Information security – Policy
Reexamination Certificate
2004-07-30
2010-02-23
LaForgia, Christian (Department: 2439)
Information security
Policy
C726S012000, C726S026000, C713S166000, C713S183000, C713S193000, C709S203000, C709S217000, C709S225000
Reexamination Certificate
active
07669226
ABSTRACT:
A method, system, and program storage device for establishing security and authorization policies for users accessing a software application, wherein the method comprises generating at least one application object group from an application object description document comprising an XML format run on a data processor; creating an authorization policy for each application object; sending a selected application object group to an access controller; and establishing access control parameters at a time of deployment of the software application for users attempting to access the selected application object group based on the authorization policy. The method further comprises specifying environmental variables for the authorization policy; changing the authorization policy by modifying a declarative specification of the environmental variables and modifying constraints defined on attributes of an application object; implementing varied classes of authorization policies using a same authorization policy classifier; and specifying the application object group using grouping parameters.
REFERENCES:
patent: 6202066 (2001-03-01), Barkley et al.
patent: 6647388 (2003-11-01), Numao et al.
patent: 7089584 (2006-08-01), Sharma
patent: 7240365 (2007-07-01), de Jong et al.
patent: 7404203 (2008-07-01), Ng
patent: 2001/0023421 (2001-09-01), Numao et al.
patent: 2002/0013862 (2002-01-01), Orchard et al.
patent: 2002/0188869 (2002-12-01), Patrick
patent: 2003/0130953 (2003-07-01), Narasimhan et al.
patent: 2004/0078577 (2004-04-01), Feng et al.
patent: 2004/0083367 (2004-04-01), Garg et al.
patent: 2004/0225893 (2004-11-01), Ng
patent: 2004/0225896 (2004-11-01), Ng
patent: 2004/0250120 (2004-12-01), Ng
Damiani, Ernesto et al. “A Fine-Grained Access Control System for XML Documents.” May 2002. ACM Transactions on Information and Systems Security. vol. 5, No. 2. p. 169-202.
Bertino, Elisa et al. “Controlled access and dissemination of XML documents” Nov. 1999. Proceedings of the 2nd international workshop on Web information and data management WIDM '99. p. 22-27.
Bertino, Elia et al. “On specifying security policies for Web Documents with an XML-based language.” May 3-4, 2001. SACMAT '01. p. 57-65.
Serge Abiteboul, Sophie Cluet, Tova Milo, Victor Vianu, “Active Views for Electronic Commerce”, Mar. 16, 1998, pp. 1-25.
Nathan N. Vuong, Geoffrey S. Smith, Yi Deng, Managing Security Policies in a Distributed Environment Using eXtensible Markup Language (XML), 2001, pp. 405-411.
Julien Vayssière, “Security and Meta Programming in Java”, pp. 1-5.
Tony Sintes, “Using XML for Dynamic Configuration”, Jul. 2000, pp. 1-7, Dr. Dobb's Journal, XML and Software Configuration.
John Boyer, “An XML-based Forms Language for E-Commerce”, Dec. 1999, pp. 1-7, Dr. Dobb's Journal, XFDL: The Extensible Forms Description Language.
Manfred Hauswirth, Clemens Kerer, Roman Kurmanowytsch, “A Secure Execution Framework for Java”, 2000, pp. 43-52.
Hashii, et al., “Supporting Reconfigurable Security policies for Mobile Programs,” Computer Networks 33, 2000, pp. 77-93.
Burt, et al., “Model Driven Security: Unification of Authorization Models for Fine-Grain Access Control,” Proceedings of the Seventh IEEE International, Enterprise Distributed Object Computing Conference, Sep. 16-19, 2003, pp. 1-13 .
Bhide Manish A.
Gupta Rajeev
Gibb I.P. Law Firm LLC
International Business Machines - Corporation
LaForgia Christian
LandOfFree
Generic declarative authorization scheme for Java does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Generic declarative authorization scheme for Java, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Generic declarative authorization scheme for Java will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4214274