Patent · US Active

Abstracting security policy from, and transforming to, native representations of access check mechanisms

US7882539B2 · kind B2 · utility

2Cited by

7References

9Claims

0Family size

Assignee

Microsoft Corporation · US

Inventors

Muthukrishnan Paramasivam · Seattle, US
Charles F. Rose, III · Redmond, US
Dave M. McPherson · Bothell, US
Raja Pazhanivel Perumal · Issaquah, US
Satyajit Nath · Cupertino, US
Paul J. Leach · Seattle, US
Ravindra Nath Pandya · Clyde Hill, US

Key dates

Filing date	Jun 2, 2006
Grant date	Feb 1, 2011
Priority date	—
Expiry date	May 8, 2029

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/20
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Abstracting access control policy from access check mechanisms allows for richer expression of policy, using a declarative model with semantics, than what is permitted by the access check mechanisms. Further, abstracting access control policy allows for uniform expression of policy across multiple access check mechanisms. Proof-like reasons for any access query are provided, such as who has access to what resource, built from the policy statements themselves, independent of the access check mechanism that provide access. Access is audited and policy-based reasons for access are provided based on the access control policy.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.