Jimmy J. Wright

Bio: Jimmy J. Wright is an academic researcher from Novell. The author has contributed to research in topics: Message authentication code & Message broker. The author has an hindex of 1, co-authored 1 publications receiving 36 citations.

Method and apparatus for calculating message signatures in advance

Abstract: The present invention provides an improved method and apparatus for authenticating message packets to prevent forgery thereof. A server processes a client request and generates a response message. A message signature, which is generated using the session key and the message itself, is appended to the message to create an appended message. The server sends the appended message to the client. At the same time that the server works on the client request, the client predicts the response message and calculates a predicted message signature based on the session key and the predicted message. After receiving the appended message, the client strips the message signature from the appended message and compares it to the predicted message signature. If the two signatures match, the received message packet is authenticated.

Method and system for access to automatically synchronized remote files

Abstract: A method and system for the simple, fast, and effective maintenance of consistent data files across a multiplicity of computer systems, which functionality is useful in collaborative work, effective backup, and disaster recovery. Consistency is maintained using secure file storage remote from any number of clients the files on which are automatically synchronized consuming minimal network bandwidth. Automated bi-directional “one-click” synchronization is implemented via a method that is neutral with respect to platform, operating system, firewall, and network configuration. The software product based on the invented method has the substantial advantage of installation, setup, and operation all without intervention by system administrators.

Simple, secure login with multiple authentication providers

Abstract: A secure distributed single-login authentication system comprises a client and a server. The client collects a user name and password from a user and tests that user name and password at a variety of potential authentication servers to check where the login is valid. It combines the password with a time varying salt and a service specific seed in a message digesting hash and generates a first hash value. The client sends the hash value along with the user name and the time varying salt to a currently selected server. The server extracts the user name and looks up an entry under the user name from the selected server's database. If an entry is found, it retrieves the password and performs the same hash function on the combination of the user name, the service specific seed, and the retrieved password to generate a second hash value. Then, it compares two hash values. If these two values match, the user is authenticated. In this way, the system never sufficiently reveals the password to authentication agents that might abuse the information.

Authority delegation with secure operating system queues

Abstract: Methods, systems, and devices are provided for delegating security rights to Java servlets and other executable tasks by using secure operating system queues In particular embodiments, the invention allows secure loading of Java servlets on a Novell NetWare server The invention allows users to run servlets from various locations with the same rights, namely, the user's rights The servlet submitted by a given user runs in the context of that user's rights A system according to the invention verifies that the user has the right to submit the task to a given task queue; the queue is managed by the system, and the user is authenticated to the system Queue servers which receive tasks from the queue and service them by executing the tasks are likewise authenticated by the system When a queue server attempts to service a task in a queue, the system verifies that the queue server has rights to service that queue and that job This two way verification—that a user has rights to submit the task, and that the queue server has rights to service the task—allows the user and the queue server to establish a trusted relationship using the operating system's trusted queues Moreover, existing user rights databases and access control systems can be used to determine and enforce rights and trust levels

A method for packet authentication in the presence of network address translations and protocol conversions

Abstract: For achieving packet authentication according to an applicable security policy between a sending node (903) and a receiving node (902) in a network, the following steps are taken: the transformations occurring to a packet en route between the sending node and the receiving node are discovered dynamically (1003, 1004), the discovered transformations are checked (1004) to be acceptable based on the applicable security policy, and the dynamically discovered, acceptable transformations are compensated for (1004, 1006) before authenticating packets transmitted from the sending node to the receiving node.