Distributed system and method for controlling access control to network resources

Assignee

• Sun Microsystems Inc. · US

Inventors

• Rajeev Angal · Santa Clara, US
• Sai V. Allavarpu · Pleasanton, US
• Shivaram Bhat · Sunnyvale, US
• Bart Lee Fisher · Sunnyvale, US
• Ping Luo · Sha Tin, CN

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F12/1483
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

An access control database defines access rights through the use of access control objects. The access control objects include group objects, each defining a group and a set of users who are members of the group, and rule objects. Some of the rule objects each specify a set of the group objects, a set of the management objects, and access rights by the users who are members of the groups defined by the specified set of the group objects to the specified set of management objects. A plurality of access control servers are used to process access requests. Each access control server controls access to a distinct subset of the management objects in accordance with the access rights specified in the access control database. At least one of the access control servers receives access requests from the users and distributes the received access requests among the access control servers for processing. A subset of the access requests specify operations to be performed on specified sets of the management objects. Each of these access requests is sent for processing to one or more of the access control servers in accordance with the management objects to which access is being requested. The ac…