专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US06064656A Distributed system and method for controlling access control to network resources 失效
标题翻译：用于控制对网络资源的访问控制的分布式系统和方法
公开(公告)号：US06064656A
公开(公告)日：2000-05-16
申请号：US962089
申请日：1997-10-31
申请人： Rajeev Angal , Sai V. S. Allavarpu , Shivaram Bhat , Bart Lee Fisher , Ping Luo
发明人： Rajeev Angal , Sai V. S. Allavarpu , Shivaram Bhat , Bart Lee Fisher , Ping Luo
IPC分类号： G06F13/00 , G06F1/00 , G06F12/14 , G06F21/00 , H04L29/06 , H04L12/28
CPC分类号： H04L63/102 , G06F21/6218 , H04L29/06 , H04L63/105 , H04L63/20 , G06F12/1483 , H04L67/42
摘要： An access control database defines access rights through the use of access control objects. The access control objects include group objects, each defining a group and a set of users who are members of the group, and rule objects. Some of the rule objects each specify a set of the group objects, a set of the management objects, and access rights by the users who are members of the groups defined by the specified set of the group objects to the specified set of management objects. A plurality of access control servers are used to process access requests. Each access control server controls access to a distinct subset of the management objects in accordance with the access rights specified in the access control database. At least one of the access control servers receives access requests from the users and distributes the received access requests among the access control servers for processing. A subset of the access requests specify operations to be performed on specified sets of the management objects. Each of these access requests is sent for processing to one or more of the access control servers in accordance with the management objects to which access is being requested. The access control servers responding to the access requests from the users by granting, denying and partially granting and denying the access requested in each access request in accordance with the access rights specified in the access control database.
摘要翻译：访问控制数据库通过使用访问控制对象来定义访问权限。访问控制对象包括组对象，每个对象定义组和一组作为组成员的用户以及规则对象。一些规则对象每个都指定一组组对象，一组管理对象，以及由指定的组对象定义的组的成员的用户到指定的一组管理对象的访问权限。多个访问控制服务器用于处理访问请求。每个访问控制服务器根据访问控制数据库中指定的访问权限来控制对管理对象的不同子集的访问。访问控制服务器中的至少一个接收来自用户的访问请求，并且在接入控制服务器之间分配所接收的访问请求以进行处理。访问请求的子集指定要对指定的管理对象集执行的操作。根据正在请求访问的管理对象，将这些访问请求中的每一个发送到一个或多个访问控制服务器进行处理。访问控制服务器根据访问控制数据库中指定的访问权限，授予，拒绝和部分授予和拒绝在每个访问请求中请求的访问来响应来自用户的访问请求。

2. 发明授权

US06212511B1 Distributed system and method for providing SQL access to management information in a secure distributed network 失效
标题翻译：用于在安全分布式网络中提供SQL访问管理信息的分布式系统和方法
公开(公告)号：US06212511B1
公开(公告)日：2001-04-03
申请号：US08962092
申请日：1997-10-31
申请人： Bart Lee Fisher , Rajeev Angal , Sai V. S. Allavarpu
发明人： Bart Lee Fisher , Rajeev Angal , Sai V. S. Allavarpu
IPC分类号： G06F1730
CPC分类号： H04L41/28 , G06F1/00 , G06F21/6227 , H04L41/024 , H04L63/101 , Y10S707/99931
摘要： An access control database defines access rights through the use of access control objects. The access control objects include group objects, each defining a group and a set of users who are members of the group, and rule objects. A first subset of the rule objects each specify a set of the group objects, a set of the management objects, and access rights by the users who are members of the groups defined by the specified set of the group objects to the specified set of management objects. The access control server responds to the access requests from the users by granting, denying and partially granting and denying the access requested in each access request in accordance with the access rights specified in the access control database. A database management system receives management information from the network and stores that information in a set of database tables. A database access privileges module stores table access rights information corresponding to at least a subset of the access rights stored in access control database. A database access engine receives user requests for management information stored in the database tables. It limits user access to the management information stored in the database tables in accordance with the table access rights information stored in the database access privileges module.
摘要翻译：访问控制数据库通过使用访问控制对象来定义访问权限。访问控制对象包括组对象，每个对象定义组和一组作为组成员的用户以及规则对象。规则对象的第一个子集每个都指定一组组对象，一组管理对象，以及由指定的组对象定义的组的成员的用户到指定的一组管理的访问权限对象访问控制服务器根据访问控制数据库中指定的访问权限，通过授予，拒绝和部分授予和拒绝在每个访问请求中请求的访问来响应来自用户的访问请求。数据库管理系统从网络接收管理信息，并将该信息存储在一组数据库表中。数据库访问权限模块存储对应于访问控制数据库中存储的访问权限的至少一个子集的表访问权限信息。数据库访问引擎接收用户对存储在数据库表中的管理信息的请求。它根据存储在数据库访问权限模块中的表访问权限信息限制用户对存储在数据库表中的管理信息的访问。

