Registers – Coded record sensors – Particular sensor structure
Patent
1992-12-02
1993-11-23
Cosimano, Edward R.
Registers
Coded record sensors
Particular sensor structure
235382, 364DIG1, 3642865, G06F 1520
Patent
active
052652211
ABSTRACT:
An access control mechanism for granting, revoking, and denying authorization to computer system objects using a customer supplied set of verbs, parameters, attributes, and functions. The access control mechanism employs a processor for providing access controls to objects comprising subject memory, verb memory, object memory, definition memory, rule memory and an evaluator. The processor may be embodied as a microprocessor and memory, or a computer using software. The subject memory stores specified user attributes in a matrix having information for each user on each row, with user attributes in each field. The object memory stores object names, object attributes, and rules for defined verb names. The definition memory stores field definitions, external function declarations and strings. The rule memory stores rule names with their associated boolean expressions. The evaluator determines whether or not access to a specific object is allowed according to specified or default rules, user and object attributes, and definitions. While the term "Discretionary Access Control" is used throughout this document, the mechanism described herein can be used to implement discretionary, mandatory, and nonOdiscretionary (Clark-Wilson) security models.
REFERENCES:
patent: 4621321 (1986-11-01), Boebert et al.
patent: 4701840 (1987-10-01), Boebert et al.
patent: 5127099 (1992-06-01), Zifferer et al.
patent: 5163147 (1992-11-01), Orita
patent: 5202997 (1993-04-01), Arato
1972; G. S. Graham and P. J. Denning; "Protection-Principles and Practice".
1976; P. P. Griffins and B. W. Wade; "An Authorization Mechanism for a Relational Database System".
1982; R. D. Graubart and J. P. L. Woodward; "A Preliminary Naval Surveillance DBMS Security Model".
Aug. 1984; C. E. Landwehr, C. L. Heitmyer and J. McLean; "A Security Model for Military Message Systems"; AMC Transactions on Computer Systems, vol. 2 No. 3, pp. 198-222.
Dec. 1985; U.S. Dep. of Defense; "Trusted Computer System Evaluation Criteria".
1986; "Handbook of EDP Auditing"; Ch. 32, pp. 532-01 through 532-66.
May 1986; National Computer Security Center; "Final Evaluation Report of Control Data Corporation Network Operating System Security Evaluation Package".
Aug. 1986; Datapro Research Corporation; "The Use of Access Control in a Computer System".
Sep. 1986; Datapro Research Corporation; "How to Select Host Access Control Software."
Sep. 9, 1986; National Computer Security Center; "Final Evaluation Report of Computer Associates, International CA-ACF 2/VM"; Release 3.1.
Sep. 30, 1987; National Computer Security Center; "A Guide to Understanding Discretionary Access Control in Trusted Systems."
Jan. 1988; Datapro Research Corporation; "Computer Associates International, Inc. CA-ACF2".
Jan. 25, 1988; Jack Stoller; "Introduction to CA-ACF2".
Feb. 1988; Datapro Research Corporation; "Case Study: Implementing RACF at Puget Power."
Mar. 1988; DataPro Research Corporation; "CA-Top Secret."
Apr. 1988; Datapro Research Corporation; "All About Host Access Control Software."
Jun. 1988; T. F. Lunt; "Access Control Policies: Some Unanswered Questions."
Aug. 1988; T. L. Lunt; P. G. Neumann and D. Denning, R. Schell, M. Heckman and W. R. Shockley; "Secure Distributed Data Views."
Nov. 6, 1988; D. V. Miller and T. F. Lunt; "Enforcing Site-Specified Discretionary Policies in a General Purpose System."
1989; T. F. Lunt; "Access Control Policies for Database Systems."
Feb. 1, 1989; T. F. Lunt, D. Denning, R. Schell, M. Heckman and W. R. Shockley; "The Seaview Formal Security Policy Model."
P. Rougeau and E. D. Sturms; "The Sybase Secure Dataserver; A Solution to the multiple Secure DBMS Problem."
Cosimano Edward R.
Tandem Computers
LandOfFree
Access restriction facility method and apparatus does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Access restriction facility method and apparatus, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Access restriction facility method and apparatus will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-1856723