typically a server) determines whether the applicant is a member of a group having the right to perform the requested operation. If the applicant has the right to perform the specified operation, the operation proceeds. If the applicant is not authorized, i.e. is not a member of the group having a right of access, access to the resource is denied or the operation is aborted, as applicable.
Servers which maintain group membership lists can be prone to denial of service attacks from malicious users. More particularly, a malicious user may repetitively request that a target server delete a file under one or more user names though the malicious user knows that insufficient access rights exist. The server, in such a circumstance, in response to each request, verifies that the user is authorized to obtain access to the resource. This verification may involve the comparison of the user to a group membership list maintained on a different membership server. As a consequence, the target server must forward an inquiry message to the membership server and await a response from that server. This process utilizes server and network resources and can introduce considerable latency in the determination of whether the user is authorized to obtain the requested service. Alternatively, the target server may maintain group membership lists and may compare the user identifier to the members listed on the group membership lists for groups having the right of access to the specified resource. The analysis of each request and the denial of service in response to each request from the malicious user also utilizes server resources. In either event, the intentional repetitive forwarding of requests to a server which will be denied service by a malicious user can utilize significant server bandwidth and can degrade or disrupt server operation.
Some systems are designed in a manner to avoid the need for the target server to make the determination of whether the applicant has sufficient rights to obtain access to the relevant service or resource. More particularly, in some systems the applicant associated with a client forwards a request for service to a target server, and the target server, in response, requires that the applicant prove membership in a group having sufficient rights to obtain the requested service. Typically, the request from the target server to the applicant or client, in such a circumstance, includes an identification of one or more groups including members authorized to obtain the requested service. Upon submission of proof of membership in one of the specified groups, the applicant is provided access to the resource or the specified operation is performed. The proof may be in the form of a certificate signed by a trusted party certifying membership in one of the specified groups having the right of access to the resource or via a similar message from the client to the server.
In systems in which security is a significant concern, it may be desirable not to provide the applicant with intelligible information regarding the identification of groups having access to specific resources since such information may be employed by a malicious user in an attempt to attack the system. For example, if a user transmits a request to a server to delete a file, in response, the server may forward a request to the user to prove membership in the xe2x80x9cAdminxe2x80x9dgroup. Such may provide the user with the knowledge that if he can impersonate any member of the xe2x80x9cAdminxe2x80x9dgroup, he will be able to perform the specified deletion and possibly other deletion operations.
Rather than providing descriptive information in response to a request for service, the server may respond by requesting proof of membership in a group bearing a name which does not include descriptive content regarding group membership (i.e. xe2x80x9cGroup 251, Subgroup 75xe2x80x9d). However, if different users attempt to delete a file and they receive a request for proof of membership in the same group in response, information may be deduced regarding the group having access rights. Similarly, if an applicant requests service from different servers and requests for proof of membership in the same group are received in response, such may also provide the applicant with information which can be used by a malicious user in determining how to circumvent security mechanisms within the system.
Cryptographic techniques such as public key cryptography and symmetric key cryptography techniques are well known and have been applied to provide secure transmission of information from one user or computer within a network to another user or computer within the network. Additionally, cryptography techniques have been applied to provide a means for digitally signing messages to verify the authenticity of the sender of a message. Such techniques are well known and explained, for example, in a book published by Prentice Hall and titled Network Security, Private Communication in a Public World authored by Charlie Kaufman, Radia Perlman and Mike Speciner. Heretofore, however, cryptography techniques have not been applied to the problems discussed above.
For the reasons set forth above, it is desirable to provide a system and method for requiring an applicant for a resource in a client-server system to prove membership within a group having the right of access to the resource without providing to the applicant intelligible information regarding group membership.
A method and system is disclosed which permits an applicant associated with a client to obtain access to a service or resource available from or through an application server. In a preferred embodiment, the applicant is required to prove membership within a group having the requisite privileges to obtain access to the service or resource without receipt of intelligible information from the application server regarding the identification of the group or groups having access privileges. In response to a request for service provided by the applicant to the application server, the application server transmits an encrypted message to the client which includes an identification of the group or groups having a right of access to the service requested by the client. In a preferred embodiment, the group identification is combined with an random or varying extension prior to encryption to form an extended group identifier. An identification of a group membership server that maintains group membership information may also be transmitted along with the encrypted message in the event that multiple group membership servers are employed within the system. The identification of the group membership server is transmitted to the client by the application server in unencrypted form. Each group membership server maintains an encryption key, which may comprise the public key of a public key pair or a symmetric key. In the circumstance where the group membership server maintains a public key pair, the application server encrypts the group identification (or the group identifying information combined with the extension) with the public key of the group membership server. Upon receipt of the encrypted group identifier or the encrypted extended group identifier, as applicable, the client forwards to a default group membership server, or the group membership server identified by the application server, a request for proof that the applicant is a member of the group specified in the encrypted identifier. The group membership server receives the request from the client, decrypts the encrypted group identifier or the encrypted extended group identifier, as applicable, with the appropriate decryption key and, in a preferred embodiment, determines whether the applicant is a member of the specified group. If the applicant is a member of the specified group, the group membership server prepares a certificate, or other form of proof, which indicates that the client is a member of the relevant group. The group membership server encrypts the certificate or proof with an encryption key that can be decrypted by the application server and returns the encrypted certificate to the client. Upon receipt of the encrypted certificate, the client forwards the same to the application server. The application server then decrypts the certificate and determines whether the client is a member of the group having access to the originally requested service. In the event the application server maintains a public key pair, the group membership server may encrypt the certificate using the public key of the application server and the application server may decrypt the certificate using the application server private key. Alternatively, a symmetric key may be employed to encrypt and decrypt the certificate. In the above-described manner, intelligible information regarding the identification of the group having access to the requested service is not provided to the client while requiring the client to provide proof that it is authorized to obtain access to the requested resource. Other forms, features and variations of the above-described method and system are described with particularity below.