Knowledge-based control of security objects
First Claim
1. A method of controlling access to a resource, the method comprising:
- creating a security object in dependence upon user-selected security control data types, including asserting security control data as security facts into a security knowledge database and asserting security rules into the security knowledge database, the security object comprising security control data and at least one security method;
receiving a request for access to the resource;
receiving security request data;
asserting the security request data as security facts into the security knowledge database; and
determining access to the resource in dependence upon the security facts and security rules in the security knowledge database.
1 Assignment
0 Petitions
Accused Products
Abstract
Controlling access to a resource, including creating a security object in dependence upon user-selected security control data types, including asserting security control data as security facts into a security knowledge database and asserting security rules into the security knowledge database, the security object including security control data and at least one security method, receiving a request for access to the resource, and receiving security request data. Embodiments include asserting the security request data as security facts into the security knowledge database, and determining access to the resource in dependence upon the security facts and security rules in the security knowledge database.
33 Citations
33 Claims
-
1. A method of controlling access to a resource, the method comprising:
-
creating a security object in dependence upon user-selected security control data types, including asserting security control data as security facts into a security knowledge database and asserting security rules into the security knowledge database, the security object comprising security control data and at least one security method;
receiving a request for access to the resource;
receiving security request data;
asserting the security request data as security facts into the security knowledge database; and
determining access to the resource in dependence upon the security facts and security rules in the security knowledge database. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A system for controlling access to a resource, the system comprising:
-
means for creating a security object in dependence upon user-selected security control data types, including means for asserting security control data as security facts into a security knowledge database and asserting security rules into the security knowledge database, the security object comprising security control data and at least one security method;
means for receiving a request for access to the resource;
means for receiving security request data;
means for asserting the security request data as security facts into the security knowledge database; and
means for determining access to the resource in dependence upon the security facts and security rules in the security knowledge database. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A computer program product for controlling access to a resource, the computer program product comprising:
-
a recording medium;
means, recorded on the recording medium, for creating a security object in dependence upon user-selected security control data types, including means, recorded on the recording medium, for asserting security control data as security facts into a security knowledge database and asserting security rules into the security knowledge database, the security object comprising security control data and at least one security method;
means, recorded on the recording medium, for receiving a request for access to the resource;
means, recorded on the recording medium, for receiving security request data;
means, recorded on the recording medium, for asserting the security request data as security facts into the security knowledge database; and
means, recorded on the recording medium, for determining access to the resource in dependence upon the security facts and security rules in the security knowledge database. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
-
Specification