Access restriction facility method and apparatus
US5265221A · kind A · utility
Assignee
Inventor
Key dates
| Filing date | Dec 2, 1992 |
| Grant date | Nov 23, 1993 |
| Priority date | — |
| Expiry date | Dec 2, 2012 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/2145
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
An access control mechanism for granting, revoking, and denying authorization to computer system objects using a customer supplied set of verbs, parameters, attributes, and functions. The access control mechanism employs a processor for providing access controls to objects comprising subject memory, verb memory, object memory, definition memory, rule memory and an evaluator. The processor may be embodied as a microprocessor and memory, or a computer using software. The subject memory stores specified user attributes in a matrix having information for each user on each row, with user attributes in each field. The object memory stores object names, object attributes, and rules for defined verb names. The definition memory stores field definitions, external function declarations and strings. The rule memory stores rule names with their associated boolean expressions. The evaluator determines whether or not access to a specific object is allowed according to specified or default rules, user and object attributes, and definitions. While the term "Discretionary Access Control" is used throughout this document, the mechanism described herein can be used to implement discretionary, mandato…
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.