3. 发明授权

US5999978A Distributed system and method for controlling access to network resources and event notifications 失效
标题翻译：用于控制对网络资源和事件通知的访问的分布式系统和方法
公开(公告)号：US5999978A
公开(公告)日：1999-12-07
申请号：US962090
申请日：1997-10-31
申请人： Rajeev Angal , Sai V.S. Allavarpu , Shivaram Bhat , Bart Lee Fisher
发明人： Rajeev Angal , Sai V.S. Allavarpu , Shivaram Bhat , Bart Lee Fisher
IPC分类号： G06F13/00 , G06F1/00 , G06F12/14 , G06F21/00 , G06F13/38 , G06F15/17
CPC分类号： H04L63/105 , G06F21/305 , G06F21/604 , G06F21/6218 , H04L41/28 , G06F12/1483 , G06F2221/2101 , G06F2221/2141 , G06F2221/2145 , Y10S707/99939
摘要： An access control database defines access rights through the use of access control objects. The access control objects include group objects, each defining a group and a set of users who are members of the group, and rule objects. A first subset of the rule objects each specify a set of the group objects, a set of the management objects, and access rights by the users who are members of the groups defined by the specified set of the group objects to the specified set of management objects. The access control server responds to the access requests from the users by granting, denying and partially granting and denying the access requested in each access request in accordance with the access rights specified in the access control database. A second subset of the rule objects in the access control database each specify user access rights to event notifications generated by the specified set of management objects. An event registry is used for registering event notification requests by users, each event notification request specifying event notifications from specified sets of the management objects that are being requested. An event router receives event notifications generated by the management objects. It responds to each event notification by sending corresponding event notification messages to users who have registered a corresponding event notification request with the event registry and also have access rights to the received event notification in accordance with the access rights specified in the access control database.
摘要翻译：访问控制数据库通过使用访问控制对象来定义访问权限。访问控制对象包括组对象，每个对象定义组和一组作为组成员的用户以及规则对象。规则对象的第一个子集每个都指定一组组对象，一组管理对象，以及由指定的组对象定义的组的成员的用户到指定的一组管理的访问权限对象访问控制服务器根据访问控制数据库中指定的访问权限，通过授予，拒绝和部分授予和拒绝在每个访问请求中请求的访问来响应来自用户的访问请求。访问控制数据库中的规则对象的第二个子集每个都指定由指定的一组管理对象生成的事件通知的用户访问权限。事件注册表用于注册用户的事件通知请求，每个事件通知请求指定正在请求的管理对象的指定集合的事件通知。事件路由器接收管理对象生成的事件通知。它通过向已经向事件注册表注册了相应事件通知请求的用户发送相应的事件通知消息来响应每个事件通知，并且还根据访问控制数据库中指定的访问权限对接收的事件通知具有访问权限。

