Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

Protecting DCE/400 Distributed Time Service Shared Data by User Index

IP.com Disclosure Number: IPCOM000116667D
Original Publication Date: 1995-Oct-01
Included in the Prior Art Database: 2005-Mar-31
Document File: 2 page(s) / 69K

Publishing Venue

IBM

Related People

Metwalli, I: AUTHOR [+2]

Abstract

There is a requirement for DCE/400 Distributed Time Service (DTS) clients to have read only access to DTS date and time data. In the existing AS/400* Common Programming Architecture (CPA), that is the interface for DCE/400 to access system services, the Shared-Memory, if made readable, is also writeable. Shared-Memory is the mechanism used by DCE/400 DTS to store its internal Date and time data. Hence, applications calling the DTS Application Programming Interface (APIs) have WRITE ACCESS to DTS internal data and not READ ONLY ACCESS.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 52% of the total text.

Protecting DCE/400 Distributed Time Service Shared Data by User Index

      There is a requirement for DCE/400 Distributed Time Service
(DTS) clients to have read only access to DTS date and time data.  In
the existing AS/400* Common Programming Architecture (CPA), that is
the interface for DCE/400 to access system services, the
Shared-Memory, if made readable, is also writeable.  Shared-Memory is
the mechanism used by DCE/400 DTS to store its internal Date and time
data.  Hence, applications calling the DTS Application Programming
Interface (APIs) have WRITE ACCESS to DTS internal data and not READ
ONLY ACCESS.

      Current Open Software Foundation (OSF) DTS, which is the base
code for DCE/400 DTS, depends on Shared-Memory system services to
access its own Date and Time data.  The current implementation of
these Shared-Memory services, by the AS/400 Common Programming
Architecture (CPA) code, doesn't provide the proper security
protection for DTS critical Date and Time data.  In other words,
users using DTS APIs can easily have write access to DTS Date and
Time data and change it.

      The DCE/400 DTS implementation can be altered such that shared
memory is not the mechanism for storing DTS data.  The AS/400 User
Index feature is used to provide the accessibility together with the
security needed for DTS internal data.  User Index is a permanent
external AS/400 object which stores data in a randomly accessible
manner.

      AS/400 User Indices may be made readable universally but
writeable only by the creator.  To make a user index writeable by the
creator and read only universally, it is created with authority *USE.
Anyone other than the creator or security officer who n...