Access control subsystem and method for distributed computer sys

Cryptography – Particular algorithmic function encoding – Nbs/des algorithm

Patent

Rate now

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Details

380 4, 380 23, 380 49, 380 50, 34082531, 34082534, H04L 932

Patent

active

051739399

ABSTRACT:
A distributed computer system has a number of computers coupled thereto at distinct nodes and a naming service with a membership table that defines a list of assumptions concerning which principals in the system are stronger than other principals, and which roles adopted by principals are stronger than other roles. Each object in the system has an access control list (ACL) having a list of entries. Each entry is either a simple principal or a compound principal. The set of allowed compound principals is limited to a predefined set of allowed combinations of simple principals, roles, delegations and conjunctions in accordance with a defined hierarchical ordering of the conjunction, delegation and role portions of each compound principal. The assumptions in the membership table reduce the number of entries needed in an ACL by allowing an entry to state only the weakest principals and roles that are to be allowed access. The reference checking process, handled by a reference monitor found at each node of the distributed system, grants an access request if the requestor is stronger than any one of the entries in the access control list for the resource requested. Furthermore, one entry is stronger than another entry if for each of the conjuncts in the latter entry there is a stronger conjunct in the former. Additional rules used by the reference monitor during the reference checking process govern the processes of comparing conjuncts in a requestor principal with the conjuncts in an access control list entry and of using assumptions to compare the relative strengths of principals and roles.

REFERENCES:
patent: 3245045 (1966-04-01), Randlev
patent: 4100534 (1978-07-01), Shifflet, Jr.
patent: 4218690 (1980-08-01), Ulch et al.
patent: 4532507 (1985-07-01), Edson et al.
patent: 4651279 (1987-03-01), Suzuki
patent: 4799258 (1989-01-01), Davies

LandOfFree

Say what you really think

Search LandOfFree.com for the USA inventors and patents. Rate them and share your experience with other people.

Rating

Access control subsystem and method for distributed computer sys does not yet have a rating. At this time, there are no reviews or comments for this patent.

If you have personal experience with Access control subsystem and method for distributed computer sys, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Access control subsystem and method for distributed computer sys will most certainly appreciate the feedback.

Rate now

     

Profile ID: LFUS-PAI-O-978903

  Search
All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.