Data processing: database and file management or data structures – Database design – Data structure types
Reexamination Certificate
2007-05-08
2007-05-08
Wassum, Luke S. (Department: 2167)
Data processing: database and file management or data structures
Database design
Data structure types
Reexamination Certificate
active
10245610
ABSTRACT:
An automated technique implemented in a computer system for selecting one or more resources on which a principal is authorized to perform at least one action comprises the following steps/operations. First, one or more authorization policies that apply to a given principal are selected. Then, the one or more authorization policies are transformed based on meta-information associated with the one or more resources so as to form a query against a resource store that selects the one or more resources on which the one or more authorization policies allow the given principal to perform the at least one action. The query may then be executed to select the one or more resources from the resource store. In another automated technique, the query may be formed without use of the one or more authorization policies, but where the policies are used to remove unauthorized resources from the superset of resources returned as a result of query execution. The techniques may return no resources on which the user is allowed to perform an action, if, for example, no such resources are stored in the resource store. Also, it may also be that no authorization policy applies to the user.
REFERENCES:
patent: 6014666 (2000-01-01), Helland et al.
patent: 6055637 (2000-04-01), Hudson et al.
patent: 6161139 (2000-12-01), Win et al.
patent: 6202066 (2001-03-01), Barkley et al.
patent: 6237036 (2001-05-01), Ueno et al.
patent: 6311269 (2001-10-01), Luckenbaugh et al.
patent: 6389589 (2002-05-01), Mishra et al.
patent: 6487552 (2002-11-01), Lei et al.
patent: 6516317 (2003-02-01), Samar et al.
patent: 6578037 (2003-06-01), Wong et al.
patent: 6587854 (2003-07-01), Guthrie et al.
patent: 6591265 (2003-07-01), Erickson et al.
patent: 6631371 (2003-10-01), Lei et al.
patent: 6745332 (2004-06-01), Wong et al.
patent: 6928427 (2005-08-01), Rajasekaran et al.
patent: 2002/0178271 (2002-11-01), Graham et al.
patent: 2003/0014394 (2003-01-01), Fujiwara et al.
patent: 2003/0229623 (2003-12-01), Chang et al.
patent: 2003/0236781 (2003-12-01), Lei et al.
patent: 2003/0236782 (2003-12-01), Wong et al.
patent: 2004/0003132 (2004-01-01), Stanley et al.
patent: 2004/0139043 (2004-07-01), Lei et al.
patent: 2005/0038783 (2005-02-01), Lei et al.
Giuri, L. and P. Iglio “Role Templates for Content-Based Access Control” , Proceedings of the 2ndACM Workshop on Role-Based Access Control, 1997, pp. 153-159.
IBM “Creating a Successful Business-to-Business e-Marketplace”, white paper, Oct. 2000.
IBM “What's New in Version 5.1”, technical publication, 2000.
IBM “IBM WebSphere Commerce Suite, Marketplace Edition”, product brochure, Jan. 2001.
IBM IBM WebSphere™ Commerce Suite Version for AIX Marketplace Edition 4.2 Reference Guide, Feb. 2001, pp. 1-10 and 52-55.
Jones, T. “Making the Transition to 5.1 is a Big Step, but the Functionality You'll Gain is Worth the Pain”, WebSphere Advisor, Apr. 2001, pp. 23-26.
IBM WebSphere™ Commerce Suite Marketplace Edition Version 4.2 Getting Started Guide, Apr. 2001.
IBM WebSphere Commerce Suite Version 4.1 Marketplace Edition Marketplace Administrator's Guide, May 2001.
IBM “IBM WebSphere™ Commerce Suite Marketplace Edition Version 4.2 Administrator's Guide”, May 2001.
Goodwin, R., S.F. Goh and F.Y. Wu “Instance-Level Access Control for Business-to-Business Electronic Commerce”, IBM Systems Journal, vol. 41, No. 2, 2002.
IBM “WebSphere Commerce Version Profiles and Prerequisites”, downloaded from www-306.ibm.com/software/genservers/commerce/servers/versions.html, Sep. 22, 2004.
IBM “WebSphere Commerce Access Control Policies”, help pages, undated, downloaded Mar. 3, 2005.
Lunt, T.F. et al. “The SeaView Security Model”, IEEE Transactions on Software Engineering, vol. 16, No. 6, Jun. 1990, pp. 593-606.
Castano, S., M. Fugini, G. Martella and P. Samarati “Database Security”, ACM Press, 1994, ISBN 0-201-59375-0; QA76.9.D314S55 1994; Chapter 2, pp. 39-142.
Davidson, M.A. “Creating Virtual Private Databases with Oracle8i”, Oracle Magazine, Jul. 1999.
Ferraiolo, D.F., J.F. Barkley and D.R. Kuhn “A Role-Based Access Control Model and Reference Implementation Within a Corporate Intranet”, ACM Transactions on Information and System Security, vol. 2, No. 1, Feb. 1999, pp. 34-64.
Sandhu, R.S., E.J. Coyne, H.L. Feinstein and C.E. Youman “Role-Based Access Control Models”, IEEE Computer, Feb. 1996, pp. 38-47.
Didriksen, T. “Rule-Based Database Access Control”, Proceedings of the 2ndACM Workshop on Role-Based Access Control, 1997, pp. 143-151.
Kyte, T. “Fine Grained Access Control (aka DBMS RLS)”, Oracle Magazine, Jun. 1999, downloaded from govt.oracle.com/˜tkyte/article2/.
Lupu, E.C. and M. Sloman “Conflicts in Policy-Based Distributed System Management”, IEEE Transactions on Software Engineering, vol. 25, No. 6, Nov./Dec. 1999, pp. 852-869.
Bird, P. “Implementing Low Level Access Control With DB2 UDB”, The IDUG Solutions Journal, vol. 7, No. 3, Winter 2000.
Bonatti, P.A., E. Damiani, S. De Capitani di Vemercati and P. Samarati “A Component-Based Architecture for Secure Data Publication”, Proceedings of the 17th Annual Computer Security Applications Conference, Dec. 10-14, 2001, pp. 309-318.
Jaeger, T., X. Zhang and A. Edwards “Policy Management Using Access Control Spaces”, ACM Transactions on Information and System Security, vol. 6, No. 3, Aug. 2003, pp. 327-364.
Gao, L. “A Toolkit for Automated Fine-Grained Access Control Policy Enforcement un Oracle 9i”, MS Thesis, North Carolina State University, Department of Computer Science, Aug. 2004.
Oracle “Oracle Virtual Private Database: An Oracle Database 10g Release 2 White Paper”, Jun. 2005.
U.S. Appl. No. 09/624,399, filed Jul. 24, 2000, “Instance Level Access Control Based on Instance Relative Roles”.
R. Goodwin et al., “Instance-Level Access Control for Business-to-Business Electronic Commerce,” IBM Systems Journal, vol. 41, No. 2, 2002.
Dougherty Anne V.
International Business Machines - Corporation
Ryan & Mason & Lewis, LLP
Wassum Luke S.
LandOfFree
Methods and apparatus for pre-filtered access control in... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Methods and apparatus for pre-filtered access control in..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Methods and apparatus for pre-filtered access control in... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3798558