Information security – Access control or authentication – Network
Reexamination Certificate
2009-01-05
2010-12-14
Revak, Christopher A (Department: 2431)
Information security
Access control or authentication
Network
C726S001000, C726S002000, C726S003000, C726S017000, C726S023000, C726S026000, C726S030000, C726S015000, C714S047300, C709S224000, C709S225000, C709S229000, C709S226000, C713S168000, C713S152000, C713S152000, C713S167000, C707S793000, C705S007380
Reexamination Certificate
active
07853993
ABSTRACT:
A facility for performing an access control check as an integral component of an operating system and utilizing a centralized policy store is provided. The facility executes as an integral part of an operating system executing on a computer and receives an authorization query to determine whether a principal has authorization to access a resource. The facility applies a policy maintained in a centralized policy store that is applicable to the principal to determine whether authorization exists to access the resource. If authorization does not exist, the facility denies the authorization query and records an indication of the denial of the authorization in an audit log. The facility may trigger events based on the auditing of authorization queries. The facility may also record an indication of authorization to access the resource in the audit log. The facility may additionally determine whether the authorization query is a request for authorization to perform an inherently dangerous operation, and record an indication of an authorization to perform the inherently dangerous operation in the audit log.
REFERENCES:
patent: 5974549 (1999-10-01), Golan
patent: 6647388 (2003-11-01), Numao et al.
patent: 7013332 (2006-03-01), Friedel et al.
patent: 7080077 (2006-07-01), Ramamurthy et al.
patent: 7231661 (2007-06-01), Villavicencio et al.
patent: 2002/0099952 (2002-07-01), Lambert et al.
patent: 2003/0023873 (2003-01-01), Ben-Itzhak
patent: 2003/0159070 (2003-08-01), Mayer et al.
patent: 2004/0010519 (2004-01-01), Sinn et al.
patent: 2004/0128537 (2004-07-01), Zurko et al.
patent: 2005/0177724 (2005-08-01), Ali et al.
patent: 2006/0075469 (2006-04-01), Vayman
patent: 1 071 017 (2001-01-01), None
“Audit-Failed Logon Attempts by Undefined User Accounts,” IBM Technical Disclosure Bulletin, IBM Corporation, vol. 37, No. 6A, Jun. 1, 1994.
European Search Report, European Patent Application No. 05 10 8532, Aug. 18, 2006.
Microsoft Corporation
Perkins Coie LLP
Revak Christopher A
Wright Bryan
LandOfFree
Integrated access authorization does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Integrated access authorization, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Integrated access authorization will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4232882