Paul Arthur Fronberg

US Patent:

7266688, Sep 4, 2007

Filed:

Jan 14, 2003

Appl. No.:

10/342567

Inventors:

Paul A. Fronberg - Redwood City CA, US

Assignee:

Sun Microsystems, Inc. - Santa Clara CA

International Classification:

H04L 9/00
G06F 17/30

US Classification:

713164, 713165, 713189, 726 16

Abstract:

Methods and systems thereof for providing security of information in a computer system are described. The information is received in the user space defined according to the operating system executed by the computer system. An encode system call is used to copy the information to the kernel space defined according to the operating system. The information may also be encrypted in response to the encode system call. The information can then be cleared from user space. A decode system call causes the information to be returned to user space. If the information is encrypted, the information is also decoded in response to the decode system call. As a result, the amount of time that the information is accessible outside of kernel space is reduced.

US Patent:

57745510, Jun 30, 1998

Filed:

Aug 7, 1995

Appl. No.:

8/499487

Inventors:

Tajen R. Wu - Fremont CA
William A. Shannon - Los Altos CA
Paul Fronberg - Redwood City CA
Donald R. Stephenson - Pleasanton CA
Vipin Samar - Cupertino CA

Assignee:

Sun Microsystems, Inc. - Mountain View CA

International Classification:

H04L 932

US Classification:

380 25

Abstract:

A system and method provide transparent access from any system entry service to multiple account management services, and particularly to multiple authentication services on a computer system, supporting unified login and logout. Transparency between system entry services and account management services, including authentication, password, account, and session services, is provided by an application programming interface and a configuration file. The configuration file stores associations between system entry services, and selected account management services, and allows an individual system entry service to be associated with multiple different ones of a given type of account management service, such as authentication services. The application programming interface determines dynamically in response to a request by a system entry service for an account management operation, such as authentication of a user, which account management service is associated with the system entry service by reading the configuration file and queuing pathnames stored therein of the account management services associated with the system entry service currently connecting user to the system. The application programming interface then invokes the queued pathnames for the desired operation.