4. 发明授权

US6038563A System and method for restricting database access to managed object information using a permissions table that specifies access rights corresponding to user access rights to the managed objects 失效
标题翻译：使用指定与受管对象的用户访问权限相对应的访问权限的权限表来限制对托管对象信息的数据库访问的系统和方法
公开(公告)号：US6038563A
公开(公告)日：2000-03-14
申请号：US47907
申请日：1998-03-25
申请人： Subodh Bapat , Bart Lee Fisher
发明人： Subodh Bapat , Bart Lee Fisher
IPC分类号： G06F15/177 , G06F1/00 , G06F12/00 , G06F13/00 , G06F21/62 , H04L12/24 , H04L29/06 , G06F17/00
CPC分类号： H04L41/28 , G06F1/00 , G06F21/6227 , H04L41/024 , H04L63/101 , G06F2221/2141 , G06F2221/2145 , Y10S707/99932 , Y10S707/99936 , Y10S707/99938 , Y10S707/99939 , Y10S707/99942 , Y10S707/99953
摘要： An access control database has access control objects that collectively store information that specifies access rights by users to specified sets of the managed objects. The specified access rights include access rights to obtain management information from the network. An access control server provides users access to the managed objects in accordance with the access rights specified by the access control database. An information transfer mechanism sends management information from the network to a database management system (DBMS) for storage in a set of database tables. Each database table stores management information for a corresponding class of managed objects. An access control procedure limits access to the management information stored in the database tables using at least one permissions table. A permissions table defines a subset of rows in the database tables that are accessible to at least one of the users. The set of database table rows that are accessible corresponds to the managed object access rights specified by the access control database. A user access request to access management information in the database is intercepted, and the access control procedure is invoked when the user access request is a select statement. The database access engine accesses information in the set of database tables using the permissions tables such that each user is allowed access only to management information in the set of database tables that the user would be allowed by the access control database to access.
摘要翻译：访问控制数据库具有访问控制对象，其共同地存储指定用户对指定的被管理对象集的访问权限的信息。指定的访问权限包括从网络获取管理信息的访问权限。访问控制服务器根据访问控制数据库指定的访问权限向用户提供对受管对象的访问。信息传递机制将管理信息从网络发送到数据库管理系统（DBMS），用于存储在一组数据库表中。每个数据库表存储相应类别的被管理对象的管理信息。访问控制过程使用至少一个权限表限制对存储在数据库表中的管理信息的访问。权限表定义数据库表中至少有一个用户可访问的行的子集。可访问的数据库表行集合对应于访问控制数据库指定的受管对象访问权限。截取访问数据库中管理信息的用户访问请求，当用户访问请求为select语句时，调用访问控制过程。数据库访问引擎使用权限表访问数据库表中的信息，以便允许每个用户仅访问用户将被访问控制数据库访问的数据库表中的管理信息。

