System and method for controlling access to data entities in a computer network
US5941947A · kind A · utility
Assignee
Inventors
Key dates
| Filing date | Aug 18, 1995 |
| Grant date | Aug 24, 1999 |
| Priority date | — |
| Expiry date | Aug 18, 2015 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/2141
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Access rights of users of a computer network with respect to data entities are specified by a relational database stored on one or more security servers. Application servers on the network that provide user access to the data entities generate queries to the relational database in order to obtain access rights lists of specific users. An access rights cache on each application server caches the access rights lists of the users that are connected to the respective application server, so that user access rights to specific data entities can rapidly be determined. Each user-specific access rights list includes a series of category identifiers plus a series of access rights values. The category identifiers specify categories of data entities to which the user has access, and the access rights values specify privilege levels of the users with respect to the corresponding data entity categories. The privilege levels are converted into specific access capabilities by application programs running on the application servers.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.