Data processing: database and file management or data structures – Database design – Data structure types
Reexamination Certificate
2001-04-05
2004-07-20
Vu, Kim (Department: 2172)
Data processing: database and file management or data structures
Database design
Data structure types
C707S793000, C707S793000, C707S793000, C707S793000, C713S165000, C713S167000
Reexamination Certificate
active
06766314
ABSTRACT:
FIELD OF THE INVENTION
The present invention relates generally to a technique for controlling access to file system resources using externally stored attributes. More specifically this invention describes a technique in which an externally stored attribute, such as an authorization security policy, uses a file system identifier to determine access to a file system resource associated to that file system identifier.
BACKGROUND OF THE INVENTION
File systems, in operating system environments, such as UNIX, have evolved into complex implementations with many features. These file systems present a hierarchical tree view of a file name space and support large amounts of data and numbers of objects at very high performance levels. Yet, one characteristic that has changed little is the authorization security models of these file systems. The fundamental problem is that, on operating systems such as UNIX, LINIX and even to some degree WINDOWS, the degree to which the native file systems do not support robust security models. For example, with UNIX, the security of an individual file may be specified is fairly limited in coarse grain. A user and a group owns the file. In this model, file access is based on a set of “mode” bits that grant permissions based on the file object's owning user and group. Some file systems support a more robust security model based on access control lists (ACLs) where more security is placed on a file to enable control of various users' access to files. The problem with this approach is that these models are very different across different versions of operating systems. This inconsistency leads to another problem that each system requires individual and separate administration of each system and each system requires a separate set of administration methods. When viewing the Information Technology (“IT”) infrastructures of large corporations and other entities, there is a growing need for stronger more granular security controls in file systems. This need is driven by large-scale commercial usage of these file systems, data sharing with Internet based applications, an increased focus on IT security, and the desire to control IT administration costs. From an IT cost perspective, there is a need to have enhanced security in an efficient way. This objective leads itself to being able to define the security rules and procedures centrally for all of an entity's systems that could be accessed so that there would be a central point of administration, control and verification of rules. The IT structures of today need better security and a more efficient way to implement the security. An efficient way to do that is to provide a file system security model that can be applied uniformly across a large number of systems using a centrally managed set of policies that is administered identically regardless of the target file system implementation or hardware platform.
Ideally, it would be desirable to add extended attributes describing properties such as authorization policy to the file system object's attributes. However, file systems, such as UNIX, are typically byte stream oriented and do not support mechanisms to add attributes beyond the classic UNIX attributes which are typically the object's owner, size, modification and access times, and mode bits.
A set of techniques is needed which allows unique identification of an accessed resource regardless of way in which it was accessed. In addition, the techniques must allow the specification of attributes in terms of an object's common path name in a manner that maps to the same unique file system resource regardless of the representation used at access time. These techniques should be efficient so they impose minimal impact the file system's native performance characteristics. They must allow for quick recognition and processing of attached attributes at access time. They must also accommodate changes in defined attributes and object changes in the file systems to which they are applied.
SUMMARY OF THE INVENTION
It is an objective of the present invention to provide a method for controlling access to named objects in a file system.
It is a second objective of the present invention to provide a method for associating external attributes defining authorization policy to named objects in a file system.
It is a third objective of the present invention to recognize the existence of an associated external file system authorization policy and provide for the evaluation and enforcement of that policy at the time of access to a file system object.
It is a fourth objective of the present invention to provide for the association, recognition, and processing of external attributes utilizing file system object file identifiers.
It is a fifth objective of the present invention to provide a means for the generation of object file identifiers when the native operating system for a particular file system does not provide these identifiers.
It is sixth objective of the present invention to allow for the processing of the externally defined policy by a resource manager based on associations to the original file name without requiring the resource manager to have knowledge of the underlying association and recognition techniques that utilize file identifiers (FIDs).
This invention describes a method for file system security through techniques that control access to the file system resources using externally stored attributes. This invention accomplishes the described objectives in file system security by creating an external database containing auxiliary attributes for objects in the file system. This solution incorporates techniques and algorithms for attribute attachment, storage and organization of the associations to these attributes, and subsequent recognition of attached attributes. In this approach, the attributes would define authorization policy for controlling access to objects in the file system. Such a solution would require techniques for associating the defined policy with file system objects, detecting accesses to the objects, locating the appropriate attributes at access time, and then processing the attributes to produce an access decision for granting or denying access to the accessed resource.
Administratively, the most convenient technique for defining authorization rules for a file system object is to associate the attributes with the object's fully qualified common name. This common name is also known as the path name to the file. UNIX file systems, for example, provide a hierarchical name space for constructing object names. For example, a file called mydata might have a fully qualified path of /home/john_doe/data_files/mydata. This path is the most recognizable representation of the object and the most convenient description for an administrator to use when defining new attributes for the object. Therefore the technique for associating (or attaching) attributes should support using the object's fully qualified pathname.
Recognizing and locating externally defined attributes for a file system object at the time of object access poses significant technical challenges. Accesses occur through a set of available programming Application Programming Interfaces (“APIs”) that provide several ways to identify the object being accessed. For many APIs, the name of the object is provided. However, this name is often not the full path name starting from the top or “root” of the file hierarchy. Instead, the name is relative to a “current directory” that is tracked for the calling application by the native operation system. UNIX file systems also commonly contain support for creating alternate names to an object using symbolic or hard links. This provides alias names to the same object. A symbolic link might allow /home/john_doe/data_files/mydata to be accessed as /u/jdoes_data/mydata. These variations make it difficult to locate the externally defined attributes using the provided name at the time of access. There are also APIs that do not take a pathname as input. Instead they take an int
International Business Machines - Corporation
LaBaw Jeffrey L.
Pham Hung
Vu Kim
Walker Darcell
LandOfFree
Method for attachment and recognition of external... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method for attachment and recognition of external..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method for attachment and recognition of external... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3205851