Providing access control via the layer manager

US 20020144150A1
Filed: 04/03/2001
Published: 10/03/2002
Est. Priority Date: 04/03/2001
Status: Abandoned Application

First Claim

Patent Images

1. A method for providing access control in a protocol stack, comprising the steps of:

(a) receiving a request to perform an operation at a layer of the protocol stack;

(b) calling an access mediator;

(c) determining if the request is to be granted based upon a predetermined security policy by the access mediator; and

(d) providing the determination by the access mediator.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for access control within a protocol stack includes: receiving a request to perform an operation at a layer of the protocol stack; calling an access mediator; determining if the request is to be granted based upon a predetermined security policy by the access mediator; and providing the determination by the access mediator. The Access Mediator is a software which embodies the rules of a predetermined security policy. In the preferred embodiment, the security policy is subject (people) based. The rules of the security policy determines which subjects can have access to which objects (data) to perform a requested operation (read/write). The Access Mediator is called to determine whether or not a request to perform an operation is to be granted based upon the security policy. In this manner, access control is provided within the protocol stack.

4 Citations

View as Search Results

17 Claims

1. A method for providing access control in a protocol stack, comprising the steps of:
- (a) receiving a request to perform an operation at a layer of the protocol stack;
  
  (b) calling an access mediator;
  
  (c) determining if the request is to be granted based upon a predetermined security policy by the access mediator; and
  
  (d) providing the determination by the access mediator.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, wherein the receiving step (a) comprises:
    - (a1) receiving the request by the layer to perform the operation on an object by a subject at the layer of the protocol stack.
  - 3. The method of claim 1, wherein the calling step (b) comprises:
    - (b1) calling the access mediator by the layer.
  - 4. The method of claim 1, wherein the providing step (d) comprises:
    - (d1) returning the determination by the access mediator to the layer.
  - 5. The method of claim 1, wherein the receiving step (a) comprises:
    - (a1) receiving the request by a layer manager to perform the operation on an object by a subject at the layer of the protocol stack.
  - 6. The method of claim 5, wherein the layer manager interfaces with each layer of the protocol stack, wherein the layer manager handles data flow to each layer of the protocol stack.
  - 7. The method of claim 1, wherein the calling step (b) comprises:
    - (b1) calling the access mediator by a layer manager.
  - 8. The method of claim 7, wherein the access mediator is implemented in the layer manager.
  - 9. The method of claim 1, wherein the providing step (d) comprises:
    - (d1) returning the determination by the access mediator to a layer manager.
  - 10. The method of claim 1, wherein the calling step (b) further comprises:
    - (b1) passing a subject'"'"'s identity, an object'"'"'s identity, and a requested operation to the access mediator.
  - 11. The method of claim 1, further comprising:
    - (e) allowing the operation to be performed at the layer if the determination is to grant the request.
  - 12. The method of claim 1, further comprising:
    - (e) blocking the operation if the determination is to not grant the request.

13. A method for providing access control in a protocol stack, comprising the steps of:
- (a) receiving a request by a layer of the protocol stack to perform an operation at the layer;
  
  (b) calling an access mediator by the layer;
  
  (c) determining if the request is to be granted based upon a predetermined security policy by the access mediator; and
  
  (d) providing the determination by the access mediator to the layer.

14. A method for providing access control in a protocol stack, comprising the steps of:
- (a) receiving a request by a layer manager to perform an operation at a layer of the protocol stack;
  
  (b) calling an access mediator by the layer manager;
  
  (c) determining if the request is to be granted based upon a predetermined security policy by the access mediator; and
  
  (d) providing the determination by the access mediator to the layer manager.

15. A system, comprising:
- a plurality of layers of a protocol stack; and
  
  an access mediator, wherein each layer of the protocol stack may call the access mediator to determine if a request to perform an operation at a layer of the protocol stack is to be granted.

16. A system, comprising:
- a plurality of layers of a protocol stack; and
  
  a layer manager, wherein the layer manager is interfaced with each of the plurality of stack components, wherein the layer manager comprises an access mediator, wherein layer manager may call the access mediator to determine if a request to perform an operation at a layer of the protocol stack is to be granted.

17. A computer readable medium with program instructions for providing access control in a protocol stack, comprising the steps of:
- (a) receiving a request to perform an operation at a layer of the protocol stack;
  
  (b) calling an access mediator;
  
  (c) determining if the request is to be granted based upon a predetermined security policy by the access mediator; and
  
  (d) providing the determination by the access mediator.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Brycen Co., Ltd.
Original Assignee
Brycen Co., Ltd.
Inventors
Wright, Michael D., Wood, Jonathan Brett, Hale, Douglas LaVell, Cox, David O., Smith, Merrill Kay, Seegmiller, Kyle Bryan

Application Number

US09/825,676
Publication Number

US 20020144150A1
Time in Patent Office

Days
Field of Search
US Class Current

713/201
CPC Class Codes

H04L 63/0227   Filtering policies mail mes...

H04L 63/0263   Rule management

H04L 63/16   Implementing security featu...

Providing access control via the layer manager

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

4 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Providing access control via the layer manager

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

4 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links