会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 1. 发明授权
    • Database authorization rules and component logic authorization rules aggregation
    • 数据库授权规则和组件逻辑授权规则聚合
    • US09160752B2
    • 2015-10-13
    • US11848405
    • 2007-08-31
    • German S. GoldszmidtDah-Haur H. LinAnthony J. NadalinNataraj NagaratnamIndrajit Poddar
    • German S. GoldszmidtDah-Haur H. LinAnthony J. NadalinNataraj NagaratnamIndrajit Poddar
    • H04L29/06G06F21/62
    • H04L63/105G06F21/6227
    • Embodiments of the present invention provide a method, system and computer program product for aggregating database and component logic authorization rules in a multi-tier application. In an embodiment of the invention, a method for aggregating database and component logic authorization rules in a multi-tier application system can include aggregating role-based authorization rules for both a persistence layer and a logic layer of a multi-tier application in a unified policy, distributing the unified policy to both the persistence layer and the logic layer of the multi-tier application, transforming the unified policy into respectively a set of role based permissions for the persistence layer and a set of role based permissions for the logic layer, and applying the set of role based permissions for the persistence layer in the persistence layer, and the set of role based permissions for the logic layer in the logic layer of the multi-tier application.
    • 本发明的实施例提供了一种用于在多层应用中聚合数据库和组件逻辑授权规则的方法,系统和计算机程序产品。 在本发明的一个实施例中,用于在多层应用系统中聚合数据库和组件逻辑授权规则的方法可以包括为统一的多层应用的持久层和逻辑层聚合基于角色的授权规则 策略,将统一策略分发到多层应用的持久层和逻辑层,将统一策略分为一组基于角色的持久层权限和逻辑层的一组基于角色的权限, 并在持久层中为持久层应用一组基于角色的权限,以及在多层应用程序的逻辑层中逻辑层的基于角色的权限集合。
    • 2. 发明申请
    • DECLARATIVE INSTANCE BASED ACCESS CONTROL FOR APPLICATION RESOURCES WITH PERSISTED ATTRIBUTES AND STATE
    • 具有相关属性和状态的应用资源的基于事件的基于实例的访问控制
    • US20090183184A1
    • 2009-07-16
    • US12013867
    • 2008-01-14
    • Anthony J. NadalinNataraj NagaratnamIndrajit Poddar
    • Anthony J. NadalinNataraj NagaratnamIndrajit Poddar
    • G06F9/54
    • G06F9/4435G06F9/4493
    • Embodiments of the present invention provide a method, system and computer program product for declarative instance based access control for persistent application resources in a multi-tier application. In one embodiment of the invention, a method for instance based access control in a persistent application resource can be provided. The method can include creating one or more instances of an persistent application resource for a particular user or based on attributes of the user, coupling the instance(s) of the persistent application resource to a database implementing row-level access control, initializing access to the database according to a role or attribute for the particular user, and accessing a restricted set of data in the database through the instance(s) of the persistent application resource.
    • 本发明的实施例提供了一种用于在多层应用中用于持久应用资源的基于声明性实例的访问控制的方法,系统和计算机程序产品。 在本发明的一个实施例中,可以提供用于持久应用资源中的基于实例的访问控制的方法。 该方法可以包括为特定用户创建持久性应用资源的一个或多个实例,或者基于用户的属性,将持久应用资源的实例耦合到实现行级访问控制的数据库,初始化对 数据库根据特定用户的角色或属性,以及通过持久性应用程序资源的实例访问数据库中受限制的一组数据。
    • 3. 发明授权
    • Declarative instance based access control for application resources with persisted attributes and state
    • 具有持久属性和状态的应用程序资源的基于声明性实例的访问控制
    • US09292305B2
    • 2016-03-22
    • US12013867
    • 2008-01-14
    • Indrajit PoddarAnthony J. NadalinNataraj Nagaratnam
    • Indrajit PoddarAnthony J. NadalinNataraj Nagaratnam
    • G06F9/44
    • G06F9/4435G06F9/4493
    • Embodiments of the present invention provide a method, system and computer program product for declarative instance based access control for persistent application resources in a multi-tier application. In one embodiment of the invention, a method for instance based access control in a persistent application resource can be provided. The method can include creating one or more instances of an persistent application resource for a particular user or based on attributes of the user, coupling the instance(s) of the persistent application resource to a database implementing row-level access control, initializing access to the database according to a role or attribute for the particular user, and accessing a restricted set of data in the database through the instance(s) of the persistent application resource.
    • 本发明的实施例提供了一种用于在多层应用中用于持久应用资源的基于声明性实例的访问控制的方法,系统和计算机程序产品。 在本发明的一个实施例中,可以提供用于持久应用资源中的基于实例的访问控制的方法。 该方法可以包括为特定用户创建持久性应用资源的一个或多个实例,或者基于用户的属性,将持久应用资源的实例耦合到实现行级访问控制的数据库,初始化对 数据库根据特定用户的角色或属性,以及通过持久性应用程序资源的实例访问数据库中受限制的一组数据。
    • 6. 发明授权
    • Federating policies from multiple policy providers
    • 联合政策来自多个政策提供者
    • US08683545B2
    • 2014-03-25
    • US12192769
    • 2008-08-15
    • Anthony J. NadalinNataraj NagaratnamSridhar R. Muppidi
    • Anthony J. NadalinNataraj NagaratnamSridhar R. Muppidi
    • G06F21/00
    • H04L63/102H04L63/20
    • One aspect of the present invention can include a system, a method, a computer program product and an apparatus for federating policies from multiple policy providers. The aspect can identify a set of distinct policy providers, each maintaining at least one policy related to a service or a resource. A federated policy exchange service can be established that has a policy provider plug-in for each of the distinct policy providers. The federated policy exchange service can receive requests for policies from a set of policy requesters. Each request can include a resource_id or a service_id used to uniquely identify the service or resource. The federated policy exchange service can dynamically connect to a set of the policy providers to determine policies applicable to each request. For each request, results from the policy providers can be received and processed to generate a response. The federated policy exchange service can provide the response to each policy requestor responsive in response to each response.
    • 本发明的一个方面可以包括系统,方法,计算机程序产品和用于从多个策略提供者联合策略的装置。 该方面可以识别一组不同的策略提供者,每个策略提供者保持至少一个与服务或资源相关的策略。 可以建立联合的策略交换服务,其具有针对每个不同策略提供者的策略提供者插件。 联合策略交换服务可以从一组策略请求者接收到策略请求。 每个请求可以包括用于唯一标识服务或资源的resource_id或service_id。 联合策略交换服务可以动态地连接到一组策略提供者,以确定适用于每个请求的策略。 对于每个请求,可以接收和处理策略提供者的结果以产生响应。 联合策略交换服务可以响应于每个响应来响应每个策略请求者。