System and method for providing distributed access control to secured items
First Claim
1. A distributed access control system that restricts access to secured items, said system comprising:
- a central server having a server module that provides overall access control; and
a plurality of local servers, each of said local servers including a local module that provides local access control, wherein the access control, performed by said central server or said local servers, operates to permit or deny access requests to the secured items by requestors.
6 Assignments
0 Petitions
Accused Products
Abstract
A system and method for providing distributed access control are disclosed. A number of local servers are employed to operate largely on behalf of a central server responsible for centralized access control management. Such a distributed fashion ensures the dependability, reliability and scalability of the access control management undertaking by the central server. According to one embodiment, a distributed access control system that restricts access to secured items can include at least a central server having a server module that provides overall access control, and a plurality of local servers. Each of the local servers can include a local module that provides local access control. The access control, performed by the central server or the local servers, operates to permit or deny access requests to the secured items by requestors.
-
Citations
20 Claims
-
1. A distributed access control system that restricts access to secured items, said system comprising:
-
a central server having a server module that provides overall access control; and
a plurality of local servers, each of said local servers including a local module that provides local access control, wherein the access control, performed by said central server or said local servers, operates to permit or deny access requests to the secured items by requestors. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for providing access management through use of a plurality of server machines associated with different locations, said method comprising the acts of:
-
(a) authenticating a user with a first server machine of the plurality of server machines with respect to a prior access request;
(b) subsequently receiving a current access request to access a secured item via a second server machine of the plurality of server machines;
(c) reconfiguring the first server machine to prevent further access by the user to secured items via the first server machine; and
(d) reconfiguring the second server machine to permit access by the user to at least the secured item via the second server machine. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A method as recited in claim 16, wherein said method further comprises at least the acts of:
-
(e) determining permitted locations from which the user is permitted to gain access to secured documents;
(f) determining, prior to said reconfiguring (c) or (d), whether the second location is one of the permitted locations for the user; and
(g) bypassing said reconfiguring (c) or (d) when said determining (f) determines that the second location is not one of the permitted locations for the user. - View Dependent Claims (17)
-
-
18. A computer readable medium including at least computer program code for providing access management through use of a plurality of server machines associated with different locations, said computer readable medium comprising:
-
computer program code for authenticating a user with a first server machine of the plurality of server machines with respect to a prior access request;
computer program code for subsequently receiving a current access request to access a secured item via a second server machine of the plurality of server machines;
computer program code for reconfiguring the first server machine to prevent further access by the user to secured items via the first server machine; and
computer program code for reconfiguring the second server machine to permit access by the user to at least the secured item via the second server machine. - View Dependent Claims (19, 20)
-
Specification