| 摘要 |
In one embodiment, methods and apparatus for an operator of a console to authenticate to a system of heterogeneous computers by logging in only once to a representative computer or "core". After logging in, the operator acquires a session certificate (e.g., an X.509-based certificate), allowing the operator to prove identity and group membership information to other nodes on a network. The core, before signing session certificates, embeds data in an extended data area of the certificates. The extended data includes the operator's username and groups to which the operator belongs, and possibly other information such operator context (or domain). The username, group membership, and other extended data is based on the namespace of the core computer, and other devices on the network need not belong to that namespace or even use the same network operating system. Manageable devices can authenticate and authorize access to themselves based on the extended data submitted to them by the bearer of a session certificate. Authenticity and ownership of the certificate is verified using standard public key cryptosystem methods. In some embodiments, manageable devices verify operator authorization by cross-referencing operator identity and group membership information in the certificate with an appropriate access control list (or equivalent data structure). In some embodiments, manageable devices are pre-configured to trust at least one core by giving it the public key of the core, and the core can direct the manageable device to trust other cores.
|
