Device and method for controlling access to resources
First Claim
1. Method for controlling access by a requester (7) to resources (2d) in a computer system (1) in which the requester is assigned one or more roles based on an access control list that defines the conditions for obtaining a right to a resource, characterized in that it consists of restricting the resources accessible for a given role to only part of the resources, by means of a validity domain of the role.
3 Assignments
0 Petitions
Accused Products
Abstract
The present invention relates to a method for controlling access by a requestor (7) to resources (2d) in a computer system (1), consisting of defining roles that overlay one or more privileges and representing the requestor'"'"'s authorization to perform specific tasks, of storing the defined roles in storage means (10, 12), and of storing an access control list that defines the conditions for obtaining a right to a resource type, i.e., a configured permission, in terms of privileges in said means (10, 12).
The present invention also relates to the device for implementing said method.
66 Citations
10 Claims
- 1. Method for controlling access by a requester (7) to resources (2d) in a computer system (1) in which the requester is assigned one or more roles based on an access control list that defines the conditions for obtaining a right to a resource, characterized in that it consists of restricting the resources accessible for a given role to only part of the resources, by means of a validity domain of the role.
-
8. Device for controlling access by a requester to resources (2d) in a computer system (1), characterized in that it comprises a management machine (2a) comprising an access control service, the RAC (6), and means for storing (10) roles, access control lists and validity domains
Specification