Distributed enterprise security system for a resource hierarchy
First Claim
1. A distributed system for controlling access to a first resource in a hierarchy of resources, comprising:
- a distributor located on a first server and capable of distributing to a second server a first policy for the first resource;
a security service module (SSM) located on the second server and capable of managing based on the first policy conditions for access to at least one of;
the first resource and a second resource that is hierarchically inferior to the first resource; and
wherein the first policy can be overridden by a second policy wherein the second policy specifies conditions for access for a resource that is hierarchically inferior to the first resource.
2 Assignments
0 Petitions
Accused Products
Abstract
A system and method for a distributed system for controlling access to a first resource in a hierarchy of resources, comprising, a distributor located on a first server and capable of distributing to a second server a first policy for the first resource, a security service module (SSM) located on the second server and capable of managing based on the first policy conditions for access to at least one of: the first resource and a second resource that is hierarchically inferior to the first resource, and wherein the first policy can be overridden by a second policy wherein the second policy specifies conditions for access for a resource that is hierarchically inferior to the first resource.
-
Citations
16 Claims
-
1. A distributed system for controlling access to a first resource in a hierarchy of resources, comprising:
-
a distributor located on a first server and capable of distributing to a second server a first policy for the first resource;
a security service module (SSM) located on the second server and capable of managing based on the first policy conditions for access to at least one of;
the first resource and a second resource that is hierarchically inferior to the first resource; and
wherein the first policy can be overridden by a second policy wherein the second policy specifies conditions for access for a resource that is hierarchically inferior to the first resource. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method for controlling access to a first resource in a hierarchy of resources, comprising:
-
accepting a first policy for the first resource;
managing based on the first policy conditions for access to at least one of;
the first resource and a second resource that is hierarchically inferior to the first resource; and
wherein the first policy can be overridden by a second policy wherein the second policy specifies conditions for access for a resource that is hierarchically inferior to the first resource. - View Dependent Claims (8, 9, 10)
-
-
11. A method for controlling access to a first resource in a hierarchy of resources, comprising:
-
on a first server;
distributing a first policy for the first resource;
on a second server;
accepting the first policy from the first server;
managing based on the first policy conditions for access to at least one of;
the first resource and a second resource that is hierarchically inferior to the first resource; and
wherein the first policy can be overridden by a second policy wherein the second policy specifies conditions for access for a resource that is hierarchically inferior to the first resource.
-
-
12. A machine readable medium having instructions stored thereon to cause a system to:
-
accept a first policy for a first resource;
manage based on the first policy conditions for access to at least one of;
the first resource and a second resource that is hierarchically inferior to the first resource; and
wherein the first policy can be overridden by a second policy wherein the second policy specifies conditions for access for a resource that is hierarchically inferior to the first resource. - View Dependent Claims (13, 14, 15)
-
-
16. A computer signal embodied in a transmission medium, comprising:
-
a code segment including instructions for accepting a first policy for the first resource;
a code segment including instructions for managing based on the first policy conditions for access to at least one of;
the first resource and a second resource that is hierarchically inferior to the first resource; and
wherein the first policy can be overridden by a second policy wherein the second policy specifies conditions for access for a resource that is hierarchically inferior to the first resource.
-
Specification