专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US09009777B2 Automatic role activation 有权
标题翻译：自动角色激活
公开(公告)号：US09009777B2
公开(公告)日：2015-04-14
申请号：US11565249
申请日：2006-11-30
申请人： Saurabh Desai , Niteesh Kumar Dubey , Yantian Tom Lu , Ravi A. Shankar , Murali Vaddagiri , Drew Thomas Walters , Xinya Wang
发明人： Saurabh Desai , Niteesh Kumar Dubey , Yantian Tom Lu , Ravi A. Shankar , Murali Vaddagiri , Drew Thomas Walters , Xinya Wang
IPC分类号： G06F21/00 , G06F21/30 , G06F21/62
CPC分类号： G06F21/30 , G06F21/6218
摘要： A method, apparatus, and computer usable program product for automatic activation of roles is provided. When a user initiates an action, a set of roles needed for the action is identified. A set of roles assigned to the user is also identified. From the two sets of roles, all roles that are common to both sets are identified in a subset of roles. Roles in this subset are assigned to the user and are sufficient for the action. One or more roles from this subset of roles is selected for activation depending on system policies in effect. Selected roles are automatically activated without requiring any intervention from the user. Once the selected roles are activated, they can become inactive upon completion of the current action, or remain active for subsequent actions by the user during all or part of a user session. System policies can decide how the roles are selected for activation, and the duration of which the roles remain active once activated.
摘要翻译：提供了一种用于自动激活角色的方法，设备和计算机可用程序产品。当用户发起一个动作时，确定该动作所需的一组角色。还识别分配给用户的一组角色。从两组角色中，两个集合共同的所有角色都在角色的一个子集中标识。该子集中的角色被分配给用户，并且对于该动作是足够的。根据有效的系统策略，选择此角色子集中的一个或多个角色进行激活。所选角色将自动激活，无需用户干预。一旦所选择的角色被激活，它们可以在完成当前动作时变为不活动，或者在用户会话的全部或部分期间对用户的后续动作保持活动状态。系统策略可以决定如何激活角色，激活角色保持活动的持续时间。

2. 发明申请

US20080134320A1 METHOD FOR AUTOMATIC ROLE ACTIVATION 有权
标题翻译：自动角度激活方法
公开(公告)号：US20080134320A1
公开(公告)日：2008-06-05
申请号：US11565249
申请日：2006-11-30
申请人： Saurabh Desai , Niteesh Kumar Dubey , Yantian Tom Lu , Ravi A. Shankar , Murali Vaddagiri , Drew Thomas Walters , Xinya Wang
发明人： Saurabh Desai , Niteesh Kumar Dubey , Yantian Tom Lu , Ravi A. Shankar , Murali Vaddagiri , Drew Thomas Walters , Xinya Wang
IPC分类号： H04L9/32
CPC分类号： G06F21/30 , G06F21/6218
摘要： A method, apparatus, and computer usable program product for automatic activation of roles is provided. When a user initiates an action, a set of roles needed for the action is identified. A set of roles assigned to the user is also identified. From the two sets of roles, all roles that are common to both sets are identified in a subset of roles. Roles in this subset are assigned to the user and are sufficient for the action. One or more roles from this subset of roles is selected for activation depending on system policies in effect. Selected roles are automatically activated without requiring any intervention from the user. Once the selected roles are activated, they can become inactive upon completion of the current action, or remain active for subsequent actions by the user during all or part of a user session. System policies can decide how the roles are selected for activation, and the duration of which the roles remain active once activated.
摘要翻译：提供了一种用于自动激活角色的方法，设备和计算机可用程序产品。当用户发起一个动作时，确定该动作所需的一组角色。还识别分配给用户的一组角色。从两组角色中，两个集合共同的所有角色都在角色的一个子集中标识。该子集中的角色被分配给用户，并且对于该动作是足够的。根据有效的系统策略，选择此角色子集中的一个或多个角色进行激活。所选角色将自动激活，无需用户干预。一旦所选择的角色被激活，它们可以在完成当前动作时变为不活动，或者在用户会话的全部或部分期间对用户的后续动作保持活动状态。系统策略可以决定如何激活角色，激活角色保持活动的持续时间。

