专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US07296235B2 Plugin architecture for extending polices 有权
标题翻译：扩展策略的插件架构
公开(公告)号：US07296235B2
公开(公告)日：2007-11-13
申请号：US10269152
申请日：2002-10-10
申请人： Shivaram Bhat , Hua Cui , Ping Luo , Dilli Dorai Minnal Arumugam , Aravindan Ranganathan
发明人： Shivaram Bhat , Hua Cui , Ping Luo , Dilli Dorai Minnal Arumugam , Aravindan Ranganathan
IPC分类号： G06F3/00
CPC分类号： G06F21/6218 , G06T11/001
摘要： An architecture for allowing extensibility to policies. The architecture has a policy component program that is able to evaluate and enforce polices. The architecture also has plugin modules for allowing a user to customize the polices. The policy component program is able to present interfaces to the user for customizing the polices. The policy component program is further able to integrate customized polices into a framework of the policy component program in response to user input that is based on the interfaces presented to the user. The presented interfaces may be for defining subjects in the policy program, defining conditions in the policy program, defining referrals in the policy program, defining resource names in the policy program, and defining how conflicts will be resolved in the policy program. The interfaces may be compliant with the JAVA programming language.
摘要翻译：允许扩展策略的架构。该架构具有能够评估和执行策略的策略组件程序。该架构还具有允许用户自定义策略的插件模块。策略组件程序能够向用户呈现用于定制策略的界面。策略组件程序还能够将定制策略集成到策略组件程序的框架中，以响应基于呈现给用户的界面的用户输入。所呈现的接口可以用于定义策略程序中的主题，在策略程序中定义条件，在策略程序中定义转介，在策略程序中定义资源名称，以及定义策略程序中的冲突如何被解决。接口可能符合JAVA编程语言。

2. 发明授权

US07594256B2 Remote interface for policy decisions governing access control 有权
标题翻译：远程接口用于管理访问控制的策略决策
公开(公告)号：US07594256B2
公开(公告)日：2009-09-22
申请号：US10608882
申请日：2003-06-26
申请人： Shivaram Bhat , Hua Cui , Ping Luo , Dilli Dorai Minnal Arumugam , Aravindan Ranganathan
发明人： Shivaram Bhat , Hua Cui , Ping Luo , Dilli Dorai Minnal Arumugam , Aravindan Ranganathan
IPC分类号： H04L9/00
CPC分类号： H04L63/102 , G06F21/6227
摘要： Methods and systems thereof for controlling access to resources are described. When a user attempts to access a resource via a remote interface such as a Web server, the request is initially evaluated by a source of policy definitions such as a policy server. This source returns a policy decision to the remote interface. The policy decision is stored in memory by the remote interface. The remote interface can then evaluate subsequent requests from the user for the resource using the stored policy decision instead of having to communicate again with the source for the policy decision. Enhancements to this approach are also described. Accordingly, policy definitions and decisions are more efficiently implemented.
摘要翻译：描述了用于控制资源访问的方法和系统。当用户尝试通过远程接口（如Web服务器）访问资源时，请求最初由策略定义的来源（如策略服务器）进行评估。该源返回到远程接口的策略决定。策略决定由远程接口存储在内存中。然后，远程接口可以使用存储的策略决定来评估来自用户对于资源的后续请求，而不必再次与策略决定的源进行通信。还描述了对该方法的增强。因此，政策定义和决策更有效地实施。

3. 发明授权

US07836510B1 Fine-grained attribute access control 有权
标题翻译：细粒度属性访问控制
公开(公告)号：US07836510B1
公开(公告)日：2010-11-16
申请号：US10836991
申请日：2004-04-30
申请人： Rajeev Angal , Qingwen Cheng , Heng-Ming Hsu , Malla Simhachalam , Dilli Dorai Minnal Arumugam
发明人： Rajeev Angal , Qingwen Cheng , Heng-Ming Hsu , Malla Simhachalam , Dilli Dorai Minnal Arumugam
IPC分类号： G06F21/22
CPC分类号： G06F21/6218
摘要： A mechanism is disclosed for enabling an attribute provider service (APS), which provides access to one or more attributes, to control access to the attributes at the attribute level. In one implementation, a request is received, which specifies a particular attribute that is desired to be accessed from an attribute repository. In response to this request, a policy that applies to the particular attribute is accessed. The policy is then processed to determine whether access to the particular attribute is to be allowed or denied. With the above mechanism, it is possible to control access to attributes at the attribute level rather than at the service level. Because access control is exercised at such a low level, an administrator can exercise much tighter and precise control over how attributes provided by an APS are accessed.
摘要翻译：公开了一种用于启用属性提供者服务（APS）的机制，其提供对一个或多个属性的访问以控制对属性级别的属性的访问。在一个实现中，接收到请求，该请求指定希望从属性存储库访问的特定属性。响应于此请求，访问适用于特定属性的策略。然后处理该策略以确定是否允许或拒绝对特定属性的访问。利用上述机制，可以控制对属性级别而不是服务级别的属性的访问。由于访问控制以如此低的水平运行，所以管理员可以对如何访问由APS提供的属性进行更严格和精确的控制。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式