File access control in a multi-protocol file server
First Claim
1. A method of operating a file server, said method including steps for identifying a first file on said file server with a first security style selected from among a plurality of security styles;
- and enforcing said first security style for all accesses to said first file.
0 Assignments
0 Petitions
Accused Products
Abstract
The invention provides a method and system for enforcing file access control among client devices using multiple diverse access control models and multiple diverse file server protocols. A multi-protocol file server identifies each file with one particular access control model out of a plurality of possible models, and enforces that one particular model for all accesses to that file. When the file server receives a file server request for that file using a different access control model, the file server translates the access control limits for that file into no-less-restrictive limits in the different model. The file server restricts access by the client device using the translated access control limits. Each file is assigned the access control model of the user who created the file or who last set access control limits for the file. When a user having a different access control model sets access control limits, the access control model for the file is changed to the new model. Files are organized in a tree hierarchy, in which each tree is limited to one or more access control models (which can limit the ability of users to set access control limits for files in that tree). Each tree can be limited to NT-model-only format, Unix-model-only format, or mixed NT-or-Unix-models format.
85 Citations
30 Claims
-
1. A method of operating a file server, said method including steps for
identifying a first file on said file server with a first security style selected from among a plurality of security styles; - and
enforcing said first security style for all accesses to said first file. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 17, 18, 19, 20, 21, 22, 23, 24, 26, 27, 29, 30)
- and
-
16. A file server including
a set of files available said file server, each said file having an associated security style selected from among a plurality of security styles available on said file server; wherein said file server enforces said associated security style for all accesses to said file.
-
25. In a file server having a plurality of files, a data structure associating a security style with each said file, said security style being selected from among a plurality of security styles available on said file server.
-
28. In a file server having a plurality of files and a security style associated with each said file, said security style being selected from among a plurality of security styles available on said file server, a data structure associating a security subset of said plurality of security styles with a subtree of said files available on said file server.
Specification