Electrical computers and digital processing systems: multicomput – Computer-to-computer session/connection establishing – Network resources access controlling
Reexamination Certificate
1999-06-11
2003-04-01
Lee, Thomas (Department: 2154)
Electrical computers and digital processing systems: multicomput
Computer-to-computer session/connection establishing
Network resources access controlling
C709S223000, C709S225000, C709S226000, C707S793000
Reexamination Certificate
active
06542932
ABSTRACT:
COPYRIGHTS IN PATENT MATERIAL
Portions of this patent document contain material subject to copyright restriction. The copyright owner has no objection to facsimile reproduction of the patent document after grant, as it appears in the U.S. Patent and Trademark Office files or records, but otherwise reserves all rights relating thereto.
TECHNICAL FIELD
This invention relates to apparatus, methods and computer program products used in recording status in and granting access to a computer logging system.
BACKGROUND OF THE INVENTION
At present, a computer network user has access to certain objects in a management information tree (MIT). Availability of these objects to a given user can be controlled through access control. However, notification of all object and object changes from the management information system (MIS) are recorded into any available log in the system. Thus, even a user that has access to only a limited number of objects in the MIT is made aware of the state of other objects to which the user has no access. Any given log will unrestrictedly record events from objects in the MIT, once an object appears in the MIS. In some situations, this approach is undesirable, or even unacceptable.
A network manager may need flexibility in configuring the system to restrict the access to, or knowledge of, a given object, for a user or a class of users. The manager may also need the flexibility to change the restrictions on access and knowledge applied to a given user from time to time, based on “need to know”, changing project requirements, and the assumption or relinquishment of new or old responsibilities.
SUMMARY OF THE INVENTION
These needs are met by the invention, which associates with each log a list of one or more “owners”, users who have access to that log. When an event notification is received, a set of access control rules determines whether a given user has access to the portion of the log where that event information would be placed. This information is recorded in the user's log if and only if the user's name is on a list associated with that information. Access control rules are extended to a log, based on the nature of the information recorded in that log. Restriction of user access to a log, as opposed to grant of unlimited access to the log, is controlled by one or more parameters entered at a secure central station.
REFERENCES:
patent: 4760572 (1988-07-01), Tomikawa
patent: 5446878 (1995-08-01), Royal
patent: 5903898 (1999-05-01), Cohen et al.
patent: 6199106 (2001-03-01), Shaw et al.
patent: 6292827 (2001-09-01), Raz
Angal Rajeev
Brinnand John P.
Pagadala Balaji V.
Hu Jinsong
Kivlin B. Noäl
Lee Thomas
Meyertons Hood Kivlin Kowert & Goetzel P.C.
Sun Microsystems Inc.
LandOfFree
Domain access control for logging systems does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Domain access control for logging systems, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Domain access control for logging systems will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3059808