Cryptography – Particular algorithmic function encoding – Nbs/des algorithm
Patent
1991-10-28
1992-12-22
Gregory, Bernarr E.
Cryptography
Particular algorithmic function encoding
Nbs/des algorithm
380 4, 380 23, 380 49, 380 50, 34082531, 34082534, H04L 932
Patent
active
051739399
ABSTRACT:
A distributed computer system has a number of computers coupled thereto at distinct nodes and a naming service with a membership table that defines a list of assumptions concerning which principals in the system are stronger than other principals, and which roles adopted by principals are stronger than other roles. Each object in the system has an access control list (ACL) having a list of entries. Each entry is either a simple principal or a compound principal. The set of allowed compound principals is limited to a predefined set of allowed combinations of simple principals, roles, delegations and conjunctions in accordance with a defined hierarchical ordering of the conjunction, delegation and role portions of each compound principal. The assumptions in the membership table reduce the number of entries needed in an ACL by allowing an entry to state only the weakest principals and roles that are to be allowed access. The reference checking process, handled by a reference monitor found at each node of the distributed system, grants an access request if the requestor is stronger than any one of the entries in the access control list for the resource requested. Furthermore, one entry is stronger than another entry if for each of the conjuncts in the latter entry there is a stronger conjunct in the former. Additional rules used by the reference monitor during the reference checking process govern the processes of comparing conjuncts in a requestor principal with the conjuncts in an access control list entry and of using assumptions to compare the relative strengths of principals and roles.
REFERENCES:
patent: 3245045 (1966-04-01), Randlev
patent: 4100534 (1978-07-01), Shifflet, Jr.
patent: 4218690 (1980-08-01), Ulch et al.
patent: 4532507 (1985-07-01), Edson et al.
patent: 4651279 (1987-03-01), Suzuki
patent: 4799258 (1989-01-01), Davies
Abadi Martin
Burrows Michael
Wobber Edward P.
Digital Equipment Corporation
Gregory Bernarr E.
LandOfFree
Access control subsystem and method for distributed computer sys does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Access control subsystem and method for distributed computer sys, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Access control subsystem and method for distributed computer sys will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-978903