3. 发明申请

US20080294592A1 FRAMEWORK FOR MANAGING ATTRIBUTES OF OBJECTS 失效
标题翻译：用于管理物体属性的框架
公开(公告)号：US20080294592A1
公开(公告)日：2008-11-27
申请号：US11751571
申请日：2007-05-21
申请人： Saurabh Desai , Niteesh Kumar Dubey , Joefon Jann , Pratap Chandra Pattnaik , Ravi A. Shankar , Murali Vaddagiri
发明人： Saurabh Desai , Niteesh Kumar Dubey , Joefon Jann , Pratap Chandra Pattnaik , Ravi A. Shankar , Murali Vaddagiri
IPC分类号： G06F17/30
CPC分类号： G06F9/468
摘要： A computer implemented method, computer program product, and system for managing objects. Responsive to receiving a find-rule method, and a path-rule table, wherein the path-rule table contains a set of paths, wherein each path references an object, wherein a file system locates the object using the path, and wherein the object has at least one attribute not known to the file system, a path-rule table identifier is created. The path-rule table is associated with the path-rule table identifier to form an associated path-rule table. The find-rule method is associated with the path-rule table identifier to form an associated find-rule method. The path-rule table identifier, the associated path-rule table, and the associated find-rule method are stored. The path-rule table identifier is returned.
摘要翻译：计算机实现的方法，计算机程序产品和用于管理对象的系统。响应于接收查找规则方法和路径规则表，其中所述路径规则表包含一组路径，其中每个路径引用对象，其中文件系统使用所述路径定位所述对象，并且其中所述对象具有文件系统不知道的至少一个属性，创建路径规则表标识符。路径规则表与路径规则表标识符相关联，以形成关联的路径规则表。 find-rule方法与路径规则表标识符相关联，以形成关联的查找规则方法。存储路径规则表标识符，相关联的路径规则表和相关联的查找规则方法。返回路径规则表标识符。

4. 发明授权

US07895435B2 Framework for managing attributes of objects 失效
标题翻译：用于管理对象属性的框架
公开(公告)号：US07895435B2
公开(公告)日：2011-02-22
申请号：US11751571
申请日：2007-05-21
申请人： Saurabh Desai , Niteesh Kumar Dubey , Joefon Jann , Pratap Chandra Pattnaik , Ravi A. Shankar , Murali Vaddagiri
发明人： Saurabh Desai , Niteesh Kumar Dubey , Joefon Jann , Pratap Chandra Pattnaik , Ravi A. Shankar , Murali Vaddagiri
IPC分类号： H04L29/06
CPC分类号： G06F9/468
摘要： A computer implemented method, computer program product, and system for managing objects. Responsive to receiving a find-rule method, and a path-rule table, wherein the path-rule table contains a set of paths, wherein each path references an object, wherein a file system locates the object using the path, and wherein the object has at least one attribute not known to the file system, a path-rule table identifier is created. The path-rule table is associated with the path-rule table identifier to form an associated path-rule table. The find-rule method is associated with the path-rule table identifier to form an associated find-rule method. The path-rule table identifier, the associated path-rule table, and the associated find-rule method are stored. The path-rule table identifier is returned.
摘要翻译：计算机实现的方法，计算机程序产品和用于管理对象的系统。响应于接收查找规则方法和路径规则表，其中所述路径规则表包含一组路径，其中每个路径引用对象，其中文件系统使用所述路径定位所述对象，并且其中所述对象具有文件系统不知道的至少一个属性，创建路径规则表标识符。路径规则表与路径规则表标识符相关联，以形成关联的路径规则表。 find-rule方法与路径规则表标识符相关联，以形成关联的查找规则方法。存储路径规则表标识符，相关联的路径规则表和相关联的查找规则方法。返回路径规则表标识符。