5. 发明授权

US6085191A System and method for providing database access control in a secure distributed network 失效
标题翻译：在安全分布式网络中提供数据库访问控制的系统和方法
公开(公告)号：US6085191A
公开(公告)日：2000-07-04
申请号：US47906
申请日：1998-03-25
申请人： Bart Lee Fisher , Subodh Bapat
发明人： Bart Lee Fisher , Subodh Bapat
IPC分类号： G06F17/30 , G06F1/00 , G06F21/00 , H04L12/24 , H04L29/06
CPC分类号： H04L41/28 , G06F1/00 , G06F21/6227 , H04L41/024 , H04L63/101 , Y10S707/955 , Y10S707/959 , Y10S707/966 , Y10S707/99931 , Y10S707/99939
摘要： An access control database has access control objects that collectively store information that specifies access rights by users to specified sets of the managed objects. The specified access rights include access rights to obtain management information from the network. An access control server provides users access to the managed objects in accordance with the access rights specified by the access control database. An information transfer mechanism sends management information from the network to a database management system (DBMS) for storage in a set of database tables. Each database table stores management information for a corresponding class of managed objects. A set of views limits access to the management information stored in the database tables. Each view defines a subset of rows in the database tables that are accessible when using this view. The set of database table rows that are accessible when using each view in the set corresponds to the managed object access rights specified by the access control database for at least one the users. A view access control means specifies which views in the set of views are useable by specified ones of the users. The database access engine accesses information in the set of database tables using the set of views such that each user is allowed access only to management information in the set of database tables that the user would be allowed by the access control database to access.
摘要翻译：访问控制数据库具有访问控制对象，其共同地存储指定用户对指定的被管理对象集的访问权限的信息。指定的访问权限包括从网络获取管理信息的访问权限。访问控制服务器根据访问控制数据库指定的访问权限向用户提供对受管对象的访问。信息传递机制将管理信息从网络发送到数据库管理系统（DBMS），用于存储在一组数据库表中。每个数据库表存储相应类别的被管理对象的管理信息。一组视图限制对存储在数据库表中的管理信息的访问。每个视图定义数据库表中使用此视图时可访问的行的子集。在集合中使用每个视图时可访问的数据库表行集对应于至少一个用户由访问控制数据库指定的受管对象访问权限。视图访问控制装置指定该组视图中的哪些视图可被指定的用户使用。数据库访问引擎使用一组视图访问数据库表中的信息，使得每个用户被允许仅访问用户将被访问控制数据库访问的数据库表中的管理信息。

6. 发明授权

US06236996B1 System and method for restricting database access to managed object information using a permissions table that specifies access rights to the managed objects 有权
标题翻译：使用指定对受管对象的访问权限的权限表来限制对托管对象信息的数据库访问的系统和方法
公开(公告)号：US06236996B1
公开(公告)日：2001-05-22
申请号：US09465672
申请日：1999-12-16
申请人： Subodh Bapat , Bart Lee Fisher
发明人： Subodh Bapat , Bart Lee Fisher
IPC分类号： G06F1700
CPC分类号： H04L41/28 , G06F1/00 , G06F21/6227 , G06F2221/2141 , G06F2221/2145 , H04L41/024 , H04L63/101 , Y10S707/99932 , Y10S707/99936 , Y10S707/99938 , Y10S707/99939 , Y10S707/99942 , Y10S707/99953
摘要： An access control database has access control objects that collectively store information that specifies access rights by users to specified sets of the managed objects. The specified access rights include access rights to obtain management information from the network. An access control server provides users access to the managed objects in accordance with the access rights specified by the access control database. An information transfer mechanism sends management information from the network to a database management system (DBMS) for storage in a set of database tables. Each database table stores management information for a corresponding class of managed objects. An access control procedure limits access to the management information stored in the database tables using at least one permissions table. A permissions table defines a subset of rows in the database tables that are accessible to at least one of the users. The set of database table rows that are accessible corresponds to the managed object access rights specified by the access control database. A user access request to access management information in the database is intercepted, and the access control procedure is invoked when the user access request is a select statement. The database access engine accesses information in the set of database tables using the permissions tables such that each user is allowed access only to management information in the set of database tables that the user would be allowed by the access control database to access.
摘要翻译：访问控制数据库具有访问控制对象，其共同地存储指定用户对指定的被管理对象集的访问权限的信息。指定的访问权限包括从网络获取管理信息的访问权限。访问控制服务器根据访问控制数据库指定的访问权限向用户提供对受管对象的访问。信息传递机制将管理信息从网络发送到数据库管理系统（DBMS），用于存储在一组数据库表中。每个数据库表存储相应类别的被管理对象的管理信息。访问控制过程使用至少一个权限表限制对存储在数据库表中的管理信息的访问。权限表定义数据库表中至少有一个用户可访问的行的子集。可访问的数据库表行集合对应于访问控制数据库指定的受管对象访问权限。截取访问数据库中管理信息的用户访问请求，当用户访问请求为select语句时，调用访问控制过程。数据库访问引擎使用权限表访问数据库表中的信息，以便允许每个用户仅访问用户将被访问控制数据库允许访问的数据库表中的管理信息。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式