5. 发明授权

US08196211B2 Authorized authorization set in RBAC model 失效
标题翻译： RBAC模型中授权授权
公开(公告)号：US08196211B2
公开(公告)日：2012-06-05
申请号：US12191644
申请日：2008-08-14
申请人： Ranganathan Vidya , Murali Vaddagiri , Ravi A Shankar , Saurabh Desai
发明人： Ranganathan Vidya , Murali Vaddagiri , Ravi A Shankar , Saurabh Desai
IPC分类号： G06F21/00
CPC分类号： G06F9/468 , G06F21/62
摘要： The Authorized Authorization Set System comprising a modified operating system, a command table containing authorized authorization sets, and a modified RBAC security system, eliminates the need for inherited privileges that must be passed to subcommands in order for the command to run. The modified operating system accesses a table containing authorized authorization sets which identify the privileges for all subcommands within a command. When a user is assigned an accessauth for a command, and a sub-command is a privileged sub-command, the privileged sub-command is only run when the accessauth of the sub-command is included in the authorized authorization set of the command.
摘要翻译：授权授权集系统包括修改的操作系统，包含授权授权集的命令表和修改后的RBAC安全系统，不需要传递给子命令的继承权限，以便命令运行。修改的操作系统访问包含授权授权集的表，其中标识命令中所有子命令的权限。当用户被分配了命令的访问权限，子命令是特权子命令时，只有在命令的授权授权集合中包含子命令的访问权限时，才会运行特权子命令。

6. 发明申请

US20100043069A1 Authorized Authorization Set in RBAC Model 失效
标题翻译： RBAC模型中的授权授权集
公开(公告)号：US20100043069A1
公开(公告)日：2010-02-18
申请号：US12191644
申请日：2008-08-14
申请人： Ranganathan Vidya , Murali Vaddagiri , Ravi A. Shankar , Saurabh Desai
发明人： Ranganathan Vidya , Murali Vaddagiri , Ravi A. Shankar , Saurabh Desai
IPC分类号： G06F21/00
CPC分类号： G06F9/468 , G06F21/62
摘要： The Authorized Authorization Set System comprising a modified operating system, a command table containing authorized authorization sets, and a modified RBAC security system, eliminates the need for inherited privileges that must be passed to subcommands in order for the command to run. The modified operating system accesses a table containing authorized authorization sets which identify the privileges for all subcommands within a command. When a user is assigned an accessauth for a command, and a sub-command is a privileged sub-command, the privileged sub-command is only run when the accessauth of the sub-command is included in the authorized authorization set of the command.
摘要翻译：授权授权集系统包括修改的操作系统，包含授权授权集的命令表和修改后的RBAC安全系统，不需要传递给子命令的继承权限，以便命令运行。修改的操作系统访问包含授权授权集的表，其中标识命令中所有子命令的权限。当用户被分配了命令的访问权限，子命令是特权子命令时，只有在命令的授权授权集合中包含子命令的访问权限时，才会运行特权子命令。

7. 发明授权

US08359635B2 System and method for dynamic creation of privileges to secure system services 失效
标题翻译：用于动态创建安全系统服务权限的系统和方法
公开(公告)号：US08359635B2
公开(公告)日：2013-01-22
申请号：US12036318
申请日：2008-02-25
申请人： Saurabh Desai , Murali Vaddagiri
发明人： Saurabh Desai , Murali Vaddagiri
IPC分类号： G06F7/04 , G06F15/16 , G06F17/30 , G06F12/00 , G06F12/14 , G06F13/00 , G06F3/00 , G06F9/44 , G06F9/46 , H04L29/06 , G11C7/00
CPC分类号： G06F21/6218 , G06F9/468 , G06F21/604 , G06F21/6281
摘要： A system, method, and program product is provided that allows new privileges to be dynamically added to an operating system. Entities are assigned roles and these roles are associated with various authorizations. Authorizations are associated with privileges, including the new privilege. A request is received to dynamically add the new privilege to the operating system. The operating system then dynamically adds the new privilege to the system. A software service is installed that requires the new privilege. A request to execute the installed software service is received from an entity that is running on the operating system. The operating system allows the entity to execute the installed software service in response to determining that the entity has been granted the privilege. However, if the entity has not been granted the new privilege, then the operating system inhibits execution of the software service by the entity.
摘要翻译：提供了一种允许动态添加到操作系统的新特权的系统，方法和程序产品。实体被分配角色，这些角色与各种授权相关联。授权与权限相关联，包括新特权。收到请求以动态添加新的特权到操作系统。操作系统然后动态地将新的权限添加到系统。安装了需要新特权的软件服务。从操作系统上运行的实体接收到执行安装的软件服务的请求。操作系统允许实体响应于确定实体已被授予特权而执行安装的软件服务。但是，如果实体尚未被授予新的权限，则操作系统将禁止该实体对软件服务的执行。

8. 发明申请

US20090328129A1 Customizing Policies for Process Privilege Inheritance 有权
标题翻译：自定义进程特权继承的策略
公开(公告)号：US20090328129A1
公开(公告)日：2009-12-31
申请号：US12145745
申请日：2008-06-25
申请人： Saurabh Desai , Murali Vaddagiri
发明人： Saurabh Desai , Murali Vaddagiri
IPC分类号： G06F17/00
CPC分类号： G06F21/6209 , G06F2221/2149
摘要： An approach is provided that uses policies to determine which parental privileges are inherited by the parent's child processes. A parent software process initializes a child software process, such as by executing the child process. The parent process is associated with a first set of privileges. The inheritance policies are retrieved that correspond to the parent process. A second set of privileges is identified based on the retrieved inheritance policies, and this second set of privileges is applied to the child software process.
摘要翻译：提供了一种方法，使用策略来确定父进程的子进程继承的父权限。父软件过程初始化子软件过程，例如通过执行子进程。父进程与第一组权限相关联。检索对应于父进程的继承策略。基于所检索的继承策略来识别第二组权限，第二组权限被应用于子软件进程。

9. 发明授权

US08225372B2 Customizing policies for process privilege inheritance 有权
标题翻译：自定义进程权限继承的策略
公开(公告)号：US08225372B2
公开(公告)日：2012-07-17
申请号：US12145745
申请日：2008-06-25
申请人： Saurabh Desai , Murali Vaddagiri
发明人： Saurabh Desai , Murali Vaddagiri
IPC分类号： G06F21/00
CPC分类号： G06F21/6209 , G06F2221/2149
摘要： An approach is provided that uses policies to determine which parental privileges are inherited by the parent's child processes. A parent software process initializes a child software process, such as by executing the child process. The parent process is associated with a first set of privileges. The inheritance policies are retrieved that correspond to the parent process. A second set of privileges is identified based on the retrieved inheritance policies, and this second set of privileges is applied to the child software process.
摘要翻译：提供了一种方法，使用策略来确定父进程的子进程继承的父权限。父软件过程初始化子软件过程，例如通过执行子进程。父进程与第一组权限相关联。检索对应于父进程的继承策略。基于所检索的继承策略来识别第二组权限，第二组权限被应用于子软件进程。

10. 发明申请

US20090217371A1 SYSTEM AND METHOD FOR DYNAMIC CREATION OF PRIVILEGES TO SECURE SYSTEM SERVICES 失效
标题翻译：用于动态创建特权以确保系统服务的系统和方法
公开(公告)号：US20090217371A1
公开(公告)日：2009-08-27
申请号：US12036318
申请日：2008-02-25
申请人： Saurabh Desai , Murali Vaddagiri
发明人： Saurabh Desai , Murali Vaddagiri
IPC分类号： G06F21/22
CPC分类号： G06F21/6218 , G06F9/468 , G06F21/604 , G06F21/6281
摘要： A system, method, and program product is provided that allows new privileges to be dynamically added to an operating system. Entities are assigned roles and these roles are associated with various authorizations. Authorizations are associated with privileges, including the new privilege. A request is received to dynamically add the new privilege to the operating system. The operating system then dynamically adds the new privilege to the system. A software service is installed that requires the new privilege. A request to execute the installed software service is received from an entity that is running on the operating system. The operating system allows the entity to execute the installed software service in response to determining that the entity has been granted the privilege. However, if the entity has not been granted the new privilege, then the operating system inhibits execution of the software service by the entity.
摘要翻译：提供了一种允许动态添加到操作系统的新特权的系统，方法和程序产品。实体被分配角色，这些角色与各种授权相关联。授权与权限相关联，包括新特权。收到请求以动态添加新的特权到操作系统。操作系统然后动态地将新的权限添加到系统。安装了需要新特权的软件服务。从操作系统上运行的实体接收到执行安装的软件服务的请求。操作系统允许实体响应于确定实体已被授予特权而执行安装的软件服务。但是，如果实体尚未被授予新的权限，则操作系统将禁止该实体对软件服务的执行。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式